Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/8v_aiBgvpLDJT4bE3zxJWwrf4Ao.roa
File: 8v_aiBgvpLDJT4bE3zxJWwrf4Ao.roa (raw, json)
Hash identifier: wcB7NvMB7REyv6Xd72Vh3AOoxDTtyyThVZ07XtgTGL0=
Subject key identifier: F2:FF:DA:88:18:2F:A4:B0:C9:4F:86:C4:DF:3C:49:5B:0A:DF:E0:0A
Certificate issuer: /CN=b05442c4ffe9c1d761e7c569360ead042438f903
Certificate serial: 0195A0A51BB4636C12487BA3534165D9383A
Authority key identifier: B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/8v_aiBgvpLDJT4bE3zxJWwrf4Ao.roa
Signing time: Sun 16 Mar 2025 20:28:49 +0000
ROA not before: Sun 16 Mar 2025 20:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50533
IP address blocks: 134.101.64.0/18 maxlen: 18
134.101.64.0/19 maxlen: 19
134.101.64.0/24 maxlen: 24
134.101.96.0/20 maxlen: 20
134.101.112.0/21 maxlen: 21
134.101.126.0/24 maxlen: 24
134.101.127.0/24 maxlen: 24
145.14.224.0/20 maxlen: 20
145.14.224.0/23 maxlen: 23
185.160.248.0/22 maxlen: 22
2a00:17f1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a0:a5:1b:b4:63:6c:12:48:7b:a3:53:41:65:d9:38:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05442c4ffe9c1d761e7c569360ead042438f903
Validity
Not Before: Mar 16 20:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2ffda88182fa4b0c94f86c4df3c495b0adfe00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:20:da:18:31:0d:3e:a3:f1:be:04:a1:01:8b:
19:5a:5d:16:ba:05:2d:ba:bb:62:e3:5a:de:d4:52:
06:68:3c:7c:ee:df:e0:84:6b:aa:a7:1c:3c:46:9a:
f7:c8:ff:02:2c:9a:9f:9e:b2:bf:b8:f7:06:8f:79:
9d:a5:6c:72:eb:99:89:e0:01:c5:1d:7a:a2:2e:e8:
53:e3:2b:63:78:1d:28:40:80:2c:8c:db:28:51:95:
77:f1:9b:9e:aa:78:3f:58:5b:a1:0e:b7:aa:57:d4:
d3:1a:3a:f8:a6:c9:4a:a4:c9:9b:76:da:84:36:8d:
e7:3a:74:14:d3:d3:ef:96:e2:e0:0d:33:24:8d:f0:
f9:3a:f3:10:3b:04:4b:4e:d3:87:96:b1:82:84:20:
02:bc:3d:76:cd:f3:e4:f7:3d:02:4c:16:fb:72:6b:
7a:e2:cb:04:5e:9f:e8:82:20:15:6a:56:03:db:99:
d3:30:5d:4f:3e:2e:d1:bd:e9:01:b7:35:e4:d7:d5:
8e:6c:26:e9:b5:e1:11:5d:7a:8a:b1:dc:07:df:1a:
87:85:a0:ae:17:88:f9:b1:de:55:81:b8:81:d2:91:
98:df:ca:10:1e:8b:a2:37:ad:96:85:a4:22:c7:79:
9c:dc:84:6f:69:a8:1a:76:7e:4b:74:fe:0a:9f:0d:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:FF:DA:88:18:2F:A4:B0:C9:4F:86:C4:DF:3C:49:5B:0A:DF:E0:0A
X509v3 Authority Key Identifier:
keyid:B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/8v_aiBgvpLDJT4bE3zxJWwrf4Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.101.64.0/18
145.14.224.0/20
185.160.248.0/22
IPv6:
2a00:17f1::/32
Signature Algorithm: sha256WithRSAEncryption
70:db:77:11:74:a6:8f:d6:08:38:b5:81:1f:0c:23:13:42:f8:
a6:b1:77:e1:6f:fa:11:79:29:97:1e:ad:52:9e:c1:da:a9:f2:
14:90:78:46:d0:b4:26:ca:d5:a8:8e:78:b7:0f:56:fa:fb:94:
43:27:7b:a9:4d:23:c1:8b:44:cd:80:6c:ae:b4:77:23:0c:c2:
9d:be:4c:c6:68:87:15:6f:6c:f0:42:d2:ae:28:09:16:2c:c0:
1d:ad:46:db:cd:e4:df:9f:bd:f3:1c:9e:b3:4e:c5:7d:27:12:
68:05:42:21:5e:2a:00:1e:42:05:ff:c6:08:4c:56:23:1a:f3:
4d:0f:e1:8f:ec:04:89:03:b6:14:e6:86:63:fc:3d:cc:e7:2e:
82:50:ff:35:e3:2b:29:38:5c:8a:48:25:1e:26:3c:1f:7d:43:
d5:65:ec:c1:d1:93:cd:a5:23:75:b6:0d:d0:b5:fa:d0:da:a4:
53:93:8a:30:a1:58:6e:5a:ac:c6:40:61:d1:73:f7:a6:33:09:
eb:42:15:50:c9:8d:6d:aa:76:2a:9b:29:31:30:8e:c9:02:98:
e1:9e:99:83:b0:d0:cd:be:bc:7f:e4:8c:d6:b9:bb:08:da:86:
56:21:22:81:95:86:8e:dd:23:5d:07:08:6c:44:e9:ba:cf:5c:
b5:76:73:5d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZWgpRu0Y2wSSHujU0Fl2Tg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTQ0MmM0ZmZlOWMxZDc2MWU3YzU2OTM2MGVhZDA0MjQz
OGY5MDMwHhcNMjUwMzE2MjAyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmZmZGE4ODE4MmZhNGIwYzk0Zjg2YzRkZjNjNDk1YjBhZGZlMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCDaGDENPqPxvgShAYsZWl0WugUt
urti41re1FIGaDx87t/ghGuqpxw8Rpr3yP8CLJqfnrK/uPcGj3mdpWxy65mJ4AHF
HXqiLuhT4ytjeB0oQIAsjNsoUZV38Zueqng/WFuhDreqV9TTGjr4pslKpMmbdtqE
No3nOnQU09PvluLgDTMkjfD5OvMQOwRLTtOHlrGChCACvD12zfPk9z0CTBb7cmt6
4ssEXp/ogiAValYD25nTMF1PPi7RvekBtzXk19WObCbpteERXXqKsdwH3xqHhaCu
F4j5sd5VgbiB0pGY38oQHouiN62WhaQix3mc3IRvaagadn5LdP4Knw3hzQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPL/2ogYL6SwyU+GxN88SVsK3+AKMB8GA1UdIwQY
MBaAFLBUQsT/6cHXYefFaTYOrQQkOPkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGIt
NmVkMzMxZjMxZTA5LzEvOHZfYWlCZ3ZwTERKVDRiRTN6eEpXd3JmNEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGItNmVkMzMxZjMxZTA5
LzEvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGhmVAAwQE
kQ7gAwQCuaD4MA0EAgACMAcDBQAqABfxMA0GCSqGSIb3DQEBCwUAA4IBAQBw23cR
dKaP1gg4tYEfDCMTQvimsXfhb/oReSmXHq1SnsHaqfIUkHhG0LQmytWojni3D1b6
+5RDJ3upTSPBi0TNgGyutHcjDMKdvkzGaIcVb2zwQtKuKAkWLMAdrUbbzeTfn73z
HJ6zTsV9JxJoBUIhXioAHkIF/8YITFYjGvNND+GP7ASJA7YU5oZj/D3M5y6CUP81
4yspOFyKSCUeJjwffUPVZezB0ZPNpSN1tg3QtfrQ2qRTk4owoVhuWqzGQGHRc/em
MwnrQhVQyY1tqnYqmykxMI7JApjhnpmDsNDNvrx/5IzWubsI2oZWISKBlYaO3SNd
BwhsROm6z1y1dnNd
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:03 2025 by rpki-client on console.sobornost.net