Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/vXJ2lw4e2BpE0EN8XtHKh0qHF7g.roa
File: vXJ2lw4e2BpE0EN8XtHKh0qHF7g.roa (raw, json)
Hash identifier: M8+6jzD+LskphDgNZ2CuRjVcaknibU8I79hv7S74NCo=
Subject key identifier: BD:72:76:97:0E:1E:D8:1A:44:D0:43:7C:5E:D1:CA:87:4A:87:17:B8
Certificate issuer: /CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Certificate serial: 019425FDBA62D1CDD1FE07A5AE494F3A0831
Authority key identifier: 7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/vXJ2lw4e2BpE0EN8XtHKh0qHF7g.roa
Signing time: Thu 02 Jan 2025 07:49:32 +0000
ROA not before: Thu 02 Jan 2025 07:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200521
IP address blocks: 192.148.208.0/24 maxlen: 24
192.148.209.0/24 maxlen: 24
192.148.210.0/24 maxlen: 24
192.148.211.0/24 maxlen: 24
192.148.212.0/24 maxlen: 24
192.148.213.0/24 maxlen: 24
192.148.214.0/24 maxlen: 24
192.148.215.0/24 maxlen: 24
192.187.16.0/24 maxlen: 24
192.187.17.0/24 maxlen: 24
192.187.18.0/24 maxlen: 24
192.187.19.0/24 maxlen: 24
192.187.20.0/24 maxlen: 24
192.187.21.0/24 maxlen: 24
192.187.22.0/24 maxlen: 24
192.187.23.0/24 maxlen: 24
212.128.96.0/22 maxlen: 22
212.128.100.0/24 maxlen: 24
212.128.101.0/24 maxlen: 24
212.128.102.0/24 maxlen: 24
212.128.103.0/24 maxlen: 24
212.128.104.0/24 maxlen: 24
212.128.105.0/24 maxlen: 24
212.128.106.0/24 maxlen: 24
212.128.107.0/24 maxlen: 24
212.128.108.0/24 maxlen: 24
212.128.109.0/24 maxlen: 24
212.128.110.0/24 maxlen: 24
212.128.111.0/24 maxlen: 24
212.128.112.0/22 maxlen: 22
212.128.112.0/24 maxlen: 24
212.128.113.0/24 maxlen: 24
212.128.114.0/24 maxlen: 24
212.128.116.0/23 maxlen: 23
212.128.118.0/24 maxlen: 24
212.128.119.0/24 maxlen: 24
212.128.120.0/24 maxlen: 24
212.128.121.0/24 maxlen: 24
212.128.122.0/24 maxlen: 24
212.128.123.0/24 maxlen: 24
212.128.125.0/24 maxlen: 24
212.128.126.0/24 maxlen: 24
212.128.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ba:62:d1:cd:d1:fe:07:a5:ae:49:4f:3a:08:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Validity
Not Before: Jan 2 07:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd7276970e1ed81a44d0437c5ed1ca874a8717b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:32:58:a2:b9:a9:c6:95:e2:6f:ae:46:a9:6c:
94:56:29:4b:39:03:c9:9a:f6:15:31:47:0f:64:7d:
c1:cc:cd:e5:8e:e0:92:2f:bf:70:af:b4:e8:3a:85:
48:94:c0:b6:89:b3:d6:17:17:6d:24:3b:f3:22:33:
3c:8e:a7:86:e4:1a:27:b3:be:d9:9c:63:24:5c:c6:
7c:6b:53:9b:e5:54:02:af:ea:df:2b:73:77:f4:78:
2a:18:b1:76:5a:b0:aa:29:e7:97:62:07:db:a2:e9:
fd:3f:89:22:7a:7f:25:07:81:84:f2:47:3d:83:f5:
65:6f:ab:60:5c:30:66:b0:0e:13:79:60:d8:b0:79:
af:81:55:d6:38:3c:08:02:7e:d3:0d:47:3b:56:f4:
45:9f:74:b9:59:7c:86:57:48:e9:01:96:4e:16:02:
bb:7d:85:41:1b:cc:3f:cd:40:1b:df:a2:55:da:ab:
cc:52:1c:d2:20:82:7b:3c:10:e9:9d:41:0a:5a:e1:
94:e5:a6:55:1b:2f:91:e7:8d:89:95:84:53:d5:b3:
02:91:48:60:15:a3:c5:f6:f3:a5:df:e3:fd:fd:c9:
4e:8c:0b:70:93:88:e5:bc:c7:3f:4d:4b:b7:82:12:
62:85:af:f2:77:a9:8f:dc:46:99:e3:21:1c:52:ae:
10:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:72:76:97:0E:1E:D8:1A:44:D0:43:7C:5E:D1:CA:87:4A:87:17:B8
X509v3 Authority Key Identifier:
keyid:7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/vXJ2lw4e2BpE0EN8XtHKh0qHF7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.148.208.0/21
192.187.16.0/21
212.128.96.0-212.128.123.255
212.128.125.0-212.128.127.255
Signature Algorithm: sha256WithRSAEncryption
90:96:b2:cc:37:bd:13:ed:ad:2a:67:22:bf:68:5d:cf:51:94:
a4:ce:71:a9:1b:63:31:f2:68:40:f4:ec:e2:52:b6:d4:8d:a7:
45:59:6f:d6:d8:6e:4f:55:d7:c0:dd:dc:d3:43:98:f6:bd:dc:
f7:48:77:80:e4:98:2d:f4:07:7b:6c:0d:d4:7c:ed:3e:a8:7c:
ca:be:e5:d8:3b:da:19:8b:57:eb:46:ce:b7:be:1f:89:d4:45:
d6:41:27:47:91:13:da:7e:0e:7b:b6:f9:b2:4c:ac:04:a0:79:
39:d1:89:bc:5d:06:ef:34:ee:7c:e0:69:39:b9:68:bb:a3:05:
2c:e0:20:4a:81:2e:5d:10:68:c8:bf:b6:41:67:08:28:31:25:
c3:25:cb:35:6f:ce:37:a2:ef:ac:28:63:aa:52:db:e6:fc:54:
44:03:22:5e:05:f8:99:47:82:a5:05:7a:37:bf:7b:04:cb:a9:
59:c5:46:52:aa:96:bc:6c:3b:7f:cb:22:5a:f9:b2:33:e2:e3:
04:00:64:05:fd:55:51:18:1f:0f:ef:ce:ab:ea:f1:a5:14:64:
ee:ca:2d:4e:ef:e6:d5:f7:34:65:f7:35:49:3a:4b:78:ce:b9:
d5:a0:84:41:c5:44:d1:ca:fc:9b:66:c2:68:d2:70:30:5b:f0:
01:ef:47:aa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQl/bpi0c3R/gelrklPOggxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTAwNzdkMmRkOGE2N2ExYWU4YjZhYmQ2YmJiMzQ4OTAy
OGE1YmIwHhcNMjUwMTAyMDc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDcyNzY5NzBlMWVkODFhNDRkMDQzN2M1ZWQxY2E4NzRhODcxN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDJYormpxpXib65GqWyUVilLOQPJ
mvYVMUcPZH3BzM3ljuCSL79wr7ToOoVIlMC2ibPWFxdtJDvzIjM8jqeG5Bons77Z
nGMkXMZ8a1Ob5VQCr+rfK3N39HgqGLF2WrCqKeeXYgfboun9P4kien8lB4GE8kc9
g/Vlb6tgXDBmsA4TeWDYsHmvgVXWODwIAn7TDUc7VvRFn3S5WXyGV0jpAZZOFgK7
fYVBG8w/zUAb36JV2qvMUhzSIIJ7PBDpnUEKWuGU5aZVGy+R542JlYRT1bMCkUhg
FaPF9vOl3+P9/clOjAtwk4jlvMc/TUu3ghJiha/yd6mP3EaZ4yEcUq4Q+QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL1ydpcOHtgaRNBDfF7RyodKhxe4MB8GA1UdIwQY
MBaAFH9QB30t2KZ6Gui2q9a7s0iQKKW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2Mt
M2U3Y2FkZDg4YzcwLzEvdlhKMmx3NGUyQnBFMEVOOFh0SEtoMHFIRjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2MtM2U3Y2FkZDg4Yzcw
LzEvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDwJTQAwQD
wLsQMAwDBAXUgGADBALUgHgwDAMEANSAfQMEB9SAADANBgkqhkiG9w0BAQsFAAOC
AQEAkJayzDe9E+2tKmciv2hdz1GUpM5xqRtjMfJoQPTs4lK21I2nRVlv1thuT1XX
wN3c00OY9r3c90h3gOSYLfQHe2wN1HztPqh8yr7l2DvaGYtX60bOt74fidRF1kEn
R5ET2n4Oe7b5skysBKB5OdGJvF0G7zTufOBpOblou6MFLOAgSoEuXRBoyL+2QWcI
KDElwyXLNW/ON6LvrChjqlLb5vxURAMiXgX4mUeCpQV6N797BMupWcVGUqqWvGw7
f8siWvmyM+LjBABkBf1VURgfD+/Oq+rxpRRk7sotTu/m1fc0Zfc1STpLeM651aCE
QcVE0cr8m2bCaNJwMFvwAe9Hqg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net