Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Jxs0meMKDCLBz_dVByd3J3wLTdc.roa
File: Jxs0meMKDCLBz_dVByd3J3wLTdc.roa (raw, json)
Hash identifier: ZCvr3TtSBPIKAQupwsVmwJ8f7SSejV5g4WH6kmkpM1s=
Subject key identifier: 27:1B:34:99:E3:0A:0C:22:C1:CF:F7:55:07:27:77:27:7C:0B:4D:D7
Certificate issuer: /CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Certificate serial: 019423D6F3FF31E8A63142B23DE764CA9B8E
Authority key identifier: 39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Jxs0meMKDCLBz_dVByd3J3wLTdc.roa
Signing time: Wed 01 Jan 2025 21:47:57 +0000
ROA not before: Wed 01 Jan 2025 21:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201503
IP address blocks: 82.163.120.0/22 maxlen: 22
82.163.132.0/22 maxlen: 22
185.72.208.0/22 maxlen: 22
185.72.208.0/24 maxlen: 24
185.72.209.0/24 maxlen: 24
185.72.210.0/24 maxlen: 24
2a05:3950::/31 maxlen: 31
2a05:3950:8000::/48 maxlen: 48
2a05:3950:8660::/48 maxlen: 48
2a05:3950:9000::/48 maxlen: 48
2a05:3950:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f3:ff:31:e8:a6:31:42:b2:3d:e7:64:ca:9b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Validity
Not Before: Jan 1 21:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=271b3499e30a0c22c1cff755072777277c0b4dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c7:12:ac:39:db:99:6e:e1:d4:3c:6f:fc:ee:
e8:be:ea:75:b2:f4:40:fd:5e:e5:73:46:d7:a3:a9:
28:40:54:05:54:fc:21:f7:e5:cc:49:ef:5a:b4:de:
37:f1:a1:2c:d3:04:61:58:95:6f:e6:0b:ca:d1:f9:
ba:ba:f5:d3:8d:6c:bd:74:2f:af:36:a0:34:1b:83:
44:05:44:24:d1:62:77:9f:61:99:d3:1f:e3:73:2f:
ef:94:37:57:e2:06:75:5f:6c:83:c1:4f:1e:97:57:
aa:67:3c:1c:df:3b:ee:dd:30:2f:a9:f6:f2:b1:57:
41:a1:ed:bb:bb:06:80:7f:41:bd:1e:e1:e0:9a:0a:
3b:f1:c5:29:cd:7b:77:78:0d:5f:e7:c7:49:21:27:
b0:63:5a:0d:c7:ee:1b:cc:07:f2:dd:39:a8:0a:d9:
1b:41:bc:67:08:39:69:4b:e3:cc:9e:43:4e:9f:5b:
65:ba:5d:98:98:b3:40:1a:a6:32:49:b9:0c:9d:ac:
c8:1e:48:52:f8:6a:d9:48:b8:e9:47:f8:1c:a8:23:
b6:a4:fb:64:2d:8e:7a:1f:27:f9:ca:61:12:93:ef:
ab:48:8c:d8:7c:07:2d:62:27:21:e3:ea:10:25:55:
04:c7:db:36:cc:54:54:52:52:ce:09:d9:bd:e0:f2:
1f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:1B:34:99:E3:0A:0C:22:C1:CF:F7:55:07:27:77:27:7C:0B:4D:D7
X509v3 Authority Key Identifier:
keyid:39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Jxs0meMKDCLBz_dVByd3J3wLTdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/OUiGnOVLnTsvPjmu4snI6xnLWw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.120.0/22
82.163.132.0/22
185.72.208.0/22
IPv6:
2a05:3950::/31
Signature Algorithm: sha256WithRSAEncryption
22:5c:22:8d:52:1e:0f:30:80:b2:1d:00:d5:83:17:16:40:7d:
10:a3:4b:1f:42:fa:52:a9:41:7e:34:93:32:ea:ea:d0:8a:03:
a1:01:9b:f6:7a:8f:a2:54:69:3c:e5:66:55:03:d9:8d:5b:b2:
02:39:c2:ab:a7:a0:92:b9:92:da:1f:f1:80:f9:48:48:a6:0b:
41:19:d4:ff:a6:21:35:c7:e7:6a:82:e1:9a:d9:29:86:04:a2:
8a:6d:12:90:b8:63:1f:d3:58:13:fd:7c:57:73:f0:45:3e:15:
ed:51:5f:40:6b:c9:fb:91:17:64:33:f8:aa:b6:87:0e:e9:af:
62:21:33:da:8f:72:84:46:9c:67:bd:16:df:bb:1c:49:8f:31:
66:45:9a:ce:ec:5b:66:7e:3b:77:85:41:71:ed:5a:5d:9b:29:
ad:2a:01:3d:32:80:1b:04:d1:4b:2c:05:8b:ba:ae:1b:ca:50:
4a:c2:a2:1b:91:0c:0b:0a:71:b3:ad:31:59:de:b3:1d:af:7c:
18:91:cb:a9:09:2e:30:c7:e9:e5:8f:50:31:82:36:b7:9f:0d:
60:fd:25:d5:37:4e:92:60:a7:11:eb:4e:3f:f8:bc:46:66:fd:
f0:ac:d9:b1:36:c9:10:97:8f:c7:19:b0:65:4b:1b:da:bd:7f:
6f:f4:2b:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj1vP/MeimMUKyPedkypuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDg4NjljZTU0YjlkM2IyZjNlMzlhZWUyYzljOGViMTlj
YjViMGYwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzFiMzQ5OWUzMGEwYzIyYzFjZmY3NTUwNzI3NzcyNzdjMGI0ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtccSrDnbmW7h1Dxv/O7ovup1svRA
/V7lc0bXo6koQFQFVPwh9+XMSe9atN438aEs0wRhWJVv5gvK0fm6uvXTjWy9dC+v
NqA0G4NEBUQk0WJ3n2GZ0x/jcy/vlDdX4gZ1X2yDwU8el1eqZzwc3zvu3TAvqfby
sVdBoe27uwaAf0G9HuHgmgo78cUpzXt3eA1f58dJISewY1oNx+4bzAfy3TmoCtkb
QbxnCDlpS+PMnkNOn1tlul2YmLNAGqYySbkMnazIHkhS+GrZSLjpR/gcqCO2pPtk
LY56Hyf5ymESk++rSIzYfActYich4+oQJVUEx9s2zFRUUlLOCdm94PIfuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCcbNJnjCgwiwc/3VQcndyd8C03XMB8GA1UdIwQY
MBaAFDlIhpzlS507Lz45ruLJyOsZy1sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VpR25PVkxuVHN2UGptdTRzbkk2eG5MV3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kZDAxODktNzk2OS00ZmQ1LTk3NDct
MjhiZGFiY2E3MGNiLzEvSnhzMG1lTUtEQ0xCel9kVkJ5ZDNKM3dMVGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kZDAxODktNzk2OS00ZmQ1LTk3NDctMjhiZGFiY2E3MGNi
LzEvT1VpR25PVkxuVHN2UGptdTRzbkk2eG5MV3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCUqN4AwQC
UqOEAwQCuUjQMA0EAgACMAcDBQEqBTlQMA0GCSqGSIb3DQEBCwUAA4IBAQAiXCKN
Uh4PMICyHQDVgxcWQH0Qo0sfQvpSqUF+NJMy6urQigOhAZv2eo+iVGk85WZVA9mN
W7ICOcKrp6CSuZLaH/GA+UhIpgtBGdT/piE1x+dqguGa2SmGBKKKbRKQuGMf01gT
/XxXc/BFPhXtUV9Aa8n7kRdkM/iqtocO6a9iITPaj3KERpxnvRbfuxxJjzFmRZrO
7Ftmfjt3hUFx7VpdmymtKgE9MoAbBNFLLAWLuq4bylBKwqIbkQwLCnGzrTFZ3rMd
r3wYkcupCS4wx+nlj1Axgja3nw1g/SXVN06SYKcR604/+LxGZv3wrNmxNskQl4/H
GbBlSxvavX9v9Cug
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net