Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/g8bJIfF739dpWrk-7QT4aTcvUGE.roa
File: g8bJIfF739dpWrk-7QT4aTcvUGE.roa (raw, json)
Hash identifier: SKJ7CL8rH8g+s+KCm+HZtsoz700tuvfd1R4IORTq3LQ=
Subject key identifier: 83:C6:C9:21:F1:7B:DF:D7:69:5A:B9:3E:ED:04:F8:69:37:2F:50:61
Certificate issuer: /CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Certificate serial: 0194236A540FF18E1A9B8F326D299AC649F3
Authority key identifier: 3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/g8bJIfF739dpWrk-7QT4aTcvUGE.roa
Signing time: Wed 01 Jan 2025 19:49:18 +0000
ROA not before: Wed 01 Jan 2025 19:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208684
IP address blocks: 45.89.112.0/22 maxlen: 22
91.230.168.0/24 maxlen: 24
91.230.188.0/24 maxlen: 24
91.231.47.0/24 maxlen: 24
91.231.89.0/24 maxlen: 24
2a0b:2640::/29 maxlen: 29
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:54:0f:f1:8e:1a:9b:8f:32:6d:29:9a:c6:49:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Validity
Not Before: Jan 1 19:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83c6c921f17bdfd7695ab93eed04f869372f5061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:99:3a:42:00:49:a1:d4:65:43:a5:f9:a5:
15:96:37:9f:05:e4:21:ef:40:41:58:c3:ea:b0:07:
d2:20:c1:df:09:7d:6f:e2:16:ec:2c:b9:6c:77:30:
0e:73:10:ae:13:e5:08:e3:c6:b0:89:29:9d:ea:1b:
9b:93:75:06:99:fe:3f:c7:4f:72:64:74:b9:8c:6e:
ca:f1:0c:3d:9a:d4:42:44:cf:13:5a:f0:98:75:48:
78:38:7f:68:b3:8b:de:75:6f:c8:da:1c:dd:15:73:
27:fc:6a:ed:38:f9:ce:50:de:67:65:b8:2b:a0:a8:
e3:43:85:9f:46:11:38:26:a1:dd:df:73:49:fd:28:
ff:4d:0d:c0:21:30:0c:79:62:d1:ca:20:94:de:13:
03:67:8c:24:62:da:a6:48:bf:05:07:86:10:08:9e:
45:aa:63:db:d1:df:ac:cf:1a:b4:3e:bd:39:b9:3d:
20:b4:70:fe:17:76:ce:cc:16:98:f9:5e:fb:8e:a3:
8d:10:7e:0c:e1:c5:4c:fe:07:3d:f0:cf:8c:b9:9c:
57:1f:0f:f6:41:1f:db:e9:7f:e8:74:70:6b:32:0c:
e8:d0:8c:35:73:ba:62:31:6f:c8:cd:8c:0d:a6:5c:
b7:43:37:2f:8d:7f:57:59:33:a3:71:f2:61:f2:2a:
3a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C6:C9:21:F1:7B:DF:D7:69:5A:B9:3E:ED:04:F8:69:37:2F:50:61
X509v3 Authority Key Identifier:
keyid:3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/g8bJIfF739dpWrk-7QT4aTcvUGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.112.0/22
91.230.168.0/24
91.230.188.0/24
91.231.47.0/24
91.231.89.0/24
IPv6:
2a0b:2640::/29
Signature Algorithm: sha256WithRSAEncryption
49:e4:df:fd:73:26:86:45:c7:76:bf:c5:29:47:d7:34:34:a4:
3d:ce:aa:f3:20:07:82:a4:f8:88:4c:e1:b7:86:eb:eb:1d:45:
79:27:55:ed:6d:4e:77:2a:c5:fd:4a:47:54:ee:cd:85:59:02:
c4:a1:3b:af:bb:1f:f0:64:42:82:a6:2e:47:39:f9:20:19:6d:
1f:12:2e:78:ad:47:6e:08:ba:7b:0c:ef:6a:13:07:d9:0d:13:
7b:e8:ac:23:b6:41:8e:71:73:e1:db:ac:1d:17:cc:bb:e5:bd:
5a:f0:88:9a:43:2f:06:7e:4d:fd:67:25:e7:05:58:28:da:36:
f6:49:10:35:4c:ee:2f:63:7d:a3:f0:70:0e:bf:8c:fa:89:cc:
b1:f4:58:33:67:68:50:aa:58:8c:bd:73:83:f4:7a:75:a4:0b:
13:c2:c3:60:2d:dd:93:fb:7c:87:d2:29:da:6d:c8:ee:24:9c:
f0:eb:d8:ab:70:0b:72:65:69:68:69:ee:75:34:e8:c5:6c:83:
0e:cd:81:1a:fd:1b:70:fd:c7:95:d3:e3:ef:08:28:a7:b1:2e:
4b:b4:10:72:8c:ac:9c:ff:29:c1:1e:c7:5c:2c:9e:40:e0:dd:
eb:58:92:4e:76:11:44:7d:c4:99:75:b1:56:30:8a:2a:e6:a4:
57:82:cd:c2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQjalQP8Y4am48ybSmaxknzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNDdmNzU3NTc0MTNjY2MxNzJkM2QxYjgyNmZhZTVhZTkz
ODVhMWIwHhcNMjUwMTAxMTk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M2YzkyMWYxN2JkZmQ3Njk1YWI5M2VlZDA0Zjg2OTM3MmY1MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE+ZOkIASaHUZUOl+aUVljefBeQh
70BBWMPqsAfSIMHfCX1v4hbsLLlsdzAOcxCuE+UI48awiSmd6hubk3UGmf4/x09y
ZHS5jG7K8Qw9mtRCRM8TWvCYdUh4OH9os4vedW/I2hzdFXMn/GrtOPnOUN5nZbgr
oKjjQ4WfRhE4JqHd33NJ/Sj/TQ3AITAMeWLRyiCU3hMDZ4wkYtqmSL8FB4YQCJ5F
qmPb0d+szxq0Pr05uT0gtHD+F3bOzBaY+V77jqONEH4M4cVM/gc98M+MuZxXHw/2
QR/b6X/odHBrMgzo0Iw1c7piMW/IzYwNply3QzcvjX9XWTOjcfJh8io6xQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIPGySHxe9/XaVq5Pu0E+Gk3L1BhMB8GA1UdIwQY
MBaAFD9H91dXQTzMFy09G4JvrlrpOFobMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQt
ZTE1NWFjYzZiODRlLzEvZzhiSklmRjczOWRwV3JrLTdRVDRhVGN2VUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQtZTE1NWFjYzZiODRl
LzEvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVlwAwQA
W+aoAwQAW+a8AwQAW+cvAwQAW+dZMA0EAgACMAcDBQMqCyZAMA0GCSqGSIb3DQEB
CwUAA4IBAQBJ5N/9cyaGRcd2v8UpR9c0NKQ9zqrzIAeCpPiITOG3huvrHUV5J1Xt
bU53KsX9SkdU7s2FWQLEoTuvux/wZEKCpi5HOfkgGW0fEi54rUduCLp7DO9qEwfZ
DRN76KwjtkGOcXPh26wdF8y75b1a8IiaQy8Gfk39ZyXnBVgo2jb2SRA1TO4vY32j
8HAOv4z6icyx9FgzZ2hQqliMvXOD9Hp1pAsTwsNgLd2T+3yH0inabcjuJJzw69ir
cAtyZWloae51NOjFbIMOzYEa/Rtw/ceV0+PvCCinsS5LtBByjKyc/ynBHsdcLJ5A
4N3rWJJOdhFEfcSZdbFWMIoq5qRXgs3C
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:27:49 2025 by rpki-client on console.sobornost.net