Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/i44JVxMTVgkMbhmNJMaUgaK-WQI.roa
File: i44JVxMTVgkMbhmNJMaUgaK-WQI.roa (raw, json)
Hash identifier: cxxt5MnNL7SzuLLNZDQp6rhtaTD9wJRJZPKAxjU7gO4=
Subject key identifier: 8B:8E:09:57:13:13:56:09:0C:6E:19:8D:24:C6:94:81:A2:BE:59:02
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 0195A9BB75E010F87B35F026216F7235571B
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/i44JVxMTVgkMbhmNJMaUgaK-WQI.roa
Signing time: Tue 18 Mar 2025 14:49:49 +0000
ROA not before: Tue 18 Mar 2025 14:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12902
IP address blocks: 79.98.168.0/21 maxlen: 24
79.98.170.0/24 maxlen: 24
185.225.220.0/24 maxlen: 24
185.240.112.0/22 maxlen: 24
194.180.219.0/24 maxlen: 24
217.77.128.0/19 maxlen: 24
217.77.144.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:bb:75:e0:10:f8:7b:35:f0:26:21:6f:72:35:57:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Mar 18 14:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b8e0957131356090c6e198d24c69481a2be5902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:73:a3:53:0f:bf:a3:50:c4:be:09:01:1a:34:
da:59:11:4a:77:fd:68:96:5f:1c:ee:65:f7:34:d3:
14:1b:5b:c5:18:4b:98:4f:c6:c9:de:49:64:77:f9:
f5:71:33:04:ca:8d:a0:42:b4:33:1b:e0:c9:61:ef:
7a:a8:8c:5b:ed:98:fd:c2:54:47:bf:9e:37:fd:04:
56:ff:b7:24:35:a6:73:5b:f2:03:08:21:4d:0f:74:
00:51:3f:4c:02:01:b4:ca:28:a6:1d:bd:51:08:57:
91:62:ea:15:56:e3:34:46:00:84:98:6f:ac:7b:45:
18:84:15:a4:4d:43:d1:50:e4:21:f0:82:5d:9a:3c:
ce:46:94:9f:08:0f:26:95:d6:2b:e7:01:8a:c8:1a:
87:59:8c:26:6f:b5:94:e0:67:6a:1a:a9:1b:3e:2a:
9a:e3:a8:53:36:e6:f2:2d:99:5b:50:a4:42:12:18:
c3:bb:38:dd:18:37:94:52:99:c2:62:a7:24:24:48:
e2:d9:df:95:b6:ac:8c:58:75:de:f6:3f:83:47:18:
86:48:b4:74:3c:7b:5c:43:f2:2a:7d:67:91:05:ad:
de:fb:56:c9:d4:78:11:56:7e:5e:6c:a6:3b:59:65:
06:1a:3c:e0:61:0e:33:90:ea:c8:3c:62:be:aa:26:
3e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8E:09:57:13:13:56:09:0C:6E:19:8D:24:C6:94:81:A2:BE:59:02
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/i44JVxMTVgkMbhmNJMaUgaK-WQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
185.225.220.0/24
185.240.112.0/22
194.180.219.0/24
217.77.128.0/19
IPv6:
2001:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
11:ee:45:9c:82:3d:71:a9:5e:49:2b:02:f3:eb:a6:6f:74:3a:
ff:90:0c:6a:8e:04:8a:38:97:4d:63:47:bb:eb:dc:04:15:a1:
e5:2f:dc:cd:db:cc:e4:9e:6c:be:67:6c:b7:0f:62:41:e6:64:
f4:7f:d2:55:ee:95:b7:0d:00:6c:cf:3c:5f:12:26:ba:5e:65:
4c:49:42:bb:dc:d4:cf:ef:10:22:c3:33:6f:b7:cf:a7:a2:4d:
00:74:8b:60:32:62:7d:d8:f2:52:69:c1:9b:e6:42:79:80:ae:
a9:00:22:c0:d2:7d:5a:68:31:29:f9:5e:6c:12:da:cd:99:eb:
17:64:f9:38:78:7d:4d:74:f4:3d:14:3b:aa:df:17:99:b2:05:
df:6a:01:b6:3d:c9:7d:ce:a6:56:53:c9:cd:6d:c1:d5:48:e6:
7c:2e:97:ab:6e:8c:da:c1:61:ea:01:91:b9:41:da:bf:e6:ab:
94:6e:a2:a6:4d:6f:86:8e:a8:4e:1d:98:02:ad:71:cd:5e:8b:
05:12:46:98:11:79:72:1e:9f:38:5a:37:41:dd:df:31:02:b2:
7b:d2:02:10:13:6f:5f:1d:06:a8:71:d4:87:03:f4:7f:a6:47:
ef:e4:38:71:2c:ea:8f:6a:bd:9b:14:57:09:52:32:50:39:a6:
72:48:e0:2e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZWpu3XgEPh7NfAmIW9yNVcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjUwMzE4MTQ0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhlMDk1NzEzMTM1NjA5MGM2ZTE5OGQyNGM2OTQ4MWEyYmU1OTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23OjUw+/o1DEvgkBGjTaWRFKd/1o
ll8c7mX3NNMUG1vFGEuYT8bJ3klkd/n1cTMEyo2gQrQzG+DJYe96qIxb7Zj9wlRH
v543/QRW/7ckNaZzW/IDCCFND3QAUT9MAgG0yiimHb1RCFeRYuoVVuM0RgCEmG+s
e0UYhBWkTUPRUOQh8IJdmjzORpSfCA8mldYr5wGKyBqHWYwmb7WU4GdqGqkbPiqa
46hTNubyLZlbUKRCEhjDuzjdGDeUUpnCYqckJEji2d+VtqyMWHXe9j+DRxiGSLR0
PHtcQ/IqfWeRBa3e+1bJ1HgRVn5ebKY7WWUGGjzgYQ4zkOrIPGK+qiY+YwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIuOCVcTE1YJDG4ZjSTGlIGivlkCMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvaTQ0SlZ4TVRWZ2tNYmhtTkpNYVVnYUstV1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDT2KoAwQA
ueHcAwQCufBwAwQAwrTbAwQF2U2AMA0EAgACMAcDBQAgAQnAMA0GCSqGSIb3DQEB
CwUAA4IBAQAR7kWcgj1xqV5JKwLz66ZvdDr/kAxqjgSKOJdNY0e769wEFaHlL9zN
28zknmy+Z2y3D2JB5mT0f9JV7pW3DQBszzxfEia6XmVMSUK73NTP7xAiwzNvt8+n
ok0AdItgMmJ92PJSacGb5kJ5gK6pACLA0n1aaDEp+V5sEtrNmesXZPk4eH1NdPQ9
FDuq3xeZsgXfagG2Pcl9zqZWU8nNbcHVSOZ8LperbozawWHqAZG5Qdq/5quUbqKm
TW+GjqhOHZgCrXHNXosFEkaYEXlyHp84WjdB3d8xArJ70gIQE29fHQaocdSHA/R/
pkfv5DhxLOqPar2bFFcJUjJQOaZySOAu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:55 2025 by rpki-client on console.sobornost.net