Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/Ui7tOCQMpzQZKjrz8TKsRSE40Q4.roa
File: Ui7tOCQMpzQZKjrz8TKsRSE40Q4.roa (raw, json)
Hash identifier: DHT0OqKz8zWpIsPzI8wSWAnHvpUIUXG4m7B7nool0IE=
Subject key identifier: 52:2E:ED:38:24:0C:A7:34:19:2A:3A:F3:F1:32:AC:45:21:38:D1:0E
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 01956CE322E37C8D2E43838D2400E22961DB
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/Ui7tOCQMpzQZKjrz8TKsRSE40Q4.roa
Signing time: Thu 06 Mar 2025 19:16:19 +0000
ROA not before: Thu 06 Mar 2025 19:16:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33951
IP address blocks: 91.193.96.0/22 maxlen: 22
95.175.0.0/19 maxlen: 19
95.175.0.0/24 maxlen: 24
95.175.1.0/24 maxlen: 24
95.175.5.0/24 maxlen: 24
95.175.29.0/24 maxlen: 24
193.239.206.0/23 maxlen: 23
194.63.132.0/22 maxlen: 22
217.11.135.0/24 maxlen: 24
2a04:1200::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:e3:22:e3:7c:8d:2e:43:83:8d:24:00:e2:29:61:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Mar 6 19:16:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=522eed38240ca734192a3af3f132ac452138d10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:40:17:82:1a:ca:9d:e2:0a:1f:3a:ea:dd:9b:
b7:58:65:17:d4:90:fe:0d:1b:56:6d:b5:35:f9:e2:
d3:7e:b9:83:87:9f:cd:ac:bb:b6:fb:05:a6:43:20:
d7:77:b9:b8:9b:93:e5:0b:de:2d:1d:ee:c4:be:62:
bf:74:23:1f:78:b4:b3:40:37:42:19:22:40:43:b6:
36:2a:5c:12:15:9f:59:0b:52:0d:38:94:2b:2a:87:
16:42:ae:ca:bb:26:43:8c:94:86:9f:52:8e:95:11:
42:12:c9:88:a4:3a:94:94:12:4c:4a:fd:a5:c8:82:
16:34:3e:e7:d6:4f:f1:e1:4c:45:0f:51:10:99:64:
f9:4f:3e:71:ac:17:f6:b6:b6:2d:78:ff:b2:1b:0a:
a0:91:f1:09:75:55:2b:53:b8:cf:82:7d:ae:e9:48:
99:5e:a9:5a:c9:47:71:15:5f:61:a7:e1:90:9c:23:
f8:58:e8:9d:21:78:e2:72:a5:6f:d2:c8:db:a0:20:
f6:a5:7f:25:84:b5:47:9c:85:84:9b:2a:b1:20:af:
07:0c:c2:c7:18:84:6f:20:b3:64:0e:8a:4b:44:9a:
ee:c9:2f:79:74:81:92:20:3b:ca:24:8d:36:cf:93:
5f:b5:05:94:65:fa:a1:dc:5e:07:65:c3:f1:4f:74:
cf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2E:ED:38:24:0C:A7:34:19:2A:3A:F3:F1:32:AC:45:21:38:D1:0E
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/Ui7tOCQMpzQZKjrz8TKsRSE40Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.96.0/22
95.175.0.0/19
193.239.206.0/23
194.63.132.0/22
217.11.135.0/24
IPv6:
2a04:1200::/29
Signature Algorithm: sha256WithRSAEncryption
03:32:23:80:6a:f4:52:27:6a:7f:ee:4e:1f:b8:d1:12:93:b5:
5e:52:26:25:0c:05:de:01:66:7c:f2:d4:e9:be:90:6d:11:1a:
fe:9c:12:31:b1:bc:f4:3a:ee:f8:a6:16:5c:33:56:a4:37:85:
8b:b7:7f:66:dd:96:ef:d5:c6:6f:c8:d7:9c:40:1b:5c:76:14:
bc:65:5c:30:3c:61:94:8f:11:0f:e1:ba:e8:a2:02:97:5a:4c:
0d:f6:02:67:62:2a:66:ff:05:d2:36:c5:0f:57:2a:f2:5b:85:
ba:fe:00:9f:38:2e:bf:94:f8:5a:60:26:3f:c5:73:f3:6d:e1:
e0:72:21:1c:fa:29:4f:ee:69:93:47:41:52:34:ef:87:8f:2f:
7d:3c:9a:f4:33:37:d9:2f:e8:38:d1:a1:e5:ed:02:79:75:76:
ff:18:83:68:d4:42:0d:be:9a:5c:82:af:ca:cf:8a:77:f3:56:
6f:51:03:ad:67:2b:ee:5a:e6:f4:23:36:a7:fe:d6:ce:60:7a:
c8:93:62:0d:0a:a9:6f:e3:a8:0b:c9:9f:21:1a:04:2b:e2:9c:
76:e8:d8:35:3b:91:1e:b7:ea:82:c5:33:99:27:54:71:7f:60:
7e:1f:91:f7:ef:02:61:84:c2:a9:04:65:41:12:84:56:c6:c5:
fe:6a:5c:b2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZVs4yLjfI0uQ4ONJADiKWHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjUwMzA2MTkxNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJlZWQzODI0MGNhNzM0MTkyYTNhZjNmMTMyYWM0NTIxMzhkMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUAXghrKneIKHzrq3Zu3WGUX1JD+
DRtWbbU1+eLTfrmDh5/NrLu2+wWmQyDXd7m4m5PlC94tHe7EvmK/dCMfeLSzQDdC
GSJAQ7Y2KlwSFZ9ZC1INOJQrKocWQq7KuyZDjJSGn1KOlRFCEsmIpDqUlBJMSv2l
yIIWND7n1k/x4UxFD1EQmWT5Tz5xrBf2trYteP+yGwqgkfEJdVUrU7jPgn2u6UiZ
XqlayUdxFV9hp+GQnCP4WOidIXjicqVv0sjboCD2pX8lhLVHnIWEmyqxIK8HDMLH
GIRvILNkDopLRJruyS95dIGSIDvKJI02z5NftQWUZfqh3F4HZcPxT3TPDwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFIu7TgkDKc0GSo68/EyrEUhONEOMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvVWk3dE9DUU1welFaS2pyejhUS3NSU0U0MFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW8FgAwQF
X68AAwQBwe/OAwQCwj+EAwQA2QuHMA0EAgACMAcDBQMqBBIAMA0GCSqGSIb3DQEB
CwUAA4IBAQADMiOAavRSJ2p/7k4fuNESk7VeUiYlDAXeAWZ88tTpvpBtERr+nBIx
sbz0Ou74phZcM1akN4WLt39m3Zbv1cZvyNecQBtcdhS8ZVwwPGGUjxEP4broogKX
WkwN9gJnYipm/wXSNsUPVyryW4W6/gCfOC6/lPhaYCY/xXPzbeHgciEc+ilP7mmT
R0FSNO+Hjy99PJr0MzfZL+g40aHl7QJ5dXb/GINo1EINvppcgq/Kz4p381ZvUQOt
ZyvuWub0Izan/tbOYHrIk2INCqlv46gLyZ8hGgQr4px26Ng1O5Eet+qCxTOZJ1Rx
f2B+H5H37wJhhMKpBGVBEoRWxsX+alyy
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net