Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/7cGpErFojxZQKCSeJeJ8U-ucjfw.roa
File: 7cGpErFojxZQKCSeJeJ8U-ucjfw.roa (raw, json)
Hash identifier: u8HNSCh1+MNiLey93QoDDaHwFmVThoOReQEndhAwPeo=
Subject key identifier: ED:C1:A9:12:B1:68:8F:16:50:28:24:9E:25:E2:7C:53:EB:9C:8D:FC
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0194236971299477DFED0245BF7AF94E6146
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/7cGpErFojxZQKCSeJeJ8U-ucjfw.roa
Signing time: Wed 01 Jan 2025 19:48:20 +0000
ROA not before: Wed 01 Jan 2025 19:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199883
IP address blocks: 89.36.220.0/22 maxlen: 24
89.38.144.0/22 maxlen: 24
89.40.120.0/22 maxlen: 24
94.177.248.0/22 maxlen: 24
94.177.252.0/22 maxlen: 24
185.58.224.0/22 maxlen: 24
217.61.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:71:29:94:77:df:ed:02:45:bf:7a:f9:4e:61:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 19:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edc1a912b1688f165028249e25e27c53eb9c8dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:75:97:37:e9:26:9d:70:1f:36:bc:82:f7:bc:
84:0e:fb:07:90:fc:75:68:8f:3c:5f:5f:c5:cd:8a:
1b:65:9f:fb:6c:0d:41:91:cf:34:17:fb:bf:3e:71:
a4:97:b7:d7:1a:51:9e:c8:39:e6:f4:95:77:50:21:
54:ab:d7:19:68:87:ce:cf:8b:98:2b:45:49:93:e4:
87:98:52:9b:cb:92:c3:7e:e3:62:fd:ca:d7:88:78:
66:60:93:80:d1:53:64:7c:15:7f:42:1a:14:82:31:
61:1e:19:d9:a5:40:2b:4b:4b:d7:c7:e5:a9:8d:ca:
9b:54:22:d5:a4:aa:5e:aa:ff:cd:82:24:0c:51:a9:
b6:12:dd:fa:26:5a:5f:6c:1c:83:57:e6:6c:7e:66:
3c:93:3f:d6:3c:85:38:20:19:f6:c6:d9:c9:8e:99:
72:37:2c:1a:e7:3a:d6:0a:5b:77:91:b4:6d:e4:0d:
e8:fc:f0:f4:eb:eb:a2:38:dc:2f:51:04:e1:36:b2:
96:5d:27:2f:18:02:98:d3:28:c8:bd:64:af:76:2e:
7a:6d:9d:04:5a:c5:b4:31:cf:0b:fa:da:b5:aa:9b:
8a:41:f3:ac:4d:2e:77:0b:38:11:39:33:6e:e3:06:
5c:e3:61:4e:b5:61:e8:c2:cb:1c:6a:97:26:ba:78:
62:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C1:A9:12:B1:68:8F:16:50:28:24:9E:25:E2:7C:53:EB:9C:8D:FC
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/7cGpErFojxZQKCSeJeJ8U-ucjfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.220.0/22
89.38.144.0/22
89.40.120.0/22
94.177.248.0/21
185.58.224.0/22
217.61.16.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:94:c0:ed:96:29:20:cc:74:6a:e6:3a:e4:7c:21:f1:58:36:
1f:32:4d:37:10:96:68:76:73:28:8a:b9:33:22:61:a0:1a:f8:
7b:81:73:76:5d:18:05:ce:a9:e0:0b:2b:ae:b7:0d:26:d3:51:
81:13:ac:54:0c:61:92:a7:cc:ea:d1:46:f2:85:14:16:21:bb:
3d:ca:ce:d3:57:f0:66:83:fd:aa:06:95:72:a9:a1:84:bd:21:
ed:0f:88:71:8a:a0:b2:34:bd:13:0a:6e:88:10:e7:d0:fe:52:
7c:4e:b7:05:82:d0:e1:31:56:c4:c6:a6:95:5e:d7:73:24:4c:
7c:67:0f:e4:e6:91:1e:a8:c8:3b:a2:e2:c8:da:0d:24:e4:00:
87:7c:03:53:13:62:ed:e9:e6:3c:ae:01:43:55:3c:b2:dc:a4:
31:f9:72:25:26:21:ed:84:d0:4d:fe:f0:11:e0:06:d5:77:61:
38:ed:9f:98:6b:f4:f9:fd:7f:c9:f3:10:6c:c4:ab:38:d1:32:
e2:86:36:ef:05:33:a6:50:ee:d9:ef:88:99:18:85:c8:cd:3e:
46:3a:0f:b9:31:ab:2c:64:cb:fa:99:7f:07:24:e3:c7:07:77:
2f:92:81:58:93:18:7e:38:74:15:6c:b7:56:68:8e:18:2d:51:
f3:2a:a4:18
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQjaXEplHff7QJFv3r5TmFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjUwMTAxMTk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGMxYTkxMmIxNjg4ZjE2NTAyODI0OWUyNWUyN2M1M2ViOWM4ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HWXN+kmnXAfNryC97yEDvsHkPx1
aI88X1/FzYobZZ/7bA1Bkc80F/u/PnGkl7fXGlGeyDnm9JV3UCFUq9cZaIfOz4uY
K0VJk+SHmFKby5LDfuNi/crXiHhmYJOA0VNkfBV/QhoUgjFhHhnZpUArS0vXx+Wp
jcqbVCLVpKpeqv/NgiQMUam2Et36JlpfbByDV+ZsfmY8kz/WPIU4IBn2xtnJjply
Nywa5zrWClt3kbRt5A3o/PD06+uiONwvUQThNrKWXScvGAKY0yjIvWSvdi56bZ0E
WsW0Mc8L+tq1qpuKQfOsTS53CzgROTNu4wZc42FOtWHowsscapcmunhitQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO3BqRKxaI8WUCgkniXifFPrnI38MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvN2NHcEVyRm9qeFpRS0NTZUplSjhVLXVjamZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCWSTcAwQC
WSaQAwQCWSh4AwQDXrH4AwQCuTrgAwQD2T0QMA0GCSqGSIb3DQEBCwUAA4IBAQCu
lMDtlikgzHRq5jrkfCHxWDYfMk03EJZodnMoirkzImGgGvh7gXN2XRgFzqngCyuu
tw0m01GBE6xUDGGSp8zq0UbyhRQWIbs9ys7TV/Bmg/2qBpVyqaGEvSHtD4hxiqCy
NL0TCm6IEOfQ/lJ8TrcFgtDhMVbExqaVXtdzJEx8Zw/k5pEeqMg7ouLI2g0k5ACH
fANTE2Lt6eY8rgFDVTyy3KQx+XIlJiHthNBN/vAR4AbVd2E47Z+Ya/T5/X/J8xBs
xKs40TLihjbvBTOmUO7Z74iZGIXIzT5GOg+5MassZMv6mX8HJOPHB3cvkoFYkxh+
OHQVbLdWaI4YLVHzKqQY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net