Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/Pw9RBJHk-6VJkZDkzezuuvzuMDc.roa
File: Pw9RBJHk-6VJkZDkzezuuvzuMDc.roa (raw, json)
Hash identifier: KTrqAB2f6AG6ZEjHFsNbuwHsaF5ZAPbnL9PTp9QHu7g=
Subject key identifier: 3F:0F:51:04:91:E4:FB:A5:49:91:90:E4:CD:EC:EE:BA:FC:EE:30:37
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 0195F1160FB6C94C2516768C4CC0CC6CFDA5
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/Pw9RBJHk-6VJkZDkzezuuvzuMDc.roa
Signing time: Tue 01 Apr 2025 11:21:49 +0000
ROA not before: Tue 01 Apr 2025 11:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 2.59.244.0/22 maxlen: 22
89.38.216.0/21 maxlen: 21
103.95.124.0/22 maxlen: 22
103.115.182.0/23 maxlen: 23
103.132.4.0/22 maxlen: 22
103.204.220.0/23 maxlen: 23
185.124.100.0/22 maxlen: 22
185.250.76.0/22 maxlen: 22
193.36.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:16:0f:b6:c9:4c:25:16:76:8c:4c:c0:cc:6c:fd:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Apr 1 11:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f0f510491e4fba5499190e4cdeceebafcee3037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:21:57:c1:ae:03:f1:02:a7:97:9d:fb:41:44:
68:cb:27:c1:0b:67:51:cd:a5:88:c9:72:f9:f8:03:
e9:86:57:bf:e4:63:79:95:f7:32:2d:8a:5c:08:66:
d0:86:57:e4:82:0a:85:70:df:0c:0b:db:94:5f:44:
ac:ca:ce:79:d3:24:59:50:ad:88:33:fe:60:f2:e5:
2e:a5:6d:a2:55:aa:c8:bb:c0:33:d7:f7:3e:97:f2:
24:64:47:d9:66:2c:71:3a:e5:2f:76:53:9b:b0:0e:
94:13:69:21:ea:bd:0b:71:69:1e:dd:dd:ba:fa:e1:
fb:c3:36:66:db:90:bb:f5:ee:e7:70:ff:4b:5e:98:
db:57:29:61:87:c0:9e:ff:f2:86:6f:1e:95:92:3f:
94:95:b4:a7:51:f2:44:99:f1:55:e7:e7:3b:88:47:
15:22:c7:50:59:ee:5e:56:ed:de:1c:19:ea:67:ae:
ae:0f:8d:3a:1e:5f:76:76:f0:ab:b3:57:db:2a:87:
bd:ab:8c:3b:be:a7:a4:67:16:c0:be:21:a0:41:49:
07:31:18:94:8c:04:94:d7:d9:50:46:17:a6:32:d6:
0c:03:fd:19:d5:71:ee:0d:ab:a3:5e:49:bc:b9:93:
0c:81:ba:01:58:fc:76:22:b4:38:98:b4:c5:71:21:
6a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0F:51:04:91:E4:FB:A5:49:91:90:E4:CD:EC:EE:BA:FC:EE:30:37
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/Pw9RBJHk-6VJkZDkzezuuvzuMDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.244.0/22
89.38.216.0/21
103.95.124.0/22
103.115.182.0/23
103.132.4.0/22
103.204.220.0/23
185.124.100.0/22
185.250.76.0/22
193.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
59:4b:4a:80:b5:6d:59:16:e9:16:14:05:58:68:d9:47:59:5f:
91:44:82:3b:a4:a7:ab:65:82:70:12:80:16:e4:10:9b:49:b6:
25:ce:24:c4:92:e6:c4:4a:73:d7:e6:29:1d:03:fa:49:58:11:
30:2e:7f:36:23:45:60:2e:e5:3c:f7:5e:1e:bd:54:b7:68:04:
eb:d4:18:32:29:42:b9:b8:34:6b:08:bc:cf:27:31:57:ea:44:
ef:cc:fc:a8:2f:24:31:0e:d5:c3:bd:69:7f:05:2e:6f:df:9f:
b7:85:2f:b6:7a:01:03:9f:32:98:8b:6a:c3:bc:71:14:80:d1:
b6:24:7c:3e:c4:62:c8:1f:11:95:5e:0e:2d:cb:15:79:c8:9a:
87:75:d2:f5:d8:e8:21:49:fd:b0:cd:24:d0:6a:5b:9d:86:fa:
ea:69:b5:b1:9d:e5:4f:ea:da:ce:fc:e1:51:0d:d8:32:e0:e0:
e9:d1:a8:3d:7c:3a:e8:eb:27:90:6c:0f:94:ec:8a:14:dd:38:
c8:67:29:cb:43:46:9c:86:dd:0f:64:0a:63:47:ad:65:e9:b8:
21:f1:39:ba:f0:4a:88:8d:a5:22:2f:4c:a4:ce:8c:13:b8:dc:
33:31:6b:46:c3:ea:0e:1f:6c:67:d1:82:e2:31:f4:3e:c3:d4:
56:d0:96:b6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZXxFg+2yUwlFnaMTMDMbP2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjUwNDAxMTEyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBmNTEwNDkxZTRmYmE1NDk5MTkwZTRjZGVjZWViYWZjZWUzMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSFXwa4D8QKnl537QURoyyfBC2dR
zaWIyXL5+APphle/5GN5lfcyLYpcCGbQhlfkggqFcN8MC9uUX0Ssys550yRZUK2I
M/5g8uUupW2iVarIu8Az1/c+l/IkZEfZZixxOuUvdlObsA6UE2kh6r0LcWke3d26
+uH7wzZm25C79e7ncP9LXpjbVylhh8Ce//KGbx6Vkj+UlbSnUfJEmfFV5+c7iEcV
IsdQWe5eVu3eHBnqZ66uD406Hl92dvCrs1fbKoe9q4w7vqekZxbAviGgQUkHMRiU
jASU19lQRhemMtYMA/0Z1XHuDaujXkm8uZMMgboBWPx2IrQ4mLTFcSFqQwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFD8PUQSR5PulSZGQ5M3s7rr87jA3MB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvUHc5UkJKSGstNlZKa1pEa3plenV1dnp1TURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCAjv0AwQD
WSbYAwQCZ198AwQBZ3O2AwQCZ4QEAwQBZ8zcAwQCuXxkAwQCufpMAwQCwSRgMA0G
CSqGSIb3DQEBCwUAA4IBAQBZS0qAtW1ZFukWFAVYaNlHWV+RRII7pKerZYJwEoAW
5BCbSbYlziTEkubESnPX5ikdA/pJWBEwLn82I0VgLuU8914evVS3aATr1BgyKUK5
uDRrCLzPJzFX6kTvzPyoLyQxDtXDvWl/BS5v35+3hS+2egEDnzKYi2rDvHEUgNG2
JHw+xGLIHxGVXg4tyxV5yJqHddL12OghSf2wzSTQaludhvrqabWxneVP6trO/OFR
Ddgy4ODp0ag9fDro6yeQbA+U7IoU3TjIZynLQ0acht0PZApjR61l6bgh8Tm68EqI
jaUiL0ykzowTuNwzMWtGw+oOH2xn0YLiMfQ+w9RW0Ja2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net