Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pc8S3vV3Qaw_L233sghZFcl2ors.roa
File: Pc8S3vV3Qaw_L233sghZFcl2ors.roa (raw, json)
Hash identifier: osIvdVoCk5YNdLxswmua8PurHDCjECXEZjJpzgMxdCI=
Subject key identifier: 3D:CF:12:DE:F5:77:41:AC:3F:2F:6D:F7:B2:08:59:15:C9:76:A2:BB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01960F44744116BFF299C82F4B2ECB0B6424
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pc8S3vV3Qaw_L233sghZFcl2ors.roa
Signing time: Mon 07 Apr 2025 08:01:06 +0000
ROA not before: Mon 07 Apr 2025 08:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:44:74:41:16:bf:f2:99:c8:2f:4b:2e:cb:0b:64:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 7 08:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dcf12def57741ac3f2f6df7b2085915c976a2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:45:48:26:d1:e9:15:67:e3:56:a1:e1:2d:9c:
8c:bf:77:7e:4b:04:e5:81:e6:9e:a2:6c:4a:2c:d9:
c9:b6:2d:5e:27:d3:c4:77:d7:21:81:62:1a:20:b3:
67:d7:94:ba:4b:32:61:9a:7f:8b:0b:81:2f:a4:d8:
0b:41:b1:3f:70:8b:0a:56:2d:68:af:6a:76:60:1d:
15:d7:f1:db:29:04:02:83:b5:0f:1c:be:12:d0:04:
ca:42:ae:55:f8:a1:0a:28:42:d4:0c:21:ed:1f:e2:
1c:77:de:88:43:73:53:f6:c7:d8:2d:9b:54:75:b6:
40:01:4f:d3:5b:63:ad:45:8c:d4:87:92:53:53:00:
1a:56:16:c0:d4:e6:15:0a:9a:a9:d6:f9:f3:5b:2c:
6d:1b:90:e9:34:56:c2:d7:01:4e:6f:6d:b9:8a:6f:
ec:3a:bb:b1:cc:a4:2d:1d:46:86:27:1f:d1:76:5d:
26:a5:0e:99:5a:79:7d:c7:13:a0:b5:7f:39:2b:53:
44:58:73:01:84:1e:f8:37:3a:36:5e:a0:4e:01:17:
9a:a2:fe:2d:36:09:fa:44:34:01:ac:ad:5b:7f:cd:
a1:2f:74:99:a1:bb:57:c2:b8:c6:f0:47:9d:88:58:
9f:a9:aa:0a:48:94:d2:90:dd:c2:d3:ab:7c:b3:3c:
ae:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CF:12:DE:F5:77:41:AC:3F:2F:6D:F7:B2:08:59:15:C9:76:A2:BB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pc8S3vV3Qaw_L233sghZFcl2ors.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
109.176.14.0/24
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:42:75:ed:50:25:4d:08:3f:4b:cd:8e:dc:eb:9c:8e:1e:a6:
27:4a:0b:b9:f1:f4:d0:d4:e4:a5:a0:84:2a:ba:ca:f7:c9:b0:
d1:0f:ca:ee:25:ac:bd:bb:2e:bd:ba:d7:05:b0:86:d6:f5:2b:
25:f7:b5:d0:a0:fa:2d:23:9f:f3:42:9c:02:4e:62:63:e8:7d:
0e:df:f7:d9:bf:28:02:a8:6f:cf:e6:cb:48:ab:22:49:3f:00:
80:3b:6b:ca:06:c5:c3:dc:ab:76:c4:f2:62:fd:49:02:62:be:
df:a1:f8:ae:5f:b7:21:76:c9:cf:9e:6d:aa:07:d6:2e:e1:bc:
18:02:fb:49:44:5d:36:d4:8f:56:1c:d5:88:5b:07:40:be:dd:
ac:4a:d7:63:a6:de:72:b9:9b:33:6e:61:62:2a:f6:0d:f7:43:
b3:46:4f:fd:e9:78:aa:28:f0:16:31:1a:70:bb:a7:e2:b6:25:
7d:34:ba:01:2f:b5:6a:42:1d:77:4c:db:01:07:a0:6e:0f:96:
1a:40:5e:9d:6d:5a:77:67:ef:e3:5a:8d:c2:0a:0b:8c:87:71:
71:19:9f:c5:26:b9:02:af:69:bd:35:28:09:c8:94:d0:f5:f8:
06:de:d2:08:04:af:00:e8:75:08:d9:ef:72:33:a5:05:ab:2c:
02:c5:c1:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZYPRHRBFr/ymcgvSy7LC2QkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA3MDgwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNmMTJkZWY1Nzc0MWFjM2YyZjZkZjdiMjA4NTkxNWM5NzZhMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40VIJtHpFWfjVqHhLZyMv3d+SwTl
geaeomxKLNnJti1eJ9PEd9chgWIaILNn15S6SzJhmn+LC4EvpNgLQbE/cIsKVi1o
r2p2YB0V1/HbKQQCg7UPHL4S0ATKQq5V+KEKKELUDCHtH+Icd96IQ3NT9sfYLZtU
dbZAAU/TW2OtRYzUh5JTUwAaVhbA1OYVCpqp1vnzWyxtG5DpNFbC1wFOb225im/s
OruxzKQtHUaGJx/Rdl0mpQ6ZWnl9xxOgtX85K1NEWHMBhB74Nzo2XqBOAReaov4t
Ngn6RDQBrK1bf82hL3SZobtXwrjG8EediFifqaoKSJTSkN3C06t8szyuAQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFD3PEt71d0GsPy9t97IIWRXJdqK7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUGM4UzN2VjNRYXdfTDIzM3NnaFpGY2wyb3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpiOAwQA
WdVoAwQAWdV7AwQAbbAOAwQA1CZRAwQB1dI0AwQA1drvAwQA2ZFLMA0GCSqGSIb3
DQEBCwUAA4IBAQA+QnXtUCVNCD9LzY7c65yOHqYnSgu58fTQ1OSloIQqusr3ybDR
D8ruJay9uy69utcFsIbW9Ssl97XQoPotI5/zQpwCTmJj6H0O3/fZvygCqG/P5stI
qyJJPwCAO2vKBsXD3Kt2xPJi/UkCYr7fofiuX7chdsnPnm2qB9Yu4bwYAvtJRF02
1I9WHNWIWwdAvt2sStdjpt5yuZszbmFiKvYN90OzRk/96XiqKPAWMRpwu6fitiV9
NLoBL7VqQh13TNsBB6BuD5YaQF6dbVp3Z+/jWo3CCguMh3FxGZ/FJrkCr2m9NSgJ
yJTQ9fgG3tIIBK8A6HUI2e9yM6UFqywCxcEp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:16 2025 by rpki-client on console.sobornost.net