Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/oqQMhQCTnCvqpL4FDtvR2ocumgk.roa
File: oqQMhQCTnCvqpL4FDtvR2ocumgk.roa (raw, json)
Hash identifier: 9N1juEbb6Fp6BQG9Mi2KAk0Vy7P2TkUjOEW3w+qZU1s=
Subject key identifier: A2:A4:0C:85:00:93:9C:2B:EA:A4:BE:05:0E:DB:D1:DA:87:2E:9A:09
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 0194206850FE8734B68CADFAEDB063FB8EAF
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/oqQMhQCTnCvqpL4FDtvR2ocumgk.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134433
IP address blocks: 185.71.228.0/22 maxlen: 24
185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.231.0/24 maxlen: 24
185.125.84.0/22 maxlen: 24
185.125.84.0/24 maxlen: 24
185.125.85.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
185.125.87.0/24 maxlen: 24
193.0.180.0/22 maxlen: 24
193.0.180.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.183.0/24 maxlen: 24
2a05:3340::/29 maxlen: 64
2a05:3340::/42 maxlen: 42
2a05:3340:140::/42 maxlen: 48
2a05:3343:4::/48 maxlen: 48
2a05:3343:5::/48 maxlen: 48
2a05:3343:6::/48 maxlen: 48
2a05:3343:7::/48 maxlen: 48
2a05:3343:a::/48 maxlen: 48
2a05:3343:b::/48 maxlen: 48
2a05:3343:c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:50:fe:87:34:b6:8c:ad:fa:ed:b0:63:fb:8e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2a40c8500939c2beaa4be050edbd1da872e9a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1e:5e:1a:c2:78:b6:d2:da:d8:ae:49:68:e2:
74:36:9d:13:e5:33:8d:7d:bb:15:e6:33:cb:c5:a1:
bb:3c:a6:cd:18:dd:12:d5:8a:e4:a5:a5:b5:8b:1c:
9f:4e:dc:e5:12:6a:8f:77:b3:3f:01:93:f5:7e:f1:
ec:88:d2:47:49:60:35:30:50:1c:22:23:01:78:8a:
df:e9:92:83:0d:7b:8e:4f:6b:19:a5:1b:9e:be:14:
9e:0e:ae:1b:91:b9:e5:c0:4b:f4:f5:a0:d9:8c:93:
ca:20:4c:35:9a:98:67:37:3a:db:ea:5a:a4:26:73:
c7:35:e0:a6:9b:dd:e5:6a:cf:6a:34:cc:22:58:cd:
99:77:8e:28:61:74:e9:2a:ea:e2:8b:3d:af:43:13:
1a:43:a5:ec:f3:67:88:53:e7:87:07:a1:24:c2:9a:
17:93:ea:a1:55:fa:29:10:fb:73:a4:1a:d5:10:88:
59:74:06:b6:28:bc:2c:49:a2:45:88:17:c4:a0:d6:
e6:6f:87:9e:f1:79:fa:1b:3f:ac:41:be:12:01:da:
98:76:64:04:4c:97:32:bc:18:80:98:50:20:7e:f3:
b9:62:ab:e4:0e:41:eb:ed:67:87:93:77:29:65:ce:
3c:82:e7:ca:9b:10:a7:87:b2:62:be:34:f7:47:70:
36:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A4:0C:85:00:93:9C:2B:EA:A4:BE:05:0E:DB:D1:DA:87:2E:9A:09
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/oqQMhQCTnCvqpL4FDtvR2ocumgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/22
185.125.84.0/22
193.0.180.0/22
IPv6:
2a05:3340::/29
Signature Algorithm: sha256WithRSAEncryption
9c:5f:0f:42:84:c3:78:e4:21:ca:b9:a4:03:ba:96:ad:0c:de:
1e:e6:48:e7:d9:61:48:bd:ec:8a:4f:64:61:56:8e:7e:6c:99:
9c:d4:91:e7:d1:9a:9b:1f:ee:c7:93:45:7d:69:fa:79:19:cd:
10:b1:ef:d4:2c:bd:dd:f8:8b:c8:11:66:7c:b4:6d:d7:e5:b7:
23:86:7d:1a:c2:1c:38:6d:45:62:3d:92:bc:e9:4d:b2:ea:9b:
29:f3:db:cd:28:7b:92:05:69:03:86:72:6d:85:4e:3f:6f:d8:
76:35:73:07:28:85:99:61:31:16:68:ea:2f:cd:56:9c:f1:14:
7b:f4:0b:9a:33:bc:88:dc:c7:0c:d9:88:af:00:39:41:17:1c:
7a:ae:13:61:77:92:54:81:44:61:e9:2c:f0:11:0f:d8:15:dc:
6f:b6:07:9e:5f:a2:fb:aa:e5:0d:f5:67:b7:a3:30:45:1c:38:
2f:14:a4:1d:90:cf:a2:87:d9:73:f3:ca:f0:ab:b0:ae:b9:f5:
f9:2b:c1:8c:be:28:a8:de:6b:35:68:4e:34:8d:86:cb:1f:91:
82:0e:9d:40:b9:ff:f6:30:c3:1d:76:0b:90:79:3d:fc:aa:18:
69:4e:4d:a7:87:76:d9:14:78:51:4c:dd:75:d2:59:9e:8e:be:
41:9a:61:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQgaFD+hzS2jK367bBj+46vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE0MGM4NTAwOTM5YzJiZWFhNGJlMDUwZWRiZDFkYTg3MmU5YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx5eGsJ4ttLa2K5JaOJ0Np0T5TON
fbsV5jPLxaG7PKbNGN0S1YrkpaW1ixyfTtzlEmqPd7M/AZP1fvHsiNJHSWA1MFAc
IiMBeIrf6ZKDDXuOT2sZpRuevhSeDq4bkbnlwEv09aDZjJPKIEw1mphnNzrb6lqk
JnPHNeCmm93las9qNMwiWM2Zd44oYXTpKuriiz2vQxMaQ6Xs82eIU+eHB6EkwpoX
k+qhVfopEPtzpBrVEIhZdAa2KLwsSaJFiBfEoNbmb4ee8Xn6Gz+sQb4SAdqYdmQE
TJcyvBiAmFAgfvO5YqvkDkHr7WeHk3cpZc48gufKmxCnh7JivjT3R3A2WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKKkDIUAk5wr6qS+BQ7b0dqHLpoJMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvb3FRTWhRQ1RuQ3ZxcEw0RkR0dlIyb2N1bWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUfkAwQC
uX1UAwQCwQC0MA0EAgACMAcDBQMqBTNAMA0GCSqGSIb3DQEBCwUAA4IBAQCcXw9C
hMN45CHKuaQDupatDN4e5kjn2WFIveyKT2RhVo5+bJmc1JHn0ZqbH+7Hk0V9afp5
Gc0Qse/ULL3d+IvIEWZ8tG3X5bcjhn0awhw4bUViPZK86U2y6psp89vNKHuSBWkD
hnJthU4/b9h2NXMHKIWZYTEWaOovzVac8RR79AuaM7yI3McM2YivADlBFxx6rhNh
d5JUgURh6SzwEQ/YFdxvtgeeX6L7quUN9We3ozBFHDgvFKQdkM+ih9lz88rwq7Cu
ufX5K8GMviio3ms1aE40jYbLH5GCDp1Auf/2MMMddguQeT38qhhpTk2nh3bZFHhR
TN110lmejr5BmmGQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:01 2025 by rpki-client on console.sobornost.net