Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/01X6uEQds9Y9s0Nj6vCgByaYk4o.roa
File: 01X6uEQds9Y9s0Nj6vCgByaYk4o.roa (raw, json)
Hash identifier: zRPbzdJELLZCFUdSNf06UKLGLPusehNC5YazUYIIsTM=
Subject key identifier: D3:55:FA:B8:44:1D:B3:D6:3D:B3:43:63:EA:F0:A0:07:26:98:93:8A
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 01942067D8F2BCCCA1A339B40D01061FC71C
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/01X6uEQds9Y9s0Nj6vCgByaYk4o.roa
Signing time: Wed 01 Jan 2025 05:47:44 +0000
ROA not before: Wed 01 Jan 2025 05:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8455
IP address blocks: 85.222.236.0/24 maxlen: 24
85.222.237.0/24 maxlen: 24
85.222.238.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
89.255.200.0/21 maxlen: 24
89.255.200.0/24 maxlen: 24
89.255.201.0/24 maxlen: 24
89.255.202.0/24 maxlen: 24
89.255.203.0/24 maxlen: 24
89.255.204.0/24 maxlen: 24
89.255.205.0/24 maxlen: 24
89.255.206.0/24 maxlen: 24
89.255.207.0/24 maxlen: 24
185.223.86.0/23 maxlen: 24
185.234.96.0/22 maxlen: 24
185.242.220.0/22 maxlen: 22
195.43.158.0/24 maxlen: 24
195.137.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d8:f2:bc:cc:a1:a3:39:b4:0d:01:06:1f:c7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 1 05:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d355fab8441db3d63db34363eaf0a0072698938a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:bb:24:b0:7d:85:e0:52:cd:b7:48:e2:35:
4d:44:16:8d:97:dc:84:04:90:b6:25:f5:d2:46:05:
7d:90:17:2f:74:35:ce:6e:6a:a4:b9:8f:32:6f:59:
a0:e5:ea:b6:85:79:eb:40:6a:08:02:b0:79:5e:65:
4d:22:68:8f:2c:df:98:1a:16:09:e0:8d:71:41:23:
09:0d:e3:a2:9f:40:86:65:c6:c8:74:6a:7d:6e:14:
23:2a:3a:49:6f:bd:e3:9d:5d:b4:06:df:8f:a5:0e:
70:20:6f:b7:9c:01:b8:03:ee:e2:d1:e2:9f:05:6d:
49:98:a0:64:e2:06:f8:45:41:e1:d5:04:5a:a3:eb:
5e:c9:7f:f0:91:65:6f:92:33:26:05:ea:7b:c0:aa:
b6:a3:d2:02:0a:31:e8:57:bd:b9:b8:ef:37:b4:11:
be:52:42:fc:be:95:73:d8:e8:7a:7f:f6:e1:76:48:
ff:ba:e6:24:be:4d:25:79:2f:b6:95:8a:e6:ec:a1:
3b:9b:31:8c:ae:34:6e:cb:b6:93:a1:ec:73:4c:1d:
42:db:d3:e7:1b:61:c6:92:e6:25:5a:bd:d5:2b:83:
6b:f9:11:af:01:d0:0c:d6:f0:2c:69:91:b4:d3:cf:
02:7b:dc:32:8f:ef:9d:31:fe:1c:0e:ec:5a:f1:1c:
03:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:55:FA:B8:44:1D:B3:D6:3D:B3:43:63:EA:F0:A0:07:26:98:93:8A
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/01X6uEQds9Y9s0Nj6vCgByaYk4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.236.0/22
89.255.200.0/21
185.223.86.0/23
185.234.96.0/22
185.242.220.0/22
195.43.158.0/24
195.137.242.0/24
Signature Algorithm: sha256WithRSAEncryption
44:a1:b6:dd:6d:2d:8d:8c:5a:f6:2d:34:30:a4:d3:3b:d5:98:
b5:85:3f:d1:15:32:ae:5f:eb:8d:b4:48:97:0c:a0:0c:70:65:
0d:d6:bf:bc:bf:65:a3:76:d9:7f:5a:7e:bd:e1:29:39:52:48:
4f:40:5d:91:d7:61:84:2d:f3:41:f2:eb:c4:89:f3:5a:78:9d:
53:a8:5d:d2:3c:4d:9f:17:e2:98:5c:eb:65:4b:0c:e3:c3:2e:
f8:89:f4:39:ab:b8:81:af:5b:c5:96:d2:3a:70:c1:25:e4:c1:
09:e6:40:4c:36:2f:ae:9e:fa:ba:94:91:03:5e:37:94:5d:0b:
15:70:77:5e:29:ac:24:75:02:1f:c4:a8:2e:08:9b:51:3b:a7:
4a:0e:c6:16:58:9d:96:6b:f5:e4:01:f2:0e:2d:d8:6d:18:f9:
ec:08:3e:d1:80:31:0b:a0:f1:f0:07:d2:29:72:d5:a9:29:df:
c7:97:c5:70:b4:76:fc:a7:89:01:f1:d7:23:6e:58:0e:bb:ce:
23:3d:53:c9:00:79:9e:c8:6b:ec:83:34:71:1f:5e:75:5e:61:
68:d6:31:4d:ea:28:15:7a:1c:c4:c7:dc:3b:a9:91:71:05:74:
68:cc:4e:85:ab:e5:eb:04:a7:ef:48:0b:d0:d8:ca:b2:39:00:
73:7d:32:f8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQgZ9jyvMyhozm0DQEGH8ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjUwMTAxMDU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU1ZmFiODQ0MWRiM2Q2M2RiMzQzNjNlYWYwYTAwNzI2OTg5MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0m7JLB9heBSzbdI4jVNRBaNl9yE
BJC2JfXSRgV9kBcvdDXObmqkuY8yb1mg5eq2hXnrQGoIArB5XmVNImiPLN+YGhYJ
4I1xQSMJDeOin0CGZcbIdGp9bhQjKjpJb73jnV20Bt+PpQ5wIG+3nAG4A+7i0eKf
BW1JmKBk4gb4RUHh1QRao+teyX/wkWVvkjMmBep7wKq2o9ICCjHoV725uO83tBG+
UkL8vpVz2Oh6f/bhdkj/uuYkvk0leS+2lYrm7KE7mzGMrjRuy7aToexzTB1C29Pn
G2HGkuYlWr3VK4Nr+RGvAdAM1vAsaZG0088Ce9wyj++dMf4cDuxa8RwD7wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNNV+rhEHbPWPbNDY+rwoAcmmJOKMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvMDFYNnVFUWRzOVk5czBOajZ2Q2dCeWFZazRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVd7sAwQD
Wf/IAwQBud9WAwQCuepgAwQCufLcAwQAwyueAwQAw4nyMA0GCSqGSIb3DQEBCwUA
A4IBAQBEobbdbS2NjFr2LTQwpNM71Zi1hT/RFTKuX+uNtEiXDKAMcGUN1r+8v2Wj
dtl/Wn694Sk5UkhPQF2R12GELfNB8uvEifNaeJ1TqF3SPE2fF+KYXOtlSwzjwy74
ifQ5q7iBr1vFltI6cMEl5MEJ5kBMNi+unvq6lJEDXjeUXQsVcHdeKawkdQIfxKgu
CJtRO6dKDsYWWJ2Wa/XkAfIOLdhtGPnsCD7RgDELoPHwB9IpctWpKd/Hl8VwtHb8
p4kB8dcjblgOu84jPVPJAHmeyGvsgzRxH151XmFo1jFN6igVehzEx9w7qZFxBXRo
zE6Fq+XrBKfvSAvQ2MqyOQBzfTL4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net