Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ih9hV1zRKNpW9UkWveWgnLwOUHY.roa
File: ih9hV1zRKNpW9UkWveWgnLwOUHY.roa (raw, json)
Hash identifier: heRBD6MzYxfZDnSE68bFCupZdlO5G0i2sIeJehJ/d6k=
Subject key identifier: 8A:1F:61:57:5C:D1:28:DA:56:F5:49:16:BD:E5:A0:9C:BC:0E:50:76
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01942827B2C017ABE14A47B6E2709BA856F3
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ih9hV1zRKNpW9UkWveWgnLwOUHY.roa
Signing time: Thu 02 Jan 2025 17:54:37 +0000
ROA not before: Thu 02 Jan 2025 17:54:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 195.216.176.0/23 maxlen: 23
213.182.196.0/24 maxlen: 24
213.182.197.0/24 maxlen: 24
213.182.218.0/24 maxlen: 24
213.182.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:b2:c0:17:ab:e1:4a:47:b6:e2:70:9b:a8:56:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 2 17:54:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a1f61575cd128da56f54916bde5a09cbc0e5076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e5:83:4d:c8:6a:62:d8:1c:32:fc:ba:65:38:
03:57:55:55:37:6d:af:9d:d3:d0:62:64:21:82:4b:
ec:34:45:eb:f2:6a:2a:d0:c5:dd:50:28:cb:0a:38:
28:09:67:07:88:e9:a8:37:d1:e1:62:cb:6f:d4:8c:
42:ce:01:99:f2:c7:e2:83:a5:c7:23:e2:20:5f:6e:
32:0f:4f:d8:e7:63:8f:07:1a:05:f0:1a:13:c3:72:
6b:ff:cf:6f:11:e9:09:3d:53:d1:d7:69:4b:e2:97:
d4:b6:09:ce:d2:ec:32:6e:47:06:4a:6a:90:fd:bc:
3e:7a:52:8f:0c:fa:0e:15:0b:0a:11:17:b4:4f:01:
ef:59:bc:3c:72:32:89:40:b5:cb:e5:67:b6:9b:e1:
36:f1:d9:f6:1a:54:ed:2c:b5:71:a6:94:44:95:dc:
ac:e6:8c:94:9c:ab:3a:cb:d5:2a:35:29:4c:62:a2:
4d:62:b1:c8:82:af:15:09:ae:13:a0:48:c0:f4:7d:
a7:16:d2:3f:2e:45:eb:a3:ff:02:b3:2e:15:28:1e:
57:59:fc:b7:1b:8b:4e:f9:e7:b1:cf:ca:62:8e:18:
74:4c:32:02:12:12:05:63:37:4c:29:52:30:27:83:
0d:2e:1d:dd:1d:a2:c6:90:74:59:e7:d5:a4:c4:00:
d4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1F:61:57:5C:D1:28:DA:56:F5:49:16:BD:E5:A0:9C:BC:0E:50:76
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ih9hV1zRKNpW9UkWveWgnLwOUHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.176.0/23
213.182.196.0/23
213.182.218.0/24
213.182.220.0/22
Signature Algorithm: sha256WithRSAEncryption
93:b9:36:21:e5:d0:33:d3:3a:05:15:83:5c:e5:e4:fe:99:a3:
9c:71:9d:ab:bb:b5:6e:8d:ef:8f:6d:c3:65:6c:3a:52:1c:65:
30:bf:6d:6c:a1:f6:4e:0e:e5:5b:29:0d:36:c8:6c:c9:7f:96:
e4:dc:4a:63:dd:05:30:f3:56:5b:18:e4:ae:ce:1d:e3:c2:31:
78:5b:8a:5e:7e:a6:c5:fd:66:d8:84:67:93:07:1e:fb:62:c0:
5c:c4:45:10:70:58:d1:94:a6:4a:a2:13:21:5c:1c:b1:38:69:
99:70:0e:72:92:df:7c:2f:ba:cc:86:fb:3e:be:c7:fb:d1:9d:
95:62:d6:27:d2:d7:ab:a9:0a:d3:d6:29:aa:21:b6:d1:ef:30:
1e:50:32:23:d3:b7:93:e4:99:3e:5e:e1:13:2f:43:0d:df:5d:
08:1b:81:bc:6f:03:e2:79:c5:4e:24:58:dc:53:87:fa:b4:e5:
a6:71:5d:fc:de:bf:60:ec:7d:77:f5:51:39:40:d2:6c:72:69:
f4:64:9b:91:a6:be:21:c6:73:21:97:60:1d:03:c9:d2:0f:af:
90:53:98:af:ad:9d:c5:fd:88:e8:0c:3d:fb:2e:f9:6c:fc:ef:
4e:61:a1:17:0f:96:a2:82:66:42:0b:2b:5d:b0:a2:1b:f8:3e:
2e:2b:45:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJ7LAF6vhSke24nCbqFbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMTAyMTc1NDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFmNjE1NzVjZDEyOGRhNTZmNTQ5MTZiZGU1YTA5Y2JjMGU1MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+WDTchqYtgcMvy6ZTgDV1VVN22v
ndPQYmQhgkvsNEXr8moq0MXdUCjLCjgoCWcHiOmoN9HhYstv1IxCzgGZ8sfig6XH
I+IgX24yD0/Y52OPBxoF8BoTw3Jr/89vEekJPVPR12lL4pfUtgnO0uwybkcGSmqQ
/bw+elKPDPoOFQsKERe0TwHvWbw8cjKJQLXL5We2m+E28dn2GlTtLLVxppREldys
5oyUnKs6y9UqNSlMYqJNYrHIgq8VCa4ToEjA9H2nFtI/LkXro/8Csy4VKB5XWfy3
G4tO+eexz8pijhh0TDICEhIFYzdMKVIwJ4MNLh3dHaLGkHRZ59WkxADUhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIofYVdc0SjaVvVJFr3loJy8DlB2MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvaWg5aFYxelJLTnBXOVVrV3ZlV2duTHdPVUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBw9iwAwQB
1bbEAwQA1bbaAwQC1bbcMA0GCSqGSIb3DQEBCwUAA4IBAQCTuTYh5dAz0zoFFYNc
5eT+maOccZ2ru7Vuje+PbcNlbDpSHGUwv21sofZODuVbKQ02yGzJf5bk3Epj3QUw
81ZbGOSuzh3jwjF4W4pefqbF/WbYhGeTBx77YsBcxEUQcFjRlKZKohMhXByxOGmZ
cA5ykt98L7rMhvs+vsf70Z2VYtYn0terqQrT1imqIbbR7zAeUDIj07eT5Jk+XuET
L0MN310IG4G8bwPiecVOJFjcU4f6tOWmcV383r9g7H139VE5QNJscmn0ZJuRpr4h
xnMhl2AdA8nSD6+QU5ivrZ3F/YjoDD37Lvls/O9OYaEXD5aigmZCCytdsKIb+D4u
K0WI
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:14:00 2025 by rpki-client on console.sobornost.net