Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/Z2OOQN_xvDinvSk0PjmWHnzGsnE.roa
File: Z2OOQN_xvDinvSk0PjmWHnzGsnE.roa (raw, json)
Hash identifier: +MwSX4X4GjxkZcy+4f+CH7/gMqlsDpwDxxCncAgans4=
Subject key identifier: 67:63:8E:40:DF:F1:BC:38:A7:BD:29:34:3E:39:96:1E:7C:C6:B2:71
Certificate issuer: /CN=bffd0f0ad9c784096c5a0fb9e8cf5c2f0440413b
Certificate serial: 0194CC0B172DFE7CAA3A3A2F37CFF4C3E880
Authority key identifier: BF:FD:0F:0A:D9:C7:84:09:6C:5A:0F:B9:E8:CF:5C:2F:04:40:41:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/Z2OOQN_xvDinvSk0PjmWHnzGsnE.roa
Signing time: Mon 03 Feb 2025 13:41:06 +0000
ROA not before: Mon 03 Feb 2025 13:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44692
IP address blocks: 78.31.144.0/23 maxlen: 23
78.31.146.0/23 maxlen: 23
78.31.148.0/23 maxlen: 23
78.31.150.0/23 maxlen: 23
85.202.96.0/20 maxlen: 24
85.202.107.0/24 maxlen: 24
109.125.192.0/19 maxlen: 19
109.125.218.0/23 maxlen: 23
109.125.220.0/22 maxlen: 22
109.125.224.0/23 maxlen: 23
109.125.226.0/23 maxlen: 23
109.125.228.0/23 maxlen: 23
109.125.230.0/23 maxlen: 23
109.125.232.0/22 maxlen: 22
109.125.236.0/22 maxlen: 22
109.125.240.0/22 maxlen: 22
109.125.244.0/22 maxlen: 22
109.125.248.0/22 maxlen: 22
109.125.254.0/24 maxlen: 24
109.125.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:0b:17:2d:fe:7c:aa:3a:3a:2f:37:cf:f4:c3:e8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bffd0f0ad9c784096c5a0fb9e8cf5c2f0440413b
Validity
Not Before: Feb 3 13:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67638e40dff1bc38a7bd29343e39961e7cc6b271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:79:c2:47:77:85:3b:a9:cd:27:f4:5b:c0:
dc:1b:69:51:02:f2:69:fd:94:14:2d:52:e6:2d:47:
d9:4f:bb:57:8d:95:16:b2:96:60:fa:bd:c1:71:f3:
0b:b0:56:d8:48:86:42:0c:b6:e9:f0:8f:47:aa:90:
09:12:47:f2:db:68:96:0d:45:3d:6c:80:6d:f1:29:
86:eb:a3:44:da:33:4d:c5:bd:3f:df:28:35:d4:fb:
9f:f7:5a:f7:7b:f3:86:04:84:36:12:74:e1:49:33:
e8:c7:eb:77:e5:69:e7:8a:b9:f9:ab:65:80:97:18:
3b:b8:17:2a:4c:fc:2a:6d:7e:69:0c:5a:66:62:64:
83:1a:2b:72:1a:eb:6f:e8:05:91:0c:d0:a3:95:b8:
1b:4e:dd:41:66:06:c3:dd:9d:3c:fd:9e:2f:9d:45:
09:38:61:04:f0:5f:47:e6:12:ea:4c:14:02:1b:24:
37:ab:9c:40:1f:ed:e1:cb:85:4e:41:83:bb:1b:c2:
a9:b2:23:7d:82:ba:c3:c9:4e:ed:78:e9:7a:4b:d3:
9e:12:7d:a4:52:5c:a6:e3:79:e4:c2:68:55:c3:dc:
0f:fd:6a:63:6c:e6:d2:78:26:20:b9:34:2b:f4:8e:
21:c5:95:ce:7a:62:d2:00:c7:af:bb:dd:25:e4:84:
e5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:63:8E:40:DF:F1:BC:38:A7:BD:29:34:3E:39:96:1E:7C:C6:B2:71
X509v3 Authority Key Identifier:
keyid:BF:FD:0F:0A:D9:C7:84:09:6C:5A:0F:B9:E8:CF:5C:2F:04:40:41:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_0PCtnHhAlsWg-56M9cLwRAQTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/Z2OOQN_xvDinvSk0PjmWHnzGsnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eaea59-919d-4135-9bde-6dcf0c93cbdb/1/v_0PCtnHhAlsWg-56M9cLwRAQTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.144.0/21
85.202.96.0/20
109.125.192.0-109.125.251.255
109.125.254.0/23
Signature Algorithm: sha256WithRSAEncryption
29:37:6d:a7:a1:a8:b0:c9:5f:16:0a:0c:7f:81:22:b2:c6:a7:
00:14:ab:ec:23:e9:e0:cb:f0:5f:3b:37:a9:7b:cf:08:d5:c0:
26:b3:f2:ea:ef:bd:ba:07:c4:a2:e9:75:d8:e7:2f:70:0a:b9:
eb:d3:a8:39:3f:81:38:cc:ca:e0:aa:3a:40:d3:04:0a:86:32:
c9:56:d1:21:0d:72:27:e9:1e:62:1b:ee:4d:3b:88:76:2c:4a:
da:a6:49:2e:3a:76:52:79:42:78:05:0c:36:68:11:15:cf:7b:
2d:97:e7:81:91:d9:d2:3d:99:ed:c9:c1:6e:39:d8:dc:b6:ed:
de:d0:35:29:7a:77:c0:c8:c7:cc:fb:db:88:1d:b4:d3:d3:c3:
c7:e8:43:70:a3:9d:26:5d:94:71:2d:08:e5:07:75:c4:e9:c9:
57:24:1a:38:f7:3d:b3:e2:07:2d:60:75:a2:0e:e0:30:65:b7:
be:cc:9e:60:0e:c2:7f:b5:3d:ec:bd:e1:a8:29:fa:02:4e:e0:
e9:b8:c2:58:ee:19:dd:44:aa:74:93:91:c2:25:c0:21:48:b1:
b5:15:38:c2:e9:d8:d8:74:d2:2d:a7:2c:a6:27:70:8f:da:14:
57:27:45:94:8b:3d:21:de:bf:bb:22:1e:1a:6c:f9:79:55:c4:
a5:ae:b8:18
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZTMCxct/nyqOjovN8/0w+iAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZmQwZjBhZDljNzg0MDk2YzVhMGZiOWU4Y2Y1YzJmMDQ0
MDQxM2IwHhcNMjUwMjAzMTM0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzYzOGU0MGRmZjFiYzM4YTdiZDI5MzQzZTM5OTYxZTdjYzZiMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq15wkd3hTupzSf0W8DcG2lRAvJp
/ZQULVLmLUfZT7tXjZUWspZg+r3BcfMLsFbYSIZCDLbp8I9HqpAJEkfy22iWDUU9
bIBt8SmG66NE2jNNxb0/3yg11Puf91r3e/OGBIQ2EnThSTPox+t35Wnnirn5q2WA
lxg7uBcqTPwqbX5pDFpmYmSDGityGutv6AWRDNCjlbgbTt1BZgbD3Z08/Z4vnUUJ
OGEE8F9H5hLqTBQCGyQ3q5xAH+3hy4VOQYO7G8KpsiN9grrDyU7teOl6S9OeEn2k
Ulym43nkwmhVw9wP/WpjbObSeCYguTQr9I4hxZXOemLSAMevu90l5ITl+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGdjjkDf8bw4p70pND45lh58xrJxMB8GA1UdIwQY
MBaAFL/9DwrZx4QJbFoPuejPXC8EQEE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl8wUEN0bkhoQWxzV2ctNTZNOWNMd1JBUVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYWVhNTktOTE5ZC00MTM1LTliZGUt
NmRjZjBjOTNjYmRiLzEvWjJPT1FOX3h2RGludlNrMFBqbVdIbnpHc25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYWVhNTktOTE5ZC00MTM1LTliZGUtNmRjZjBjOTNjYmRi
LzEvdl8wUEN0bkhoQWxzV2ctNTZNOWNMd1JBUVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDTh+QAwQE
VcpgMAwDBAZtfcADBAJtffgDBAFtff4wDQYJKoZIhvcNAQELBQADggEBACk3baeh
qLDJXxYKDH+BIrLGpwAUq+wj6eDL8F87N6l7zwjVwCaz8urvvboHxKLpddjnL3AK
uevTqDk/gTjMyuCqOkDTBAqGMslW0SENcifpHmIb7k07iHYsStqmSS46dlJ5QngF
DDZoERXPey2X54GR2dI9me3JwW452Ny27d7QNSl6d8DIx8z724gdtNPTw8foQ3Cj
nSZdlHEtCOUHdcTpyVckGjj3PbPiBy1gdaIO4DBlt77MnmAOwn+1Pey94agp+gJO
4Om4wljuGd1EqnSTkcIlwCFIsbUVOMLp2Nh00i2nLKYncI/aFFcnRZSLPSHev7si
Hhps+XlVxKWuuBg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net