Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/T-GPz-dRffS_XtUPyIRKQNk3JwM.roa
File: T-GPz-dRffS_XtUPyIRKQNk3JwM.roa (raw, json)
Hash identifier: tGXeH3e+DODajD+2kShgnJpd+ihBMwJSIvt4ZnmER58=
Subject key identifier: 4F:E1:8F:CF:E7:51:7D:F4:BF:5E:D5:0F:C8:84:4A:40:D9:37:27:03
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01951F2524FD1FCD8B846ED52FBD0FA4DBEF
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/T-GPz-dRffS_XtUPyIRKQNk3JwM.roa
Signing time: Wed 19 Feb 2025 16:58:02 +0000
ROA not before: Wed 19 Feb 2025 16:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.139.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.0/24 maxlen: 24
95.85.83.0/25 maxlen: 25
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:25:24:fd:1f:cd:8b:84:6e:d5:2f:bd:0f:a4:db:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Feb 19 16:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fe18fcfe7517df4bf5ed50fc8844a40d9372703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1e:da:19:3e:9c:0a:c1:11:b4:96:cd:9b:c4:
9d:b2:4b:ef:c7:01:df:2e:9b:9d:7b:50:29:c5:65:
eb:d0:60:96:1f:07:ef:1a:08:7b:5e:4b:6c:f5:4d:
c3:1d:8f:f5:84:22:d0:05:ad:00:cf:94:84:a2:a9:
8a:9c:db:30:71:2f:78:1b:91:28:06:fa:75:8e:24:
69:68:e5:d8:74:7f:6a:de:00:1f:fb:d2:55:7f:14:
84:88:f0:10:ec:2b:3b:59:6a:d2:b2:70:39:11:6e:
b4:f5:be:5b:87:cf:30:2d:15:8e:4c:3c:99:d9:15:
5d:03:a4:d4:a8:e3:dd:01:61:e6:f1:34:96:41:89:
d9:ee:f1:ea:fb:52:35:7b:b0:b5:a2:1e:8b:7d:60:
c0:aa:91:15:f6:1d:16:db:e1:2e:9d:2f:4b:36:87:
36:c8:a0:63:2f:73:98:94:ec:c6:0a:c7:cc:a3:e9:
03:33:32:6e:7f:ed:1a:ba:d3:48:46:69:19:7d:d0:
ab:72:73:e5:d5:a4:aa:44:77:dc:20:d4:b5:f1:7c:
1f:c8:15:5b:28:33:36:f4:8c:a0:66:86:db:2b:f0:
2b:fc:ef:79:30:24:73:38:7a:dc:30:7c:24:32:5c:
ad:ae:e2:54:9b:6c:80:e0:1b:b2:31:88:84:f7:c2:
78:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E1:8F:CF:E7:51:7D:F4:BF:5E:D5:0F:C8:84:4A:40:D9:37:27:03
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/T-GPz-dRffS_XtUPyIRKQNk3JwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.68.0/23
93.179.120.0/24
95.85.83.0/24
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
1b:bc:c2:d3:6b:9c:b0:1b:d5:81:bf:91:98:4a:1f:c8:af:75:
d1:6e:f5:11:7b:ec:7b:57:d1:3f:61:e1:9b:9d:09:f1:bd:2d:
3e:b3:56:6c:0e:37:d9:55:51:18:21:9e:1d:df:56:e0:78:57:
3b:ca:b1:ef:8b:0e:96:d7:46:51:b9:6c:f1:ba:4a:0d:63:db:
48:09:9b:e0:49:df:4e:6a:f3:21:87:92:88:89:85:2c:46:a9:
d5:9b:37:8a:83:fb:1f:b0:c6:8d:94:c4:6e:47:43:e4:51:57:
77:b1:b5:6c:2e:56:56:88:b9:76:9a:6b:43:db:b5:84:50:d3:
84:86:4a:54:01:74:e0:77:30:74:2e:d5:d0:b1:96:e1:79:ca:
78:92:45:ea:b3:9f:7b:f9:ef:08:c0:ed:84:63:dc:2d:60:ca:
9c:d6:7a:ad:34:21:f9:72:1d:f8:30:88:c4:54:35:a0:59:4b:
e0:c8:3a:81:14:01:e3:eb:20:f6:36:86:a0:d6:48:50:fc:06:
7f:e5:98:f2:65:ed:e7:31:b9:bd:ba:e2:b3:7a:f7:d3:fc:58:
9b:07:b2:83:29:d3:8c:ed:2e:15:77:30:7d:70:6b:d8:02:a2:
80:40:df:8a:d6:db:81:aa:71:1a:80:c5:d2:e4:5a:e9:85:ce:
b4:c6:aa:30
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZUfJST9H82LhG7VL70PpNvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwMjE5MTY1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUxOGZjZmU3NTE3ZGY0YmY1ZWQ1MGZjODg0NGE0MGQ5MzcyNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0x7aGT6cCsERtJbNm8SdskvvxwHf
Lpude1ApxWXr0GCWHwfvGgh7Xkts9U3DHY/1hCLQBa0Az5SEoqmKnNswcS94G5Eo
Bvp1jiRpaOXYdH9q3gAf+9JVfxSEiPAQ7Cs7WWrSsnA5EW609b5bh88wLRWOTDyZ
2RVdA6TUqOPdAWHm8TSWQYnZ7vHq+1I1e7C1oh6LfWDAqpEV9h0W2+EunS9LNoc2
yKBjL3OYlOzGCsfMo+kDMzJuf+0autNIRmkZfdCrcnPl1aSqRHfcINS18XwfyBVb
KDM29IygZobbK/Ar/O95MCRzOHrcMHwkMlytruJUm2yA4BuyMYiE98J4AQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFE/hj8/nUX30v17VD8iESkDZNycDMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvVC1HUHotZFJmZlNfWHRVUHlJUktRTmszSndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCW8SIAwQB
XbNEAwQAXbN4AwQAX1VTAwQAX7XVAwQAbcSFAwQAw7YIMBQEAgACMA4DBQEqBIaA
AwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEAG7zC02ucsBvVgb+RmEofyK910W71
EXvse1fRP2Hhm50J8b0tPrNWbA432VVRGCGeHd9W4HhXO8qx74sOltdGUbls8bpK
DWPbSAmb4EnfTmrzIYeSiImFLEap1Zs3ioP7H7DGjZTEbkdD5FFXd7G1bC5WVoi5
dpprQ9u1hFDThIZKVAF04HcwdC7V0LGW4XnKeJJF6rOfe/nvCMDthGPcLWDKnNZ6
rTQh+XId+DCIxFQ1oFlL4Mg6gRQB4+sg9jaGoNZIUPwGf+WY8mXt5zG5vbris3r3
0/xYmweygynTjO0uFXcwfXBr2AKigEDfitbbgapxGoDF0uRa6YXOtMaqMA==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:49:44 2025 by rpki-client on console.sobornost.net