Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/G_1BjHa-Ii2Y9oecPQ2LQCQwR58.roa
File: G_1BjHa-Ii2Y9oecPQ2LQCQwR58.roa (raw, json)
Hash identifier: 8hKbU4VqspkNDKDSQPFelJhuWZ21X39DPqFIjGUgHFM=
Subject key identifier: 1B:FD:41:8C:76:BE:22:2D:98:F6:87:9C:3D:0D:8B:40:24:30:47:9F
Certificate issuer: /CN=f8b3d58d993f960840f7ef2fe20c008adc971f97
Certificate serial: 01941FFA0141B23552243B9324431B09C9EE
Authority key identifier: F8:B3:D5:8D:99:3F:96:08:40:F7:EF:2F:E2:0C:00:8A:DC:97:1F:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-LPVjZk_lghA9-8v4gwAityXH5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/G_1BjHa-Ii2Y9oecPQ2LQCQwR58.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41000
IP address blocks: 176.74.16.0/21 maxlen: 21
185.86.108.0/22 maxlen: 22
185.176.248.0/22 maxlen: 22
193.23.224.0/24 maxlen: 24
193.33.178.0/23 maxlen: 23
194.110.243.0/24 maxlen: 24
195.170.173.0/24 maxlen: 24
2a00:b980::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:01:41:b2:35:52:24:3b:93:24:43:1b:09:c9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8b3d58d993f960840f7ef2fe20c008adc971f97
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bfd418c76be222d98f6879c3d0d8b402430479f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:03:db:4d:3c:60:f7:d4:b9:e1:ab:37:ee:da:
3d:f8:f5:af:fb:55:71:27:9d:df:7e:e6:24:73:df:
b4:db:4d:59:62:75:25:6e:95:d2:f2:5a:1b:18:c8:
20:af:ce:aa:63:0f:0f:6a:45:cb:6c:ef:30:29:bb:
c8:ea:6c:1d:93:5d:9d:a2:0c:84:3d:f4:65:48:0f:
df:26:49:41:52:79:ad:0c:5b:fe:52:fa:f9:73:df:
06:df:34:d8:d9:05:93:a3:4a:06:7b:68:0c:91:57:
88:df:25:d5:82:d5:7d:42:13:d0:5d:fe:1a:a3:ab:
40:e7:01:db:32:50:be:f3:cb:86:ce:03:47:fe:f7:
8f:b3:b2:e0:25:fa:b6:d4:16:c7:2c:93:47:8e:ee:
cc:79:3f:aa:9f:4c:d4:04:13:72:35:b0:9a:d0:cd:
2a:8d:64:bc:e7:c9:10:7f:cc:ff:33:06:4c:41:07:
a7:f0:11:d4:f6:37:97:62:50:ea:e3:b0:92:8e:59:
25:39:45:f3:07:e1:5f:5b:25:4a:7f:ac:c1:c8:40:
0a:ea:13:ab:bb:6d:fc:c1:c5:9a:ce:4a:0b:38:e3:
9e:34:77:00:fb:96:78:39:77:ec:da:29:f4:22:19:
71:c8:7c:96:5c:4d:35:6e:fd:46:f4:6f:6e:7c:5e:
70:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FD:41:8C:76:BE:22:2D:98:F6:87:9C:3D:0D:8B:40:24:30:47:9F
X509v3 Authority Key Identifier:
keyid:F8:B3:D5:8D:99:3F:96:08:40:F7:EF:2F:E2:0C:00:8A:DC:97:1F:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-LPVjZk_lghA9-8v4gwAityXH5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/G_1BjHa-Ii2Y9oecPQ2LQCQwR58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/1-LPVjZk_lghA9-8v4gwAityXH5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.16.0/21
185.86.108.0/22
185.176.248.0/22
193.23.224.0/24
193.33.178.0/23
194.110.243.0/24
195.170.173.0/24
IPv6:
2a00:b980::/29
Signature Algorithm: sha256WithRSAEncryption
10:dd:6f:97:c7:b5:5e:3b:ae:e7:9f:8d:d9:f7:e9:7a:c6:8f:
d8:cd:9d:a9:da:59:be:bf:67:eb:dc:8f:95:6b:e2:35:f7:27:
88:c9:c4:f2:3f:f3:9c:07:b8:fe:83:ef:f1:5a:60:ef:45:3e:
4c:c5:16:d7:72:5f:26:d8:b8:f7:a4:47:cd:59:12:c3:ba:3d:
c8:cf:9a:dd:c9:e2:07:ed:44:a0:42:f8:ba:51:91:7d:18:20:
7a:5c:6f:5b:e2:27:ba:29:d4:15:93:71:49:14:e1:4e:d7:84:
de:bf:c2:ea:c6:16:5a:67:c0:9b:dc:c5:8f:04:a8:07:59:a3:
89:cb:15:1d:22:69:5e:e7:19:bc:d6:70:76:42:c5:3c:74:5b:
cb:77:a5:75:02:5e:4b:60:51:7a:18:f5:e6:86:83:be:cf:a5:
fd:30:bc:71:f0:42:22:36:52:62:d6:6a:68:75:05:3b:0d:60:
fb:7f:1d:6b:a6:dc:56:7e:30:82:f4:2b:72:95:8b:9b:d2:f0:
55:94:57:85:9a:ae:c9:ad:89:cc:a8:b8:8d:9a:07:11:df:36:
3b:3c:36:65:98:a6:59:3f:e9:0d:76:b6:a9:fa:e4:14:9f:b6:
34:1f:e8:46:53:76:76:81:1e:6c:57:b5:5a:51:e6:8d:2e:e0:
97:ed:61:46
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQf+gFBsjVSJDuTJEMbCcnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YjNkNThkOTkzZjk2MDg0MGY3ZWYyZmUyMGMwMDhhZGM5
NzFmOTcwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmZkNDE4Yzc2YmUyMjJkOThmNjg3OWMzZDBkOGI0MDI0MzA0NzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgPbTTxg99S54as37to9+PWv+1Vx
J53ffuYkc9+0201ZYnUlbpXS8lobGMggr86qYw8PakXLbO8wKbvI6mwdk12dogyE
PfRlSA/fJklBUnmtDFv+Uvr5c98G3zTY2QWTo0oGe2gMkVeI3yXVgtV9QhPQXf4a
o6tA5wHbMlC+88uGzgNH/vePs7LgJfq21BbHLJNHju7MeT+qn0zUBBNyNbCa0M0q
jWS858kQf8z/MwZMQQen8BHU9jeXYlDq47CSjlklOUXzB+FfWyVKf6zByEAK6hOr
u238wcWazkoLOOOeNHcA+5Z4OXfs2in0IhlxyHyWXE01bv1G9G9ufF5wDwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBv9QYx2viItmPaHnD0Ni0AkMEefMB8GA1UdIwQY
MBaAFPiz1Y2ZP5YIQPfvL+IMAIrclx+XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1MUFZqWmtfbGdoQTktOHY0Z3dBaXR5WEg1Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvOGI1OGU5LTMyMzAtNDQxOC04ZjY4
LTgxMjI0ZTQ4MGMwMy8xL0dfMUJqSGEtSWkyWTlvZWNQUTJMUUNRd1I1OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvOGI1OGU5LTMyMzAtNDQxOC04ZjY4LTgxMjI0ZTQ4MGMw
My8xLzEtTFBWalprX2xnaEE5LTh2NGd3QWl0eVhINWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8EQzBBMDAEAgABMCoDBAOwShAD
BAK5VmwDBAK5sPgDBADBF+ADBAHBIbIDBADCbvMDBADDqq0wDQQCAAIwBwMFAyoA
uYAwDQYJKoZIhvcNAQELBQADggEBABDdb5fHtV47ruefjdn36XrGj9jNnanaWb6/
Z+vcj5Vr4jX3J4jJxPI/85wHuP6D7/FaYO9FPkzFFtdyXybYuPekR81ZEsO6PcjP
mt3J4gftRKBC+LpRkX0YIHpcb1viJ7op1BWTcUkU4U7XhN6/wurGFlpnwJvcxY8E
qAdZo4nLFR0iaV7nGbzWcHZCxTx0W8t3pXUCXktgUXoY9eaGg77Ppf0wvHHwQiI2
UmLWamh1BTsNYPt/HWum3FZ+MIL0K3KVi5vS8FWUV4WarsmticyouI2aBxHfNjs8
NmWYplk/6Q12tqn65BSftjQf6EZTdnaBHmxXtVpR5o0u4JftYUY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:25 2025 by rpki-client on console.sobornost.net