Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/ckPg9sFMxT2re8tM8nExJep_9Qs.roa
File: ckPg9sFMxT2re8tM8nExJep_9Qs.roa (raw, json)
Hash identifier: DU25ajodIpeW2jQoXz2wnkJ8CRhq6NHvl6w7hFsUi60=
Subject key identifier: 72:43:E0:F6:C1:4C:C5:3D:AB:7B:CB:4C:F2:71:31:25:EA:7F:F5:0B
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 01942747F9F3157048184899C1C614FE365C
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/ckPg9sFMxT2re8tM8nExJep_9Qs.roa
Signing time: Thu 02 Jan 2025 13:50:15 +0000
ROA not before: Thu 02 Jan 2025 13:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34606
IP address blocks: 77.72.32.0/21 maxlen: 21
77.108.0.0/18 maxlen: 18
81.30.0.0/20 maxlen: 20
82.215.128.0/18 maxlen: 18
82.215.128.0/22 maxlen: 22
85.159.176.0/21 maxlen: 21
85.208.232.0/22 maxlen: 22
88.87.96.0/19 maxlen: 19
95.140.136.0/21 maxlen: 21
185.73.244.0/22 maxlen: 22
185.117.216.0/22 maxlen: 22
185.127.32.0/22 maxlen: 22
194.116.0.0/18 maxlen: 18
194.176.126.0/24 maxlen: 24
2a02:260::/32 maxlen: 32
2a03:4560::/32 maxlen: 32
2a06:8580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f9:f3:15:70:48:18:48:99:c1:c6:14:fe:36:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 2 13:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7243e0f6c14cc53dab7bcb4cf2713125ea7ff50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:ef:72:a6:91:9f:c7:07:99:43:8b:d5:7d:
56:4e:a5:9c:b0:bb:de:ee:53:4e:b7:fe:7b:ef:c9:
ab:3d:6e:82:c9:5e:41:79:81:e5:f4:90:3a:87:b8:
75:10:83:68:c6:a5:92:93:27:e3:49:c9:b0:b6:21:
06:6c:16:1f:6e:e0:89:59:a3:75:4b:04:1a:18:79:
8e:ed:00:6f:8e:80:22:98:29:c9:20:d7:15:99:94:
59:f5:e4:57:2c:1f:b9:53:3d:c7:95:7e:85:27:0c:
79:e3:a8:6e:a0:6b:bf:a3:4f:0b:7d:c8:29:e2:50:
f8:d1:43:85:ee:72:25:60:90:6f:fa:38:27:ad:f6:
a4:5a:d6:c2:be:61:f6:c7:8b:a4:fb:2e:a4:23:81:
00:c1:b6:4d:99:86:a0:9a:a7:19:94:f9:33:b4:32:
1f:b3:4c:bc:88:43:f9:73:37:7b:db:d8:56:69:36:
b3:1e:b6:f0:18:c6:f5:00:93:18:a3:0b:4f:84:fa:
17:9a:b6:00:c7:17:af:59:16:e4:00:32:df:34:cb:
8b:95:a7:ba:7a:96:49:e9:ed:94:c8:bb:37:cf:d8:
86:58:43:86:d6:04:b6:c8:55:84:71:56:86:4a:a6:
72:b1:18:c4:3e:c2:7e:e0:48:e7:b9:6f:a2:e2:cd:
aa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:43:E0:F6:C1:4C:C5:3D:AB:7B:CB:4C:F2:71:31:25:EA:7F:F5:0B
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/ckPg9sFMxT2re8tM8nExJep_9Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.32.0/21
77.108.0.0/18
81.30.0.0/20
82.215.128.0/18
85.159.176.0/21
85.208.232.0/22
88.87.96.0/19
95.140.136.0/21
185.73.244.0/22
185.117.216.0/22
185.127.32.0/22
194.116.0.0/18
194.176.126.0/24
IPv6:
2a02:260::/32
2a03:4560::/32
2a06:8580::/29
Signature Algorithm: sha256WithRSAEncryption
13:5a:1f:a3:d8:77:dc:af:c2:a7:b1:4e:4f:ca:f2:5e:de:7f:
b6:c4:df:a4:0d:83:7f:28:ff:57:5b:4e:42:6b:6e:48:0c:8f:
fe:6c:35:29:3a:46:aa:f3:92:b4:1f:16:7b:99:bc:98:6d:11:
ec:23:81:af:a3:c4:a7:35:18:11:83:49:c5:4b:ec:79:69:1b:
53:68:a7:e4:40:55:97:c9:66:85:41:b8:c0:b0:16:b9:0f:51:
75:82:56:84:7b:fc:29:18:58:58:42:cf:c2:4a:d1:1b:49:9e:
22:5d:1c:8a:47:09:21:81:d5:a1:bc:b1:d5:64:52:5f:6d:7f:
c9:be:da:23:f9:fc:6b:e5:5c:65:24:2e:fe:85:5b:93:48:67:
78:28:76:ed:46:e8:00:21:f0:44:2f:0b:58:9c:0a:b3:11:fa:
26:d4:4b:a4:56:ee:88:42:c0:4b:3b:bf:3c:d4:21:fc:ae:4f:
a0:61:a3:77:67:0b:09:57:01:9c:ab:53:04:04:85:c1:c1:40:
64:80:a5:0c:40:01:fb:17:fb:d6:5b:e0:23:41:41:2d:ce:00:
88:36:f7:2e:73:d3:c1:6e:62:ae:e9:c8:13:a1:8a:30:5c:9b:
66:7c:90:da:65:66:eb:f6:b0:bf:55:cd:08:90:0f:67:a9:6f:
62:21:36:37
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZQnR/nzFXBIGEiZwcYU/jZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjUwMTAyMTM1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQzZTBmNmMxNGNjNTNkYWI3YmNiNGNmMjcxMzEyNWVhN2ZmNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqrvcqaRn8cHmUOL1X1WTqWcsLve
7lNOt/5778mrPW6CyV5BeYHl9JA6h7h1EINoxqWSkyfjScmwtiEGbBYfbuCJWaN1
SwQaGHmO7QBvjoAimCnJINcVmZRZ9eRXLB+5Uz3HlX6FJwx546huoGu/o08Lfcgp
4lD40UOF7nIlYJBv+jgnrfakWtbCvmH2x4uk+y6kI4EAwbZNmYagmqcZlPkztDIf
s0y8iEP5czd729hWaTazHrbwGMb1AJMYowtPhPoXmrYAxxevWRbkADLfNMuLlae6
epZJ6e2UyLs3z9iGWEOG1gS2yFWEcVaGSqZysRjEPsJ+4EjnuW+i4s2q8wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFHJD4PbBTMU9q3vLTPJxMSXqf/ULMB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvY2tQZzlzRk14VDJyZTh0TThuRXhKZXBfOVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEA01IIAME
Bk1sAAMEBFEeAAMEBlLXgAMEA1WfsAMEAlXQ6AMEBVhXYAMEA1+MiAMEArlJ9AME
Arl12AMEArl/IAMEBsJ0AAMEAMKwfjAbBAIAAjAVAwUAKgICYAMFACoDRWADBQMq
BoWAMA0GCSqGSIb3DQEBCwUAA4IBAQATWh+j2Hfcr8KnsU5PyvJe3n+2xN+kDYN/
KP9XW05Ca25IDI/+bDUpOkaq85K0HxZ7mbyYbRHsI4Gvo8SnNRgRg0nFS+x5aRtT
aKfkQFWXyWaFQbjAsBa5D1F1glaEe/wpGFhYQs/CStEbSZ4iXRyKRwkhgdWhvLHV
ZFJfbX/Jvtoj+fxr5VxlJC7+hVuTSGd4KHbtRugAIfBELwtYnAqzEfom1EukVu6I
QsBLO7881CH8rk+gYaN3ZwsJVwGcq1MEBIXBwUBkgKUMQAH7F/vWW+AjQUEtzgCI
Nvcuc9PBbmKu6cgToYowXJtmfJDaZWbr9rC/Vc0IkA9nqW9iITY3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:56 2025 by rpki-client on console.sobornost.net