Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/IR58hW2pF2dLJCna8uyvYq_VZMM.roa
File: IR58hW2pF2dLJCna8uyvYq_VZMM.roa (raw, json)
Hash identifier: ac2RbFn+3ptdCI7LDC+sf8voL9sYZa7XS3mEnBJ7haQ=
Subject key identifier: 21:1E:7C:85:6D:A9:17:67:4B:24:29:DA:F2:EC:AF:62:AF:D5:64:C3
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 0195D82B95A63CB5076FEB2C94C8BE0C72E6
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/IR58hW2pF2dLJCna8uyvYq_VZMM.roa
Signing time: Thu 27 Mar 2025 15:14:49 +0000
ROA not before: Thu 27 Mar 2025 15:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
87.236.32.0/24 maxlen: 24
95.175.141.0/24 maxlen: 24
202.14.113.0/24 maxlen: 24
203.33.38.0/24 maxlen: 24
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:a1::/48 maxlen: 48
2a0e:bb81:b1::/48 maxlen: 48
2a0e:bb81:b2::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:2b:95:a6:3c:b5:07:6f:eb:2c:94:c8:be:0c:72:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Mar 27 15:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=211e7c856da917674b2429daf2ecaf62afd564c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:08:eb:51:8d:9d:9d:29:b3:48:8e:2e:f2:
29:bd:22:95:30:96:d7:78:d8:2f:eb:4c:65:b2:3c:
83:b0:6e:24:a0:2a:64:6a:ed:9b:1f:14:cc:a6:4a:
7a:a8:f6:c8:5f:26:5c:df:39:6d:7f:43:9e:66:98:
3e:a4:29:ea:b5:db:a0:44:fc:9a:82:05:ed:a3:10:
06:1b:fb:0f:da:7f:1d:40:5b:f9:2f:0a:4d:42:b5:
6c:8f:ea:e3:b5:df:88:68:55:19:1c:ed:87:03:53:
0d:9b:45:e2:bc:0d:1d:ad:c9:b8:13:2c:60:32:29:
e8:3d:4b:48:b2:c3:ce:86:d0:fd:f4:97:cb:30:b4:
f3:22:a9:a3:6c:e1:84:9d:5a:ab:4c:56:9b:6e:75:
92:28:1c:3f:1c:d1:4b:7f:6e:0a:e4:dc:8d:b0:8a:
3b:4d:83:c8:b0:e3:c1:70:99:4b:14:8a:00:cb:3a:
28:77:bd:b6:b5:1a:ce:3c:e5:e5:b5:fd:cc:38:4e:
68:ab:bb:d8:a0:50:f7:d4:9a:e1:f0:d5:cd:b8:98:
c5:e7:88:d4:13:a4:cc:39:1b:ea:2a:a1:7a:57:e9:
d1:b8:7b:80:79:0e:86:67:87:d5:2e:97:b3:92:9a:
76:b3:e1:f7:0d:1b:dc:71:0e:4f:51:85:de:46:84:
18:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1E:7C:85:6D:A9:17:67:4B:24:29:DA:F2:EC:AF:62:AF:D5:64:C3
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/IR58hW2pF2dLJCna8uyvYq_VZMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
87.236.32.0/24
95.175.141.0/24
202.14.113.0/24
203.33.38.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:a1::/48
2a0e:bb81:b1::-2a0e:bb81:b2:ffff:ffff:ffff:ffff:ffff
2a0e:bb81:1000::/48
Signature Algorithm: sha256WithRSAEncryption
9b:2e:38:c1:40:a6:e8:c2:94:57:28:a6:4a:4f:17:c2:94:9b:
9d:e1:cf:30:69:4e:df:9a:b2:d2:aa:b2:42:b3:6e:b7:55:8c:
71:78:1f:7f:1c:3e:91:ee:3b:e3:83:53:45:13:5d:26:04:16:
25:36:8e:c7:7a:90:a2:ad:26:db:95:0f:a7:fd:50:69:31:9a:
2e:8e:53:fa:1a:05:66:54:bb:6f:c8:be:85:df:01:06:4f:19:
96:11:42:ef:52:13:69:83:e6:20:7c:23:f9:ff:79:11:e4:c9:
4d:7f:4d:e4:0a:ec:97:4a:cb:f5:65:7a:ae:bf:79:c9:be:cc:
43:13:1d:70:66:c3:c1:e0:3a:79:49:54:94:14:39:db:50:c4:
21:bf:9c:f4:9a:d9:a2:de:40:4f:7a:18:f4:24:fb:ad:40:25:
3e:b1:13:3c:3e:8d:67:6a:9a:59:59:9b:9a:cb:c2:24:2a:b5:
f4:67:69:b3:a6:df:08:71:54:45:0d:02:45:21:e0:42:a4:63:
ec:62:16:93:e9:cf:f1:0b:ee:5e:e8:03:3e:5c:c5:58:79:fc:
72:e0:5f:6d:2e:6f:e3:2b:dd:91:79:4a:c1:01:96:e8:47:75:
38:e7:8f:b8:d5:eb:83:47:e9:66:bd:b2:72:50:f2:07:4f:d0:
91:ee:f5:82
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZXYK5WmPLUHb+sslMi+DHLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjUwMzI3MTUxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFlN2M4NTZkYTkxNzY3NGIyNDI5ZGFmMmVjYWY2MmFmZDU2NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjMI61GNnZ0ps0iOLvIpvSKVMJbX
eNgv60xlsjyDsG4koCpkau2bHxTMpkp6qPbIXyZc3zltf0OeZpg+pCnqtdugRPya
ggXtoxAGG/sP2n8dQFv5LwpNQrVsj+rjtd+IaFUZHO2HA1MNm0XivA0drcm4Eyxg
MinoPUtIssPOhtD99JfLMLTzIqmjbOGEnVqrTFabbnWSKBw/HNFLf24K5NyNsIo7
TYPIsOPBcJlLFIoAyzood722tRrOPOXltf3MOE5oq7vYoFD31Jrh8NXNuJjF54jU
E6TMORvqKqF6V+nRuHuAeQ6GZ4fVLpezkpp2s+H3DRvccQ5PUYXeRoQYTQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFCEefIVtqRdnSyQp2vLsr2Kv1WTDMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvSVI1OGhXMnBGMmRMSkNuYTh1eXZZcV9WWk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAkBAIAATAeAwQALVVJAwQA
V+wgAwQAX6+NAwQAyg5xAwQAyyEmMDUEAgACMC8DBwAqDruBAAADBwAqDruBAKEw
EgMHACoOu4EAsQMHACoOu4EAsgMHACoOu4EQADANBgkqhkiG9w0BAQsFAAOCAQEA
my44wUCm6MKUVyimSk8XwpSbneHPMGlO35qy0qqyQrNut1WMcXgffxw+ke4744NT
RRNdJgQWJTaOx3qQoq0m25UPp/1QaTGaLo5T+hoFZlS7b8i+hd8BBk8ZlhFC71IT
aYPmIHwj+f95EeTJTX9N5Arsl0rL9WV6rr95yb7MQxMdcGbDweA6eUlUlBQ521DE
Ib+c9JrZot5AT3oY9CT7rUAlPrETPD6NZ2qaWVmbmsvCJCq19Gdps6bfCHFURQ0C
RSHgQqRj7GIWk+nP8QvuXugDPlzFWHn8cuBfbS5v4yvdkXlKwQGW6Ed1OOePuNXr
g0fpZr2yclDyB0/Qke71gg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net