Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/6fo87MmGE1UjtxclnRa9qrk6UGM.roa
File: 6fo87MmGE1UjtxclnRa9qrk6UGM.roa (raw, json)
Hash identifier: pci8N0GbpCHAxgqqnFxgDiIt1lIp8+ssI2b4Yf5Rg+E=
Subject key identifier: E9:FA:3C:EC:C9:86:13:55:23:B7:17:25:9D:16:BD:AA:B9:3A:50:63
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019612C654B4F8F3E0B8BD557DD306B34770
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/6fo87MmGE1UjtxclnRa9qrk6UGM.roa
Signing time: Tue 08 Apr 2025 00:21:49 +0000
ROA not before: Tue 08 Apr 2025 00:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 138.124.13.0/24 maxlen: 24
138.124.14.0/24 maxlen: 24
138.124.18.0/24 maxlen: 24
138.124.24.0/24 maxlen: 24
138.124.25.0/24 maxlen: 24
138.124.26.0/24 maxlen: 24
138.124.29.0/24 maxlen: 24
138.124.34.0/24 maxlen: 24
138.124.35.0/24 maxlen: 24
138.124.49.0/24 maxlen: 24
138.124.50.0/24 maxlen: 24
138.124.51.0/24 maxlen: 24
138.124.52.0/24 maxlen: 24
138.124.53.0/24 maxlen: 24
138.124.54.0/24 maxlen: 24
138.124.55.0/24 maxlen: 24
138.124.58.0/24 maxlen: 24
138.124.59.0/24 maxlen: 24
138.124.60.0/24 maxlen: 24
138.124.61.0/24 maxlen: 24
138.124.78.0/24 maxlen: 24
138.124.89.0/24 maxlen: 24
138.124.90.0/24 maxlen: 24
138.124.91.0/24 maxlen: 24
138.124.92.0/24 maxlen: 24
138.124.93.0/24 maxlen: 24
138.124.99.0/24 maxlen: 24
138.124.101.0/24 maxlen: 24
138.124.102.0/24 maxlen: 24
138.124.103.0/24 maxlen: 24
138.124.108.0/24 maxlen: 24
138.124.109.0/24 maxlen: 24
138.124.110.0/24 maxlen: 24
138.124.112.0/24 maxlen: 24
138.124.113.0/24 maxlen: 24
138.124.114.0/24 maxlen: 24
138.124.115.0/24 maxlen: 24
138.124.116.0/24 maxlen: 24
138.124.117.0/24 maxlen: 24
138.124.118.0/24 maxlen: 24
138.124.119.0/24 maxlen: 24
138.124.123.0/24 maxlen: 24
138.124.124.0/24 maxlen: 24
138.124.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:12:c6:54:b4:f8:f3:e0:b8:bd:55:7d:d3:06:b3:47:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Apr 8 00:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9fa3cecc986135523b717259d16bdaab93a5063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bb:0c:4f:ea:d3:cd:4e:ee:23:72:cf:5a:9c:
c6:ab:c6:6f:70:41:5c:ab:92:f9:37:6b:63:41:26:
19:90:ad:bf:dd:d8:ea:24:6f:b9:10:a7:1e:b9:85:
13:e7:51:11:b3:46:48:d3:e8:b3:ff:a1:03:39:67:
24:72:ee:ab:ee:09:95:94:ae:97:5e:f5:63:bd:a6:
1d:c3:09:59:95:88:c5:46:6b:07:07:b9:e5:19:ab:
eb:1b:8b:6c:d4:ea:94:ab:86:24:c9:89:63:65:a6:
aa:47:7e:4b:6e:65:4d:6d:2b:4a:e3:ec:da:fa:6f:
00:91:f4:88:e6:ef:c1:f3:cb:3d:fd:f3:c2:6d:6c:
18:e4:9f:5d:df:a2:74:3e:3f:27:e2:ec:7c:81:b3:
24:4f:dc:90:b0:bb:24:3c:28:cc:d2:d9:db:f6:39:
02:ef:b2:f4:96:27:4d:85:9b:d1:db:8d:10:74:83:
e1:32:6c:f5:ad:e0:42:b5:a2:ca:fe:f5:ce:29:56:
3b:7d:c7:f8:ca:b4:6c:f1:2d:d5:9a:22:ca:3a:c9:
60:d7:e6:7f:bf:cb:bb:ce:2e:82:b5:b0:07:0a:eb:
8c:48:a1:2e:20:54:87:f3:c7:20:08:ed:47:84:a4:
06:eb:ac:92:d1:63:0f:23:60:a1:51:81:e4:05:a6:
17:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:FA:3C:EC:C9:86:13:55:23:B7:17:25:9D:16:BD:AA:B9:3A:50:63
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/6fo87MmGE1UjtxclnRa9qrk6UGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.13.0-138.124.14.255
138.124.18.0/24
138.124.24.0-138.124.26.255
138.124.29.0/24
138.124.34.0/23
138.124.49.0-138.124.55.255
138.124.58.0-138.124.61.255
138.124.78.0/24
138.124.89.0-138.124.93.255
138.124.99.0/24
138.124.101.0-138.124.103.255
138.124.108.0-138.124.110.255
138.124.112.0/21
138.124.123.0-138.124.124.255
138.124.127.0/24
Signature Algorithm: sha256WithRSAEncryption
82:15:9d:85:0b:08:9e:a4:76:bd:ae:98:0a:26:c2:bf:fa:01:
b8:1a:92:ff:19:bf:6a:d5:f2:03:f3:09:a4:c5:fa:39:68:67:
2d:88:c6:f4:20:a0:42:a7:ca:6f:5a:84:f8:3a:cb:74:e2:60:
73:cf:5c:5e:21:f4:75:a6:19:0d:f6:e6:7c:6a:fa:f1:dc:76:
24:0d:6a:40:6e:ee:4c:03:06:b4:77:2e:65:dc:34:47:2d:a9:
5b:48:29:0f:51:77:62:17:6c:a9:ec:7b:89:02:63:7d:60:a5:
97:42:fd:c2:3f:fe:1c:e9:0a:ce:50:8f:ef:69:7e:db:92:f8:
29:cd:26:e3:cf:15:a5:5b:8f:41:60:db:9c:a4:c5:bf:0b:9e:
91:81:05:5c:c9:a2:c1:65:f4:22:86:de:82:5e:ad:cb:1e:57:
16:f7:6d:53:8b:bc:5f:5d:36:f2:bb:a3:58:9e:92:be:5f:88:
c3:b7:a0:53:18:3a:c0:d5:0c:2b:a9:de:06:db:fc:33:f0:ef:
a5:bb:31:8b:f1:4c:d4:05:c8:0b:e2:8a:0a:85:fa:b2:7e:99:
dc:a3:46:b4:9f:77:b5:f1:21:90:f4:f2:40:80:c3:98:d2:7a:
bd:01:c4:11:d2:57:0e:7d:e9:7c:90:6a:ce:6b:da:56:8d:37:
08:a9:82:fc
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZYSxlS0+PPguL1VfdMGs0dwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjUwNDA4MDAyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWZhM2NlY2M5ODYxMzU1MjNiNzE3MjU5ZDE2YmRhYWI5M2E1MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirsMT+rTzU7uI3LPWpzGq8ZvcEFc
q5L5N2tjQSYZkK2/3djqJG+5EKceuYUT51ERs0ZI0+iz/6EDOWckcu6r7gmVlK6X
XvVjvaYdwwlZlYjFRmsHB7nlGavrG4ts1OqUq4YkyYljZaaqR35LbmVNbStK4+za
+m8AkfSI5u/B88s9/fPCbWwY5J9d36J0Pj8n4ux8gbMkT9yQsLskPCjM0tnb9jkC
77L0lidNhZvR240QdIPhMmz1reBCtaLK/vXOKVY7fcf4yrRs8S3VmiLKOslg1+Z/
v8u7zi6CtbAHCuuMSKEuIFSH88cgCO1HhKQG66yS0WMPI2ChUYHkBaYX+QIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFOn6POzJhhNVI7cXJZ0Wvaq5OlBjMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvNmZvODdNbUdFMVVqdHhjbG5SYTlxcms2VUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AIp8DQMEAIp8DgMEAIp8EjAMAwQDinwYAwQAinwaAwQAinwdAwQBinwiMAwDBACK
fDEDBAOKfDAwDAMEAYp8OgMEAYp8PAMEAIp8TjAMAwQAinxZAwQBinxcAwQAinxj
MAwDBACKfGUDBAOKfGAwDAMEAop8bAMEAIp8bgMEA4p8cDAMAwQAinx7AwQAinx8
AwQAinx/MA0GCSqGSIb3DQEBCwUAA4IBAQCCFZ2FCwiepHa9rpgKJsK/+gG4GpL/
Gb9q1fID8wmkxfo5aGctiMb0IKBCp8pvWoT4Ost04mBzz1xeIfR1phkN9uZ8avrx
3HYkDWpAbu5MAwa0dy5l3DRHLalbSCkPUXdiF2yp7HuJAmN9YKWXQv3CP/4c6QrO
UI/vaX7bkvgpzSbjzxWlW49BYNucpMW/C56RgQVcyaLBZfQiht6CXq3LHlcW921T
i7xfXTbyu6NYnpK+X4jDt6BTGDrA1Qwrqd4G2/wz8O+luzGL8UzUBcgL4ooKhfqy
fpnco0a0n3e18SGQ9PJAgMOY0nq9AcQR0lcOfel8kGrOa9pWjTcIqYL8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:32 2025 by rpki-client on console.sobornost.net