Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/gIuu8YqlvDEjW8by7u9TBW7V2MQ.roa
File: gIuu8YqlvDEjW8by7u9TBW7V2MQ.roa (raw, json)
Hash identifier: ER6RD8Q4xf/CIFEoYlDihrMEiwzD+nh4kBnAIuMSJFM=
Subject key identifier: 80:8B:AE:F1:8A:A5:BC:31:23:5B:C6:F2:EE:EF:53:05:6E:D5:D8:C4
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 01941FFA0D502AB88BD879C75BF69B7F8E05
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/gIuu8YqlvDEjW8by7u9TBW7V2MQ.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.94.0/24 maxlen: 24
37.35.80.0/21 maxlen: 21
46.254.208.0/22 maxlen: 22
77.95.242.0/24 maxlen: 24
77.95.245.0/24 maxlen: 24
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.16.168.0/22 maxlen: 22
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
2a04:240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0d:50:2a:b8:8b:d8:79:c7:5b:f6:9b:7f:8e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=808baef18aa5bc31235bc6f2eeef53056ed5d8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:07:96:75:cd:5d:4a:e3:47:fa:12:03:74:33:
96:6a:25:d3:d2:5d:0c:57:e6:9a:e0:14:4b:7c:85:
f2:73:56:91:87:ae:f9:6c:1e:34:f4:60:ee:5e:23:
32:cd:82:f9:56:fc:a9:73:7d:39:11:67:2e:56:0b:
a2:5c:d2:69:ca:30:a4:69:bd:e8:ad:14:a4:78:40:
e5:93:4b:1e:ab:5f:c8:2c:49:9d:b1:28:f5:9a:4f:
96:7e:99:ad:ae:3f:21:14:98:51:aa:77:90:9b:8f:
09:25:99:85:59:fe:8a:3d:cb:00:dd:54:39:27:3b:
03:ca:30:ab:74:33:7f:67:f6:cf:ed:33:ca:75:9b:
5f:87:54:a7:e5:c0:20:e7:be:2b:0b:9d:95:b2:6b:
fd:63:f5:96:e7:9c:b1:e7:e8:cd:6a:52:3a:a7:bb:
3b:5d:3c:27:60:04:03:17:74:77:2b:73:b0:e6:78:
ab:7d:29:73:95:e6:70:bc:c8:e8:65:0c:4c:94:ba:
ad:3b:02:63:8a:07:de:91:d4:ec:99:da:72:32:ed:
e5:7c:fd:17:ee:3d:1f:b1:7e:35:7d:46:18:53:2e:
c6:9d:b4:8f:ed:02:53:68:a4:71:67:9d:77:cc:79:
66:e7:d5:83:de:b4:ee:c7:bd:ed:b2:7b:88:ef:8a:
ef:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8B:AE:F1:8A:A5:BC:31:23:5B:C6:F2:EE:EF:53:05:6E:D5:D8:C4
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/gIuu8YqlvDEjW8by7u9TBW7V2MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.94.0/24
37.35.80.0/21
46.254.208.0/22
77.95.242.0/24
77.95.245.0-77.95.247.255
80.75.96.0/20
93.174.192.0/21
149.126.176.0/21
185.16.168.0/22
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
2a04:240::/29
Signature Algorithm: sha256WithRSAEncryption
1a:a2:c0:68:3f:e9:db:b0:ff:ea:43:06:80:7f:20:49:c6:b6:
6f:d9:c0:27:2a:22:e0:80:2e:05:5f:70:3d:f2:7a:7c:9a:14:
b7:c6:c3:7f:eb:b6:32:c5:51:92:fa:a6:2c:1f:43:e9:fe:d9:
90:3f:7c:75:5d:5f:51:b4:2d:e5:81:04:f2:f3:25:bf:88:2b:
eb:2c:4f:a1:8f:3e:54:fd:f8:89:51:a6:36:ee:33:00:d2:38:
07:30:90:10:50:d4:0b:39:68:20:92:9b:a4:e8:c4:98:de:9d:
97:da:04:f0:9a:bb:8c:a2:c3:f4:6a:e2:8e:09:2d:10:7c:4f:
fc:87:90:34:ef:a4:b5:7e:d6:cd:bb:68:d1:89:37:20:b4:c3:
79:de:dc:bd:58:de:42:47:87:67:66:86:5b:9b:28:92:26:2a:
2a:db:aa:f2:3f:5d:84:54:28:0b:32:32:61:69:bc:dd:29:b7:
3a:a2:96:99:a8:ea:32:05:c7:b8:18:4f:ad:a9:0a:a2:5b:db:
dc:5d:76:e4:aa:33:e5:8a:f2:e4:40:57:37:75:7c:2b:96:38:
9b:94:9a:85:27:bc:92:b9:2d:73:fd:af:ee:06:5f:14:ce:9a:
53:e8:ee:61:64:12:db:8b:6b:c9:6e:f8:db:93:1b:78:3c:ac:
1b:a8:3c:4f
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZQf+g1QKriL2HnHW/abf44FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDhiYWVmMThhYTViYzMxMjM1YmM2ZjJlZWVmNTMwNTZlZDVkOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgeWdc1dSuNH+hIDdDOWaiXT0l0M
V+aa4BRLfIXyc1aRh675bB409GDuXiMyzYL5Vvypc305EWcuVguiXNJpyjCkab3o
rRSkeEDlk0seq1/ILEmdsSj1mk+Wfpmtrj8hFJhRqneQm48JJZmFWf6KPcsA3VQ5
JzsDyjCrdDN/Z/bP7TPKdZtfh1Sn5cAg574rC52Vsmv9Y/WW55yx5+jNalI6p7s7
XTwnYAQDF3R3K3Ow5nirfSlzleZwvMjoZQxMlLqtOwJjigfekdTsmdpyMu3lfP0X
7j0fsX41fUYYUy7GnbSP7QJTaKRxZ513zHlm59WD3rTux73tsnuI74rveQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFICLrvGKpbwxI1vG8u7vUwVu1djEMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvZ0l1dThZcWx2REVqVzhieTd1OVRCVzdWMk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwVgQCAAEwUAMEAAU9XgME
AyUjUAMEAi7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQDXa7AAwQDlX6w
AwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUAKgB0oAMF
AyoEAkAwDQYJKoZIhvcNAQELBQADggEBABqiwGg/6duw/+pDBoB/IEnGtm/ZwCcq
IuCALgVfcD3yenyaFLfGw3/rtjLFUZL6piwfQ+n+2ZA/fHVdX1G0LeWBBPLzJb+I
K+ssT6GPPlT9+IlRpjbuMwDSOAcwkBBQ1As5aCCSm6ToxJjenZfaBPCau4yiw/Rq
4o4JLRB8T/yHkDTvpLV+1s27aNGJNyC0w3ne3L1Y3kJHh2dmhlubKJImKirbqvI/
XYRUKAsyMmFpvN0ptzqilpmo6jIFx7gYT62pCqJb29xdduSqM+WK8uRAVzd1fCuW
OJuUmoUnvJK5LXP9r+4GXxTOmlPo7mFkEtuLa8lu+NuTG3g8rBuoPE8=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:50:24 2025 by rpki-client on console.sobornost.net