Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/r7lFXPa807MfacPLjTifqcio5eE.roa
File: r7lFXPa807MfacPLjTifqcio5eE.roa (raw, json)
Hash identifier: uWVAVnCuqwCuf5rQTJ4k2G3R8ObiUvivLPLiht6CJGY=
Subject key identifier: AF:B9:45:5C:F6:BC:D3:B3:1F:69:C3:CB:8D:38:9F:A9:C8:A8:E5:E1
Certificate issuer: /CN=153d757b77067befd9446694748ad2b04e97b38c
Certificate serial: 019423D74F6C931C455FAE40884F74253416
Authority key identifier: 15:3D:75:7B:77:06:7B:EF:D9:44:66:94:74:8A:D2:B0:4E:97:B3:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/r7lFXPa807MfacPLjTifqcio5eE.roa
Signing time: Wed 01 Jan 2025 21:48:20 +0000
ROA not before: Wed 01 Jan 2025 21:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201193
IP address blocks: 185.76.232.0/22 maxlen: 24
185.76.232.0/24 maxlen: 24
185.76.233.0/24 maxlen: 24
185.76.234.0/24 maxlen: 24
185.76.235.0/24 maxlen: 24
2a05:5dc0::/29 maxlen: 30
2a05:5dc0::/30 maxlen: 30
2a05:5dc4::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4f:6c:93:1c:45:5f:ae:40:88:4f:74:25:34:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=153d757b77067befd9446694748ad2b04e97b38c
Validity
Not Before: Jan 1 21:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afb9455cf6bcd3b31f69c3cb8d389fa9c8a8e5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f1:88:38:05:82:e1:ec:b6:ae:dc:0e:ba:b4:
66:b6:ec:35:bb:79:89:b3:ae:37:a2:47:bd:5b:a8:
23:f0:19:c8:8a:07:09:2a:fc:5a:b9:6a:4a:21:7d:
a7:ba:67:31:59:4f:96:72:ce:c7:c7:fc:ae:ba:7c:
b5:28:5b:bb:4a:2e:d8:fc:3e:a6:b6:75:62:e4:56:
98:61:c2:fc:29:f7:2f:65:e8:bc:bd:16:ca:e4:63:
b4:07:0e:2c:5b:9b:37:7b:10:42:cb:04:2c:02:f4:
0f:08:c5:4e:85:89:4b:8e:ee:17:7b:84:83:6e:a6:
ca:63:f9:5d:7c:62:1d:78:23:19:75:83:1a:59:0f:
55:4a:81:53:fc:d6:02:08:8e:7f:3f:e3:f1:15:ff:
82:82:21:96:78:b9:f9:44:bf:e4:e6:54:cc:53:b3:
80:68:5f:52:a3:07:6c:1a:2e:90:9a:ed:10:08:3e:
03:1c:c2:63:e9:3b:74:cd:17:81:df:b8:af:9f:a3:
23:42:ec:65:88:bc:1a:b7:54:6d:d4:f1:2f:7e:28:
68:19:f1:af:30:1f:c7:28:1c:d2:ff:e5:22:23:5c:
3b:7c:9e:61:c7:da:cf:8a:7c:e7:82:4a:a0:e0:06:
25:3d:10:67:31:69:89:f7:4d:84:0f:98:97:47:85:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B9:45:5C:F6:BC:D3:B3:1F:69:C3:CB:8D:38:9F:A9:C8:A8:E5:E1
X509v3 Authority Key Identifier:
keyid:15:3D:75:7B:77:06:7B:EF:D9:44:66:94:74:8A:D2:B0:4E:97:B3:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/r7lFXPa807MfacPLjTifqcio5eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.232.0/22
IPv6:
2a05:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:53:00:5f:52:b8:6c:c5:5f:c8:7f:3e:da:44:d5:91:a4:09:
67:e3:95:e6:f0:5d:ae:3e:b6:6a:d2:47:09:1a:4a:5d:53:71:
49:2d:63:9f:3a:c0:8e:2a:70:35:87:f8:be:a9:13:19:b1:94:
f3:4c:e0:33:1f:6f:62:7f:d2:71:a1:3a:37:b8:d5:7d:b0:58:
2a:75:42:ae:30:b4:dd:64:69:c2:d7:fb:40:52:11:07:18:bd:
71:da:8e:e7:bb:ac:c9:18:62:af:65:cf:49:a1:d4:4a:fa:57:
89:43:6d:f7:13:b8:22:29:51:b3:71:cd:53:08:b5:88:54:98:
ed:39:4b:a3:d9:f8:ed:46:c1:a2:07:8c:30:31:0e:ef:1f:ae:
64:d7:7f:c5:7c:ef:ae:0c:3d:e8:37:19:6e:00:2e:92:6e:04:
e1:2c:09:ab:83:cd:9b:90:5e:61:80:89:f3:0e:2b:80:f3:59:
ea:f7:77:b8:ba:85:fc:da:0a:56:03:79:90:53:0c:e3:e4:17:
ea:ae:78:9b:a1:c2:07:45:76:f1:2b:8e:b0:e3:55:99:b3:1f:
e6:77:bd:fe:a3:1a:ab:a5:5d:66:44:93:5e:f0:db:21:4b:34:
ba:1a:92:3d:1d:18:af:52:97:1f:44:c4:fb:4f:79:35:5a:ed:
dc:7a:a8:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj109skxxFX65AiE90JTQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2Q3NTdiNzcwNjdiZWZkOTQ0NjY5NDc0OGFkMmIwNGU5
N2IzOGMwHhcNMjUwMTAxMjE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmI5NDU1Y2Y2YmNkM2IzMWY2OWMzY2I4ZDM4OWZhOWM4YThlNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvGIOAWC4ey2rtwOurRmtuw1u3mJ
s643oke9W6gj8BnIigcJKvxauWpKIX2numcxWU+Wcs7Hx/yuuny1KFu7Si7Y/D6m
tnVi5FaYYcL8KfcvZei8vRbK5GO0Bw4sW5s3exBCywQsAvQPCMVOhYlLju4Xe4SD
bqbKY/ldfGIdeCMZdYMaWQ9VSoFT/NYCCI5/P+PxFf+CgiGWeLn5RL/k5lTMU7OA
aF9SowdsGi6Qmu0QCD4DHMJj6Tt0zReB37ivn6MjQuxliLwat1Rt1PEvfihoGfGv
MB/HKBzS/+UiI1w7fJ5hx9rPinzngkqg4AYlPRBnMWmJ902ED5iXR4W5swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+5RVz2vNOzH2nDy404n6nIqOXhMB8GA1UdIwQY
MBaAFBU9dXt3Bnvv2URmlHSK0rBOl7OMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlQxMWUzY0dlLV9aUkdhVWRJclNzRTZYczR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84YTk0YjktNzBmZS00NmZmLWE0ZTYt
MDE5ZTFmODQwM2RkLzEvcjdsRlhQYTgwN01mYWNQTGpUaWZxY2lvNWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84YTk0YjktNzBmZS00NmZmLWE0ZTYtMDE5ZTFmODQwM2Rk
LzEvRlQxMWUzY0dlLV9aUkdhVWRJclNzRTZYczR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUzoMA0E
AgACMAcDBQMqBV3AMA0GCSqGSIb3DQEBCwUAA4IBAQCbUwBfUrhsxV/Ifz7aRNWR
pAln45Xm8F2uPrZq0kcJGkpdU3FJLWOfOsCOKnA1h/i+qRMZsZTzTOAzH29if9Jx
oTo3uNV9sFgqdUKuMLTdZGnC1/tAUhEHGL1x2o7nu6zJGGKvZc9JodRK+leJQ233
E7giKVGzcc1TCLWIVJjtOUuj2fjtRsGiB4wwMQ7vH65k13/FfO+uDD3oNxluAC6S
bgThLAmrg82bkF5hgInzDiuA81nq93e4uoX82gpWA3mQUwzj5BfqrnibocIHRXbx
K46w41WZsx/md73+oxqrpV1mRJNe8NshSzS6GpI9HRivUpcfRMT7T3k1Wu3ceqh3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:07 2025 by rpki-client on console.sobornost.net