Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/0LdCYiyoo_rQZDLAQK9EXmWdrLs.roa
File: 0LdCYiyoo_rQZDLAQK9EXmWdrLs.roa (raw, json)
Hash identifier: ii+DUPaWPj2PKPLgx9rgU4vJhM6MjQajOc4FBEHl1O8=
Subject key identifier: D0:B7:42:62:2C:A8:A3:FA:D0:64:32:C0:40:AF:44:5E:65:9D:AC:BB
Certificate issuer: /CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e
Certificate serial: 019420D65276559C75A4D5323B29437F1EED
Authority key identifier: D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/0LdCYiyoo_rQZDLAQK9EXmWdrLs.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50295
IP address blocks: 37.203.216.0/21 maxlen: 24
93.187.8.0/21 maxlen: 24
185.47.112.0/22 maxlen: 24
185.66.80.0/22 maxlen: 24
185.101.60.0/22 maxlen: 24
2a00:1f00::/32 maxlen: 64
2a01:8ee0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:52:76:55:9c:75:a4:d5:32:3b:29:43:7f:1e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0b742622ca8a3fad06432c040af445e659dacbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a5:40:81:54:8c:6d:cc:23:19:17:cd:59:e8:
70:92:1b:44:ba:50:49:ff:a8:1c:a0:f3:34:56:28:
ba:29:8c:24:dd:13:c7:78:7b:6e:89:44:db:f2:ce:
55:74:8b:a8:8f:0a:dd:88:af:50:8d:93:7e:02:50:
5e:9e:d7:db:03:15:f8:7a:9b:f0:03:b4:e6:64:99:
81:c2:58:28:2e:9a:ca:bb:d3:32:c9:a9:9b:10:4d:
58:45:57:bc:cd:c9:b2:df:d2:cc:4d:2c:7a:96:cd:
da:8e:13:9c:7d:0a:95:a7:bd:62:b4:48:90:4a:5c:
e8:be:22:35:a4:c2:b2:38:12:ae:d8:5d:c0:d6:eb:
bb:74:8c:00:ab:d9:40:08:f6:38:ed:39:6a:9e:4e:
18:e5:14:ad:ee:03:9d:80:f1:59:c6:ba:98:d0:0c:
16:86:90:c9:b5:0c:e8:24:d2:9e:ba:a6:8a:0e:13:
20:52:53:09:f4:0e:da:c1:74:6d:d0:b9:32:67:07:
52:03:22:81:dc:05:7a:ce:94:22:fd:61:90:08:02:
3c:4b:c8:37:1b:8e:87:9e:7d:54:60:9c:57:5e:8a:
9d:3d:84:ca:b1:a5:88:4a:78:03:5d:a9:51:d8:12:
b1:78:34:db:2c:56:fd:e9:ec:1b:79:a9:0d:ab:0d:
c5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B7:42:62:2C:A8:A3:FA:D0:64:32:C0:40:AF:44:5E:65:9D:AC:BB
X509v3 Authority Key Identifier:
keyid:D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/0LdCYiyoo_rQZDLAQK9EXmWdrLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.216.0/21
93.187.8.0/21
185.47.112.0/22
185.66.80.0/22
185.101.60.0/22
IPv6:
2a00:1f00::/32
2a01:8ee0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:c3:81:b1:f1:03:a1:ce:f7:a0:47:c8:6f:ec:34:61:b5:f2:
73:27:60:55:12:9b:f8:1b:c4:63:bf:11:29:71:6e:67:53:cf:
7d:79:48:c8:fb:65:c5:c0:3c:f3:67:dd:10:fa:9c:57:97:6f:
e2:cf:a1:b9:e5:db:82:f3:1e:d8:58:8d:c8:3a:1a:8f:f7:4f:
f8:14:a8:2c:51:43:4a:1f:56:61:f1:4b:4f:37:f5:c3:c7:21:
93:e3:8c:5e:2f:b1:cb:e0:11:4c:bd:43:1f:4d:6d:7f:80:f8:
ec:36:c4:07:0a:8b:60:e3:86:cb:dd:e4:01:1c:40:68:0f:0d:
ba:53:bd:dc:04:d4:c9:71:be:0e:2c:3b:1f:cf:28:31:17:4c:
b0:78:ac:55:3d:af:e5:78:7e:9a:47:4a:b0:b0:cf:05:e5:1e:
84:17:1e:c0:c2:dd:0d:65:cd:63:0c:10:95:66:32:cc:e2:61:
31:75:ab:ca:dd:77:0b:15:ee:0c:55:a3:fd:9a:6b:f8:0f:6e:
b8:5c:fa:4a:b3:56:f6:21:00:e1:9d:e2:ef:b0:4d:1f:20:28:
09:a7:f1:97:a7:f8:b3:a3:b2:4f:8b:1b:cf:6e:b5:23:2e:c3:
17:93:bf:3e:2e:fe:d5:46:6e:90:bc:2c:8e:27:95:b1:88:69:
38:a7:1b:0e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQg1lJ2VZx1pNUyOylDfx7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzJkYThkNDU4ODQ5ZDVmNDBiYTZmMGI5MjA4Zjg1ODVk
OWUyM2UwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGI3NDI2MjJjYThhM2ZhZDA2NDMyYzA0MGFmNDQ1ZTY1OWRhY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKVAgVSMbcwjGRfNWehwkhtEulBJ
/6gcoPM0Vii6KYwk3RPHeHtuiUTb8s5VdIuojwrdiK9QjZN+AlBentfbAxX4epvw
A7TmZJmBwlgoLprKu9MyyambEE1YRVe8zcmy39LMTSx6ls3ajhOcfQqVp71itEiQ
SlzoviI1pMKyOBKu2F3A1uu7dIwAq9lACPY47Tlqnk4Y5RSt7gOdgPFZxrqY0AwW
hpDJtQzoJNKeuqaKDhMgUlMJ9A7awXRt0LkyZwdSAyKB3AV6zpQi/WGQCAI8S8g3
G46Hnn1UYJxXXoqdPYTKsaWISngDXalR2BKxeDTbLFb96ewbeakNqw3FuwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNC3QmIsqKP60GQywECvRF5lnay7MB8GA1UdIwQY
MBaAFNgy2o1FiEnV9Aum8Lkgj4WF2eI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYt
Yzk5Nzk1ZjM4ODVmLzEvMExkQ1lpeW9vX3JRWkRMQVFLOUVYbVdkckxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYtYzk5Nzk1ZjM4ODVm
LzEvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJcvYAwQD
XbsIAwQCuS9wAwQCuUJQAwQCuWU8MBQEAgACMA4DBQAqAB8AAwUAKgGO4DANBgkq
hkiG9w0BAQsFAAOCAQEADcOBsfEDoc73oEfIb+w0YbXycydgVRKb+BvEY78RKXFu
Z1PPfXlIyPtlxcA882fdEPqcV5dv4s+hueXbgvMe2FiNyDoaj/dP+BSoLFFDSh9W
YfFLTzf1w8chk+OMXi+xy+ARTL1DH01tf4D47DbEBwqLYOOGy93kARxAaA8NulO9
3ATUyXG+Diw7H88oMRdMsHisVT2v5Xh+mkdKsLDPBeUehBcewMLdDWXNYwwQlWYy
zOJhMXWryt13CxXuDFWj/Zpr+A9uuFz6SrNW9iEA4Z3i77BNHyAoCafxl6f4s6Oy
T4sbz261Iy7DF5O/Pi7+1UZukLwsjieVsYhpOKcbDg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net