Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/O9m05o_UDIKemPeCfI7Sc16B69Y.roa
File: O9m05o_UDIKemPeCfI7Sc16B69Y.roa (raw, json)
Hash identifier: yXqGk5sjcirZhyM4OHBNZEpEXcAXLb0N0cHRwAFg1zo=
Subject key identifier: 3B:D9:B4:E6:8F:D4:0C:82:9E:98:F7:82:7C:8E:D2:73:5E:81:EB:D6
Certificate issuer: /CN=578d854bd2bee242a82fb83922d149bccf19ed02
Certificate serial: 0194228E3F642F93B0B23CB2EE2A567F2AA0
Authority key identifier: 57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/O9m05o_UDIKemPeCfI7Sc16B69Y.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199554
IP address blocks: 5.57.200.0/21 maxlen: 21
5.57.200.0/24 maxlen: 24
185.164.152.0/22 maxlen: 22
185.164.152.0/24 maxlen: 24
2a01:4540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3f:64:2f:93:b0:b2:3c:b2:ee:2a:56:7f:2a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d854bd2bee242a82fb83922d149bccf19ed02
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bd9b4e68fd40c829e98f7827c8ed2735e81ebd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:13:2d:7d:2f:cb:9b:91:17:b9:17:e8:42:6b:
0b:9f:4d:55:f4:8a:eb:d7:39:31:49:a8:e0:1c:17:
84:d9:65:32:f1:c3:05:4c:2b:c4:60:4f:fe:7e:72:
2d:ba:a2:9c:33:eb:aa:82:21:fd:b8:e3:cd:27:0f:
d0:2f:03:6d:42:66:05:3c:e7:59:e2:ec:2d:dc:7d:
67:93:78:0b:18:33:02:82:33:b1:c7:1d:98:05:c3:
ae:6b:43:29:64:f7:12:fc:40:30:49:35:ef:07:58:
4c:a9:5d:55:10:42:b4:4d:e2:c3:26:cc:3f:b5:24:
81:3b:b8:9c:8e:86:b5:67:43:d4:5b:74:e3:6d:11:
fc:5c:3a:e0:80:f3:75:ca:e3:95:cf:26:5a:74:4d:
3b:ec:1f:e9:3a:ec:4d:06:9b:61:69:ce:a0:1d:b3:
cf:3c:92:56:44:c8:78:5a:0d:b2:2c:aa:05:12:bb:
e3:59:df:52:af:fc:c1:dd:64:51:d8:a3:ba:ff:22:
d6:fe:61:53:c3:3a:40:25:ed:84:94:6c:1c:af:63:
f8:b3:1f:b6:1e:22:15:2e:eb:f7:46:a9:48:08:a4:
c3:b1:d3:f5:30:bf:c5:b7:d2:b8:e7:f1:b7:ce:f0:
d4:bb:31:1b:e2:ed:13:26:69:2e:ec:f2:c4:cf:96:
38:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D9:B4:E6:8F:D4:0C:82:9E:98:F7:82:7C:8E:D2:73:5E:81:EB:D6
X509v3 Authority Key Identifier:
keyid:57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/O9m05o_UDIKemPeCfI7Sc16B69Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.200.0/21
185.164.152.0/22
IPv6:
2a01:4540::/29
Signature Algorithm: sha256WithRSAEncryption
81:71:a3:f9:13:af:cd:d8:00:49:e8:a1:f1:50:19:d0:df:32:
34:7e:fa:61:76:d7:ae:82:15:2a:3b:db:f0:91:90:91:ce:bd:
32:c3:94:33:2d:d4:6a:2d:ef:53:86:50:92:e1:f2:3d:31:85:
30:e8:c8:29:f3:17:fb:b4:89:4f:a6:b1:fb:1f:19:95:9a:7c:
b4:92:52:d7:74:64:9a:b6:cc:a9:52:58:09:7b:34:13:93:71:
0a:f7:f8:95:b5:53:21:7e:02:cd:9c:cf:3a:d0:3f:ab:d0:07:
e8:77:8a:cf:ab:84:cc:45:9c:b8:dd:df:3d:60:67:88:7a:40:
e4:8a:90:bb:d9:33:20:78:89:cf:de:1e:62:df:3f:5c:ab:da:
ad:ea:ee:70:77:b9:91:31:39:9a:01:f4:38:96:76:d3:b6:14:
5d:ec:29:01:0d:cf:c7:db:00:53:eb:6b:f5:9e:1a:c1:af:db:
4c:ee:13:de:a7:26:f6:d9:0a:fe:56:ad:46:85:a1:9e:4f:31:
3a:dd:24:f0:7b:51:41:e0:2f:cd:55:db:13:af:8a:4b:0d:50:
46:f1:d3:a5:62:dc:e2:2b:60:e2:31:85:8b:62:10:6a:64:d0:
25:34:ce:15:e0:92:f1:96:df:4c:87:2b:97:df:f2:91:63:01:
6f:0e:3f:97
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijj9kL5Owsjyy7ipWfyqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OGQ4NTRiZDJiZWUyNDJhODJmYjgzOTIyZDE0OWJjY2Yx
OWVkMDIwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ5YjRlNjhmZDQwYzgyOWU5OGY3ODI3YzhlZDI3MzVlODFlYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRMtfS/Lm5EXuRfoQmsLn01V9Irr
1zkxSajgHBeE2WUy8cMFTCvEYE/+fnItuqKcM+uqgiH9uOPNJw/QLwNtQmYFPOdZ
4uwt3H1nk3gLGDMCgjOxxx2YBcOua0MpZPcS/EAwSTXvB1hMqV1VEEK0TeLDJsw/
tSSBO7icjoa1Z0PUW3TjbRH8XDrggPN1yuOVzyZadE077B/pOuxNBpthac6gHbPP
PJJWRMh4Wg2yLKoFErvjWd9Sr/zB3WRR2KO6/yLW/mFTwzpAJe2ElGwcr2P4sx+2
HiIVLuv3RqlICKTDsdP1ML/Ft9K45/G3zvDUuzEb4u0TJmku7PLEz5Y4TwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDvZtOaP1AyCnpj3gnyO0nNegevWMB8GA1UdIwQY
MBaAFFeNhUvSvuJCqC+4OSLRSbzPGe0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEt
MWFiNWY1Mzk5ZDNhLzEvTzltMDVvX1VESUtlbVBlQ2ZJN1NjMTZCNjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEtMWFiNWY1Mzk5ZDNh
LzEvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTnIAwQC
uaSYMA0EAgACMAcDBQMqAUVAMA0GCSqGSIb3DQEBCwUAA4IBAQCBcaP5E6/N2ABJ
6KHxUBnQ3zI0fvphdteughUqO9vwkZCRzr0yw5QzLdRqLe9ThlCS4fI9MYUw6Mgp
8xf7tIlPprH7HxmVmny0klLXdGSatsypUlgJezQTk3EK9/iVtVMhfgLNnM860D+r
0Afod4rPq4TMRZy43d89YGeIekDkipC72TMgeInP3h5i3z9cq9qt6u5wd7mRMTma
AfQ4lnbTthRd7CkBDc/H2wBT62v1nhrBr9tM7hPepyb22Qr+Vq1GhaGeTzE63STw
e1FB4C/NVdsTr4pLDVBG8dOlYtziK2DiMYWLYhBqZNAlNM4V4JLxlt9MhyuX3/KR
YwFvDj+X
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net