Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/qMzftc4U4fnaVKlTtkutFDRSsMY.roa
File: qMzftc4U4fnaVKlTtkutFDRSsMY.roa (raw, json)
Hash identifier: yi8hIPalx66i6s+zJdC2heK5c4Cc2LMKyZ9wW91rfiE=
Subject key identifier: A8:CC:DF:B5:CE:14:E1:F9:DA:54:A9:53:B6:4B:AD:14:34:52:B0:C6
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0195ED310EA884F819D6C961ED79847544F6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/qMzftc4U4fnaVKlTtkutFDRSsMY.roa
Signing time: Mon 31 Mar 2025 17:12:49 +0000
ROA not before: Mon 31 Mar 2025 17:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.111.0/24 maxlen: 24
104.222.160.0/24 maxlen: 24
104.222.163.0/24 maxlen: 24
104.222.164.0/24 maxlen: 24
104.222.165.0/24 maxlen: 24
104.222.166.0/24 maxlen: 24
104.222.191.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
104.238.28.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:31:0e:a8:84:f8:19:d6:c9:61:ed:79:84:75:44:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 31 17:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8ccdfb5ce14e1f9da54a953b64bad143452b0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8e:de:15:54:f4:01:6c:23:cf:a6:38:57:43:
7a:fd:57:d1:7f:28:ea:84:c3:cb:1f:50:97:90:62:
5b:a1:36:be:48:ab:11:c3:a3:83:41:5c:f0:21:6d:
44:e8:b7:89:5b:f4:6b:d4:4d:92:e0:8d:ec:3c:72:
f7:7f:25:e1:76:63:01:62:1c:4c:f8:9b:f1:e3:ee:
52:73:48:dc:2a:44:7c:3a:ea:ba:f9:e0:a1:95:c6:
2f:6d:f7:22:da:a3:bb:ea:23:a1:eb:02:fa:5d:fe:
6e:17:ab:b4:8f:c4:25:0f:29:64:bd:f3:f6:61:57:
1a:d7:60:f5:cc:85:8a:b6:f9:6f:a8:1f:3e:e7:1f:
e8:90:a3:ad:ff:b0:9d:65:c6:89:36:de:db:ac:5e:
90:06:5e:30:a3:d8:d1:d7:50:ab:ca:78:04:c2:55:
da:75:5d:67:68:85:0f:dc:5d:2d:d3:19:9b:f0:cb:
55:ac:c1:cc:ae:02:6b:d2:aa:ce:06:b9:ba:b1:7e:
02:7a:68:9b:4b:76:97:dc:7f:36:da:a6:aa:51:31:
f1:0e:a4:5a:10:65:c7:02:94:d2:6f:b5:27:82:96:
f2:7b:6c:1b:e9:e3:f0:3e:3f:97:61:23:95:a0:63:
2d:3a:c0:62:d2:1b:50:af:96:63:ec:62:64:48:6d:
52:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CC:DF:B5:CE:14:E1:F9:DA:54:A9:53:B6:4B:AD:14:34:52:B0:C6
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/qMzftc4U4fnaVKlTtkutFDRSsMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.111.0/24
104.222.160.0/24
104.222.163.0-104.222.166.255
104.222.191.0/24
104.233.56.0/24
104.233.58.0/24
104.238.24.0/24
104.238.28.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e9:71:8e:20:46:4c:70:bf:b6:d3:3d:51:8e:f1:44:bb:df:
7a:90:7c:1a:dd:3f:7a:1c:ac:5b:45:52:53:df:14:f3:c2:fe:
94:c5:b1:25:17:5b:8c:dd:9d:b9:de:5c:4e:b0:e1:17:1a:50:
a1:72:a3:7b:ce:a7:58:b7:3f:81:a0:51:63:e6:82:ae:9d:a6:
a2:9f:28:e4:31:f0:e4:6d:39:d9:f4:93:df:3f:9c:8e:dd:61:
51:24:1c:7d:45:ca:0a:f2:1d:1c:1b:f6:8a:8a:55:9c:5f:05:
5d:a2:32:8b:43:b0:f4:87:46:96:8d:eb:5b:a8:5a:0a:4a:03:
4a:a4:c5:5a:aa:57:52:69:99:ae:86:87:ca:89:09:e4:2c:c6:
6d:46:47:a1:54:8f:9d:60:f4:e1:e1:4c:10:a8:db:08:3c:09:
0f:7c:a6:62:a6:f7:64:4e:b1:8c:5d:8f:a0:e5:a1:e1:24:52:
06:78:b0:2a:69:ee:61:92:0d:3d:e0:09:01:bd:c4:b2:a1:3e:
1e:f4:aa:e2:15:00:65:4d:03:00:c1:8c:56:88:b1:d3:77:46:
8a:2c:d6:f6:91:af:49:5b:43:1e:38:b1:5c:c6:1c:c1:65:c0:
32:c0:39:a4:99:4b:5c:78:3e:6a:83:41:50:7d:7e:e4:22:6b:
4d:2a:d3:63
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZXtMQ6ohPgZ1slh7XmEdUT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMzMxMTcxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNjZGZiNWNlMTRlMWY5ZGE1NGE5NTNiNjRiYWQxNDM0NTJiMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6o7eFVT0AWwjz6Y4V0N6/VfRfyjq
hMPLH1CXkGJboTa+SKsRw6ODQVzwIW1E6LeJW/Rr1E2S4I3sPHL3fyXhdmMBYhxM
+Jvx4+5Sc0jcKkR8Ouq6+eChlcYvbfci2qO76iOh6wL6Xf5uF6u0j8QlDylkvfP2
YVca12D1zIWKtvlvqB8+5x/okKOt/7CdZcaJNt7brF6QBl4wo9jR11CryngEwlXa
dV1naIUP3F0t0xmb8MtVrMHMrgJr0qrOBrm6sX4CemibS3aX3H822qaqUTHxDqRa
EGXHApTSb7Ungpbye2wb6ePwPj+XYSOVoGMtOsBi0htQr5Zj7GJkSG1SUwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKjM37XOFOH52lSpU7ZLrRQ0UrDGMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvcU16ZnRjNFU0Zm5hVktsVHRrdXRGRFJTc01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC0r
kwMEAC0rmAMEAECJbwMEAGjeoDAMAwQAaN6jAwQAaN6mAwQAaN6/AwQAaOk4AwQA
aOk6AwQAaO4YAwQAaO4cAwQAaO9CAwQAaO9KAwQAaO9PAwQAaO9TAwQAaO9ZAwQA
aO9kAwQAaO9mAwQAaO9tAwQAaO9/MA0GCSqGSIb3DQEBCwUAA4IBAQAu6XGOIEZM
cL+20z1RjvFEu996kHwa3T96HKxbRVJT3xTzwv6UxbElF1uM3Z253lxOsOEXGlCh
cqN7zqdYtz+BoFFj5oKunaainyjkMfDkbTnZ9JPfP5yO3WFRJBx9RcoK8h0cG/aK
ilWcXwVdojKLQ7D0h0aWjetbqFoKSgNKpMVaqldSaZmuhofKiQnkLMZtRkehVI+d
YPTh4UwQqNsIPAkPfKZipvdkTrGMXY+g5aHhJFIGeLAqae5hkg094AkBvcSyoT4e
9KriFQBlTQMAwYxWiLHTd0aKLNb2ka9JW0MeOLFcxhzBZcAywDmkmUtceD5qg0FQ
fX7kImtNKtNj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net