Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_OeKi_yD5avDtvuaSTcdco9fc6g.roa
File: _OeKi_yD5avDtvuaSTcdco9fc6g.roa (raw, json)
Hash identifier: 7nfi8Y+JUW8SegIfrUId/N3sFBYbhmgfEojmlkcVbJU=
Subject key identifier: FC:E7:8A:8B:FC:83:E5:AB:C3:B6:FB:9A:49:37:1D:72:8F:5F:73:A8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01961B6BCECA83AABE25F7A47F23F8373ED1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_OeKi_yD5avDtvuaSTcdco9fc6g.roa
Signing time: Wed 09 Apr 2025 16:39:32 +0000
ROA not before: Wed 09 Apr 2025 16:39:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63150
IP address blocks: 82.152.6.0/24 maxlen: 24
82.153.216.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
194.105.83.0/24 maxlen: 24
194.105.89.0/24 maxlen: 24
213.210.55.0/24 maxlen: 24
213.218.228.0/24 maxlen: 24
213.218.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:6b:ce:ca:83:aa:be:25:f7:a4:7f:23:f8:37:3e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 9 16:39:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fce78a8bfc83e5abc3b6fb9a49371d728f5f73a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:72:12:f4:b0:93:5f:dc:5e:5b:db:28:10:0a:
db:7a:30:d6:04:cf:31:de:99:a3:a1:9c:c6:05:a2:
8b:92:4b:ba:fe:01:a0:04:c0:a5:16:f3:be:2a:83:
ee:cd:fb:e7:f2:77:6c:d0:87:4d:de:64:cb:59:5a:
60:fc:e8:e0:2e:88:d7:e2:ad:41:6b:30:54:bb:52:
8f:53:2e:1b:b2:c1:58:7c:f6:4b:2f:6c:a7:9d:eb:
a3:f3:b3:77:ab:55:3f:1b:c9:a9:6c:8f:6c:d7:c6:
b8:27:2d:65:e9:f4:39:d4:08:ce:21:c1:06:6f:76:
33:57:ff:14:5f:52:36:1c:81:46:c6:65:24:ee:23:
a0:49:36:5e:1a:c5:e8:78:4d:ac:fe:28:fd:e3:6f:
ef:ce:8a:58:50:38:e1:2d:56:17:76:e3:02:00:d1:
1f:ab:c4:35:48:1c:bd:10:49:10:16:90:e1:ae:b4:
09:27:d5:62:78:56:7d:23:9f:9b:00:62:82:5e:db:
10:12:b7:f5:9c:8d:d9:f4:a1:f2:7b:40:13:b1:fe:
a5:71:9e:3b:f4:e3:d8:99:2b:f8:0d:29:46:99:e8:
0a:fe:e5:c8:24:12:42:e9:f6:34:60:c8:d1:e7:e3:
08:32:c7:bd:6b:1d:a8:c5:9c:6d:e7:80:9b:17:89:
a9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E7:8A:8B:FC:83:E5:AB:C3:B6:FB:9A:49:37:1D:72:8F:5F:73:A8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_OeKi_yD5avDtvuaSTcdco9fc6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.6.0/24
82.153.216.0/24
89.213.150.0/24
194.105.83.0/24
194.105.89.0/24
213.210.55.0/24
213.218.228.0/24
213.218.255.0/24
Signature Algorithm: sha256WithRSAEncryption
67:76:78:af:57:2f:86:84:54:17:8f:a0:54:ba:bc:8f:27:c5:
c8:97:6d:a6:6e:24:3b:b8:a0:d1:63:78:7d:72:23:b8:50:3b:
51:89:76:f3:1b:5d:72:79:c6:75:1d:32:c9:6d:e9:18:34:91:
6c:27:56:32:c1:a4:20:74:b5:9e:f2:96:1f:c3:07:93:c3:50:
0a:f5:dd:6b:1e:b4:c8:9d:f5:ae:cd:05:c9:ca:dc:f9:06:85:
b2:77:f1:25:9a:59:ce:3f:f1:7b:8c:66:4e:27:85:6f:70:8b:
c7:8d:3e:ad:c6:b8:bd:2c:eb:72:6d:96:a9:a5:e9:67:11:1f:
d2:d4:88:98:ac:f8:b8:44:c3:37:43:36:87:e1:9c:35:40:f1:
89:45:6f:7a:4a:ae:0f:b3:6d:45:a1:36:e5:a9:6d:02:a5:53:
46:67:85:0e:cc:0f:4c:f1:c8:b7:be:50:b1:31:40:da:2b:3a:
ae:a2:e6:18:8f:75:46:ca:41:61:ea:5e:97:68:b4:2e:63:9e:
1e:60:71:11:d9:d3:0b:90:a4:dc:5d:74:b4:0a:b8:02:41:16:
4c:75:5e:2e:54:2a:a1:43:bf:ae:65:02:25:7a:1e:a1:fd:d7:
68:79:6c:e0:b4:8f:42:d0:4e:4a:76:fd:3a:39:a0:0d:9c:1e:
09:12:b1:cb
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZYba87Kg6q+JfekfyP4Nz7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA5MTYzOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2U3OGE4YmZjODNlNWFiYzNiNmZiOWE0OTM3MWQ3MjhmNWY3M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXIS9LCTX9xeW9soEArbejDWBM8x
3pmjoZzGBaKLkku6/gGgBMClFvO+KoPuzfvn8nds0IdN3mTLWVpg/OjgLojX4q1B
azBUu1KPUy4bssFYfPZLL2ynneuj87N3q1U/G8mpbI9s18a4Jy1l6fQ51AjOIcEG
b3YzV/8UX1I2HIFGxmUk7iOgSTZeGsXoeE2s/ij942/vzopYUDjhLVYXduMCANEf
q8Q1SBy9EEkQFpDhrrQJJ9VieFZ9I5+bAGKCXtsQErf1nI3Z9KHye0ATsf6lcZ47
9OPYmSv4DSlGmegK/uXIJBJC6fY0YMjR5+MIMse9ax2oxZxt54CbF4mpeQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPzniov8g+Wrw7b7mkk3HXKPX3OoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX09lS2lfeUQ1YXZEdHZ1YVNUY2RjbzlmYzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpgGAwQA
UpnYAwQAWdWWAwQAwmlTAwQAwmlZAwQA1dI3AwQA1drkAwQA1dr/MA0GCSqGSIb3
DQEBCwUAA4IBAQBndnivVy+GhFQXj6BUuryPJ8XIl22mbiQ7uKDRY3h9ciO4UDtR
iXbzG11yecZ1HTLJbekYNJFsJ1YywaQgdLWe8pYfwweTw1AK9d1rHrTInfWuzQXJ
ytz5BoWyd/ElmlnOP/F7jGZOJ4VvcIvHjT6txri9LOtybZappelnER/S1IiYrPi4
RMM3QzaH4Zw1QPGJRW96Sq4Ps21FoTblqW0CpVNGZ4UOzA9M8ci3vlCxMUDaKzqu
ouYYj3VGykFh6l6XaLQuY54eYHER2dMLkKTcXXS0CrgCQRZMdV4uVCqhQ7+uZQIl
eh6h/ddoeWzgtI9C0E5Kdv06OaANnB4JErHL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:16 2025 by rpki-client on console.sobornost.net