Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/E-8vbhQrqOgxDM421GCrllAKNII.roa
File: E-8vbhQrqOgxDM421GCrllAKNII.roa (raw, json)
Hash identifier: i8JO2h6EgpqD2l/z1ws1vhndMFZtWe/14XyRVS+B6/I=
Subject key identifier: 13:EF:2F:6E:14:2B:A8:E8:31:0C:CE:36:D4:60:AB:96:50:0A:34:82
Certificate issuer: /CN=8751759bb92cba5520536945ed1b3fa5ad151b65
Certificate serial: 01942747AED9DBC107D5559E442A6BC1179D
Authority key identifier: 87:51:75:9B:B9:2C:BA:55:20:53:69:45:ED:1B:3F:A5:AD:15:1B:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1F1m7ksulUgU2lF7Rs_pa0VG2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/E-8vbhQrqOgxDM421GCrllAKNII.roa
Signing time: Thu 02 Jan 2025 13:49:56 +0000
ROA not before: Thu 02 Jan 2025 13:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57653
IP address blocks: 94.156.96.0/24 maxlen: 24
94.156.186.0/24 maxlen: 24
109.69.232.0/21 maxlen: 21
109.69.232.0/24 maxlen: 24
109.69.233.0/24 maxlen: 24
109.69.234.0/24 maxlen: 24
109.69.235.0/24 maxlen: 24
109.69.236.0/24 maxlen: 24
109.69.237.0/24 maxlen: 24
109.69.238.0/24 maxlen: 24
109.69.239.0/24 maxlen: 24
185.191.84.0/22 maxlen: 22
185.191.84.0/24 maxlen: 24
185.191.85.0/24 maxlen: 24
185.191.86.0/24 maxlen: 24
185.191.87.0/24 maxlen: 24
2a00:1ba8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ae:d9:db:c1:07:d5:55:9e:44:2a:6b:c1:17:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8751759bb92cba5520536945ed1b3fa5ad151b65
Validity
Not Before: Jan 2 13:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13ef2f6e142ba8e8310cce36d460ab96500a3482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:64:4e:d3:64:ee:8f:8d:37:b0:79:1f:b0:b9:
d1:dc:8f:e7:03:c5:17:fc:36:92:19:91:33:13:a8:
cf:46:08:97:54:b4:04:29:55:bb:c3:f5:a3:7a:ec:
a8:9c:f9:b0:3b:03:6f:69:81:1d:e6:fe:08:af:a2:
0e:83:bd:43:c7:9f:99:35:a9:12:0f:5f:b8:ae:b5:
00:22:8f:57:04:49:83:dd:2f:94:69:13:7c:ca:c6:
45:a6:be:5d:0b:03:47:a8:9d:90:0a:11:5e:82:3c:
93:51:24:60:9c:01:ce:da:9e:58:cb:73:4c:be:1d:
da:b2:79:f5:af:94:69:10:c6:80:b3:3a:89:08:d5:
3e:1b:7c:19:9f:2a:3c:f7:4c:b3:a4:ef:84:52:1b:
72:3f:05:c4:91:b3:f0:4c:94:7d:95:7c:da:7a:0d:
2a:b5:58:35:e6:b0:57:aa:0c:49:d9:f2:83:39:c7:
23:a6:c5:89:5c:4b:d2:fe:57:a4:66:96:dc:9d:c0:
95:05:12:20:83:39:34:ef:15:ca:93:a0:e5:8b:10:
ad:f2:0f:92:3c:8a:84:69:b3:ab:7d:a5:15:54:e6:
47:02:68:ed:d2:40:07:72:0f:e2:fe:8f:99:99:20:
7e:3c:06:25:09:51:c6:c5:cd:17:83:3c:aa:05:1e:
3e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EF:2F:6E:14:2B:A8:E8:31:0C:CE:36:D4:60:AB:96:50:0A:34:82
X509v3 Authority Key Identifier:
keyid:87:51:75:9B:B9:2C:BA:55:20:53:69:45:ED:1B:3F:A5:AD:15:1B:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1F1m7ksulUgU2lF7Rs_pa0VG2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/E-8vbhQrqOgxDM421GCrllAKNII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/h1F1m7ksulUgU2lF7Rs_pa0VG2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.96.0/24
94.156.186.0/24
109.69.232.0/21
185.191.84.0/22
IPv6:
2a00:1ba8::/32
Signature Algorithm: sha256WithRSAEncryption
3b:8b:91:e7:f3:a0:ca:1f:5e:72:1d:7a:cc:fc:38:3b:52:8f:
ec:68:32:ce:9a:ee:08:fb:5c:2b:56:08:31:9e:37:ea:81:8d:
a3:e1:67:92:c7:ab:06:ef:d8:e7:81:88:25:c1:49:82:3d:f0:
43:ea:30:17:53:79:c1:c0:fd:1c:51:56:b9:d9:18:2e:88:b6:
a0:6e:b0:0c:36:ce:b7:dc:da:cd:a1:04:e7:2b:a5:76:f2:07:
1e:ce:fe:d8:b8:a4:4d:03:b3:7c:6c:3e:83:4d:bc:57:47:e7:
53:ba:ca:61:81:ac:3a:f6:d0:b6:76:7e:e1:81:e5:f6:ed:cb:
0d:e9:4c:62:5f:f6:bf:ac:1c:6b:8a:8a:2c:22:f2:9c:c6:ed:
ec:6d:18:b2:8a:39:d4:f4:46:0c:ec:d3:29:59:b1:24:37:1c:
cb:3f:50:09:84:2f:42:3f:be:46:de:17:e3:5e:68:d9:4a:58:
bf:0a:1f:2c:a2:61:98:f2:53:48:88:de:a1:b1:05:aa:70:66:
81:c9:32:73:64:64:d0:9e:e6:4f:2e:9b:84:fd:ec:03:52:a9:
7c:b9:00:24:54:48:d1:dc:a9:54:7f:cc:a3:ce:7b:e7:61:ba:
0d:62:ab:b1:c5:88:35:54:52:34:72:ae:f6:42:29:53:79:aa:
66:eb:ac:41
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQnR67Z28EH1VWeRCprwRedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTE3NTliYjkyY2JhNTUyMDUzNjk0NWVkMWIzZmE1YWQx
NTFiNjUwHhcNMjUwMTAyMTM0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2VmMmY2ZTE0MmJhOGU4MzEwY2NlMzZkNDYwYWI5NjUwMGEzNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWRO02Tuj403sHkfsLnR3I/nA8UX
/DaSGZEzE6jPRgiXVLQEKVW7w/WjeuyonPmwOwNvaYEd5v4Ir6IOg71Dx5+ZNakS
D1+4rrUAIo9XBEmD3S+UaRN8ysZFpr5dCwNHqJ2QChFegjyTUSRgnAHO2p5Yy3NM
vh3asnn1r5RpEMaAszqJCNU+G3wZnyo890yzpO+EUhtyPwXEkbPwTJR9lXzaeg0q
tVg15rBXqgxJ2fKDOccjpsWJXEvS/lekZpbcncCVBRIggzk07xXKk6DlixCt8g+S
PIqEabOrfaUVVOZHAmjt0kAHcg/i/o+ZmSB+PAYlCVHGxc0XgzyqBR4+xwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBPvL24UK6joMQzONtRgq5ZQCjSCMB8GA1UdIwQY
MBaAFIdRdZu5LLpVIFNpRe0bP6WtFRtlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFGMW03a3N1bFVnVTJsRjdSc19wYTBWRzJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84NjI1MjUtZjYzZi00NjUzLWEzYTYt
ZTg5ZjUxY2E2ODQwLzEvRS04dmJoUXJxT2d4RE00MjFHQ3JsbEFLTklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84NjI1MjUtZjYzZi00NjUzLWEzYTYtZTg5ZjUxY2E2ODQw
LzEvaDFGMW03a3N1bFVnVTJsRjdSc19wYTBWRzJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAXpxgAwQA
Xpy6AwQDbUXoAwQCub9UMA0EAgACMAcDBQAqABuoMA0GCSqGSIb3DQEBCwUAA4IB
AQA7i5Hn86DKH15yHXrM/Dg7Uo/saDLOmu4I+1wrVggxnjfqgY2j4WeSx6sG79jn
gYglwUmCPfBD6jAXU3nBwP0cUVa52RguiLagbrAMNs633NrNoQTnK6V28gcezv7Y
uKRNA7N8bD6DTbxXR+dTusphgaw69tC2dn7hgeX27csN6UxiX/a/rBxrioosIvKc
xu3sbRiyijnU9EYM7NMpWbEkNxzLP1AJhC9CP75G3hfjXmjZSli/Ch8somGY8lNI
iN6hsQWqcGaByTJzZGTQnuZPLpuE/ewDUql8uQAkVEjR3KlUf8yjznvnYboNYqux
xYg1VFI0cq72QilTeapm66xB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net