Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/etJJULXuEpA4QGWaRQ6bhvJFlYY.roa
File: etJJULXuEpA4QGWaRQ6bhvJFlYY.roa (raw, json)
Hash identifier: bLfeWna6CHVgTNdnQXDkU5zoQ0SXs8EuETZb9amfVlo=
Subject key identifier: 7A:D2:49:50:B5:EE:12:90:38:40:65:9A:45:0E:9B:86:F2:45:95:86
Certificate issuer: /CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Certificate serial: 019427488A9FFF88517DB8DB81C07040DDB8
Authority key identifier: 04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/etJJULXuEpA4QGWaRQ6bhvJFlYY.roa
Signing time: Thu 02 Jan 2025 13:50:52 +0000
ROA not before: Thu 02 Jan 2025 13:50:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39104
IP address blocks: 158.255.64.0/21 maxlen: 21
185.8.28.0/22 maxlen: 22
185.189.156.0/22 maxlen: 22
185.234.80.0/22 maxlen: 22
195.60.188.0/23 maxlen: 23
195.110.12.0/23 maxlen: 23
2a03:c580::/32 maxlen: 32
2a0d:700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:8a:9f:ff:88:51:7d:b8:db:81:c0:70:40:dd:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Validity
Not Before: Jan 2 13:50:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ad24950b5ee12903840659a450e9b86f2459586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:79:a4:a7:b7:7a:7d:f5:b9:43:ef:f0:74:7e:
66:3b:38:8e:f5:00:f9:ff:8b:07:02:af:49:d3:6d:
c8:47:c7:94:5f:20:6c:6b:57:e9:c4:13:7d:70:2f:
2c:53:22:ef:e4:93:6a:8a:b4:d5:49:a6:02:92:f4:
29:a3:78:fa:a1:41:a6:05:9d:60:48:04:4c:05:75:
03:09:a1:ea:d2:c8:34:e5:31:83:49:06:ef:25:71:
1d:bc:e1:85:0a:c7:ef:07:1d:5e:21:b5:0a:cd:df:
0d:ef:89:51:5a:fa:13:27:7e:59:5f:3e:98:71:e8:
51:a4:ea:d2:f2:b7:a7:4a:b3:e1:fd:a1:87:4c:1f:
39:7d:3b:25:a3:95:c8:0d:01:f1:ca:c5:6f:66:3b:
03:be:83:c1:a8:04:94:81:d9:5e:98:53:ae:ec:17:
75:60:d9:55:e4:de:ee:0d:86:39:ab:73:dd:e9:43:
15:fa:74:2f:82:71:e2:55:68:82:f7:12:a7:e0:2e:
c2:ca:13:87:c4:1f:b0:40:82:80:30:41:4c:42:6a:
c6:5a:13:e8:8d:24:bc:85:9b:85:a2:9d:3f:38:f3:
34:04:b5:a6:ae:b8:a0:ce:b7:08:9e:6b:c0:cf:4c:
de:01:5a:ea:51:b3:40:9f:9d:f2:b4:f1:50:07:21:
ba:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D2:49:50:B5:EE:12:90:38:40:65:9A:45:0E:9B:86:F2:45:95:86
X509v3 Authority Key Identifier:
keyid:04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/etJJULXuEpA4QGWaRQ6bhvJFlYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.64.0/21
185.8.28.0/22
185.189.156.0/22
185.234.80.0/22
195.60.188.0/23
195.110.12.0/23
IPv6:
2a03:c580::/32
2a0d:700::/29
Signature Algorithm: sha256WithRSAEncryption
31:17:c8:da:d7:70:93:17:68:eb:7e:02:47:82:0f:8c:9b:3c:
46:60:7e:04:24:35:40:00:31:79:8d:1a:8d:6b:c6:ea:63:da:
71:41:7a:02:4c:1c:95:dd:ab:5a:ce:83:e3:ac:a8:f9:4b:10:
8f:95:7b:05:80:bf:8c:ee:12:13:b0:e5:51:31:14:ee:a0:6d:
15:c5:bf:f6:34:4b:70:e0:85:dd:fe:84:21:ad:c7:90:8b:8d:
f2:57:94:d6:96:f2:c6:bc:d8:81:59:4a:44:07:1f:2f:cc:95:
2c:4b:a0:98:2f:fc:4e:82:21:b9:7f:ff:97:d0:56:20:14:bf:
56:76:59:4f:b3:bd:a6:8e:de:4b:98:a8:53:07:f6:5e:9a:b2:
7a:89:41:92:93:88:4a:7e:6e:0d:cf:df:b5:01:0b:03:10:4d:
2b:db:be:00:a5:9e:8d:2f:30:07:91:43:de:dd:63:25:67:aa:
f1:ee:41:14:1c:45:43:48:bd:9e:57:3c:83:a0:35:dc:a2:66:
75:4b:6d:03:8e:b6:6d:a2:77:cb:19:9b:50:30:8c:19:85:08:
f1:c0:4c:e8:39:d3:b9:3c:8d:03:c3:1c:e3:f7:81:f5:70:09:
54:b8:68:8a:89:e4:fd:85:33:59:8d:28:1c:35:d2:10:3c:6a:
c9:3d:cd:91
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQnSIqf/4hRfbjbgcBwQN24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjRjMTE2NTgxOGE0MzJmNzk3YzhkZGY0YjUzMDdiMWU1
YWVmNzQwHhcNMjUwMTAyMTM1MDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQyNDk1MGI1ZWUxMjkwMzg0MDY1OWE0NTBlOWI4NmYyNDU5NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3mkp7d6ffW5Q+/wdH5mOziO9QD5
/4sHAq9J023IR8eUXyBsa1fpxBN9cC8sUyLv5JNqirTVSaYCkvQpo3j6oUGmBZ1g
SARMBXUDCaHq0sg05TGDSQbvJXEdvOGFCsfvBx1eIbUKzd8N74lRWvoTJ35ZXz6Y
cehRpOrS8renSrPh/aGHTB85fTslo5XIDQHxysVvZjsDvoPBqASUgdlemFOu7Bd1
YNlV5N7uDYY5q3Pd6UMV+nQvgnHiVWiC9xKn4C7CyhOHxB+wQIKAMEFMQmrGWhPo
jSS8hZuFop0/OPM0BLWmrrigzrcInmvAz0zeAVrqUbNAn53ytPFQByG62wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHrSSVC17hKQOEBlmkUOm4byRZWGMB8GA1UdIwQY
MBaAFAQkwRZYGKQy95fI3fS1MHseWu90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTkt
YzMzOWNjYWYzYTFlLzEvZXRKSlVMWHVFcEE0UUdXYVJRNmJodkpGbFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTktYzMzOWNjYWYzYTFl
LzEvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDnv9AAwQC
uQgcAwQCub2cAwQCuepQAwQBwzy8AwQBw24MMBQEAgACMA4DBQAqA8WAAwUDKg0H
ADANBgkqhkiG9w0BAQsFAAOCAQEAMRfI2tdwkxdo634CR4IPjJs8RmB+BCQ1QAAx
eY0ajWvG6mPacUF6Akwcld2rWs6D46yo+UsQj5V7BYC/jO4SE7DlUTEU7qBtFcW/
9jRLcOCF3f6EIa3HkIuN8leU1pbyxrzYgVlKRAcfL8yVLEugmC/8ToIhuX//l9BW
IBS/VnZZT7O9po7eS5ioUwf2XpqyeolBkpOISn5uDc/ftQELAxBNK9u+AKWejS8w
B5FD3t1jJWeq8e5BFBxFQ0i9nlc8g6A13KJmdUttA462baJ3yxmbUDCMGYUI8cBM
6DnTuTyNA8Mc4/eB9XAJVLhoionk/YUzWY0oHDXSEDxqyT3NkQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net