Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/Vs8JrhOp8doi0Pejo3pFyxkxSF8.roa
File: Vs8JrhOp8doi0Pejo3pFyxkxSF8.roa (raw, json)
Hash identifier: v1TXYBsbMNvSJhKVhhxeD9z0NXgTARHKv2tqAe3hsUE=
Subject key identifier: 56:CF:09:AE:13:A9:F1:DA:22:D0:F7:A3:A3:7A:45:CB:19:31:48:5F
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 019421437CB56520ABD06F488DBB41384C26
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/Vs8JrhOp8doi0Pejo3pFyxkxSF8.roa
Signing time: Wed 01 Jan 2025 09:47:38 +0000
ROA not before: Wed 01 Jan 2025 09:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30880
IP address blocks: 185.98.192.0/22 maxlen: 22
185.98.195.0/24 maxlen: 24
193.27.200.0/23 maxlen: 23
193.27.200.0/24 maxlen: 24
193.27.201.0/24 maxlen: 24
193.42.215.0/24 maxlen: 24
212.63.192.0/19 maxlen: 19
2a01:298::/32 maxlen: 32
2a01:298:fd::/48 maxlen: 48
2a01:299::/32 maxlen: 32
2a01:29f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:7c:b5:65:20:ab:d0:6f:48:8d:bb:41:38:4c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 1 09:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56cf09ae13a9f1da22d0f7a3a37a45cb1931485f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bc:d0:9b:bb:45:85:e9:73:c7:6b:66:bf:44:
dc:70:f8:bd:10:3d:2b:80:a7:fa:69:49:77:9c:38:
34:af:92:ad:af:68:64:71:5c:14:6b:2e:5b:c3:a5:
a4:db:c5:1c:3d:cd:aa:25:4e:46:ed:bb:d9:d7:60:
da:75:20:11:3a:3a:e8:91:9c:8a:26:00:08:32:34:
91:9e:a0:1e:1e:99:52:ad:98:0a:4a:7b:c5:a2:70:
07:b5:cd:cd:31:84:03:07:77:62:0d:3c:99:a4:f0:
5e:0f:20:87:d7:8e:ba:6e:a2:13:77:78:bc:c2:3f:
4c:e4:5c:70:74:fb:4c:74:13:22:b7:8f:5d:0f:57:
aa:ec:d2:fe:6f:79:82:c4:b0:cb:ca:8b:f8:f5:fb:
3a:c5:95:ad:e5:3c:38:8c:c4:ac:e6:5a:b3:2b:16:
a5:95:d1:21:d7:a9:04:ee:a5:e9:9c:be:be:85:e7:
17:5e:83:ab:18:87:34:09:58:1d:61:57:30:44:7a:
d9:70:48:b0:1d:f8:42:0f:3b:d6:77:51:3b:aa:8c:
aa:92:64:e2:6d:3a:ee:3a:be:57:af:8d:62:80:4f:
99:e7:1c:e2:67:3d:fd:f1:64:67:62:b1:72:d0:6e:
5b:f5:57:41:73:cd:42:03:30:a5:1f:7a:0f:b9:d0:
0b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CF:09:AE:13:A9:F1:DA:22:D0:F7:A3:A3:7A:45:CB:19:31:48:5F
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/Vs8JrhOp8doi0Pejo3pFyxkxSF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.192.0/22
193.27.200.0/23
193.42.215.0/24
212.63.192.0/19
IPv6:
2a01:298::/31
2a01:29f::/48
Signature Algorithm: sha256WithRSAEncryption
21:90:55:6c:e7:e2:e6:ff:9e:7d:74:c5:59:63:c8:01:38:ee:
7e:27:c5:14:d6:6e:aa:f9:68:de:05:99:9c:cd:6f:91:06:90:
8b:7c:24:79:d8:2b:91:78:ec:67:cd:5d:6e:bc:da:ec:1b:51:
da:59:82:9d:95:e6:fe:39:12:10:c1:0f:2b:37:0d:c2:c7:68:
20:02:41:8e:61:4b:be:42:03:db:de:e9:e0:74:30:7e:6f:04:
bd:4f:27:2a:fa:1f:40:67:32:d1:2d:c0:c5:41:e5:00:49:60:
58:43:99:95:72:97:41:5e:36:11:f7:54:27:3e:38:83:2f:69:
ee:77:f7:51:45:35:94:9e:60:7c:e0:09:61:55:be:ea:73:25:
6c:9b:b3:74:34:87:29:ad:67:22:ce:94:4d:fc:6d:a0:65:8c:
5c:a0:5b:6c:21:b7:d3:6c:9b:21:29:2c:7b:be:7e:3e:24:69:
fb:d2:4e:d2:09:b7:7e:47:da:67:a3:7d:71:76:ab:a4:8a:b1:
19:e0:59:6d:00:47:8e:7f:c3:56:6b:70:0b:1c:82:d2:2d:b8:
12:fb:8f:3a:c6:24:34:49:b8:4c:e2:29:30:28:d9:f7:a9:6f:
fb:7c:cc:ed:e6:eb:9b:0f:b1:28:7d:59:6a:dd:69:7e:83:03:
4b:a3:2e:81
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQhQ3y1ZSCr0G9IjbtBOEwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzY3YmM1ZmJjYmNlZmIxYzFjNzQ3YmIwZWI1MzM3ZGFi
NjkxYzAwHhcNMjUwMTAxMDk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmNmMDlhZTEzYTlmMWRhMjJkMGY3YTNhMzdhNDVjYjE5MzE0ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrzQm7tFhelzx2tmv0TccPi9ED0r
gKf6aUl3nDg0r5Ktr2hkcVwUay5bw6Wk28UcPc2qJU5G7bvZ12DadSAROjrokZyK
JgAIMjSRnqAeHplSrZgKSnvFonAHtc3NMYQDB3diDTyZpPBeDyCH1466bqITd3i8
wj9M5FxwdPtMdBMit49dD1eq7NL+b3mCxLDLyov49fs6xZWt5Tw4jMSs5lqzKxal
ldEh16kE7qXpnL6+hecXXoOrGIc0CVgdYVcwRHrZcEiwHfhCDzvWd1E7qoyqkmTi
bTruOr5Xr41igE+Z5xziZz398WRnYrFy0G5b9VdBc81CAzClH3oPudAL5wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFbPCa4TqfHaItD3o6N6RcsZMUhfMB8GA1UdIwQY
MBaAFKR2e8X7y877HBx0e7DrUzfatpHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQt
MDQxYTQ4ZDIxMjNmLzEvVnM4SnJoT3A4ZG9pMFBlam8zcEZ5eGt4U0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQtMDQxYTQ4ZDIxMjNm
LzEvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCuWLAAwQB
wRvIAwQAwSrXAwQF1D/AMBYEAgACMBADBQEqAQKYAwcAKgECnwAAMA0GCSqGSIb3
DQEBCwUAA4IBAQAhkFVs5+Lm/559dMVZY8gBOO5+J8UU1m6q+WjeBZmczW+RBpCL
fCR52CuReOxnzV1uvNrsG1HaWYKdleb+ORIQwQ8rNw3Cx2ggAkGOYUu+QgPb3ung
dDB+bwS9Tycq+h9AZzLRLcDFQeUASWBYQ5mVcpdBXjYR91QnPjiDL2nud/dRRTWU
nmB84AlhVb7qcyVsm7N0NIcprWcizpRN/G2gZYxcoFtsIbfTbJshKSx7vn4+JGn7
0k7SCbd+R9pno31xdqukirEZ4FltAEeOf8NWa3ALHILSLbgS+486xiQ0SbhM4ikw
KNn3qW/7fMzt5uubD7EofVlq3Wl+gwNLoy6B
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:57 2025 by rpki-client on console.sobornost.net