Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/0pU8j0MySids8B7P1Z4MPCYtQQ8.roa
File: 0pU8j0MySids8B7P1Z4MPCYtQQ8.roa (raw, json)
Hash identifier: YB7/HZL1tekwHsjTYy7WcH7gtaLHvddr5HCEfT0Sa/M=
Subject key identifier: D2:95:3C:8F:43:32:4A:27:6C:F0:1E:CF:D5:9E:0C:3C:26:2D:41:0F
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 01945FBB8157843C6CB40975601B8DBFA800
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/0pU8j0MySids8B7P1Z4MPCYtQQ8.roa
Signing time: Mon 13 Jan 2025 12:55:11 +0000
ROA not before: Mon 13 Jan 2025 12:55:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213807
IP address blocks: 37.202.224.0/22 maxlen: 24
37.202.228.0/22 maxlen: 24
37.202.232.0/22 maxlen: 24
37.202.236.0/22 maxlen: 24
37.202.240.0/23 maxlen: 24
37.202.241.0/24 maxlen: 24
37.202.242.0/24 maxlen: 24
94.182.101.0/24 maxlen: 24
94.182.104.0/22 maxlen: 24
94.182.108.0/24 maxlen: 24
94.182.128.0/23 maxlen: 24
94.182.131.0/24 maxlen: 24
94.182.134.0/24 maxlen: 24
94.182.136.0/23 maxlen: 24
94.182.145.0/24 maxlen: 24
94.182.147.0/24 maxlen: 24
94.182.149.0/24 maxlen: 24
94.182.150.0/24 maxlen: 24
94.182.152.0/24 maxlen: 24
94.182.223.0/24 maxlen: 24
185.73.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:bb:81:57:84:3c:6c:b4:09:75:60:1b:8d:bf:a8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 13 12:55:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2953c8f43324a276cf01ecfd59e0c3c262d410f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f3:33:a5:75:c6:2a:e2:76:6b:a6:e0:0e:b0:
41:cb:35:e2:5f:a4:f6:4d:24:92:b9:14:be:b7:0d:
5f:05:e1:d7:d0:0d:57:3a:26:cd:25:96:f2:af:e6:
f6:fe:51:3b:a7:ff:73:f2:03:e4:c6:a7:54:45:b0:
c9:2b:32:03:e6:d4:8a:57:55:11:f6:35:ef:dc:e1:
2f:57:a5:3b:3f:90:e9:9d:51:7f:53:89:8a:ed:01:
c0:8b:f8:61:4a:54:d3:6d:f6:94:75:33:2a:fb:b8:
78:15:54:e1:2d:08:7a:d1:0d:4a:25:1d:a7:b1:8f:
7e:3a:9a:f8:c0:b0:66:fa:3e:9d:7d:b4:ab:51:37:
eb:95:f9:cf:4e:34:25:08:78:62:41:a9:ff:ea:62:
d2:15:e8:e5:7a:d1:38:23:39:4a:fb:2b:09:b7:c2:
ed:00:b1:d9:b2:c2:df:bf:0a:ad:cc:50:e2:33:46:
a8:80:68:85:2a:56:6b:9e:9b:b4:fa:30:9f:b0:29:
ce:9f:cb:27:7e:50:04:27:99:7d:58:67:40:cb:1d:
25:09:98:7b:b9:24:d8:20:45:09:81:12:83:ca:3e:
57:f5:0f:78:8a:01:16:c4:94:ad:96:4b:58:03:13:
d9:e1:1d:e9:e4:9b:cb:e8:66:13:43:bb:3e:7b:34:
98:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:95:3C:8F:43:32:4A:27:6C:F0:1E:CF:D5:9E:0C:3C:26:2D:41:0F
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/0pU8j0MySids8B7P1Z4MPCYtQQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.224.0-37.202.242.255
94.182.101.0/24
94.182.104.0-94.182.108.255
94.182.128.0/23
94.182.131.0/24
94.182.134.0/24
94.182.136.0/23
94.182.145.0/24
94.182.147.0/24
94.182.149.0-94.182.150.255
94.182.152.0/24
94.182.223.0/24
185.73.0.0/24
Signature Algorithm: sha256WithRSAEncryption
88:95:27:04:48:21:17:d7:f8:af:61:1f:ae:5e:3f:4a:d6:c7:
f8:6f:3e:50:9a:00:f0:67:7c:c7:4d:54:f5:ff:42:b6:c3:67:
a1:45:77:2b:1c:c0:81:a3:7a:6d:8c:44:65:3b:80:51:ba:f9:
ec:9a:a0:4a:34:63:2d:7f:39:c7:bf:49:8f:e7:b0:bb:7f:58:
3d:ad:5f:f5:8e:7c:0c:a6:ed:1c:1f:96:7a:09:6b:97:56:aa:
8f:11:85:76:8c:74:44:6e:85:a0:ba:9f:22:d6:44:df:ed:1e:
9e:0d:c3:52:51:f0:a8:34:1c:2e:8c:50:23:fb:17:fd:28:71:
cf:3c:aa:3c:f8:6e:fc:a7:de:08:f9:72:9a:7a:c9:5b:a1:ff:
a0:5c:2b:eb:20:fe:61:75:6f:3f:02:12:d7:32:22:62:cb:a7:
b1:37:a2:00:c4:0b:4c:67:51:4e:c2:a8:48:37:59:b2:8a:e7:
16:c8:f0:15:f6:71:16:03:49:09:30:89:85:ad:6e:34:da:90:
0f:0d:f7:7a:9d:d9:4a:5e:28:db:b3:d0:f6:66:bf:50:a1:af:
72:72:2a:9c:1d:2a:e3:5a:d6:95:c3:ad:7f:e9:9c:92:d9:ce:
73:f4:d4:8c:63:2a:f7:de:41:dd:00:5f:83:b9:8d:8f:f6:db:
ec:ac:c6:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZRfu4FXhDxstAl1YBuNv6gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMTEzMTI1NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjk1M2M4ZjQzMzI0YTI3NmNmMDFlY2ZkNTllMGMzYzI2MmQ0MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPMzpXXGKuJ2a6bgDrBByzXiX6T2
TSSSuRS+tw1fBeHX0A1XOibNJZbyr+b2/lE7p/9z8gPkxqdURbDJKzID5tSKV1UR
9jXv3OEvV6U7P5DpnVF/U4mK7QHAi/hhSlTTbfaUdTMq+7h4FVThLQh60Q1KJR2n
sY9+Opr4wLBm+j6dfbSrUTfrlfnPTjQlCHhiQan/6mLSFejletE4IzlK+ysJt8Lt
ALHZssLfvwqtzFDiM0aogGiFKlZrnpu0+jCfsCnOn8snflAEJ5l9WGdAyx0lCZh7
uSTYIEUJgRKDyj5X9Q94igEWxJStlktYAxPZ4R3p5JvL6GYTQ7s+ezSYzwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFNKVPI9DMkonbPAez9WeDDwmLUEPMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvMHBVOGowTXlTaWRzOEI3UDFaNE1QQ1l0UVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAUlyuAD
BAAlyvIDBABetmUwDAMEA162aAMEAF62bAMEAV62gAMEAF62gwMEAF62hgMEAV62
iAMEAF62kQMEAF62kzAMAwQAXraVAwQAXraWAwQAXraYAwQAXrbfAwQAuUkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCIlScESCEX1/ivYR+uXj9K1sf4bz5QmgDwZ3zHTVT1
/0K2w2ehRXcrHMCBo3ptjERlO4BRuvnsmqBKNGMtfznHv0mP57C7f1g9rV/1jnwM
pu0cH5Z6CWuXVqqPEYV2jHREboWgup8i1kTf7R6eDcNSUfCoNBwujFAj+xf9KHHP
PKo8+G78p94I+XKaeslbof+gXCvrIP5hdW8/AhLXMiJiy6exN6IAxAtMZ1FOwqhI
N1myiucWyPAV9nEWA0kJMImFrW402pAPDfd6ndlKXijbs9D2Zr9Qoa9yciqcHSrj
WtaVw61/6ZyS2c5z9NSMYyr33kHdAF+DuY2P9tvsrMaQ
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:50:23 2025 by rpki-client on console.sobornost.net