Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/MlEemWyYy35iJO6wD7wsZ8DTDWg.roa
File: MlEemWyYy35iJO6wD7wsZ8DTDWg.roa (raw, json)
Hash identifier: Ph9JaIidCgAU3KXkR2aEKEUbBhF5IEXuxEbJMztoM20=
Subject key identifier: 32:51:1E:99:6C:98:CB:7E:62:24:EE:B0:0F:BC:2C:67:C0:D3:0D:68
Certificate issuer: /CN=dbb653bbd1704c47bada62ab6ce3502307f244b6
Certificate serial: 019421442A4E6EBB31B9F052D6CE421DC521
Authority key identifier: DB:B6:53:BB:D1:70:4C:47:BA:DA:62:AB:6C:E3:50:23:07:F2:44:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27ZTu9FwTEe62mKrbONQIwfyRLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/MlEemWyYy35iJO6wD7wsZ8DTDWg.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34785
IP address blocks: 80.80.240.0/20 maxlen: 20
185.72.136.0/24 maxlen: 24
185.72.137.0/24 maxlen: 24
185.72.138.0/24 maxlen: 24
193.186.72.0/21 maxlen: 21
193.186.80.0/22 maxlen: 22
193.186.84.0/23 maxlen: 23
193.228.112.0/21 maxlen: 21
193.228.120.0/23 maxlen: 23
193.228.122.0/24 maxlen: 24
2a01:af80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2a:4e:6e:bb:31:b9:f0:52:d6:ce:42:1d:c5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb653bbd1704c47bada62ab6ce3502307f244b6
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32511e996c98cb7e6224eeb00fbc2c67c0d30d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dd:ea:4b:b7:8e:60:3e:75:f8:4d:9c:64:2e:
e2:5b:2b:0e:fc:14:fd:4e:ec:d8:3c:ce:33:be:70:
47:b6:bf:26:84:df:40:27:ae:c9:de:81:38:46:83:
a8:7d:a9:c4:25:79:39:37:38:c5:44:e7:12:3e:b7:
77:85:f0:d5:1b:68:9f:20:ab:ea:5b:10:a9:57:1d:
79:b9:3c:63:21:ae:d1:70:d1:07:e6:3e:f9:3e:f3:
92:99:93:f4:9d:42:50:c3:66:92:56:26:f6:77:2d:
10:b3:af:b8:b2:8f:94:0f:7b:93:0d:fd:c4:bb:07:
c5:e0:3c:71:74:64:40:79:ff:3c:4b:f8:f9:bf:9e:
8e:7d:22:3a:e6:ad:36:23:06:78:75:68:5e:19:d6:
c8:b8:d3:08:a9:1d:2c:6a:86:27:28:84:4d:71:6d:
d2:89:89:9e:83:f3:b4:ed:d6:3a:0c:10:e7:54:12:
5c:50:cc:0b:e1:17:4b:44:65:e8:a4:32:7b:08:d2:
55:2a:1b:84:51:8e:54:56:77:ec:df:19:f0:66:f2:
cc:a8:c8:ac:1c:fa:4c:d4:55:ec:b9:c9:74:13:36:
da:3f:c5:0e:76:c8:43:bc:af:dc:fa:3c:f3:a3:fe:
86:c1:01:8d:96:1b:01:fb:4b:4c:8a:14:ce:fe:5f:
e0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:51:1E:99:6C:98:CB:7E:62:24:EE:B0:0F:BC:2C:67:C0:D3:0D:68
X509v3 Authority Key Identifier:
keyid:DB:B6:53:BB:D1:70:4C:47:BA:DA:62:AB:6C:E3:50:23:07:F2:44:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27ZTu9FwTEe62mKrbONQIwfyRLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/MlEemWyYy35iJO6wD7wsZ8DTDWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/27ZTu9FwTEe62mKrbONQIwfyRLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.80.240.0/20
185.72.136.0-185.72.138.255
193.186.72.0-193.186.85.255
193.228.112.0-193.228.122.255
IPv6:
2a01:af80::/32
Signature Algorithm: sha256WithRSAEncryption
04:73:d7:d0:9f:ca:35:86:4d:59:1f:cc:38:c0:58:50:3c:ba:
7f:cf:17:b6:92:68:34:2d:62:23:82:0b:d3:31:ca:85:30:84:
ee:8b:96:8c:58:c1:d5:b2:09:d5:70:b4:5c:4b:c2:6f:46:4f:
f0:9d:71:a9:7f:d8:af:88:45:d1:6d:b4:31:ad:14:a1:5f:a7:
df:80:b1:b0:af:28:13:a2:b5:5d:89:ca:5c:54:5b:fb:67:9c:
c2:23:60:4f:66:e3:27:9f:64:ff:13:84:ff:ba:0d:0b:a1:db:
56:cf:62:c5:36:48:5f:f2:b9:6a:01:ef:54:83:d3:bf:2b:88:
f6:5f:c9:9b:cb:33:4e:ea:a1:84:5f:40:4c:c0:d8:4e:e8:21:
ef:24:65:a9:55:dc:25:fd:7b:7a:14:44:00:ae:db:0f:1b:b2:
d4:8d:e7:82:d6:6f:67:f6:78:1c:d9:64:fb:20:85:e5:12:da:
52:3b:ba:e2:1e:a3:e9:3b:52:bb:0a:22:85:a8:a8:90:f0:a4:
11:7e:95:c0:13:83:ae:05:5e:1c:71:72:18:1d:e1:7c:64:50:
7b:7a:d5:6c:14:1a:62:9d:b7:85:31:f8:51:9b:74:6a:5e:13:
c7:be:34:5b:e9:44:23:03:6f:f1:f0:cd:ee:c4:81:2d:73:3d:
77:37:e8:9e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQhRCpObrsxufBS1s5CHcUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjY1M2JiZDE3MDRjNDdiYWRhNjJhYjZjZTM1MDIzMDdm
MjQ0YjYwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjUxMWU5OTZjOThjYjdlNjIyNGVlYjAwZmJjMmM2N2MwZDMwZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd3qS7eOYD51+E2cZC7iWysO/BT9
TuzYPM4zvnBHtr8mhN9AJ67J3oE4RoOofanEJXk5NzjFROcSPrd3hfDVG2ifIKvq
WxCpVx15uTxjIa7RcNEH5j75PvOSmZP0nUJQw2aSVib2dy0Qs6+4so+UD3uTDf3E
uwfF4DxxdGRAef88S/j5v56OfSI65q02IwZ4dWheGdbIuNMIqR0saoYnKIRNcW3S
iYmeg/O07dY6DBDnVBJcUMwL4RdLRGXopDJ7CNJVKhuEUY5UVnfs3xnwZvLMqMis
HPpM1FXsucl0EzbaP8UOdshDvK/c+jzzo/6GwQGNlhsB+0tMihTO/l/gtQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDJRHplsmMt+YiTusA+8LGfA0w1oMB8GA1UdIwQY
MBaAFNu2U7vRcExHutpiq2zjUCMH8kS2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdaVHU5RndURWU2Mm1LcmJPTlFJd2Z5UkxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDYwZGYtYTZmNy00MTY2LWE5Mjkt
YTk4MGJlZDMzYWIwLzEvTWxFZW1XeVl5MzVpSk82d0Q3d3NaOERURFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MDYwZGYtYTZmNy00MTY2LWE5MjktYTk4MGJlZDMzYWIw
LzEvMjdaVHU5RndURWU2Mm1LcmJPTlFJd2Z5UkxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEUFDwMAwD
BAO5SIgDBAC5SIowDAMEA8G6SAMEAcG6VDAMAwQEweRwAwQAweR6MA0EAgACMAcD
BQAqAa+AMA0GCSqGSIb3DQEBCwUAA4IBAQAEc9fQn8o1hk1ZH8w4wFhQPLp/zxe2
kmg0LWIjggvTMcqFMITui5aMWMHVsgnVcLRcS8JvRk/wnXGpf9iviEXRbbQxrRSh
X6ffgLGwrygTorVdicpcVFv7Z5zCI2BPZuMnn2T/E4T/ug0LodtWz2LFNkhf8rlq
Ae9Ug9O/K4j2X8mbyzNO6qGEX0BMwNhO6CHvJGWpVdwl/Xt6FEQArtsPG7LUjeeC
1m9n9ngc2WT7IIXlEtpSO7riHqPpO1K7CiKFqKiQ8KQRfpXAE4OuBV4ccXIYHeF8
ZFB7etVsFBpinbeFMfhRm3RqXhPHvjRb6UQjA2/x8M3uxIEtcz13N+ie
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:09 2025 by rpki-client on console.sobornost.net