Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/z839WIkF-YRPS5QNYpBIYDtN3Cw.roa
File: z839WIkF-YRPS5QNYpBIYDtN3Cw.roa (raw, json)
Hash identifier: zP6mCwiE2/gg1MEmkXLbZLBNeMsMnTOwcbXXhGjusFE=
Subject key identifier: CF:CD:FD:58:89:05:F9:84:4F:4B:94:0D:62:90:48:60:3B:4D:DC:2C
Certificate issuer: /CN=8da03e0d020efc944c1eebdaee5427d365b70076
Certificate serial: 019612619F67B150A3D49A6F3649CE92AC6F
Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/z839WIkF-YRPS5QNYpBIYDtN3Cw.roa
Signing time: Mon 07 Apr 2025 22:31:49 +0000
ROA not before: Mon 07 Apr 2025 22:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202561
IP address blocks: 109.224.242.0/24 maxlen: 24
185.200.36.0/22 maxlen: 24
185.200.36.0/24 maxlen: 24
185.200.37.0/24 maxlen: 24
185.200.38.0/24 maxlen: 24
185.200.39.0/24 maxlen: 24
198.145.118.0/24 maxlen: 24
198.145.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:12:61:9f:67:b1:50:a3:d4:9a:6f:36:49:ce:92:ac:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076
Validity
Not Before: Apr 7 22:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfcdfd588905f9844f4b940d629048603b4ddc2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:66:36:75:a0:c1:62:34:1a:23:36:5a:fc:
e0:52:bc:f1:64:4a:06:f6:f4:fe:22:5e:82:24:ed:
52:68:ae:64:26:16:b8:57:33:ff:23:76:9b:3e:2f:
5b:94:cb:85:31:58:09:a3:56:c3:ba:0a:79:5f:e9:
47:3e:81:13:dc:34:20:01:b6:07:ea:e0:f7:2a:d5:
36:10:b2:bf:58:39:6f:52:9d:3e:c0:c9:46:b8:d6:
49:28:23:94:48:07:30:0e:71:67:ab:38:7d:c9:09:
08:79:0b:7c:ba:6e:0f:6c:e6:60:7e:10:cf:a6:4e:
65:2a:9c:19:8f:37:37:a9:93:15:2a:bb:63:1e:2f:
80:33:bf:13:25:22:bf:f5:66:88:b7:01:e7:fb:d4:
ca:be:c5:7b:09:6c:e8:08:f2:66:b9:c6:28:81:9b:
a6:40:9d:5d:f8:f1:cf:3b:5d:1b:8e:d7:39:86:4d:
97:b8:d4:33:22:46:3a:cd:3e:53:50:ef:c8:aa:ae:
ea:14:1e:0e:bc:ec:25:71:9a:d4:81:48:0d:bf:ff:
cf:20:1b:24:b3:fb:37:cc:23:d2:d7:0c:4b:e6:6a:
37:98:81:17:93:9e:04:76:85:83:10:9c:a7:24:3a:
66:b3:a5:fd:7f:b9:8e:a4:05:5c:27:af:42:af:77:
94:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CD:FD:58:89:05:F9:84:4F:4B:94:0D:62:90:48:60:3B:4D:DC:2C
X509v3 Authority Key Identifier:
keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/z839WIkF-YRPS5QNYpBIYDtN3Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.242.0/24
185.200.36.0/22
198.145.118.0/23
Signature Algorithm: sha256WithRSAEncryption
36:7e:e4:5d:53:28:e1:93:81:21:b5:d8:ae:16:5b:70:16:c4:
0b:c7:ff:7d:c4:71:93:90:9d:e0:c1:be:0a:a9:8b:c3:a3:5a:
12:ec:3a:b6:9c:9c:7c:09:74:61:38:38:2c:23:18:b0:90:4f:
36:7e:3a:b0:da:f9:78:bd:d5:03:9b:9b:0a:8f:a8:46:c0:d1:
6b:02:23:91:df:bb:e8:ef:a4:ee:5f:36:23:b0:53:6a:38:66:
a2:4a:69:82:51:e0:65:06:62:8d:88:7f:70:78:c8:40:c7:cb:
0b:72:30:db:87:92:f6:5e:c1:48:79:a2:75:bc:89:28:87:d5:
97:cf:44:40:e0:46:37:0f:1e:c8:8f:37:70:a9:0c:e6:cb:09:
47:1c:8d:cd:8f:42:95:09:05:45:de:25:eb:84:2a:d0:0e:2b:
cf:37:65:f9:07:8d:a9:26:6d:b9:c2:8b:07:cb:e0:35:95:67:
08:6b:82:33:04:56:81:4f:9d:36:1b:e0:55:bb:5f:12:07:f4:
ba:93:44:db:6a:a0:16:2f:8a:b3:d2:46:8a:08:4c:7f:f4:8e:
fa:8f:01:1d:ff:00:cc:10:cc:41:8c:96:bb:44:e5:d4:97:bc:
c1:ed:f5:33:d1:d6:c0:fa:be:8f:5f:65:11:a5:36:63:12:3a:
47:d3:a8:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYSYZ9nsVCj1JpvNknOkqxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi
NzAwNzYwHhcNMjUwNDA3MjIzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNkZmQ1ODg5MDVmOTg0NGY0Yjk0MGQ2MjkwNDg2MDNiNGRkYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue9mNnWgwWI0GiM2WvzgUrzxZEoG
9vT+Il6CJO1SaK5kJha4VzP/I3abPi9blMuFMVgJo1bDugp5X+lHPoET3DQgAbYH
6uD3KtU2ELK/WDlvUp0+wMlGuNZJKCOUSAcwDnFnqzh9yQkIeQt8um4PbOZgfhDP
pk5lKpwZjzc3qZMVKrtjHi+AM78TJSK/9WaItwHn+9TKvsV7CWzoCPJmucYogZum
QJ1d+PHPO10bjtc5hk2XuNQzIkY6zT5TUO/Iqq7qFB4OvOwlcZrUgUgNv//PIBsk
s/s3zCPS1wxL5mo3mIEXk54EdoWDEJynJDpms6X9f7mOpAVcJ69Cr3eUOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM/N/ViJBfmET0uUDWKQSGA7TdwsMB8GA1UdIwQY
MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt
ZmI3ZDdkY2EzNGE3LzEvejgzOVdJa0YtWVJQUzVRTllwQklZRHROM0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3
LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDyAwQC
ucgkAwQBxpF2MA0GCSqGSIb3DQEBCwUAA4IBAQA2fuRdUyjhk4EhtdiuFltwFsQL
x/99xHGTkJ3gwb4KqYvDo1oS7Dq2nJx8CXRhODgsIxiwkE82fjqw2vl4vdUDm5sK
j6hGwNFrAiOR37vo76TuXzYjsFNqOGaiSmmCUeBlBmKNiH9weMhAx8sLcjDbh5L2
XsFIeaJ1vIkoh9WXz0RA4EY3Dx7IjzdwqQzmywlHHI3Nj0KVCQVF3iXrhCrQDivP
N2X5B42pJm25wosHy+A1lWcIa4IzBFaBT502G+BVu18SB/S6k0TbaqAWL4qz0kaK
CEx/9I76jwEd/wDMEMxBjJa7ROXUl7zB7fUz0dbA+r6PX2URpTZjEjpH06hO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:15 2025 by rpki-client on console.sobornost.net