Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/aGfK0H7bmbg1JjvuXLTz415xNhI.roa
File: aGfK0H7bmbg1JjvuXLTz415xNhI.roa (raw, json)
Hash identifier: v7ErIvSMJoVGsS9S+0FvhNKIitiqHtag2SKmUqdP0PA=
Subject key identifier: 68:67:CA:D0:7E:DB:99:B8:35:26:3B:EE:5C:B4:F3:E3:5E:71:36:12
Certificate issuer: /CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Certificate serial: 019420D5A4E2C4FBC592CB35FDF0CB534D56
Authority key identifier: AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/aGfK0H7bmbg1JjvuXLTz415xNhI.roa
Signing time: Wed 01 Jan 2025 07:47:39 +0000
ROA not before: Wed 01 Jan 2025 07:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198385
IP address blocks: 5.1.96.0/21 maxlen: 21
37.35.104.0/21 maxlen: 21
89.249.40.0/23 maxlen: 23
185.63.36.0/22 maxlen: 22
185.75.32.0/22 maxlen: 22
2a00:e6c0::/32 maxlen: 32
2a03:2040::/29 maxlen: 29
2a03:2040::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a4:e2:c4:fb:c5:92:cb:35:fd:f0:cb:53:4d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Validity
Not Before: Jan 1 07:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6867cad07edb99b835263bee5cb4f3e35e713612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a3:3a:f4:23:7a:2d:d2:07:09:99:ca:25:b0:
e5:04:be:77:77:e6:32:72:6a:d7:7d:2b:b1:4f:35:
3f:fd:ea:36:12:b0:9f:e5:2a:6e:6f:3a:af:ea:7f:
1b:55:e0:71:87:75:d9:93:e4:2d:94:14:a6:c5:8b:
8c:30:d2:6a:3f:c9:f8:78:4a:d5:1c:5d:09:04:ad:
60:89:56:99:cc:d3:eb:2a:6b:e3:fe:84:31:44:a8:
f9:1f:3f:69:a1:c3:20:b2:15:93:48:d9:d4:1e:7a:
8b:20:3d:42:9a:53:18:b8:84:84:aa:9d:83:f7:8a:
f8:29:f5:40:38:00:6e:cc:5c:95:cc:f7:7e:fe:80:
f7:e1:00:e9:67:ff:af:73:d2:f8:4b:c8:d1:a4:71:
12:a3:9e:ba:1e:b7:34:63:38:ed:be:09:78:b1:f7:
dd:f0:99:dc:fd:b7:38:cb:34:8f:7d:f9:96:17:e0:
b2:8e:da:03:19:7f:a8:8c:7f:6d:43:8e:44:9a:69:
ac:4d:df:21:d0:f7:fb:75:35:a9:6d:4b:6f:e0:62:
af:5c:5e:4e:b6:69:59:b7:75:24:fe:81:dd:62:18:
2a:87:3e:15:7d:2b:1e:c3:0f:6e:bb:54:45:76:a7:
e3:fb:9d:40:87:a6:4b:cf:c1:56:9a:f7:b3:dd:0f:
0f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:67:CA:D0:7E:DB:99:B8:35:26:3B:EE:5C:B4:F3:E3:5E:71:36:12
X509v3 Authority Key Identifier:
keyid:AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/aGfK0H7bmbg1JjvuXLTz415xNhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/r-xPShbMUb1RYhARU5zrV0rBXQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.96.0/21
37.35.104.0/21
89.249.40.0/23
185.63.36.0/22
185.75.32.0/22
IPv6:
2a00:e6c0::/32
2a03:2040::/29
Signature Algorithm: sha256WithRSAEncryption
57:cb:9f:d0:f9:ab:6f:fd:27:ab:cb:db:cd:cf:ed:6f:d3:0c:
34:36:50:ff:40:49:bb:b0:2b:f7:7b:1b:cd:d6:2d:0d:f2:06:
d9:58:f9:d0:b1:b0:5f:98:3f:d6:8b:84:1c:31:4e:ee:3b:18:
5e:45:ad:2e:12:e4:f6:10:b0:50:a9:08:2f:31:e7:1d:61:7a:
36:c6:6c:0c:1c:b2:53:89:4b:b9:ea:2a:e5:96:03:73:8c:60:
de:07:f7:1d:1c:ae:1c:e0:1d:92:6d:da:81:8c:02:4d:f1:6c:
43:c2:ad:35:48:a1:2e:d4:6e:47:a8:b7:4c:e8:d5:fa:9b:36:
c1:b9:ac:4a:c8:6b:a1:82:de:11:82:92:c6:ed:d0:10:19:1d:
eb:b8:c2:03:ee:03:d5:4f:74:f4:96:f4:0c:5d:78:60:ac:bf:
db:b9:75:7d:20:27:5b:bf:a5:e2:75:47:ae:f0:d6:cd:4c:a1:
f5:d7:9b:00:b9:7d:27:42:d4:28:0f:d2:36:49:34:5c:96:c0:
05:9b:7a:f2:e8:8c:62:9c:d2:ee:4d:70:8b:ba:2c:44:f0:15:
a7:22:d7:4e:07:92:18:6c:41:df:40:10:0a:d2:73:7c:4b:3e:
67:2c:13:d3:53:da:58:31:fd:ac:22:d0:fd:bd:2a:7d:05:de:
96:e6:c1:be
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQg1aTixPvFkss1/fDLU01WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWM0ZjRhMTZjYzUxYmQ1MTYyMTAxMTUzOWNlYjU3NGFj
MTVkMDIwHhcNMjUwMTAxMDc0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY3Y2FkMDdlZGI5OWI4MzUyNjNiZWU1Y2I0ZjNlMzVlNzEzNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaM69CN6LdIHCZnKJbDlBL53d+Yy
cmrXfSuxTzU//eo2ErCf5Spubzqv6n8bVeBxh3XZk+QtlBSmxYuMMNJqP8n4eErV
HF0JBK1giVaZzNPrKmvj/oQxRKj5Hz9pocMgshWTSNnUHnqLID1CmlMYuISEqp2D
94r4KfVAOABuzFyVzPd+/oD34QDpZ/+vc9L4S8jRpHESo566Hrc0Yzjtvgl4sffd
8Jnc/bc4yzSPffmWF+CyjtoDGX+ojH9tQ45EmmmsTd8h0Pf7dTWpbUtv4GKvXF5O
tmlZt3Uk/oHdYhgqhz4VfSseww9uu1RFdqfj+51Ah6ZLz8FWmvez3Q8PCQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGhnytB+25m4NSY77ly08+NecTYSMB8GA1UdIwQY
MBaAFK/sT0oWzFG9UWIQEVOc61dKwV0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0Nzgt
MjdlZmMxM2FmZjFlLzEvYUdmSzBIN2JtYmcxSmp2dVhMVHo0MTV4TmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0NzgtMjdlZmMxM2FmZjFl
LzEvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDBQFgAwQD
JSNoAwQBWfkoAwQCuT8kAwQCuUsgMBQEAgACMA4DBQAqAObAAwUDKgMgQDANBgkq
hkiG9w0BAQsFAAOCAQEAV8uf0Pmrb/0nq8vbzc/tb9MMNDZQ/0BJu7Ar93sbzdYt
DfIG2Vj50LGwX5g/1ouEHDFO7jsYXkWtLhLk9hCwUKkILzHnHWF6NsZsDByyU4lL
ueoq5ZYDc4xg3gf3HRyuHOAdkm3agYwCTfFsQ8KtNUihLtRuR6i3TOjV+ps2wbms
SshroYLeEYKSxu3QEBkd67jCA+4D1U909Jb0DF14YKy/27l1fSAnW7+l4nVHrvDW
zUyh9debALl9J0LUKA/SNkk0XJbABZt68uiMYpzS7k1wi7osRPAVpyLXTgeSGGxB
30AQCtJzfEs+ZywT01PaWDH9rCLQ/b0qfQXelubBvg==
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:26:40 2025 by rpki-client on console.sobornost.net