Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/fMI-jCDaaLsxpmL0Z0hMaMI0pwA.roa
File: fMI-jCDaaLsxpmL0Z0hMaMI0pwA.roa (raw, json)
Hash identifier: Ft2AV1Fb/Osk91o2uc7E3/mf/b9LB0/k5lu+soQUSmI=
Subject key identifier: 7C:C2:3E:8C:20:DA:68:BB:31:A6:62:F4:67:48:4C:68:C2:34:A7:00
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 019594E3C45C122039CF24A6CFB1CE47C949
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/fMI-jCDaaLsxpmL0Z0hMaMI0pwA.roa
Signing time: Fri 14 Mar 2025 13:41:49 +0000
ROA not before: Fri 14 Mar 2025 13:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34245
IP address blocks: 85.91.0.0/19 maxlen: 24
87.192.80.0/24 maxlen: 24
87.192.220.0/23 maxlen: 24
87.198.0.0/16 maxlen: 24
87.198.204.0/24 maxlen: 24
87.232.32.0/19 maxlen: 24
87.232.64.0/18 maxlen: 24
87.232.128.0/21 maxlen: 24
87.232.134.0/24 maxlen: 24
87.232.193.0/24 maxlen: 24
87.232.224.0/24 maxlen: 24
87.232.250.0/23 maxlen: 24
87.232.252.0/22 maxlen: 24
89.124.242.0/23 maxlen: 24
89.124.244.0/24 maxlen: 24
89.127.252.0/23 maxlen: 24
89.127.252.0/24 maxlen: 24
89.127.253.0/24 maxlen: 24
185.106.88.0/22 maxlen: 24
212.17.32.0/19 maxlen: 24
213.79.32.0/19 maxlen: 24
213.159.128.0/22 maxlen: 24
2a01:148::/29 maxlen: 32
2a01:148::/32 maxlen: 32
2a01:14f::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:e3:c4:5c:12:20:39:cf:24:a6:cf:b1:ce:47:c9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Mar 14 13:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cc23e8c20da68bb31a662f467484c68c234a700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:49:83:37:c4:35:03:1f:90:00:33:e1:2e:e0:
71:52:9f:01:3d:81:35:c3:db:2a:31:df:54:86:0b:
3d:70:56:5c:d3:2d:3c:4c:a0:f8:b5:a0:bc:c7:5b:
1b:40:6d:75:92:35:75:1f:79:c6:b5:d8:9c:b0:13:
88:7d:58:7a:11:07:be:9a:8e:f7:92:41:c7:af:c2:
e6:a7:6f:87:3c:43:75:c7:56:90:8f:9f:87:8a:f7:
78:63:57:65:17:81:cc:ec:13:50:17:5a:5e:f6:88:
eb:be:c1:d5:57:64:fd:67:fd:ad:0e:f8:c6:fc:16:
6c:e0:83:c7:a5:b3:c6:1f:a9:e2:96:db:21:56:97:
15:97:59:bd:84:dc:3f:9e:06:b7:fb:7d:3f:b8:59:
c4:b2:fe:78:ce:fd:63:5e:44:e3:8a:32:7b:ab:a4:
0c:23:b1:f0:5d:d5:01:9a:30:1a:db:c0:2c:69:bd:
b3:2c:75:f0:1e:84:89:16:2d:1d:c5:7c:c5:ae:19:
81:7e:51:7c:34:0d:c5:b9:98:c6:d9:b7:31:93:29:
1d:82:fd:43:54:aa:a9:d6:f2:a0:35:01:7b:cc:e3:
87:88:c6:ee:e0:92:1c:3f:58:a3:7c:f0:e3:1c:9d:
be:fc:9e:6a:ac:d1:be:8a:2e:ef:f3:78:0d:3f:84:
ee:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C2:3E:8C:20:DA:68:BB:31:A6:62:F4:67:48:4C:68:C2:34:A7:00
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/fMI-jCDaaLsxpmL0Z0hMaMI0pwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.0.0/19
87.192.80.0/24
87.192.220.0/23
87.198.0.0/16
87.232.32.0-87.232.135.255
87.232.193.0/24
87.232.224.0/24
87.232.250.0-87.232.255.255
89.124.242.0-89.124.244.255
89.127.252.0/23
185.106.88.0/22
212.17.32.0/19
213.79.32.0/19
213.159.128.0/22
IPv6:
2a01:148::/29
Signature Algorithm: sha256WithRSAEncryption
0d:97:51:c7:75:a4:ba:16:eb:ae:53:6f:a5:08:fc:a6:02:f5:
1a:97:47:5e:df:02:a8:3c:5c:0c:57:40:06:92:b6:e0:00:91:
f5:0d:16:db:25:35:cb:b5:bf:1f:5c:ee:ba:06:07:6b:f9:15:
b0:1f:e0:a3:54:a2:cb:4f:2b:6d:47:5e:8d:65:1b:d4:16:f5:
c7:1c:c9:fc:87:e6:8a:36:ab:f4:f6:98:d6:04:61:30:dd:ae:
bd:37:0a:02:18:1f:21:be:48:67:71:d7:b1:08:bf:f4:7e:92:
29:cb:b5:43:64:96:9e:a4:c5:ee:a0:f2:3f:0a:49:1a:3f:dc:
fe:ef:02:6c:0f:7b:9e:6a:22:31:fd:63:45:0d:88:f8:cc:64:
97:f9:8d:ee:e5:0f:9a:d7:e2:05:8d:ee:49:2e:41:3a:95:cf:
8d:ca:8e:cb:b9:f9:58:39:d6:13:60:03:6e:00:00:ea:64:f3:
ff:c6:3c:ba:28:52:b9:00:8c:75:07:5e:5e:f8:52:ba:bf:10:
62:aa:45:1a:a0:4e:c3:2d:92:68:45:4d:37:cb:c9:a8:18:ed:
a6:8e:d2:00:b1:7b:66:44:05:7f:cc:5d:b0:24:de:17:55:7f:
09:4e:76:f4:50:84:06:e1:c1:9d:c9:b7:3b:d4:01:7f:eb:ea:
e4:f2:d8:4a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZWU48RcEiA5zySmz7HOR8lJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjUwMzE0MTM0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2MyM2U4YzIwZGE2OGJiMzFhNjYyZjQ2NzQ4NGM2OGMyMzRhNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkmDN8Q1Ax+QADPhLuBxUp8BPYE1
w9sqMd9Uhgs9cFZc0y08TKD4taC8x1sbQG11kjV1H3nGtdicsBOIfVh6EQe+mo73
kkHHr8Lmp2+HPEN1x1aQj5+Hivd4Y1dlF4HM7BNQF1pe9ojrvsHVV2T9Z/2tDvjG
/BZs4IPHpbPGH6niltshVpcVl1m9hNw/nga3+30/uFnEsv54zv1jXkTjijJ7q6QM
I7HwXdUBmjAa28Asab2zLHXwHoSJFi0dxXzFrhmBflF8NA3FuZjG2bcxkykdgv1D
VKqp1vKgNQF7zOOHiMbu4JIcP1ijfPDjHJ2+/J5qrNG+ii7v83gNP4TusQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHzCPowg2mi7MaZi9GdITGjCNKcAMB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvZk1JLWpDRGFhTHN4cG1MMFowaE1hTUkwcHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVVsA
AwQAV8BQAwQBV8DcAwMAV8YwDAMEBVfoIAMEA1fogAMEAFfowQMEAFfo4DALAwQB
V+j6AwMAV+gwDAMEAVl88gMEAFl89AMEAVl//AMEArlqWAMEBdQRIAMEBdVPIAME
AtWfgDANBAIAAjAHAwUDKgEBSDANBgkqhkiG9w0BAQsFAAOCAQEADZdRx3Wkuhbr
rlNvpQj8pgL1GpdHXt8CqDxcDFdABpK24ACR9Q0W2yU1y7W/H1zuugYHa/kVsB/g
o1Siy08rbUdejWUb1Bb1xxzJ/Ifmijar9PaY1gRhMN2uvTcKAhgfIb5IZ3HXsQi/
9H6SKcu1Q2SWnqTF7qDyPwpJGj/c/u8CbA97nmoiMf1jRQ2I+Mxkl/mN7uUPmtfi
BY3uSS5BOpXPjcqOy7n5WDnWE2ADbgAA6mTz/8Y8uihSuQCMdQdeXvhSur8QYqpF
GqBOwy2SaEVNN8vJqBjtpo7SALF7ZkQFf8xdsCTeF1V/CU529FCEBuHBncm3O9QB
f+vq5PLYSg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net