Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/IKxoI34yNDqSYAVSbtJ6URAzHH8.roa
File: IKxoI34yNDqSYAVSbtJ6URAzHH8.roa (raw, json)
Hash identifier: /1RKNbwdvJvERdDo7l1kD+y03W4o9/o77qVS9bJMSGs=
Subject key identifier: 20:AC:68:23:7E:32:34:3A:92:60:05:52:6E:D2:7A:51:10:33:1C:7F
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 0195D83DE562FE4FF7554F4598D1E814FDF0
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/IKxoI34yNDqSYAVSbtJ6URAzHH8.roa
Signing time: Thu 27 Mar 2025 15:34:49 +0000
ROA not before: Thu 27 Mar 2025 15:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216134
IP address blocks: 140.171.0.0/16 maxlen: 16
149.223.0.0/16 maxlen: 24
149.223.0.0/17 maxlen: 17
149.223.128.0/17 maxlen: 17
149.238.0.0/16 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.159.0/24 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
170.205.192.0/18 maxlen: 24
192.77.114.0/23 maxlen: 24
192.101.48.0/20 maxlen: 20
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
193.39.210.0/24 maxlen: 24
193.39.211.0/24 maxlen: 24
193.39.214.0/24 maxlen: 24
193.202.20.0/24 maxlen: 24
204.235.176.0/20 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:3d:e5:62:fe:4f:f7:55:4f:45:98:d1:e8:14:fd:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Mar 27 15:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20ac68237e32343a926005526ed27a5110331c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3f:c5:87:22:1b:87:b7:84:f9:9f:9e:35:42:
b7:5e:b1:af:1a:89:62:bc:8e:01:5e:7c:b3:91:fd:
26:be:95:76:0d:a1:de:fd:be:13:7c:30:54:04:7c:
57:64:ec:c9:52:0c:6b:75:2a:99:e9:82:dc:f8:db:
10:26:31:c8:bd:89:64:ce:00:b3:e0:35:36:ef:ac:
36:08:7e:08:0e:ea:df:16:6a:09:ae:a7:ff:7f:0a:
4c:1e:50:92:48:6b:4b:6e:fa:41:40:b3:20:cf:8c:
b3:7d:5e:23:37:9f:fe:3d:19:76:d5:83:ca:81:89:
24:1d:0d:6e:75:4d:d2:d8:0e:87:6a:4d:05:39:1b:
cf:9b:c1:29:bb:1d:e6:a0:02:1e:b3:f3:07:be:02:
97:44:12:a9:90:7b:63:8e:8c:47:de:48:9b:a9:a0:
fd:37:e5:8f:01:c4:46:7c:45:21:16:66:00:c0:7f:
e3:7b:6a:6f:d7:50:b4:d9:ce:83:f9:df:1e:73:c9:
45:06:78:51:f8:de:f0:9f:63:e5:89:34:f6:1a:cf:
a5:bd:93:53:e8:f8:c5:18:79:f0:4d:dd:6f:00:30:
57:69:9d:e8:09:e3:0a:ed:65:3b:17:d9:38:a6:d0:
cf:63:ba:ad:a0:51:a5:2f:b9:fd:31:f1:bb:64:78:
de:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AC:68:23:7E:32:34:3A:92:60:05:52:6E:D2:7A:51:10:33:1C:7F
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/IKxoI34yNDqSYAVSbtJ6URAzHH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.171.0.0/16
149.223.0.0/16
149.238.0.0/16
170.205.192.0/18
192.77.114.0/23
192.101.48.0/20
192.112.208.0/24
193.33.52.0/23
193.39.210.0/23
193.39.214.0/24
193.202.20.0/24
204.235.176.0/20
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:1f:4f:ac:4f:92:41:08:66:6d:e8:0a:bd:c2:d4:0e:f3:8b:
e1:dc:45:84:43:86:1b:27:d7:a2:c2:58:e5:9c:24:1d:45:d5:
5c:c4:fb:53:45:42:24:dc:35:ac:de:f0:74:69:43:0c:24:e7:
30:98:26:1e:39:84:63:5b:4f:99:71:ce:de:5a:76:8f:ce:de:
a1:d2:93:7c:ab:0a:5f:83:58:60:c2:2f:6d:d1:17:81:2d:8e:
50:4a:d8:a4:f7:b0:dd:45:62:f7:e5:66:55:62:f3:f6:bc:e5:
f7:0c:5a:40:63:a9:2f:f6:67:be:22:13:c6:07:12:94:b8:a2:
d4:79:ce:5a:4b:a9:3c:e2:f8:5f:c4:01:3c:9c:33:a8:6c:3d:
6e:7d:9a:c2:84:9d:db:65:71:89:1c:dd:9c:67:26:a8:b8:5c:
a3:91:fe:12:49:55:4f:57:41:82:85:db:c0:f9:25:18:cb:dd:
83:ba:7d:e0:eb:9b:f7:94:4b:be:f1:8d:dd:cf:e8:42:a2:e3:
cc:de:4c:e7:c7:14:ec:76:06:dd:4e:c6:d1:83:f2:41:61:5f:
49:f4:c8:6f:cc:e0:3f:cb:f5:d1:de:27:fa:1d:6b:95:db:1f:
3f:fd:1b:65:16:9a:18:7e:ee:16:8c:06:e4:79:7f:d7:10:6f:
93:96:22:4b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZXYPeVi/k/3VU9FmNHoFP3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjUwMzI3MTUzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFjNjgyMzdlMzIzNDNhOTI2MDA1NTI2ZWQyN2E1MTEwMzMxYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz/FhyIbh7eE+Z+eNUK3XrGvGoli
vI4BXnyzkf0mvpV2DaHe/b4TfDBUBHxXZOzJUgxrdSqZ6YLc+NsQJjHIvYlkzgCz
4DU276w2CH4IDurfFmoJrqf/fwpMHlCSSGtLbvpBQLMgz4yzfV4jN5/+PRl21YPK
gYkkHQ1udU3S2A6Hak0FORvPm8Epux3moAIes/MHvgKXRBKpkHtjjoxH3kibqaD9
N+WPAcRGfEUhFmYAwH/je2pv11C02c6D+d8ec8lFBnhR+N7wn2PliTT2Gs+lvZNT
6PjFGHnwTd1vADBXaZ3oCeMK7WU7F9k4ptDPY7qtoFGlL7n9MfG7ZHjeiQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCCsaCN+MjQ6kmAFUm7SelEQMxx/MB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvSUt4b0kzNHlORHFTWUFWU2J0SjZVUkF6SEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwMAjKsDAwCV
3wMDAJXuAwQGqs3AAwQBwE1yAwQEwGUwAwQAwHDQAwQBwSE0AwQBwSfSAwQAwSfW
AwQAwcoUAwQEzOuwMA0EAgACMAcDBQMqE8tAMA0GCSqGSIb3DQEBCwUAA4IBAQAN
H0+sT5JBCGZt6Aq9wtQO84vh3EWEQ4YbJ9eiwljlnCQdRdVcxPtTRUIk3DWs3vB0
aUMMJOcwmCYeOYRjW0+Zcc7eWnaPzt6h0pN8qwpfg1hgwi9t0ReBLY5QStik97Dd
RWL35WZVYvP2vOX3DFpAY6kv9me+IhPGBxKUuKLUec5aS6k84vhfxAE8nDOobD1u
fZrChJ3bZXGJHN2cZyaouFyjkf4SSVVPV0GChdvA+SUYy92Dun3g65v3lEu+8Y3d
z+hCouPM3kznxxTsdgbdTsbRg/JBYV9J9MhvzOA/y/XR3if6HWuV2x8//RtlFpoY
fu4WjAbkeX/XEG+TliJL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net