Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/c4gvx7z4uTdlMuQhlvQQIKAtTuA.roa
File: c4gvx7z4uTdlMuQhlvQQIKAtTuA.roa (raw, json)
Hash identifier: /qFGvLOPcacTCYTbqRVu0f4DWWxHlkhfiQJHtYVDsoY=
Subject key identifier: 73:88:2F:C7:BC:F8:B9:37:65:32:E4:21:96:F4:10:20:A0:2D:4E:E0
Certificate issuer: /CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Certificate serial: 0194282437CBA565670CC25A0DADC56C2C12
Authority key identifier: 3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/c4gvx7z4uTdlMuQhlvQQIKAtTuA.roa
Signing time: Thu 02 Jan 2025 17:50:49 +0000
ROA not before: Thu 02 Jan 2025 17:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2860
IP address blocks: 78.29.128.0/18 maxlen: 18
81.20.240.0/20 maxlen: 20
81.20.248.0/22 maxlen: 22
81.20.252.0/22 maxlen: 22
128.65.224.0/19 maxlen: 19
185.218.12.0/22 maxlen: 22
2a0b:c1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:37:cb:a5:65:67:0c:c2:5a:0d:ad:c5:6c:2c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Validity
Not Before: Jan 2 17:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73882fc7bcf8b9376532e42196f41020a02d4ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:62:93:be:63:2b:a2:a2:c3:2f:c7:91:1c:88:
21:fc:1e:b5:3e:08:93:6c:4c:9a:7a:ad:94:ae:e3:
e9:d8:31:25:10:0e:f4:47:d6:65:a1:26:fc:19:d8:
a6:75:0b:9a:45:ac:4a:6b:7f:8c:62:b7:ef:e5:35:
39:49:7f:a4:58:8e:da:b5:fd:c8:45:ad:9d:48:49:
14:e9:16:d0:0e:49:3f:f3:39:40:11:e3:ec:a5:4b:
39:24:e1:18:17:8a:17:8e:a4:98:e2:1d:1e:11:a8:
0d:9d:74:72:6f:37:a8:0b:fe:20:6d:31:82:d6:80:
54:7c:f2:fd:c9:f1:91:d1:1a:eb:ce:83:56:a6:6a:
79:c1:be:69:8f:4f:99:d9:b5:42:ff:7a:82:30:50:
fe:a7:84:20:da:87:35:0b:cd:14:69:91:a5:65:da:
70:0c:3e:a0:74:8d:84:f1:e7:31:a9:6e:f3:c8:68:
2b:ff:e9:52:14:f4:40:c3:33:39:c1:eb:00:32:16:
f1:16:b9:20:56:90:14:5d:fc:d5:ee:6f:15:c1:18:
0c:0e:13:30:2b:7a:58:34:68:cb:0d:8e:49:e7:ef:
98:78:dc:ea:6a:b6:20:9a:71:d6:d0:72:d5:78:c4:
43:f3:fd:94:26:dc:88:6a:9f:ea:15:c0:bd:b6:88:
3c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:88:2F:C7:BC:F8:B9:37:65:32:E4:21:96:F4:10:20:A0:2D:4E:E0
X509v3 Authority Key Identifier:
keyid:3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/c4gvx7z4uTdlMuQhlvQQIKAtTuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.29.128.0/18
81.20.240.0/20
128.65.224.0/19
185.218.12.0/22
IPv6:
2a0b:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
63:e4:3d:64:dc:30:3a:a1:ff:43:a0:f4:0d:43:56:7e:80:52:
db:1f:55:7d:71:07:c4:69:16:06:31:b7:34:5c:f4:4e:3a:a8:
cc:bc:55:c9:46:31:1b:e9:14:71:b1:22:cb:76:f4:d4:96:5c:
03:72:70:cc:b0:65:04:86:9c:0e:78:a1:c9:8e:0c:12:e4:f1:
36:07:e1:95:a2:9b:ae:a4:21:34:d5:1f:9d:05:54:2c:1a:e2:
8f:c8:bc:32:c1:a3:33:9b:d9:e7:e0:5a:68:46:3d:d7:6b:06:
a1:06:b4:19:12:f8:46:e5:de:78:4b:0a:66:e6:a7:5d:23:ff:
9c:83:5c:7c:a3:85:36:1e:9a:db:a4:ed:3c:f2:15:74:3b:6a:
71:71:e0:6b:b9:b5:b7:06:52:ad:25:9a:e9:42:5e:73:07:b0:
39:a1:87:02:75:cc:8f:e5:3c:c6:49:62:67:ad:ce:62:81:77:
0e:12:d6:ba:11:dd:94:13:89:0f:70:18:32:76:b2:99:6f:87:
5e:f5:83:27:63:38:4e:44:e6:29:1c:c6:55:cd:44:63:c9:3e:
94:9e:72:6f:31:0a:96:9c:02:9f:1f:16:37:29:53:13:5d:85:
3c:e3:ab:6d:0b:a8:67:45:a3:d9:75:0b:44:ce:3b:12:5e:c8:
c5:78:20:c0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoJDfLpWVnDMJaDa3FbCwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWViOWU2OTJiYTllOTNkOGI5NWE2NDg4ZDVjODc1NjA5
ZDRhZWMwHhcNMjUwMTAyMTc1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg4MmZjN2JjZjhiOTM3NjUzMmU0MjE5NmY0MTAyMGEwMmQ0ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGKTvmMroqLDL8eRHIgh/B61PgiT
bEyaeq2UruPp2DElEA70R9ZloSb8GdimdQuaRaxKa3+MYrfv5TU5SX+kWI7atf3I
Ra2dSEkU6RbQDkk/8zlAEePspUs5JOEYF4oXjqSY4h0eEagNnXRybzeoC/4gbTGC
1oBUfPL9yfGR0RrrzoNWpmp5wb5pj0+Z2bVC/3qCMFD+p4Qg2oc1C80UaZGlZdpw
DD6gdI2E8ecxqW7zyGgr/+lSFPRAwzM5wesAMhbxFrkgVpAUXfzV7m8VwRgMDhMw
K3pYNGjLDY5J5++YeNzqarYgmnHW0HLVeMRD8/2UJtyIap/qFcC9tog8SQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHOIL8e8+Lk3ZTLkIZb0ECCgLU7gMB8GA1UdIwQY
MBaAFDruueaSup6T2LlaZIjVyHVgnUrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTkt
NTAzM2Y4ZDc5YmU3LzEvYzRndng3ejR1VGRsTXVRaGx2UVFJS0F0VHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTktNTAzM2Y4ZDc5YmU3
LzEvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTh2AAwQE
URTwAwQFgEHgAwQCudoMMA0EAgACMAcDBQMqC8HAMA0GCSqGSIb3DQEBCwUAA4IB
AQBj5D1k3DA6of9DoPQNQ1Z+gFLbH1V9cQfEaRYGMbc0XPROOqjMvFXJRjEb6RRx
sSLLdvTUllwDcnDMsGUEhpwOeKHJjgwS5PE2B+GVopuupCE01R+dBVQsGuKPyLwy
waMzm9nn4FpoRj3XawahBrQZEvhG5d54Swpm5qddI/+cg1x8o4U2HprbpO088hV0
O2pxceBrubW3BlKtJZrpQl5zB7A5oYcCdcyP5TzGSWJnrc5igXcOEta6Ed2UE4kP
cBgydrKZb4de9YMnYzhOROYpHMZVzURjyT6UnnJvMQqWnAKfHxY3KVMTXYU846tt
C6hnRaPZdQtEzjsSXsjFeCDA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:34 2025 by rpki-client on console.sobornost.net