Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/efjuARdCpmdiyPaUU3_AH5I4td0.roa
File: efjuARdCpmdiyPaUU3_AH5I4td0.roa (raw, json)
Hash identifier: 4c8sivagBq88/iXFQqILtQVXJqZtsZ5vEblRM7AxfcI=
Subject key identifier: 79:F8:EE:01:17:42:A6:67:62:C8:F6:94:53:7F:C0:1F:92:38:B5:DD
Certificate issuer: /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Certificate serial: 0194228E11F442DE6AB8A78BED4C3ABBB7E7
Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/efjuARdCpmdiyPaUU3_AH5I4td0.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35378
IP address blocks: 37.123.200.0/21 maxlen: 21
77.91.0.0/18 maxlen: 18
89.150.50.0/24 maxlen: 24
95.171.96.0/19 maxlen: 19
176.241.72.0/21 maxlen: 21
185.14.112.0/22 maxlen: 22
194.164.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:11:f4:42:de:6a:b8:a7:8b:ed:4c:3a:bb:b7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79f8ee011742a66762c8f694537fc01f9238b5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3b:57:12:73:ae:a8:ec:04:4f:fe:c0:b7:89:
40:1f:8c:40:dd:c3:65:df:38:27:b1:3d:f1:b8:c2:
03:26:76:87:2a:88:88:44:ad:b8:33:74:75:c7:6e:
69:dc:f8:bf:b1:61:13:af:37:7f:1a:22:8f:de:96:
be:6c:31:09:34:5f:12:69:0a:68:ae:34:03:4c:18:
a4:b8:36:9c:da:14:20:39:95:12:04:c8:e1:f3:82:
14:7e:02:f3:62:e6:fa:ba:16:cc:c9:02:20:c6:c6:
e2:fc:7b:58:0f:5d:51:08:32:56:5f:ff:9c:f9:ce:
67:36:f2:00:e3:eb:57:0e:7b:c1:33:be:26:41:cd:
c1:27:75:69:cc:d8:b1:7e:12:58:4c:27:69:80:33:
e5:b1:b0:61:86:95:4e:eb:79:9d:ce:82:57:df:ce:
40:03:db:48:14:8f:ea:3b:e0:23:c7:55:13:7e:31:
a7:f8:86:8b:e8:6e:64:b2:0d:2b:c7:1c:28:49:91:
f7:14:73:94:f7:a0:5b:01:e5:d6:f1:a8:e8:a2:8f:
dd:cf:f9:ae:da:9e:37:b6:4c:2f:d5:8a:7a:b0:bf:
70:0a:6e:1c:a7:79:47:5e:6b:93:99:6a:bc:ed:cf:
c3:85:da:93:0b:3e:b8:27:6d:1a:5c:a7:62:ed:37:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F8:EE:01:17:42:A6:67:62:C8:F6:94:53:7F:C0:1F:92:38:B5:DD
X509v3 Authority Key Identifier:
keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/efjuARdCpmdiyPaUU3_AH5I4td0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.200.0/21
77.91.0.0/18
89.150.50.0/24
95.171.96.0/19
176.241.72.0/21
185.14.112.0/22
194.164.13.0/24
Signature Algorithm: sha256WithRSAEncryption
77:6f:34:e6:9b:b7:38:dd:ea:1f:00:fb:8c:8c:e8:5b:f3:ca:
6a:f1:f0:2b:2c:50:71:54:5a:aa:28:b3:04:39:7f:aa:4b:a8:
58:8d:fa:d9:28:66:6f:bc:6f:ad:10:bc:0d:b2:61:1c:64:5f:
2d:91:88:e7:5b:c2:37:e1:f1:8b:d5:e6:03:9c:35:f7:18:51:
37:50:ca:d3:cf:46:85:b8:26:ba:37:3b:a6:e0:24:f9:d0:84:
6c:1a:f9:64:1e:44:60:8c:ed:7f:12:cf:5d:91:22:4e:4e:ab:
92:fe:2e:03:fe:f1:7c:7b:6a:50:19:c5:cb:98:65:72:34:d1:
7b:dc:59:84:35:f1:23:65:e2:22:76:5e:2d:d6:6c:87:f5:dc:
4f:ea:49:cd:75:49:46:3e:1b:2c:b3:d5:fe:83:38:ed:71:cb:
c2:b6:ea:1a:59:a4:8b:75:5e:c1:a5:ff:7d:27:89:02:f3:ad:
16:e0:9e:45:09:dd:5e:a0:73:f5:a7:77:9d:aa:0a:ed:b4:80:
79:63:26:0c:bb:e7:b9:86:7d:cc:c0:1e:40:13:13:0e:3e:b4:
b1:d7:1c:68:ca:98:7c:00:b4:fb:6a:b2:26:ea:38:d0:16:89:
94:6a:97:62:28:a0:50:c9:0d:92:10:70:01:ce:60:5f:08:86:
ec:60:4c:cb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQijhH0Qt5quKeL7Uw6u7fnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMy
Y2Q4MDIwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWY4ZWUwMTE3NDJhNjY3NjJjOGY2OTQ1MzdmYzAxZjkyMzhiNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojtXEnOuqOwET/7At4lAH4xA3cNl
3zgnsT3xuMIDJnaHKoiIRK24M3R1x25p3Pi/sWETrzd/GiKP3pa+bDEJNF8SaQpo
rjQDTBikuDac2hQgOZUSBMjh84IUfgLzYub6uhbMyQIgxsbi/HtYD11RCDJWX/+c
+c5nNvIA4+tXDnvBM74mQc3BJ3VpzNixfhJYTCdpgDPlsbBhhpVO63mdzoJX385A
A9tIFI/qO+Ajx1UTfjGn+IaL6G5ksg0rxxwoSZH3FHOU96BbAeXW8ajooo/dz/mu
2p43tkwv1Yp6sL9wCm4cp3lHXmuTmWq87c/DhdqTCz64J20aXKdi7Tdo4wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHn47gEXQqZnYsj2lFN/wB+SOLXdMB8GA1UdIwQY
MBaAFCG/ueIZ4V/tpq3Sljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODIt
NzNmZDJjMDM1ZWI1LzEvZWZqdUFSZENwbWRpeVBhVVUzX0FINUk0dGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1
LzEvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXvIAwQG
TVsAAwQAWZYyAwQFX6tgAwQDsPFIAwQCuQ5wAwQAwqQNMA0GCSqGSIb3DQEBCwUA
A4IBAQB3bzTmm7c43eofAPuMjOhb88pq8fArLFBxVFqqKLMEOX+qS6hYjfrZKGZv
vG+tELwNsmEcZF8tkYjnW8I34fGL1eYDnDX3GFE3UMrTz0aFuCa6Nzum4CT50IRs
GvlkHkRgjO1/Es9dkSJOTquS/i4D/vF8e2pQGcXLmGVyNNF73FmENfEjZeIidl4t
1myH9dxP6knNdUlGPhsss9X+gzjtccvCtuoaWaSLdV7Bpf99J4kC860W4J5FCd1e
oHP1p3edqgrttIB5YyYMu+e5hn3MwB5AExMOPrSx1xxoyph8ALT7arIm6jjQFomU
apdiKKBQyQ2SEHABzmBfCIbsYEzL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net