Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/jZ-iWdGvM8JTsiPfN0LIjD-McJg.roa
File: jZ-iWdGvM8JTsiPfN0LIjD-McJg.roa (raw, json)
Hash identifier: 1Rpz6sUXeNzQZ4QBkzsfGq+IVU+jtmAAmBN7p3vBuLY=
Subject key identifier: 8D:9F:A2:59:D1:AF:33:C2:53:B2:23:DF:37:42:C8:8C:3F:8C:70:98
Certificate issuer: /CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Certificate serial: 0196145495852B3B44AB965D6C8E34BDF46C
Authority key identifier: 43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/jZ-iWdGvM8JTsiPfN0LIjD-McJg.roa
Signing time: Tue 08 Apr 2025 07:36:49 +0000
ROA not before: Tue 08 Apr 2025 07:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39498
IP address blocks: 146.19.127.0/24 maxlen: 24
185.122.244.0/22 maxlen: 24
185.122.244.0/23 maxlen: 23
185.122.244.0/24 maxlen: 24
185.122.245.0/24 maxlen: 24
185.122.246.0/23 maxlen: 23
185.122.247.0/24 maxlen: 24
2a0d:6700::/29 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:54:95:85:2b:3b:44:ab:96:5d:6c:8e:34:bd:f4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Validity
Not Before: Apr 8 07:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d9fa259d1af33c253b223df3742c88c3f8c7098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:8c:1b:58:85:4d:f7:39:1c:23:a3:41:e7:
ef:85:b9:f5:dd:f2:49:8e:7f:b3:92:32:08:fc:e4:
dd:8c:aa:56:b2:09:38:b1:2b:07:23:d9:e0:2b:6e:
61:39:6d:5b:e9:d8:d7:11:9d:64:b4:a7:9e:d1:c3:
bb:09:d8:a6:a7:33:b4:77:a5:e5:ee:14:4d:fd:d5:
c2:b1:f8:e4:c6:98:46:c2:67:6d:97:06:59:f9:e3:
34:c7:81:6a:6e:61:4f:b3:68:9e:a9:ad:fd:98:82:
0b:a6:90:76:ec:3c:2f:9d:bd:47:1a:62:10:c1:a9:
e2:29:9a:bc:d0:0a:0d:94:10:a8:f3:ae:6f:00:6e:
c9:fc:d4:86:27:7f:bd:d1:e1:be:b8:0d:91:77:52:
f2:f6:c5:80:9a:03:21:92:67:35:66:01:d6:92:76:
9f:4f:0d:f8:53:04:28:cf:d5:14:e9:be:a7:f1:a4:
a4:c6:6d:62:c2:e2:f6:4f:fd:97:2a:ee:26:78:f5:
37:f8:64:69:7e:a5:09:f7:bf:7d:0e:fb:e2:f6:19:
34:ed:22:97:0c:85:ab:42:2f:6f:11:ad:42:ec:83:
d5:9a:d8:7e:a6:37:2f:f4:de:af:8b:fe:27:ab:7d:
18:28:97:b1:a0:c8:a1:06:a8:96:2d:78:df:b7:12:
67:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9F:A2:59:D1:AF:33:C2:53:B2:23:DF:37:42:C8:8C:3F:8C:70:98
X509v3 Authority Key Identifier:
keyid:43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/jZ-iWdGvM8JTsiPfN0LIjD-McJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.127.0/24
185.122.244.0/22
IPv6:
2a0d:6700::/29
Signature Algorithm: sha256WithRSAEncryption
45:74:12:69:50:d8:e6:b0:21:02:0f:ba:98:87:28:52:3d:cb:
55:fc:65:1d:e7:88:d3:60:8e:0e:73:c2:4e:38:25:35:d3:09:
af:27:ed:92:47:51:c3:61:36:71:a0:03:c7:e9:77:4d:ff:fd:
81:7c:fc:9d:33:c8:a0:fb:b2:2c:00:db:7f:93:39:2c:65:9a:
af:67:66:bf:d0:a4:8c:ad:52:26:63:90:b4:c0:87:bc:91:37:
4d:67:4e:e5:00:fb:0a:9d:9a:5d:9e:40:02:84:9f:4a:fa:33:
97:3d:cb:f1:32:a3:50:79:be:b7:d0:e4:fc:5b:af:9b:3c:e4:
a6:2b:3f:82:4a:a6:95:d0:3b:28:bb:39:c7:1c:54:d4:80:3a:
d4:53:01:83:13:c2:3e:e8:6b:17:88:ad:83:42:f6:84:41:57:
8f:6d:08:37:84:6a:6f:63:c6:2c:19:73:7b:46:cb:a9:e7:45:
0f:76:34:39:75:8e:86:ce:00:a0:9f:48:42:fa:aa:ee:fd:e0:
da:a3:f3:b4:2d:18:95:71:fe:54:a7:b1:e6:11:47:cc:b3:9a:
34:77:0c:cc:0f:28:e1:ad:20:c8:ac:9d:17:9c:fb:08:8d:68:
30:16:fd:41:65:63:7a:f0:b5:f3:35:66:89:c1:08:0e:73:ec:
f4:ee:97:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZYUVJWFKztEq5ZdbI40vfRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmVmZTE2ZWM2YzAwZmQ0NWI1ZDkxOGQ5YjE3MmFjZDBh
NThkOTYwHhcNMjUwNDA4MDczNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDlmYTI1OWQxYWYzM2MyNTNiMjIzZGYzNzQyYzg4YzNmOGM3MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9qMG1iFTfc5HCOjQefvhbn13fJJ
jn+zkjII/OTdjKpWsgk4sSsHI9ngK25hOW1b6djXEZ1ktKee0cO7CdimpzO0d6Xl
7hRN/dXCsfjkxphGwmdtlwZZ+eM0x4FqbmFPs2ieqa39mIILppB27Dwvnb1HGmIQ
waniKZq80AoNlBCo865vAG7J/NSGJ3+90eG+uA2Rd1Ly9sWAmgMhkmc1ZgHWknaf
Tw34UwQoz9UU6b6n8aSkxm1iwuL2T/2XKu4mePU3+GRpfqUJ9799Dvvi9hk07SKX
DIWrQi9vEa1C7IPVmth+pjcv9N6vi/4nq30YKJexoMihBqiWLXjftxJn2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI2folnRrzPCU7Ij3zdCyIw/jHCYMB8GA1UdIwQY
MBaAFEMu/hbsbAD9RbXZGNmxcqzQpY2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWIt
ZjM4OWE1MjY5ZmIyLzEvalotaVdkR3ZNOEpUc2lQZk4wTElqRC1NY0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWItZjM4OWE1MjY5ZmIy
LzEvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAkhN/AwQC
uXr0MA0EAgACMAcDBQMqDWcAMA0GCSqGSIb3DQEBCwUAA4IBAQBFdBJpUNjmsCEC
D7qYhyhSPctV/GUd54jTYI4Oc8JOOCU10wmvJ+2SR1HDYTZxoAPH6XdN//2BfPyd
M8ig+7IsANt/kzksZZqvZ2a/0KSMrVImY5C0wIe8kTdNZ07lAPsKnZpdnkAChJ9K
+jOXPcvxMqNQeb630OT8W6+bPOSmKz+CSqaV0DsouznHHFTUgDrUUwGDE8I+6GsX
iK2DQvaEQVePbQg3hGpvY8YsGXN7Rsup50UPdjQ5dY6GzgCgn0hC+qru/eDao/O0
LRiVcf5Up7HmEUfMs5o0dwzMDyjhrSDIrJ0XnPsIjWgwFv1BZWN68LXzNWaJwQgO
c+z07pf4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net