Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/TWqw0MHPHKoktRTg5xIAtx78yEM.roa
File: TWqw0MHPHKoktRTg5xIAtx78yEM.roa (raw, json)
Hash identifier: PUFyi4vEY3nAKmSSQP1jmjE/95RjFLcOq0y69mlpJOM=
Subject key identifier: 4D:6A:B0:D0:C1:CF:1C:AA:24:B5:14:E0:E7:12:00:B7:1E:FC:C8:43
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 019422FBA71FF2F3992AA5F385DCB1ACC43B
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/TWqw0MHPHKoktRTg5xIAtx78yEM.roa
Signing time: Wed 01 Jan 2025 17:48:25 +0000
ROA not before: Wed 01 Jan 2025 17:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212430
IP address blocks: 87.238.227.0/24 maxlen: 24
109.69.217.16/28 maxlen: 32
109.69.221.192/28 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a7:1f:f2:f3:99:2a:a5:f3:85:dc:b1:ac:c4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 17:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d6ab0d0c1cf1caa24b514e0e71200b71efcc843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5c:ae:c8:b4:13:c2:31:07:d8:88:f8:db:19:
d5:5c:f5:48:b8:98:62:1b:cd:f2:8d:56:a4:05:97:
81:f5:6f:ad:fc:c9:d5:be:e0:77:9e:13:80:91:98:
97:3a:7a:f2:d6:e5:70:4f:b9:13:a8:0e:6f:3f:c6:
4c:31:a8:c7:8b:a8:82:47:25:d4:35:f0:0b:1e:5b:
f2:5f:8a:8a:56:0e:26:60:01:4e:f3:30:f2:7e:33:
98:69:aa:0e:3a:e0:d3:e7:5a:dc:44:45:5f:58:01:
a3:bd:58:97:13:9d:99:51:01:d1:15:a7:50:95:c6:
ea:69:ab:16:95:f2:15:7e:78:59:6e:6c:da:e0:99:
8f:83:c4:4c:bd:97:d2:4d:8e:6a:57:7e:a9:60:db:
04:82:66:db:77:09:14:32:34:9d:be:91:90:13:ba:
ab:52:3d:bc:47:18:41:21:f5:fe:8b:2e:1c:36:4d:
93:96:4e:33:d4:41:9f:73:87:a0:1f:1b:ae:31:60:
44:a6:35:d3:78:d6:1e:49:51:21:a1:83:7f:f2:67:
cc:7c:7b:a4:d2:82:96:ac:88:f6:3b:4e:76:aa:df:
b9:4d:74:36:c0:7e:42:8e:f1:1b:08:4e:f3:1a:b3:
a6:3d:ee:24:4a:b0:b5:0d:0d:f5:fd:f8:fa:67:d4:
21:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6A:B0:D0:C1:CF:1C:AA:24:B5:14:E0:E7:12:00:B7:1E:FC:C8:43
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/TWqw0MHPHKoktRTg5xIAtx78yEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.227.0/24
109.69.217.16/28
109.69.221.192/28
Signature Algorithm: sha256WithRSAEncryption
06:4c:e9:cc:4e:c6:89:09:f5:67:b1:dd:d7:60:68:ff:61:91:
24:fa:1c:4c:38:c3:54:0c:9e:89:6d:57:fd:2b:d6:0b:1a:87:
e9:1a:ee:1c:2f:07:94:81:93:50:5d:ce:ba:0a:b5:4f:da:1b:
5d:79:7a:1e:15:0d:74:d7:37:7a:31:53:90:83:52:31:c6:ed:
8d:71:7b:76:65:07:20:71:6e:fd:be:af:ab:19:26:a9:d8:d3:
d3:d3:47:0d:ee:8b:1e:72:ec:26:3f:cc:40:bf:ab:06:d6:81:
70:2d:11:77:82:e6:e8:7a:dc:9d:96:9f:e8:91:06:48:d2:34:
4f:98:7d:35:dd:53:ef:6a:06:57:c4:51:06:65:34:e1:4b:b7:
fa:ee:dc:40:d1:7d:86:5a:ce:09:5a:6c:41:58:db:36:b0:8f:
f6:0d:d1:e9:d0:90:f4:ce:17:0e:89:8e:21:9d:cc:41:2b:db:
e4:07:ec:55:29:47:10:a1:34:4c:81:e6:45:26:cc:a1:ad:02:
70:33:92:48:ee:42:76:c5:c2:eb:81:6e:e9:6b:bd:f8:69:ec:
32:27:63:1b:84:88:1c:93:aa:29:03:02:79:4a:8f:1d:4f:7f:
5e:07:d8:13:96:23:73:b4:2c:d5:c2:4b:ca:af:f0:ab:1a:64:
57:8c:ac:2c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQi+6cf8vOZKqXzhdyxrMQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjUwMTAxMTc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZhYjBkMGMxY2YxY2FhMjRiNTE0ZTBlNzEyMDBiNzFlZmNjODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FyuyLQTwjEH2Ij42xnVXPVIuJhi
G83yjVakBZeB9W+t/MnVvuB3nhOAkZiXOnry1uVwT7kTqA5vP8ZMMajHi6iCRyXU
NfALHlvyX4qKVg4mYAFO8zDyfjOYaaoOOuDT51rcREVfWAGjvViXE52ZUQHRFadQ
lcbqaasWlfIVfnhZbmza4JmPg8RMvZfSTY5qV36pYNsEgmbbdwkUMjSdvpGQE7qr
Uj28RxhBIfX+iy4cNk2Tlk4z1EGfc4egHxuuMWBEpjXTeNYeSVEhoYN/8mfMfHuk
0oKWrIj2O052qt+5TXQ2wH5CjvEbCE7zGrOmPe4kSrC1DQ31/fj6Z9QhZQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE1qsNDBzxyqJLUU4OcSALce/MhDMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvVFdxdzBNSFBIS29rdFJUZzV4SUF0eDc4eUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAV+7jAwUE
bUXZEAMFBG1F3cAwDQYJKoZIhvcNAQELBQADggEBAAZM6cxOxokJ9Wex3ddgaP9h
kST6HEw4w1QMnoltV/0r1gsah+ka7hwvB5SBk1BdzroKtU/aG115eh4VDXTXN3ox
U5CDUjHG7Y1xe3ZlByBxbv2+r6sZJqnY09PTRw3uix5y7CY/zEC/qwbWgXAtEXeC
5uh63J2Wn+iRBkjSNE+YfTXdU+9qBlfEUQZlNOFLt/ru3EDRfYZazglabEFY2zaw
j/YN0enQkPTOFw6JjiGdzEEr2+QH7FUpRxChNEyB5kUmzKGtAnAzkkjuQnbFwuuB
bulrvfhp7DInYxuEiByTqikDAnlKjx1Pf14H2BOWI3O0LNXCS8qv8KsaZFeMrCw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:34 2025 by rpki-client on console.sobornost.net