Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/2IN1Er2MsTzD9JeH28eRdl-c7u0.roa
File: 2IN1Er2MsTzD9JeH28eRdl-c7u0.roa (raw, json)
Hash identifier: 02dSVlb8MKuiq6SZlhNvmzUoRJ0PeDVGS4rbsaqtZBI=
Subject key identifier: D8:83:75:12:BD:8C:B1:3C:C3:F4:97:87:DB:C7:91:76:5F:9C:EE:ED
Certificate issuer: /CN=acde2358f57439c44f6b1662f55615a0aab6bacb
Certificate serial: 0195C977B805EC7C534DA77E54EA6A475F54
Authority key identifier: AC:DE:23:58:F5:74:39:C4:4F:6B:16:62:F5:56:15:A0:AA:B6:BA:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rN4jWPV0OcRPaxZi9VYVoKq2uss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/2IN1Er2MsTzD9JeH28eRdl-c7u0.roa
Signing time: Mon 24 Mar 2025 18:43:40 +0000
ROA not before: Mon 24 Mar 2025 18:43:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202204
IP address blocks: 2.58.24.0/22 maxlen: 24
2.58.26.0/23 maxlen: 23
78.26.0.0/18 maxlen: 23
139.28.124.0/22 maxlen: 22
141.195.16.0/20 maxlen: 20
152.228.64.0/19 maxlen: 23
171.22.152.0/22 maxlen: 22
185.100.204.0/22 maxlen: 22
185.161.136.0/22 maxlen: 22
2a00:ea0::/29 maxlen: 48
2a00:ea0::/32 maxlen: 32
2a09:5c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:77:b8:05:ec:7c:53:4d:a7:7e:54:ea:6a:47:5f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acde2358f57439c44f6b1662f55615a0aab6bacb
Validity
Not Before: Mar 24 18:43:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8837512bd8cb13cc3f49787dbc791765f9ceeed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:ed:40:44:28:df:6d:3d:45:31:05:0d:64:
97:bc:22:02:11:02:5c:a7:2c:db:c5:a3:bf:de:32:
b1:a4:57:ca:1b:75:ab:86:b5:cc:e5:7e:3e:40:06:
15:20:59:3d:4a:ae:4c:49:b0:8b:3c:55:43:9c:f0:
02:40:77:bf:7b:26:4f:fc:1a:16:dc:cf:eb:a8:01:
1a:18:f9:c8:64:08:d4:12:57:ba:20:7a:81:d5:8a:
cb:8a:23:86:5d:07:d8:d0:84:a4:be:b6:4e:ef:00:
4a:e7:50:60:85:7b:d5:50:c1:f8:3c:5d:c0:4f:07:
da:65:c4:f5:7b:b0:f6:87:0f:50:9f:4c:c1:40:86:
04:e6:b4:4d:00:7f:2c:5b:82:ff:88:0a:58:bb:c7:
3e:4e:32:52:32:d9:45:e8:6f:55:a9:88:d2:1f:bf:
a4:5b:ec:ed:1e:3a:3b:5c:f4:8a:f1:31:b2:a7:b1:
fb:fb:f0:20:a0:44:32:e7:1a:f2:b3:56:e0:a2:14:
49:d3:8f:04:6f:3f:f1:7e:37:a4:77:cc:bc:e2:fb:
a1:e6:14:ca:3b:e4:1e:cf:89:b3:ef:98:b9:34:41:
96:b8:a1:f3:41:80:59:18:8c:dd:88:58:75:9e:dd:
98:29:05:ff:a6:f8:c6:b8:8a:2c:c1:61:05:39:f6:
72:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:83:75:12:BD:8C:B1:3C:C3:F4:97:87:DB:C7:91:76:5F:9C:EE:ED
X509v3 Authority Key Identifier:
keyid:AC:DE:23:58:F5:74:39:C4:4F:6B:16:62:F5:56:15:A0:AA:B6:BA:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rN4jWPV0OcRPaxZi9VYVoKq2uss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/2IN1Er2MsTzD9JeH28eRdl-c7u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/rN4jWPV0OcRPaxZi9VYVoKq2uss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.24.0/22
78.26.0.0/18
139.28.124.0/22
141.195.16.0/20
152.228.64.0/19
171.22.152.0/22
185.100.204.0/22
185.161.136.0/22
IPv6:
2a00:ea0::/29
2a09:5c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:a7:fc:c0:e9:24:1f:74:4c:a2:3a:d4:97:95:71:40:27:d1:
d9:fb:74:4f:00:4b:75:64:80:23:b3:5f:05:7a:0d:52:c4:b3:
55:cc:aa:ee:92:17:fa:23:97:6f:dd:12:8b:97:4f:96:9c:ad:
a7:73:37:1d:3a:16:70:4c:52:c7:6b:eb:b4:05:db:cd:bc:fe:
2d:5b:c0:21:d6:dc:2a:51:0d:c0:24:4c:d3:17:fb:fd:9a:84:
e2:f7:a1:11:48:c5:a1:f4:5c:30:de:b1:f6:d5:e6:f2:3c:be:
0f:b2:d0:dc:47:66:33:bd:31:70:9d:65:de:86:f0:d0:0c:d4:
42:a8:b8:4d:00:8d:c5:13:05:85:4f:de:ff:60:a1:28:70:a4:
ec:92:72:8f:2a:18:f0:98:d1:19:2c:56:23:92:aa:b8:e9:7f:
cf:05:21:f7:0c:b5:1e:f0:25:df:cd:63:b9:ea:0b:61:d0:30:
33:84:be:71:53:ac:3c:10:ef:0d:c4:56:59:36:c7:73:a8:fd:
1c:92:94:3e:0c:89:03:00:17:bf:72:99:ac:ad:a0:6a:8b:98:
a9:68:77:c5:8c:5f:50:53:61:a6:62:12:14:e1:bf:20:c7:5e:
2e:fb:fe:e5:f8:ba:39:4f:17:55:99:31:27:c4:3c:10:80:51:
75:d6:86:78
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZXJd7gF7HxTTad+VOpqR19UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZGUyMzU4ZjU3NDM5YzQ0ZjZiMTY2MmY1NTYxNWEwYWFi
NmJhY2IwHhcNMjUwMzI0MTg0MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgzNzUxMmJkOGNiMTNjYzNmNDk3ODdkYmM3OTE3NjVmOWNlZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnErtQEQo3209RTEFDWSXvCICEQJc
pyzbxaO/3jKxpFfKG3WrhrXM5X4+QAYVIFk9Sq5MSbCLPFVDnPACQHe/eyZP/BoW
3M/rqAEaGPnIZAjUEle6IHqB1YrLiiOGXQfY0ISkvrZO7wBK51BghXvVUMH4PF3A
TwfaZcT1e7D2hw9Qn0zBQIYE5rRNAH8sW4L/iApYu8c+TjJSMtlF6G9VqYjSH7+k
W+ztHjo7XPSK8TGyp7H7+/AgoEQy5xrys1bgohRJ048Ebz/xfjekd8y84vuh5hTK
O+Qez4mz75i5NEGWuKHzQYBZGIzdiFh1nt2YKQX/pvjGuIoswWEFOfZy+wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNiDdRK9jLE8w/SXh9vHkXZfnO7tMB8GA1UdIwQY
MBaAFKzeI1j1dDnET2sWYvVWFaCqtrrLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck40aldQVjBPY1JQYXhaaTlWWVZvS3EydXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iNjVlMzMtZjk0Ny00OTY4LWEyN2Mt
ZGQ5OWQzOTdlNGQ2LzEvMklOMUVyMk1zVHpEOUplSDI4ZVJkbC1jN3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9iNjVlMzMtZjk0Ny00OTY4LWEyN2MtZGQ5OWQzOTdlNGQ2
LzEvck40aldQVjBPY1JQYXhaaTlWWVZvS3EydXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQCAjoYAwQG
ThoAAwQCixx8AwQEjcMQAwQFmORAAwQCqxaYAwQCuWTMAwQCuaGIMBQEAgACMA4D
BQMqAA6gAwUDKgkFwDANBgkqhkiG9w0BAQsFAAOCAQEALqf8wOkkH3RMojrUl5Vx
QCfR2ft0TwBLdWSAI7NfBXoNUsSzVcyq7pIX+iOXb90Si5dPlpytp3M3HToWcExS
x2vrtAXbzbz+LVvAIdbcKlENwCRM0xf7/ZqE4vehEUjFofRcMN6x9tXm8jy+D7LQ
3EdmM70xcJ1l3obw0AzUQqi4TQCNxRMFhU/e/2ChKHCk7JJyjyoY8JjRGSxWI5Kq
uOl/zwUh9wy1HvAl381jueoLYdAwM4S+cVOsPBDvDcRWWTbHc6j9HJKUPgyJAwAX
v3KZrK2gaouYqWh3xYxfUFNhpmISFOG/IMdeLvv+5fi6OU8XVZkxJ8Q8EIBRddaG
eA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net