Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/lH54WcJ4G__eVzqEleg29M5qTHs.roa
File: lH54WcJ4G__eVzqEleg29M5qTHs.roa (raw, json)
Hash identifier: /pzgt/Z/mQu+YDPs+XFHauFmf5QI5OT38y+GYqX//ns=
Subject key identifier: 94:7E:78:59:C2:78:1B:FF:DE:57:3A:84:95:E8:36:F4:CE:6A:4C:7B
Certificate issuer: /CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Certificate serial: 019420D5BCE6F75A42CC48043ADA3A1F2398
Authority key identifier: 07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/lH54WcJ4G__eVzqEleg29M5qTHs.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62353
IP address blocks: 185.22.12.0/22 maxlen: 24
185.22.12.0/23 maxlen: 24
185.22.14.0/23 maxlen: 24
185.81.8.0/22 maxlen: 24
185.81.8.0/23 maxlen: 24
185.81.8.0/24 maxlen: 24
185.81.10.0/23 maxlen: 24
185.81.11.0/24 maxlen: 24
213.159.16.0/21 maxlen: 24
213.159.16.0/22 maxlen: 24
213.159.20.0/22 maxlen: 24
2a00:5d60::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bc:e6:f7:5a:42:cc:48:04:3a:da:3a:1f:23:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=947e7859c2781bffde573a8495e836f4ce6a4c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e0:e6:0f:c9:86:91:fc:91:61:ec:44:d2:10:
71:c2:f3:58:77:64:af:3f:40:36:47:12:fb:3d:3b:
3d:68:d9:33:71:21:80:d4:13:84:d7:48:21:c0:18:
6e:3c:06:57:f5:d2:64:82:ea:26:1b:e7:06:b4:6d:
7b:aa:2d:9f:09:29:0d:09:f1:a8:20:2c:2d:a6:c2:
5b:96:89:11:2e:ff:03:e1:43:00:1c:76:b9:d1:f0:
2a:1a:9b:38:b1:87:dc:dd:02:63:ea:c8:b1:42:5b:
78:e6:4a:4a:7a:37:c0:28:07:6e:25:51:8c:be:11:
0c:37:a7:fc:6d:9a:71:11:42:88:41:50:0f:d5:d6:
f7:4d:a4:4c:b2:c6:f2:ee:d3:62:4f:37:02:bc:b3:
8d:94:c0:c2:68:bf:c8:1a:14:09:34:43:97:78:07:
61:6d:93:15:e0:1e:04:a9:96:a6:c6:de:84:04:ef:
cb:3d:87:7d:4e:ed:98:20:40:4e:e2:96:92:c4:3b:
84:4f:bd:c5:88:08:db:95:12:76:48:4c:a5:55:91:
54:99:fe:45:18:f3:5e:0b:7d:12:2d:fb:06:73:ef:
5e:92:df:c7:42:c4:98:b7:61:ad:0d:54:00:b7:4e:
89:a0:1c:73:b6:6c:89:a5:b5:b5:8c:36:1e:45:70:
d7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7E:78:59:C2:78:1B:FF:DE:57:3A:84:95:E8:36:F4:CE:6A:4C:7B
X509v3 Authority Key Identifier:
keyid:07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/lH54WcJ4G__eVzqEleg29M5qTHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.12.0/22
185.81.8.0/22
213.159.16.0/21
IPv6:
2a00:5d60::/32
Signature Algorithm: sha256WithRSAEncryption
05:09:4b:dd:69:7f:13:dd:23:eb:88:6e:2c:1a:75:fa:25:f6:
33:77:f6:97:4b:a5:10:ee:d3:49:1e:13:53:80:83:50:d8:48:
c7:e8:8b:ad:e2:b8:ea:68:f3:39:a2:d9:5e:d3:3c:fb:31:dd:
05:0f:f0:21:43:52:ad:cd:9a:26:49:57:7a:33:dd:a0:e8:8b:
ed:10:59:cb:21:69:f9:47:4b:19:36:19:3b:97:16:53:98:30:
c7:bd:60:ea:08:40:bf:2c:25:21:41:30:04:2f:6f:9c:1e:2b:
64:c6:ce:5a:ed:db:de:68:95:86:4a:75:58:35:72:27:a4:ef:
4b:bf:37:c3:f7:ab:2e:55:d9:74:7d:d4:b9:08:19:1b:f8:f9:
0e:c6:ff:4b:a6:f7:ec:03:74:81:33:26:2b:19:24:fd:1b:09:
a8:b4:0e:58:95:f3:f5:bc:9a:3b:af:36:5c:9d:e0:68:e5:2c:
dd:c9:2e:86:c1:ce:a3:5c:ac:27:53:09:ab:be:26:ea:56:a0:
0d:64:dd:ff:ee:11:b1:1c:25:a9:02:bb:c7:31:bb:88:ea:5a:
4c:fb:43:08:71:97:64:a0:26:7d:f3:8a:9c:a1:9c:53:12:65:
9b:7e:fd:02:7e:ee:a6:c2:f1:55:b2:58:28:6d:fc:01:88:4f:
95:ba:a5:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1bzm91pCzEgEOto6HyOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTlmNmFjMTczZjc1ZWQ5ZTU4NWVjN2Q4NzJhNTg2NWNl
ZjI4MzUwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDdlNzg1OWMyNzgxYmZmZGU1NzNhODQ5NWU4MzZmNGNlNmE0YzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+DmD8mGkfyRYexE0hBxwvNYd2Sv
P0A2RxL7PTs9aNkzcSGA1BOE10ghwBhuPAZX9dJkguomG+cGtG17qi2fCSkNCfGo
ICwtpsJblokRLv8D4UMAHHa50fAqGps4sYfc3QJj6sixQlt45kpKejfAKAduJVGM
vhEMN6f8bZpxEUKIQVAP1db3TaRMssby7tNiTzcCvLONlMDCaL/IGhQJNEOXeAdh
bZMV4B4EqZamxt6EBO/LPYd9Tu2YIEBO4paSxDuET73FiAjblRJ2SEylVZFUmf5F
GPNeC30SLfsGc+9ekt/HQsSYt2GtDVQAt06JoBxztmyJpbW1jDYeRXDXxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJR+eFnCeBv/3lc6hJXoNvTOakx7MB8GA1UdIwQY
MBaAFAdZ9qwXP3Xtnlhex9hypYZc7yg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUt
N2JlM2JkYTA1OTI3LzEvbEg1NFdjSjRHX19lVnpxRWxlZzI5TTVxVEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUtN2JlM2JkYTA1OTI3
LzEvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRYMAwQC
uVEIAwQD1Z8QMA0EAgACMAcDBQAqAF1gMA0GCSqGSIb3DQEBCwUAA4IBAQAFCUvd
aX8T3SPriG4sGnX6JfYzd/aXS6UQ7tNJHhNTgINQ2EjH6Iut4rjqaPM5otle0zz7
Md0FD/AhQ1KtzZomSVd6M92g6IvtEFnLIWn5R0sZNhk7lxZTmDDHvWDqCEC/LCUh
QTAEL2+cHitkxs5a7dveaJWGSnVYNXInpO9LvzfD96suVdl0fdS5CBkb+PkOxv9L
pvfsA3SBMyYrGST9GwmotA5YlfP1vJo7rzZcneBo5SzdyS6Gwc6jXKwnUwmrvibq
VqANZN3/7hGxHCWpArvHMbuI6lpM+0MIcZdkoCZ984qcoZxTEmWbfv0Cfu6mwvFV
slgobfwBiE+VuqWg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:31 2025 by rpki-client on console.sobornost.net