Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/otPEIjukLSXBX1LNzA0kpJ-Qcfs.roa
File: otPEIjukLSXBX1LNzA0kpJ-Qcfs.roa (raw, json)
Hash identifier: s8s/CT+3vYo5BDl9VfuNpa4iWRnSeVvGtwmOw+eay5E=
Subject key identifier: A2:D3:C4:22:3B:A4:2D:25:C1:5F:52:CD:CC:0D:24:A4:9F:90:71:FB
Certificate issuer: /CN=d38579e4c7da01df0465186236e9af27eb7312ed
Certificate serial: 019595269A282CA68650EEB682F29156459E
Authority key identifier: D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/otPEIjukLSXBX1LNzA0kpJ-Qcfs.roa
Signing time: Fri 14 Mar 2025 14:54:49 +0000
ROA not before: Fri 14 Mar 2025 14:54:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28773
IP address blocks: 188.190.160.0/19 maxlen: 19
195.78.38.0/23 maxlen: 23
2001:67c:2ee4::/48 maxlen: 48
2001:3840::/29 maxlen: 29
2a13:e780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:26:9a:28:2c:a6:86:50:ee:b6:82:f2:91:56:45:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38579e4c7da01df0465186236e9af27eb7312ed
Validity
Not Before: Mar 14 14:54:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d3c4223ba42d25c15f52cdcc0d24a49f9071fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:99:77:17:66:2e:d2:08:94:a5:5a:2e:9c:8e:
ec:a7:7a:8e:9c:c8:20:79:4a:1c:47:f3:5e:c4:27:
d7:a6:8e:2f:10:99:b2:22:12:51:85:49:22:52:8a:
73:27:de:c4:e4:2e:a8:f6:3f:cc:d7:4b:5a:ed:98:
94:18:64:cf:09:26:2e:f0:a6:59:ab:1f:83:26:f2:
20:43:e7:e8:88:36:84:6e:e1:36:61:e9:a2:6e:55:
59:45:97:bd:75:eb:96:f4:f8:c0:65:af:83:a6:67:
79:77:fb:c2:30:3c:11:38:31:58:b6:67:5c:8b:08:
00:6b:70:5c:08:1c:6e:16:b7:70:e1:98:0e:ff:48:
f3:e8:79:1c:61:8d:0c:1a:e5:ac:c3:8a:eb:ca:94:
bc:7d:d4:08:ac:90:d6:4c:1f:db:bb:e0:cc:12:d2:
46:df:05:16:da:81:6b:07:04:93:19:1c:81:69:81:
3c:c8:e4:25:19:e9:34:ac:77:2f:8c:4f:06:fa:1f:
a6:0f:d3:8b:b2:f7:a6:97:0a:4e:fe:43:c3:6b:37:
2c:19:b0:41:b1:c2:66:3d:d1:80:0a:ca:9d:ee:a9:
6a:fc:16:43:53:6e:53:20:a0:04:95:21:0e:e0:e9:
4f:54:ff:4a:ef:36:4c:e2:d4:70:9d:ff:96:be:e9:
24:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D3:C4:22:3B:A4:2D:25:C1:5F:52:CD:CC:0D:24:A4:9F:90:71:FB
X509v3 Authority Key Identifier:
keyid:D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/otPEIjukLSXBX1LNzA0kpJ-Qcfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/04V55MfaAd8EZRhiNumvJ-tzEu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.160.0/19
195.78.38.0/23
IPv6:
2001:67c:2ee4::/48
2001:3840::/29
2a13:e780::/29
Signature Algorithm: sha256WithRSAEncryption
7b:ab:7f:61:3d:e5:0d:e2:8e:aa:21:d0:a7:43:b3:e4:c1:52:
ec:36:f7:4f:2e:4e:9a:14:15:62:c2:3d:66:01:68:ae:15:8e:
49:79:bf:9c:ac:51:8e:f1:8c:4b:a7:59:95:c5:ef:0b:b4:9f:
53:be:2a:f7:7e:8c:a5:dd:1d:17:ea:a6:1e:97:83:3a:b8:45:
2d:13:65:0d:14:8f:55:28:c9:1c:00:67:26:9d:69:75:39:c3:
87:b8:84:10:4c:d9:09:12:39:3f:41:4f:0c:56:9e:d1:f0:d9:
35:80:38:34:b3:e8:6d:70:3b:05:df:78:92:b4:0a:6e:55:75:
c6:d6:ae:57:73:ee:b9:b4:d3:bf:3d:69:43:2b:6a:c5:c3:cf:
55:a1:39:38:c4:f8:83:5f:64:e0:81:06:08:83:7f:4e:a6:cc:
ea:e5:1b:bd:e3:6a:b8:21:93:c3:a0:d2:23:04:01:9a:1c:5a:
32:44:37:48:4f:48:ed:35:fb:18:93:7f:87:87:f5:8f:9c:be:
b5:39:59:00:0e:28:1a:9b:4d:2c:cf:53:33:7f:5d:75:7f:2a:
e3:61:89:38:d9:05:91:56:8c:1e:36:ad:1c:a9:75:95:99:0d:
dd:1c:61:63:27:68:9f:55:4c:17:d3:ed:42:79:30:e0:34:6e:
1b:40:c3:ea
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZWVJpooLKaGUO62gvKRVkWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODU3OWU0YzdkYTAxZGYwNDY1MTg2MjM2ZTlhZjI3ZWI3
MzEyZWQwHhcNMjUwMzE0MTQ1NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQzYzQyMjNiYTQyZDI1YzE1ZjUyY2RjYzBkMjRhNDlmOTA3MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Jl3F2Yu0giUpVounI7sp3qOnMgg
eUocR/NexCfXpo4vEJmyIhJRhUkiUopzJ97E5C6o9j/M10ta7ZiUGGTPCSYu8KZZ
qx+DJvIgQ+foiDaEbuE2YemiblVZRZe9deuW9PjAZa+Dpmd5d/vCMDwRODFYtmdc
iwgAa3BcCBxuFrdw4ZgO/0jz6HkcYY0MGuWsw4rrypS8fdQIrJDWTB/bu+DMEtJG
3wUW2oFrBwSTGRyBaYE8yOQlGek0rHcvjE8G+h+mD9OLsvemlwpO/kPDazcsGbBB
scJmPdGACsqd7qlq/BZDU25TIKAElSEO4OlPVP9K7zZM4tRwnf+Wvukk4QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKLTxCI7pC0lwV9SzcwNJKSfkHH7MB8GA1UdIwQY
MBaAFNOFeeTH2gHfBGUYYjbpryfrcxLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTkt
YmQ0MDU0MTliMDBkLzEvb3RQRUlqdWtMU1hCWDFMTnpBMGtwSi1RY2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTktYmQ0MDU0MTliMDBk
LzEvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQFvL6gAwQB
w04mMB0EAgACMBcDBwAgAQZ8LuQDBQMgAThAAwUDKhPngDANBgkqhkiG9w0BAQsF
AAOCAQEAe6t/YT3lDeKOqiHQp0Oz5MFS7Db3Ty5OmhQVYsI9ZgForhWOSXm/nKxR
jvGMS6dZlcXvC7SfU74q936Mpd0dF+qmHpeDOrhFLRNlDRSPVSjJHABnJp1pdTnD
h7iEEEzZCRI5P0FPDFae0fDZNYA4NLPobXA7Bd94krQKblV1xtauV3PuubTTvz1p
QytqxcPPVaE5OMT4g19k4IEGCIN/TqbM6uUbveNquCGTw6DSIwQBmhxaMkQ3SE9I
7TX7GJN/h4f1j5y+tTlZAA4oGptNLM9TM39ddX8q42GJONkFkVaMHjatHKl1lZkN
3RxhYydon1VMF9PtQnkw4DRuG0DD6g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:09 2025 by rpki-client on console.sobornost.net