Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/rAEXG8LVncu-VzH6pWQ3O-v7vJk.roa
File: rAEXG8LVncu-VzH6pWQ3O-v7vJk.roa (raw, json)
Hash identifier: pHtLRGskuQm7vCqkOegxgViLMoHSueDTg44n3jic3FY=
Subject key identifier: AC:01:17:1B:C2:D5:9D:CB:BE:57:31:FA:A5:64:37:3B:EB:FB:BC:99
Certificate issuer: /CN=4d583b6f56cf092728de593ad952aea19ce31886
Certificate serial: 019425FD7E290C3C8476B7DBA87F7836C4CD
Authority key identifier: 4D:58:3B:6F:56:CF:09:27:28:DE:59:3A:D9:52:AE:A1:9C:E3:18:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVg7b1bPCSco3lk62VKuoZzjGIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/rAEXG8LVncu-VzH6pWQ3O-v7vJk.roa
Signing time: Thu 02 Jan 2025 07:49:17 +0000
ROA not before: Thu 02 Jan 2025 07:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9063
IP address blocks: 37.9.184.0/21 maxlen: 21
95.156.197.0/24 maxlen: 24
95.156.200.0/23 maxlen: 23
95.156.202.0/24 maxlen: 24
95.156.214.0/23 maxlen: 23
109.230.201.0/24 maxlen: 24
109.230.202.0/24 maxlen: 24
185.119.32.0/22 maxlen: 22
2a02:2dc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:7e:29:0c:3c:84:76:b7:db:a8:7f:78:36:c4:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d583b6f56cf092728de593ad952aea19ce31886
Validity
Not Before: Jan 2 07:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac01171bc2d59dcbbe5731faa564373bebfbbc99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:6f:5f:29:21:49:c1:65:fb:4e:c8:6c:89:
e4:47:42:6e:7b:ff:21:db:4a:d6:9b:af:87:20:e5:
23:1a:01:4e:42:0f:d0:7a:fb:43:e4:48:21:f9:c9:
15:41:47:00:f9:c1:8c:ec:de:a5:43:e0:3c:db:f7:
25:f9:dd:2c:30:49:af:7d:7e:cb:d5:2d:39:38:4f:
82:c3:52:21:1d:05:ed:50:17:d3:d3:d6:21:3d:b3:
b1:cf:6b:87:64:77:ed:38:64:92:4b:34:0e:16:2d:
72:0e:ef:47:ea:a8:42:8e:ef:b3:78:24:8e:91:72:
dc:ba:5d:d2:60:af:c5:f2:7f:84:68:5b:c3:04:e5:
57:22:50:dc:56:d2:8c:d2:b6:57:c2:75:74:90:36:
45:50:b6:e6:9a:3b:2c:99:33:20:8a:fc:a4:3a:23:
50:71:0f:af:76:5f:ec:1c:e3:41:26:b6:41:de:21:
8d:4f:fb:ee:7c:36:22:d2:dc:02:65:3b:f1:25:b8:
08:44:a8:a9:e4:d0:9a:f7:11:54:39:8a:b4:63:73:
34:67:0b:5c:e2:a6:b3:9d:05:f4:5c:a1:9c:f4:3c:
f9:1a:a8:4b:73:85:ee:a6:e0:23:ba:c3:ec:08:ae:
57:b2:07:e5:7c:f8:af:78:47:df:c4:ac:a1:e3:42:
06:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:01:17:1B:C2:D5:9D:CB:BE:57:31:FA:A5:64:37:3B:EB:FB:BC:99
X509v3 Authority Key Identifier:
keyid:4D:58:3B:6F:56:CF:09:27:28:DE:59:3A:D9:52:AE:A1:9C:E3:18:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVg7b1bPCSco3lk62VKuoZzjGIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/rAEXG8LVncu-VzH6pWQ3O-v7vJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/TVg7b1bPCSco3lk62VKuoZzjGIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.184.0/21
95.156.197.0/24
95.156.200.0-95.156.202.255
95.156.214.0/23
109.230.201.0-109.230.202.255
185.119.32.0/22
IPv6:
2a02:2dc0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:db:11:4c:01:91:f7:e8:0d:98:7e:b1:fe:58:88:06:13:a1:
ca:05:3a:d4:d2:eb:13:fa:51:cc:7e:82:44:ce:4f:82:3b:16:
1e:93:da:72:6e:ee:fd:53:88:b6:40:af:72:15:a2:81:9f:6b:
df:2d:e2:f5:9f:1a:c1:f3:6b:5c:73:87:27:87:fc:94:dc:a6:
bb:fc:bc:f7:b8:06:b8:bd:58:56:ee:61:54:aa:ca:d3:85:94:
ad:b2:23:f9:c1:64:a0:7a:23:7c:aa:31:7e:e2:85:ee:b3:d8:
fd:b5:2e:42:4b:0a:a9:96:49:9b:b7:c6:96:4e:1c:fb:62:64:
f6:e8:af:d9:7f:e9:60:30:ec:c9:e6:b8:0d:a7:25:3c:92:ce:
01:07:fa:31:c9:cc:c6:b7:ef:c4:88:35:d8:9b:f3:a9:b7:1d:
b3:76:c3:7f:dc:5a:79:3d:63:44:13:7f:03:91:29:5e:3b:d0:
a7:e2:f6:2d:f6:21:e4:4d:9b:d1:e8:2d:18:0d:7e:e1:02:88:
ad:b2:b5:c8:3e:74:bf:2f:bf:bb:eb:65:3e:e1:a3:df:83:77:
04:a5:d9:b5:0c:cd:82:e7:db:fb:e7:2f:71:30:17:00:86:61:
46:d8:ea:45:1c:8d:15:07:69:2f:96:02:98:95:75:7a:f2:98:
f9:d3:e9:82
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZQl/X4pDDyEdrfbqH94NsTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNTgzYjZmNTZjZjA5MjcyOGRlNTkzYWQ5NTJhZWExOWNl
MzE4ODYwHhcNMjUwMTAyMDc0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzAxMTcxYmMyZDU5ZGNiYmU1NzMxZmFhNTY0MzczYmViZmJiYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ5vXykhScFl+07IbInkR0Jue/8h
20rWm6+HIOUjGgFOQg/QevtD5Egh+ckVQUcA+cGM7N6lQ+A82/cl+d0sMEmvfX7L
1S05OE+Cw1IhHQXtUBfT09YhPbOxz2uHZHftOGSSSzQOFi1yDu9H6qhCju+zeCSO
kXLcul3SYK/F8n+EaFvDBOVXIlDcVtKM0rZXwnV0kDZFULbmmjssmTMgivykOiNQ
cQ+vdl/sHONBJrZB3iGNT/vufDYi0twCZTvxJbgIRKip5NCa9xFUOYq0Y3M0Zwtc
4qaznQX0XKGc9Dz5GqhLc4XupuAjusPsCK5XsgflfPiveEffxKyh40IG3QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFKwBFxvC1Z3Lvlcx+qVkNzvr+7yZMB8GA1UdIwQY
MBaAFE1YO29WzwknKN5ZOtlSrqGc4xiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZnN2IxYlBDU2NvM2xrNjJWS3VvWnpqR0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83MzU4YmQtYzcyZi00ZDliLWJiMGQt
MGI0ZjcxN2FhMzYzLzEvckFFWEc4TFZuY3UtVnpINnBXUTNPLXY3dkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83MzU4YmQtYzcyZi00ZDliLWJiMGQtMGI0ZjcxN2FhMzYz
LzEvVFZnN2IxYlBDU2NvM2xrNjJWS3VvWnpqR0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQDJQm4AwQA
X5zFMAwDBANfnMgDBABfnMoDBAFfnNYwDAMEAG3myQMEAG3mygMEArl3IDANBAIA
AjAHAwUAKgItwDANBgkqhkiG9w0BAQsFAAOCAQEAetsRTAGR9+gNmH6x/liIBhOh
ygU61NLrE/pRzH6CRM5PgjsWHpPacm7u/VOItkCvchWigZ9r3y3i9Z8awfNrXHOH
J4f8lNymu/y897gGuL1YVu5hVKrK04WUrbIj+cFkoHojfKoxfuKF7rPY/bUuQksK
qZZJm7fGlk4c+2Jk9uiv2X/pYDDsyea4DaclPJLOAQf6McnMxrfvxIg12Jvzqbcd
s3bDf9xaeT1jRBN/A5EpXjvQp+L2LfYh5E2b0egtGA1+4QKIrbK1yD50vy+/u+tl
PuGj34N3BKXZtQzNgufb++cvcTAXAIZhRtjqRRyNFQdpL5YCmJV1evKY+dPpgg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net