Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/M6l_8mBIqMblJ475d0imLAvZU_I.roa
File: M6l_8mBIqMblJ475d0imLAvZU_I.roa (raw, json)
Hash identifier: aIAzbsUeT1uA5nPJQucXgobzjr0wcoURSH4cWCfEXEw=
Subject key identifier: 33:A9:7F:F2:60:48:A8:C6:E5:27:8E:F9:77:48:A6:2C:0B:D9:53:F2
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019625EFE1638B6D15FF9212E408FE80B38F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/M6l_8mBIqMblJ475d0imLAvZU_I.roa
Signing time: Fri 11 Apr 2025 17:39:59 +0000
ROA not before: Fri 11 Apr 2025 17:39:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 45.43.155.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.17.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.64.0/24 maxlen: 24
104.239.65.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:25:ef:e1:63:8b:6d:15:ff:92:12:e4:08:fe:80:b3:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 11 17:39:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33a97ff26048a8c6e5278ef97748a62c0bd953f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:91:0b:57:8d:87:a9:bc:2d:1e:9a:a7:f2:49:
ce:76:34:d0:68:17:92:ec:f2:ba:e5:d6:b3:01:a6:
9a:66:1c:87:03:5e:39:3a:46:25:c9:ba:02:47:38:
b4:43:16:a4:99:4c:db:b5:69:8f:cf:96:e4:13:03:
32:90:af:19:69:d0:82:2e:81:57:d9:8a:38:94:db:
56:72:2d:fe:03:f2:d1:ed:05:80:aa:23:38:15:56:
ba:81:8b:6a:fd:5a:50:ba:67:b3:f7:ae:95:36:3e:
71:c5:ea:4e:0c:4e:93:27:d9:90:6f:fc:5f:7a:72:
53:e1:cb:30:46:e5:4b:fd:6c:9d:61:e8:71:36:79:
19:87:dc:aa:71:00:fe:7b:de:12:22:5d:2b:a6:e5:
23:02:40:74:3a:56:41:c1:79:b2:fe:54:a4:99:9c:
a7:a4:84:c4:9d:ae:a4:a4:94:50:20:60:f7:2b:cf:
bd:56:8f:4b:18:e9:58:f3:89:99:09:ef:de:59:50:
89:b7:d7:b9:27:cc:7c:01:4f:bf:90:b1:ac:14:f9:
4b:ac:30:40:d0:f6:39:94:0f:a7:90:ba:42:9e:ea:
46:4c:2f:92:3d:9a:20:91:22:8e:e4:20:80:6f:38:
54:4d:44:7e:a4:97:12:7c:4c:b9:06:a3:b5:ec:d7:
93:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A9:7F:F2:60:48:A8:C6:E5:27:8E:F9:77:48:A6:2C:0B:D9:53:F2
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/M6l_8mBIqMblJ475d0imLAvZU_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.155.0/24
104.238.4.0/23
104.238.8.0/23
104.238.17.0/24
104.239.30.0/23
104.239.64.0/23
104.239.94.0/24
104.249.17.0/24
104.249.46.0/23
104.249.50.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
68:eb:2c:cc:09:bb:eb:59:9c:3f:3c:b1:63:79:a2:80:6c:16:
4f:38:05:3b:f1:79:d8:9a:fb:72:5c:92:d1:f3:27:ca:20:db:
d4:4e:2a:4e:cb:ef:95:da:c7:38:05:e2:c6:4b:52:62:1f:c9:
f4:87:c0:73:8b:6c:b2:b4:e6:dc:0e:81:79:f4:41:69:eb:b7:
f9:49:c2:90:b1:a0:0e:39:b8:f2:a0:03:0e:9f:f7:a9:d1:8b:
16:05:8c:25:e7:da:cf:e8:1a:a1:ae:fc:66:61:e2:08:d4:58:
e6:15:ef:18:a4:05:fe:f5:e2:7a:a8:4d:32:7a:d2:3b:59:4d:
ed:c4:0e:67:f1:04:e6:d5:a1:d8:74:77:42:a2:40:52:c3:68:
f9:6d:10:68:f2:a4:c5:f4:76:af:80:ff:30:c0:1b:96:10:c3:
7e:26:86:61:c3:87:7c:ff:61:38:8b:fc:db:c7:1b:38:a1:aa:
7f:89:0c:5a:ad:fd:07:d9:e4:a9:c2:4d:7f:12:4b:2b:bc:9a:
38:76:2c:13:48:e4:07:66:5a:72:e6:c9:e6:dc:85:79:f2:e3:
60:f1:c7:f8:f8:6c:65:e3:1d:44:2a:98:eb:ae:8f:0d:24:88:
5c:be:6d:ef:08:9a:bc:63:55:c9:fc:9e:4c:74:36:f3:f5:1a:
e0:a6:81:aa
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZYl7+Fji20V/5IS5Aj+gLOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNDExMTczOTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2E5N2ZmMjYwNDhhOGM2ZTUyNzhlZjk3NzQ4YTYyYzBiZDk1M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZELV42HqbwtHpqn8knOdjTQaBeS
7PK65dazAaaaZhyHA145OkYlyboCRzi0QxakmUzbtWmPz5bkEwMykK8ZadCCLoFX
2Yo4lNtWci3+A/LR7QWAqiM4FVa6gYtq/VpQumez966VNj5xxepODE6TJ9mQb/xf
enJT4cswRuVL/WydYehxNnkZh9yqcQD+e94SIl0rpuUjAkB0OlZBwXmy/lSkmZyn
pITEna6kpJRQIGD3K8+9Vo9LGOlY84mZCe/eWVCJt9e5J8x8AU+/kLGsFPlLrDBA
0PY5lA+nkLpCnupGTC+SPZogkSKO5CCAbzhUTUR+pJcSfEy5BqO17NeTiQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDOpf/JgSKjG5SeO+XdIpiwL2VPyMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTTZsXzhtQklxTWJsSjQ3NWQwaW1MQXZaVV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALSubAwQB
aO4EAwQBaO4IAwQAaO4RAwQBaO8eAwQBaO9AAwQAaO9eAwQAaPkRAwQBaPkuAwQA
aPkyAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQBo6yzMCbvrWZw/PLFjeaKAbBZP
OAU78XnYmvtyXJLR8yfKINvUTipOy++V2sc4BeLGS1JiH8n0h8Bzi2yytObcDoF5
9EFp67f5ScKQsaAOObjyoAMOn/ep0YsWBYwl59rP6BqhrvxmYeII1FjmFe8YpAX+
9eJ6qE0yetI7WU3txA5n8QTm1aHYdHdCokBSw2j5bRBo8qTF9HavgP8wwBuWEMN+
JoZhw4d8/2E4i/zbxxs4oap/iQxarf0H2eSpwk1/EksrvJo4diwTSOQHZlpy5snm
3IV58uNg8cf4+Gxl4x1EKpjrro8NJIhcvm3vCJq8Y1XJ/J5MdDbz9RrgpoGq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net