Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/jEK1d3vUN0cIlA-uXNamjthkOwI.roa
File: jEK1d3vUN0cIlA-uXNamjthkOwI.roa (raw, json)
Hash identifier: 41tF5GEIsjhhQFzZ4Z9ebWeIwUkdNFTY9RSR2SItUCU=
Subject key identifier: 8C:42:B5:77:7B:D4:37:47:08:94:0F:AE:5C:D6:A6:8E:D8:64:3B:02
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 019424B333640FDCCBE450C229D5EACDB342
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/jEK1d3vUN0cIlA-uXNamjthkOwI.roa
Signing time: Thu 02 Jan 2025 01:48:31 +0000
ROA not before: Thu 02 Jan 2025 01:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31191
IP address blocks: 84.47.137.0/24 maxlen: 25
84.47.188.0/24 maxlen: 25
213.135.68.0/24 maxlen: 25
213.135.75.0/24 maxlen: 25
213.135.76.0/24 maxlen: 25
213.135.78.0/24 maxlen: 25
213.135.93.0/24 maxlen: 25
213.208.185.0/24 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:33:64:0f:dc:cb:e4:50:c2:29:d5:ea:cd:b3:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 2 01:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c42b5777bd4374708940fae5cd6a68ed8643b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:3d:75:1a:c4:aa:86:9e:8a:58:30:96:c0:
7d:c6:9f:f1:0b:9b:1f:74:b0:c9:88:9c:87:16:2f:
ee:3b:72:b8:c3:b5:a4:bd:40:b3:0e:70:d9:15:fd:
97:4b:51:1d:55:c1:0f:c8:56:38:c5:6d:2f:7d:2c:
92:61:c3:53:e4:47:34:92:64:5f:fe:c8:6f:e9:0c:
0a:05:ca:78:e4:54:b6:1f:bf:e5:22:7a:fb:21:64:
84:60:ab:05:99:d4:5f:48:85:ea:19:ec:b9:64:e4:
fd:91:fa:05:19:78:6e:6a:79:05:a2:66:63:11:61:
f2:05:24:77:d6:b1:48:e8:89:e5:38:6c:c7:c2:c8:
9e:c5:c1:f8:49:4f:9f:78:82:b4:f7:ae:4d:e9:fe:
47:11:2f:db:ad:22:01:7d:12:29:49:b7:5f:56:b8:
df:38:c3:12:0c:d6:e1:e1:3f:97:55:8c:ba:cc:2d:
5f:64:aa:bc:92:36:7a:ee:64:78:b0:e5:2a:49:35:
0d:eb:6e:a5:88:b2:de:6d:d1:5f:a0:b6:c0:e1:15:
d5:e0:bd:2d:95:de:a4:19:f3:8c:43:7b:bb:11:10:
40:92:f7:0e:30:86:d8:84:f6:a4:71:99:8d:e6:21:
05:16:f9:c0:76:fc:0b:d1:ac:ed:86:69:e7:95:de:
61:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:42:B5:77:7B:D4:37:47:08:94:0F:AE:5C:D6:A6:8E:D8:64:3B:02
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/jEK1d3vUN0cIlA-uXNamjthkOwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.137.0/24
84.47.188.0/24
213.135.68.0/24
213.135.75.0-213.135.76.255
213.135.78.0/24
213.135.93.0/24
213.208.185.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:40:03:1c:80:a3:f0:ce:bd:33:3a:6f:7a:82:2f:3b:ac:f4:
e4:11:62:1a:cd:06:84:9b:96:d4:99:2b:85:33:1b:5c:a2:aa:
0d:d6:c6:a8:09:c8:ed:f6:2d:5c:9b:27:f3:75:41:a5:2f:66:
cd:db:38:d9:25:c9:0e:43:bc:45:85:ac:cc:9f:5d:68:19:27:
de:a2:f5:c2:49:00:7f:1a:3f:02:b6:43:45:3c:a4:36:c5:99:
5d:48:38:a7:b7:2c:a6:fa:f6:2e:d4:23:2a:da:6e:15:e9:90:
c1:9f:96:75:7a:40:c4:fa:35:88:2e:e9:65:39:35:cd:ed:a3:
f5:30:3b:84:75:96:ac:61:c3:17:7e:11:27:89:36:fb:b6:ed:
3f:9e:8f:bf:a7:88:f1:3d:9d:5b:91:0f:9a:dd:a3:5b:b2:bb:
b2:13:dc:79:02:cc:10:9f:09:d6:b9:b5:69:d3:a8:55:c6:b1:
3d:39:27:43:c8:c8:8c:ad:ee:fd:4a:f6:5c:21:05:54:e3:68:
07:6b:03:9f:c9:fe:f5:ca:1d:ab:db:02:c7:6a:f9:65:b3:b1:
5d:d6:fc:37:f8:61:95:a6:b0:cb:24:96:04:84:02:c6:82:5f:
0a:9d:52:b4:b5:9f:81:c3:72:7c:5d:10:77:03:b7:84:05:b0:
6e:d5:16:f5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQkszNkD9zL5FDCKdXqzbNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWEwMzliODg2YjIyNjU3OGJkYjZhNDI3ODFiZjU5MDQ0
YmIxMzgwHhcNMjUwMTAyMDE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQyYjU3NzdiZDQzNzQ3MDg5NDBmYWU1Y2Q2YTY4ZWQ4NjQzYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1k9dRrEqoaeilgwlsB9xp/xC5sf
dLDJiJyHFi/uO3K4w7WkvUCzDnDZFf2XS1EdVcEPyFY4xW0vfSySYcNT5Ec0kmRf
/shv6QwKBcp45FS2H7/lInr7IWSEYKsFmdRfSIXqGey5ZOT9kfoFGXhuankFomZj
EWHyBSR31rFI6InlOGzHwsiexcH4SU+feIK0965N6f5HES/brSIBfRIpSbdfVrjf
OMMSDNbh4T+XVYy6zC1fZKq8kjZ67mR4sOUqSTUN626liLLebdFfoLbA4RXV4L0t
ld6kGfOMQ3u7ERBAkvcOMIbYhPakcZmN5iEFFvnAdvwL0azthmnnld5hpQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIxCtXd71DdHCJQPrlzWpo7YZDsCMB8GA1UdIwQY
MBaAFPeqA5uIayJleL22pCeBv1kES7E4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWIt
NmY2MjFkNzM2YWZmLzEvakVLMWQzdlVOMGNJbEEtdVhOYW1qdGhrT3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWItNmY2MjFkNzM2YWZm
LzEvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVC+JAwQA
VC+8AwQA1YdEMAwDBADVh0sDBADVh0wDBADVh04DBADVh10DBADV0LkwDQYJKoZI
hvcNAQELBQADggEBAH1AAxyAo/DOvTM6b3qCLzus9OQRYhrNBoSbltSZK4UzG1yi
qg3WxqgJyO32LVybJ/N1QaUvZs3bONklyQ5DvEWFrMyfXWgZJ96i9cJJAH8aPwK2
Q0U8pDbFmV1IOKe3LKb69i7UIyrabhXpkMGflnV6QMT6NYgu6WU5Nc3to/UwO4R1
lqxhwxd+ESeJNvu27T+ej7+niPE9nVuRD5rdo1uyu7IT3HkCzBCfCda5tWnTqFXG
sT05J0PIyIyt7v1K9lwhBVTjaAdrA5/J/vXKHavbAsdq+WWzsV3W/Df4YZWmsMsk
lgSEAsaCXwqdUrS1n4HDcnxdEHcDt4QFsG7VFvU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:34 2025 by rpki-client on console.sobornost.net