Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/22T8EVZzlO41oAMFJlvqzAG1qBo.roa
File: 22T8EVZzlO41oAMFJlvqzAG1qBo.roa (raw, json)
Hash identifier: bfWurW2nFor6WKDfmZqrumDW3WLiIUdWZMuqYcYHQ4U=
Subject key identifier: DB:64:FC:11:56:73:94:EE:35:A0:03:05:26:5B:EA:CC:01:B5:A8:1A
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 019623D436705F4F569E9F8B206F28592661
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/22T8EVZzlO41oAMFJlvqzAG1qBo.roa
Signing time: Fri 11 Apr 2025 07:50:32 +0000
ROA not before: Fri 11 Apr 2025 07:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23422
IP address blocks: 147.189.143.0/24 maxlen: 24
176.111.220.0/24 maxlen: 24
185.215.225.0/24 maxlen: 24
185.215.226.0/24 maxlen: 24
193.8.195.0/24 maxlen: 24
2a0b:ae40:5::/48 maxlen: 48
2a0b:ae40:6::/48 maxlen: 48
2a0b:ae40:7::/48 maxlen: 48
2a0b:ae40:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:23:d4:36:70:5f:4f:56:9e:9f:8b:20:6f:28:59:26:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Apr 11 07:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db64fc11567394ee35a00305265beacc01b5a81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8b:8e:ca:ad:5d:2a:bf:a0:12:d9:3c:a4:b6:
7b:83:8c:9d:b7:e3:55:1c:a2:b6:ca:41:16:e3:5f:
1f:21:b1:ae:a5:92:2f:31:43:ee:a9:a6:40:f5:3d:
9c:17:8f:09:d0:f2:e6:99:93:45:9b:cb:da:ee:64:
a6:b9:70:99:3c:22:c3:83:e6:2b:43:64:87:d3:dd:
ac:2d:64:6f:af:0a:c0:60:a6:fe:e2:c5:92:38:19:
57:fd:a7:f0:44:08:35:89:09:02:15:9d:16:2d:c7:
03:1c:5f:59:50:0e:67:b9:4b:22:dc:e1:45:5d:3c:
bc:4e:ee:84:c2:c8:ad:79:2d:d9:fd:5a:aa:b3:d9:
d4:01:f3:a7:9b:5d:22:6b:f8:33:d1:5c:c0:30:85:
f1:19:2e:55:1a:8f:03:84:6b:1a:a3:a2:55:29:69:
4f:b0:1c:d6:6d:6c:dd:7d:55:a1:ec:16:a9:93:2f:
af:1f:d5:a2:fd:7a:c3:3e:0a:18:1f:85:43:97:a5:
34:2b:e9:16:6c:03:59:df:36:ab:6f:71:a8:9d:ad:
33:1b:5b:08:48:ba:94:a4:88:26:70:3a:59:f9:85:
6d:5e:0c:61:d4:f3:db:5a:4e:5e:a0:e1:7d:cb:46:
dc:dd:13:1c:ba:af:36:28:65:df:13:b2:02:f1:04:
3c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:64:FC:11:56:73:94:EE:35:A0:03:05:26:5B:EA:CC:01:B5:A8:1A
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/22T8EVZzlO41oAMFJlvqzAG1qBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.143.0/24
176.111.220.0/24
185.215.225.0-185.215.226.255
193.8.195.0/24
IPv6:
2a0b:ae40:5::-2a0b:ae40:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:cb:84:ed:8e:c5:90:b4:50:f2:8e:8d:02:6f:43:0f:00:76:
ae:89:39:34:a2:6a:d0:7b:e5:45:05:bf:3e:6d:ca:ee:c7:0b:
59:a9:0e:97:90:58:74:58:80:31:86:35:43:b8:d5:36:82:7f:
dd:1d:87:63:14:06:6e:b8:e8:84:45:79:4a:f1:4b:eb:42:35:
bc:84:55:ab:52:1f:bc:40:6b:7d:4c:5d:51:5e:6f:07:db:aa:
b8:cc:de:d8:f2:b9:74:50:6c:49:73:bf:b2:28:2f:72:80:18:
23:53:7f:bc:23:0a:b2:1a:fb:ee:13:44:15:28:2d:64:31:08:
4f:25:c7:26:75:a0:fd:a7:f4:62:69:42:47:c9:a2:21:67:b3:
0e:9b:1b:76:bd:e5:ee:ed:ab:87:4a:75:0b:48:71:ad:4a:d2:
ee:78:3a:4a:ad:26:47:a5:b1:ca:b4:87:0e:1b:9c:38:07:64:
6e:aa:df:d8:99:10:94:67:19:f1:b2:ee:7d:18:0c:27:eb:d8:
7c:d1:99:64:45:b4:ae:a5:a8:62:3d:63:f3:a2:50:cc:76:68:
3d:47:80:71:dc:15:a1:c2:67:ff:b8:4b:94:35:d9:24:5d:a9:
e1:4c:0a:5a:6d:76:40:9b:ac:4e:9d:7b:68:9b:97:33:b3:5e:
05:47:bd:fb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZYj1DZwX09Wnp+LIG8oWSZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjUwNDExMDc1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY0ZmMxMTU2NzM5NGVlMzVhMDAzMDUyNjViZWFjYzAxYjVhODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4uOyq1dKr+gEtk8pLZ7g4ydt+NV
HKK2ykEW418fIbGupZIvMUPuqaZA9T2cF48J0PLmmZNFm8va7mSmuXCZPCLDg+Yr
Q2SH092sLWRvrwrAYKb+4sWSOBlX/afwRAg1iQkCFZ0WLccDHF9ZUA5nuUsi3OFF
XTy8Tu6EwsiteS3Z/Vqqs9nUAfOnm10ia/gz0VzAMIXxGS5VGo8DhGsao6JVKWlP
sBzWbWzdfVWh7Bapky+vH9Wi/XrDPgoYH4VDl6U0K+kWbANZ3zarb3Gona0zG1sI
SLqUpIgmcDpZ+YVtXgxh1PPbWk5eoOF9y0bc3RMcuq82KGXfE7IC8QQ8JQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNtk/BFWc5TuNaADBSZb6swBtagaMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xLzIyVDhFVlp6bE80MW9BTUZKbHZxekFHMXFCby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMCYEAgABMCADBACTvY8D
BACwb9wwDAMEALnX4QMEALnX4gMEAMEIwzAaBAIAAjAUMBIDBwAqC65AAAUDBwAq
C65AAAgwDQYJKoZIhvcNAQELBQADggEBAFfLhO2OxZC0UPKOjQJvQw8Adq6JOTSi
atB75UUFvz5tyu7HC1mpDpeQWHRYgDGGNUO41TaCf90dh2MUBm646IRFeUrxS+tC
NbyEVatSH7xAa31MXVFebwfbqrjM3tjyuXRQbElzv7IoL3KAGCNTf7wjCrIa++4T
RBUoLWQxCE8lxyZ1oP2n9GJpQkfJoiFnsw6bG3a95e7tq4dKdQtIca1K0u54Okqt
Jkelscq0hw4bnDgHZG6q39iZEJRnGfGy7n0YDCfr2HzRmWRFtK6lqGI9Y/OiUMx2
aD1HgHHcFaHCZ/+4S5Q12SRdqeFMClptdkCbrE6de2iblzOzXgVHvfs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:29 2025 by rpki-client on console.sobornost.net