Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/SxFF3ZURcZJdwD8_1vGA3WdUL0g.roa
File: SxFF3ZURcZJdwD8_1vGA3WdUL0g.roa (raw, json)
Hash identifier: RJe7dDjJagaac3SQE7MDMwaxQL/mMnlWG9ytHOYHflM=
Subject key identifier: 4B:11:45:DD:95:11:71:92:5D:C0:3F:3F:D6:F1:80:DD:67:54:2F:48
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 01951E89809E6AB38E2B69C282B310C572C8
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/SxFF3ZURcZJdwD8_1vGA3WdUL0g.roa
Signing time: Wed 19 Feb 2025 14:08:02 +0000
ROA not before: Wed 19 Feb 2025 14:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21215
IP address blocks: 89.207.192.0/21 maxlen: 21
176.109.136.0/21 maxlen: 21
185.13.8.0/22 maxlen: 22
185.18.12.0/22 maxlen: 22
185.81.60.0/22 maxlen: 22
213.244.208.0/20 maxlen: 20
2a03:dd80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:89:80:9e:6a:b3:8e:2b:69:c2:82:b3:10:c5:72:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Feb 19 14:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b1145dd951171925dc03f3fd6f180dd67542f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:26:b4:87:e3:8c:2b:6e:d4:ef:2a:20:b4:fa:
c8:04:82:fd:dc:f7:7d:46:29:e8:f7:62:a2:e2:5a:
9c:fd:9b:94:ac:b8:23:30:51:6d:13:8f:d4:56:2d:
79:4b:50:ac:13:ab:0b:de:8d:c3:50:2e:80:a4:f2:
44:a8:64:7a:c5:ce:6f:d0:45:44:66:ee:0e:b6:e5:
12:b6:e2:4c:d1:f4:81:a6:f3:3c:2a:32:66:aa:f6:
d0:55:f3:36:3a:ec:28:12:96:6e:00:d8:9e:d7:52:
2a:7e:12:9a:fa:31:9d:66:2e:a2:80:c2:f4:ba:b9:
ad:af:8d:3e:72:67:36:de:6e:ba:23:b2:0a:8e:39:
cf:a8:0d:46:4c:73:18:70:91:26:12:bc:cf:d6:ec:
a3:cd:b0:57:57:83:79:14:23:0a:d4:07:f0:5b:1f:
d0:30:f6:0a:11:b4:ac:f6:ea:41:a5:97:bf:88:92:
47:bf:75:f2:f4:71:e6:45:fd:e0:8b:6b:ce:20:e6:
23:70:89:c1:d2:ec:96:b5:39:0f:bb:ae:ad:86:31:
3c:fc:b5:16:59:72:9b:8b:fe:08:65:64:6e:fe:94:
3f:59:9b:90:ea:45:3f:c3:1d:0f:12:3d:ee:24:7b:
31:4a:e7:33:ab:70:4e:d3:08:f5:1e:bb:96:ee:c7:
93:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:11:45:DD:95:11:71:92:5D:C0:3F:3F:D6:F1:80:DD:67:54:2F:48
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/SxFF3ZURcZJdwD8_1vGA3WdUL0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.192.0/21
176.109.136.0/21
185.13.8.0/22
185.18.12.0/22
185.81.60.0/22
213.244.208.0/20
IPv6:
2a03:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
ac:06:d5:3b:a9:04:25:6e:9e:77:ed:18:6a:50:cb:24:76:fd:
eb:8f:96:ba:c3:98:be:53:3a:59:17:ef:84:e5:c9:6a:6b:f2:
e4:50:f7:4f:34:bc:d6:25:1a:4d:01:9b:3c:23:23:fa:c8:4a:
7b:36:20:8b:8e:d1:ed:c4:c9:42:67:0f:cc:59:f2:8a:ff:22:
fb:68:b0:80:c2:ac:10:73:60:ec:21:ad:02:d7:3d:53:3e:d2:
ae:b5:78:86:8b:62:32:cc:c6:dc:91:01:52:ad:91:30:39:72:
0d:0a:96:17:65:3b:70:ba:3d:5f:ca:93:9e:18:c8:8b:02:70:
08:b5:8a:33:04:ce:8a:91:59:c0:2f:3e:56:25:fe:ce:59:9e:
2a:32:01:ea:b4:a4:9a:09:63:54:2f:bb:f7:33:59:64:cf:63:
7d:4c:1e:f1:96:d3:28:5e:16:cf:cf:cb:51:64:ba:09:65:1c:
c9:ef:2b:1c:7b:e1:8b:3d:f3:a2:42:89:ed:f6:5b:86:9e:bd:
19:55:a6:17:b8:26:5b:4d:1e:8a:54:72:ed:44:09:bf:5c:fa:
57:02:7d:3d:37:a9:9e:82:6c:37:bd:98:60:c3:b5:8d:3f:8e:
c0:df:4e:38:7a:33:0b:50:0e:a4:26:27:64:8c:37:92:76:e1:
8e:3c:5e:ea
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZUeiYCearOOK2nCgrMQxXLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjUwMjE5MTQwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjExNDVkZDk1MTE3MTkyNWRjMDNmM2ZkNmYxODBkZDY3NTQyZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArya0h+OMK27U7yogtPrIBIL93Pd9
Rino92Ki4lqc/ZuUrLgjMFFtE4/UVi15S1CsE6sL3o3DUC6ApPJEqGR6xc5v0EVE
Zu4OtuUStuJM0fSBpvM8KjJmqvbQVfM2OuwoEpZuANie11IqfhKa+jGdZi6igML0
urmtr40+cmc23m66I7IKjjnPqA1GTHMYcJEmErzP1uyjzbBXV4N5FCMK1AfwWx/Q
MPYKEbSs9upBpZe/iJJHv3Xy9HHmRf3gi2vOIOYjcInB0uyWtTkPu66thjE8/LUW
WXKbi/4IZWRu/pQ/WZuQ6kU/wx0PEj3uJHsxSuczq3BO0wj1HruW7seTMwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEsRRd2VEXGSXcA/P9bxgN1nVC9IMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvU3hGRjNaVVJjWkpkd0Q4XzF2R0EzV2RVTDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDWc/AAwQD
sG2IAwQCuQ0IAwQCuRIMAwQCuVE8AwQE1fTQMA0EAgACMAcDBQMqA92AMA0GCSqG
SIb3DQEBCwUAA4IBAQCsBtU7qQQlbp537RhqUMskdv3rj5a6w5i+UzpZF++E5clq
a/LkUPdPNLzWJRpNAZs8IyP6yEp7NiCLjtHtxMlCZw/MWfKK/yL7aLCAwqwQc2Ds
Ia0C1z1TPtKutXiGi2IyzMbckQFSrZEwOXINCpYXZTtwuj1fypOeGMiLAnAItYoz
BM6KkVnALz5WJf7OWZ4qMgHqtKSaCWNUL7v3M1lkz2N9TB7xltMoXhbPz8tRZLoJ
ZRzJ7ysce+GLPfOiQont9luGnr0ZVaYXuCZbTR6KVHLtRAm/XPpXAn09N6megmw3
vZhgw7WNP47A3044ejMLUA6kJidkjDeSduGOPF7q
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net