Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/9x0C1ycahYIp0jhnR--av7frEvs.roa
File: 9x0C1ycahYIp0jhnR--av7frEvs.roa (raw, json)
Hash identifier: TxO2zK2Lq7rKbvn4CVYDpMwFmpWv6oOsKAtfhF9aA3s=
Subject key identifier: F7:1D:02:D7:27:1A:85:82:29:D2:38:67:47:EF:9A:BF:B7:EB:12:FB
Certificate issuer: /CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Certificate serial: 019424B2D2AAD4E3FB4AD3D8EB8341C001CB
Authority key identifier: 7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/9x0C1ycahYIp0jhnR--av7frEvs.roa
Signing time: Thu 02 Jan 2025 01:48:06 +0000
ROA not before: Thu 02 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197909
IP address blocks: 94.154.2.0/24 maxlen: 24
185.240.72.0/22 maxlen: 22
193.35.80.0/22 maxlen: 22
2a07:2680::/29 maxlen: 29
2a0c:7580::/29 maxlen: 29
2a0d:6140::/29 maxlen: 29
2a0d:6140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:d2:aa:d4:e3:fb:4a:d3:d8:eb:83:41:c0:01:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Validity
Not Before: Jan 2 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f71d02d7271a858229d2386747ef9abfb7eb12fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d7:2e:d7:26:3f:a6:8e:fd:24:16:f6:fe:6e:
fb:83:7b:e8:b6:92:af:ad:d2:7c:9d:0f:16:21:3b:
36:62:9a:d8:c9:b8:0e:49:48:6f:7c:5d:b5:4d:60:
9b:ae:38:65:ec:bf:6f:4d:07:80:1c:04:d9:c3:51:
cc:a4:48:0a:8a:cc:1a:90:7b:2c:6b:23:7f:97:40:
df:45:b1:e9:e6:dc:4b:04:f6:70:87:62:0c:f1:24:
66:af:b5:19:b7:8a:b9:59:62:81:2f:c5:7e:61:0c:
1b:f7:8d:6a:ef:69:48:ff:82:f0:96:50:e3:78:0f:
b7:25:23:42:b7:fa:4f:1b:c9:b0:5f:85:cb:ec:eb:
3d:eb:65:c3:dd:f3:c2:b3:9f:f0:aa:b8:e7:9a:3b:
6c:8a:84:6f:30:2b:b3:26:9c:ef:fd:5c:eb:8d:5d:
35:aa:41:63:5c:e2:0d:20:96:d9:2b:82:e6:0a:29:
ae:09:b3:2b:97:37:fe:01:e7:bd:9d:5a:55:32:01:
e9:e9:77:27:1f:87:76:2b:7d:f8:74:86:14:c1:29:
95:75:69:b7:4d:f9:7a:a6:43:d3:5b:d1:dc:8c:9d:
69:a2:12:46:5c:dd:94:97:cf:23:4f:c7:f9:38:bc:
a6:7d:96:2f:20:06:18:8e:77:1e:7e:6e:4b:49:90:
f9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1D:02:D7:27:1A:85:82:29:D2:38:67:47:EF:9A:BF:B7:EB:12:FB
X509v3 Authority Key Identifier:
keyid:7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/9x0C1ycahYIp0jhnR--av7frEvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.2.0/24
185.240.72.0/22
193.35.80.0/22
IPv6:
2a07:2680::/29
2a0c:7580::/29
2a0d:6140::/29
Signature Algorithm: sha256WithRSAEncryption
65:70:f1:f6:43:36:12:19:04:70:2e:5a:a7:5e:2c:aa:32:2b:
c8:31:78:6c:16:70:ab:0f:44:55:60:16:06:e0:4e:c8:77:76:
c9:f3:2c:43:b0:6e:21:0b:d5:d0:97:e6:c4:b1:f4:86:a7:e3:
10:f3:fd:4e:40:5c:15:4f:a4:09:70:c8:4e:6d:1a:da:d8:05:
b5:39:e7:5a:9e:5b:58:cc:0b:5e:3b:ad:c9:94:38:44:3a:8b:
05:15:cd:63:40:2f:76:0d:44:3f:07:95:85:70:4a:aa:19:17:
a4:7e:6c:13:6a:23:ea:2c:3c:1c:67:22:03:b0:16:1b:62:88:
c3:87:3c:8c:16:e6:da:35:db:aa:b8:cf:3e:ad:64:c6:d0:c8:
34:93:86:f9:7e:c4:7e:cd:81:96:61:11:37:a6:de:f4:69:ca:
37:89:6d:06:a6:b3:04:a6:35:35:1a:b2:0a:c0:47:50:0c:63:
ff:d6:05:9d:f9:8e:91:57:92:13:93:b4:04:2d:d3:2b:ab:bb:
2b:2e:89:0f:73:1e:c3:00:6f:80:8c:fe:d8:57:59:3e:34:87:
16:bd:99:1c:9a:bc:fb:90:d7:33:6c:74:48:cc:f1:4a:d7:1f:
e3:bf:e3:fe:2a:3f:21:de:19:0b:35:9b:5e:a4:4e:c7:5f:73:
61:0c:4e:da
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQkstKq1OP7StPY64NBwAHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMTZlOWQ1N2VmZGFjZDNmN2JjN2U5ODQ5NmI3MTlmYWRj
NWFlNDgwHhcNMjUwMTAyMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFkMDJkNzI3MWE4NTgyMjlkMjM4Njc0N2VmOWFiZmI3ZWIxMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldcu1yY/po79JBb2/m77g3votpKv
rdJ8nQ8WITs2YprYybgOSUhvfF21TWCbrjhl7L9vTQeAHATZw1HMpEgKiswakHss
ayN/l0DfRbHp5txLBPZwh2IM8SRmr7UZt4q5WWKBL8V+YQwb941q72lI/4LwllDj
eA+3JSNCt/pPG8mwX4XL7Os962XD3fPCs5/wqrjnmjtsioRvMCuzJpzv/VzrjV01
qkFjXOINIJbZK4LmCimuCbMrlzf+Aee9nVpVMgHp6XcnH4d2K334dIYUwSmVdWm3
Tfl6pkPTW9HcjJ1pohJGXN2Ul88jT8f5OLymfZYvIAYYjncefm5LSZD5swIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPcdAtcnGoWCKdI4Z0fvmr+36xL7MB8GA1UdIwQY
MBaAFHwW6dV+/azT97x+mElrcZ+txa5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2Et
YjhhMjMyZWZmMmY2LzEvOXgwQzF5Y2FoWUlwMGpoblItLWF2N2ZyRXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2EtYjhhMjMyZWZmMmY2
LzEvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAXpoCAwQC
ufBIAwQCwSNQMBsEAgACMBUDBQMqByaAAwUDKgx1gAMFAyoNYUAwDQYJKoZIhvcN
AQELBQADggEBAGVw8fZDNhIZBHAuWqdeLKoyK8gxeGwWcKsPRFVgFgbgTsh3dsnz
LEOwbiEL1dCX5sSx9Ian4xDz/U5AXBVPpAlwyE5tGtrYBbU551qeW1jMC147rcmU
OEQ6iwUVzWNAL3YNRD8HlYVwSqoZF6R+bBNqI+osPBxnIgOwFhtiiMOHPIwW5to1
26q4zz6tZMbQyDSThvl+xH7NgZZhETem3vRpyjeJbQamswSmNTUasgrAR1AMY//W
BZ35jpFXkhOTtAQt0yuruysuiQ9zHsMAb4CM/thXWT40hxa9mRyavPuQ1zNsdEjM
8UrXH+O/4/4qPyHeGQs1m16kTsdfc2EMTto=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:11 2025 by rpki-client on console.sobornost.net