Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/Q0NTavEWJ5qlzhM0Gok-q7D_kpE.roa
File: Q0NTavEWJ5qlzhM0Gok-q7D_kpE.roa (raw, json)
Hash identifier: 38GOGOOApNFSuUu3tueeEDSFag3IGEHi/vwKyUqguXY=
Subject key identifier: 43:43:53:6A:F1:16:27:9A:A5:CE:13:34:1A:89:3E:AB:B0:FF:92:91
Certificate issuer: /CN=3ff58dffba4df6ac34bd9f48119ae11cfef8a76c
Certificate serial: 01942521BBBC6D6646997B005EFB1B0867F3
Authority key identifier: 3F:F5:8D:FF:BA:4D:F6:AC:34:BD:9F:48:11:9A:E1:1C:FE:F8:A7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_WN_7pN9qw0vZ9IEZrhHP74p2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/Q0NTavEWJ5qlzhM0Gok-q7D_kpE.roa
Signing time: Thu 02 Jan 2025 03:49:15 +0000
ROA not before: Thu 02 Jan 2025 03:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209836
IP address blocks: 185.126.200.0/24 maxlen: 24
185.126.201.0/24 maxlen: 24
213.232.124.0/24 maxlen: 24
213.232.125.0/24 maxlen: 24
213.232.126.0/24 maxlen: 24
213.232.127.0/24 maxlen: 24
2a0a:2fc0::/30 maxlen: 30
2a13:6b00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:bb:bc:6d:66:46:99:7b:00:5e:fb:1b:08:67:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ff58dffba4df6ac34bd9f48119ae11cfef8a76c
Validity
Not Before: Jan 2 03:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4343536af116279aa5ce13341a893eabb0ff9291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c5:76:21:0f:72:52:4a:4e:de:6e:5a:88:e8:
7e:92:b6:fd:75:13:38:4e:17:0f:b0:58:d2:bb:75:
c4:88:76:c3:fb:e1:ef:fa:16:14:f3:dd:b1:ac:cc:
e7:c4:66:be:d0:2c:ac:7c:e5:62:06:f0:e5:f9:3b:
c8:68:0b:41:5f:ff:e1:8e:33:f1:e8:86:7f:21:d4:
26:f1:eb:8b:b2:a8:a4:06:ce:86:5a:62:cd:43:c4:
a7:28:e0:f4:70:8f:99:08:c4:9e:c6:0d:37:c4:d3:
68:59:2c:c4:de:9a:6d:d6:db:7f:24:d9:7e:42:86:
2b:a5:9d:fb:58:ec:b3:8f:b5:52:d4:51:ca:fd:f7:
87:f7:c2:8b:28:47:c7:7c:f4:05:89:cc:9b:76:17:
14:78:11:af:45:12:2f:a6:1a:fc:5e:8e:2e:22:ca:
12:b8:a3:2f:73:fa:be:ca:46:77:82:f5:e3:bf:a0:
67:44:2e:48:1d:07:eb:cc:b3:c1:cc:ed:5c:0e:48:
f7:d3:c6:d5:cc:d9:e9:95:0f:ec:b9:44:02:fe:76:
d4:2f:21:f0:33:3f:bb:61:58:2d:41:47:61:b5:4c:
36:8e:95:ba:e9:1e:cb:71:ec:ae:c7:b7:37:16:e6:
2c:ea:56:d0:a4:4f:dc:33:ee:08:90:4c:5c:f0:47:
d3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:43:53:6A:F1:16:27:9A:A5:CE:13:34:1A:89:3E:AB:B0:FF:92:91
X509v3 Authority Key Identifier:
keyid:3F:F5:8D:FF:BA:4D:F6:AC:34:BD:9F:48:11:9A:E1:1C:FE:F8:A7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_WN_7pN9qw0vZ9IEZrhHP74p2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/Q0NTavEWJ5qlzhM0Gok-q7D_kpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/P_WN_7pN9qw0vZ9IEZrhHP74p2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.200.0/23
213.232.124.0/22
IPv6:
2a0a:2fc0::/30
2a13:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
42:f8:5a:2c:d3:d3:33:59:ae:7e:bb:a9:cd:8e:0f:51:b2:ab:
5a:ca:61:27:1f:64:44:96:30:03:4b:1c:51:86:60:85:66:4b:
80:a8:48:1b:6e:f3:22:d7:2e:4b:9b:e4:34:23:69:de:3f:57:
b2:90:99:bb:ef:63:62:4c:7b:ec:9d:57:b2:e7:fe:90:63:40:
b0:d9:8f:06:72:e8:d4:4f:fc:57:93:70:ee:5a:f7:a5:07:0f:
cd:76:81:18:74:2a:1a:73:6b:8f:88:de:4c:61:c7:32:f0:f3:
8c:d5:4a:45:43:d2:0a:e6:21:31:5d:f2:49:f9:c3:9f:15:e8:
fa:be:ee:70:9b:4e:1f:e2:2b:53:3b:24:bd:56:83:36:a5:e2:
16:b9:d1:65:5c:a6:b4:c3:09:54:a9:c7:52:73:fc:16:e1:6f:
a7:84:1c:53:26:a1:1a:a1:37:25:a5:d5:b6:aa:56:f0:4a:1f:
39:b9:b5:f5:07:aa:72:66:7d:41:aa:74:e7:6b:b5:bf:89:b5:
63:5a:5b:b5:bb:3f:cd:9b:0e:79:3a:b8:ca:c4:c8:58:9e:f0:
1b:72:74:1e:35:e2:31:aa:83:3b:82:3a:2f:e6:03:b7:ec:b0:
dc:97:f9:08:42:22:03:29:fb:a5:2a:fc:59:80:5c:86:59:f4:
e2:14:e2:b7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlIbu8bWZGmXsAXvsbCGfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZjU4ZGZmYmE0ZGY2YWMzNGJkOWY0ODExOWFlMTFjZmVm
OGE3NmMwHhcNMjUwMTAyMDM0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQzNTM2YWYxMTYyNzlhYTVjZTEzMzQxYTg5M2VhYmIwZmY5MjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8V2IQ9yUkpO3m5aiOh+krb9dRM4
ThcPsFjSu3XEiHbD++Hv+hYU892xrMznxGa+0CysfOViBvDl+TvIaAtBX//hjjPx
6IZ/IdQm8euLsqikBs6GWmLNQ8SnKOD0cI+ZCMSexg03xNNoWSzE3ppt1tt/JNl+
QoYrpZ37WOyzj7VS1FHK/feH98KLKEfHfPQFicybdhcUeBGvRRIvphr8Xo4uIsoS
uKMvc/q+ykZ3gvXjv6BnRC5IHQfrzLPBzO1cDkj308bVzNnplQ/suUQC/nbULyHw
Mz+7YVgtQUdhtUw2jpW66R7Lceyux7c3FuYs6lbQpE/cM+4IkExc8EfTxQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFENDU2rxFieapc4TNBqJPquw/5KRMB8GA1UdIwQY
MBaAFD/1jf+6TfasNL2fSBGa4Rz++KdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9XTl83cE45cXcwdlo5SUVacmhIUDc0cDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yOGZjZTQtODFmMS00Y2QzLWE4ZWQt
YWI5NGFmZmI5MDNhLzEvUTBOVGF2RVdKNXFsemhNMEdvay1xN0Rfa3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yOGZjZTQtODFmMS00Y2QzLWE4ZWQtYWI5NGFmZmI5MDNh
LzEvUF9XTl83cE45cXcwdlo5SUVacmhIUDc0cDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBuX7IAwQC
1eh8MBQEAgACMA4DBQIqCi/AAwUAKhNrADANBgkqhkiG9w0BAQsFAAOCAQEAQvha
LNPTM1mufrupzY4PUbKrWsphJx9kRJYwA0scUYZghWZLgKhIG27zItcuS5vkNCNp
3j9XspCZu+9jYkx77J1Xsuf+kGNAsNmPBnLo1E/8V5Nw7lr3pQcPzXaBGHQqGnNr
j4jeTGHHMvDzjNVKRUPSCuYhMV3ySfnDnxXo+r7ucJtOH+IrUzskvVaDNqXiFrnR
ZVymtMMJVKnHUnP8FuFvp4QcUyahGqE3JaXVtqpW8EofObm19QeqcmZ9Qap052u1
v4m1Y1pbtbs/zZsOeTq4ysTIWJ7wG3J0HjXiMaqDO4I6L+YDt+yw3Jf5CEIiAyn7
pSr8WYBchln04hTitw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net