Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/7f1f29-1242-41f4-a090-0d8fce3ebfbb/1/IYzUtQ8hFOs-8VOGgxs_H-lj6EQ.roa
File: IYzUtQ8hFOs-8VOGgxs_H-lj6EQ.roa (raw, json)
Hash identifier: KeusAo7L8fplwbm6NqFFjZfIEQ3ioDWGVykS8TkpQn4=
Subject key identifier: 21:8C:D4:B5:0F:21:14:EB:3E:F1:53:86:83:1B:3F:1F:E9:63:E8:44
Certificate issuer: /CN=8e1feb6b044bbf6111775bca038d65e6d2230f14
Certificate serial: 01960145BEA06525613E432CA247708E28AE
Authority key identifier: 8E:1F:EB:6B:04:4B:BF:61:11:77:5B:CA:03:8D:65:E6:D2:23:0F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jh_rawRLv2ERd1vKA41l5tIjDxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/7f1f29-1242-41f4-a090-0d8fce3ebfbb/1/IYzUtQ8hFOs-8VOGgxs_H-lj6EQ.roa
Signing time: Fri 04 Apr 2025 14:47:49 +0000
ROA not before: Fri 04 Apr 2025 14:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25308
IP address blocks: 88.210.15.0/24 maxlen: 24
88.210.16.0/24 maxlen: 24
88.210.17.0/24 maxlen: 24
88.210.18.0/24 maxlen: 24
88.210.19.0/24 maxlen: 24
88.210.22.0/24 maxlen: 24
88.210.23.0/24 maxlen: 24
212.118.44.0/24 maxlen: 24
212.118.46.0/23 maxlen: 23
212.118.46.0/24 maxlen: 24
212.118.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:01:45:be:a0:65:25:61:3e:43:2c:a2:47:70:8e:28:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1feb6b044bbf6111775bca038d65e6d2230f14
Validity
Not Before: Apr 4 14:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=218cd4b50f2114eb3ef15386831b3f1fe963e844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:54:70:89:5b:08:4f:69:e1:58:6d:a0:f7:
ac:c7:9a:d5:94:33:f8:ad:bc:c1:68:ee:8f:9f:ec:
fd:0a:68:aa:ea:ac:2d:76:61:f9:49:f9:e0:f8:de:
7e:b5:08:11:b8:74:4f:4c:6c:0a:16:36:4c:d8:3b:
d7:95:9f:6d:9e:c2:4e:4e:2b:10:fb:8d:44:a0:ce:
85:87:ca:ae:0c:74:7b:14:54:21:0a:39:2f:9b:c1:
f4:22:c8:e9:9b:67:63:f2:91:6d:22:01:41:ab:7f:
3a:e9:e4:2b:e5:77:a5:9d:4b:55:0c:4b:02:8d:3a:
b5:ca:05:eb:a5:4e:55:e0:93:b2:38:66:f0:26:f1:
fc:41:5b:c6:16:9d:f6:f3:b1:5a:29:1d:c2:15:ac:
54:72:6a:15:12:d3:75:57:e6:9e:38:cf:b1:f3:45:
08:13:48:e3:b1:8f:8a:76:2c:e9:ed:21:16:14:3b:
39:70:e1:34:f2:d2:94:80:86:70:a4:cb:5c:97:37:
d2:26:84:7e:6a:5b:64:7e:01:71:c8:b6:69:d6:09:
8d:c7:79:62:f2:05:8a:38:78:54:cb:47:ec:20:b3:
42:b9:9a:8a:83:b7:ea:aa:b5:d1:c4:aa:89:55:e8:
1e:eb:71:fe:f5:0b:2b:db:a7:7a:c5:e4:d3:21:63:
34:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:D4:B5:0F:21:14:EB:3E:F1:53:86:83:1B:3F:1F:E9:63:E8:44
X509v3 Authority Key Identifier:
keyid:8E:1F:EB:6B:04:4B:BF:61:11:77:5B:CA:03:8D:65:E6:D2:23:0F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jh_rawRLv2ERd1vKA41l5tIjDxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/7f1f29-1242-41f4-a090-0d8fce3ebfbb/1/IYzUtQ8hFOs-8VOGgxs_H-lj6EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/7f1f29-1242-41f4-a090-0d8fce3ebfbb/1/jh_rawRLv2ERd1vKA41l5tIjDxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.210.15.0-88.210.19.255
88.210.22.0/23
212.118.44.0/24
212.118.46.0/23
Signature Algorithm: sha256WithRSAEncryption
53:3d:98:fa:7e:ac:6d:a2:9c:f7:53:a0:06:0b:ed:57:ff:c5:
6f:b0:25:62:2f:60:30:6f:81:16:27:02:cc:28:26:32:77:a4:
ce:02:16:63:6e:a1:0e:76:b3:0c:b3:dc:01:d5:35:9a:f7:6e:
eb:bf:e4:92:73:be:ce:48:9a:9c:69:26:f4:f7:d6:62:0f:10:
b5:02:f5:c8:1c:bf:c7:43:b7:d0:9c:29:67:d8:f9:4b:6f:ee:
c7:9a:90:36:77:89:b6:71:cd:7a:a7:1e:24:17:39:39:a7:21:
6b:2b:38:a8:5b:dd:00:7d:db:e9:df:9d:87:48:50:70:d3:2c:
0f:f5:39:33:ee:8b:e8:48:95:d8:2e:8c:bc:56:4b:a6:ea:0e:
88:76:db:67:56:aa:99:b1:51:79:95:9f:89:1c:38:e9:0f:f3:
94:90:5d:09:fe:59:8f:15:6b:17:55:75:f3:58:19:e3:05:34:
77:f9:62:9e:3d:16:3b:d6:77:46:aa:a6:3d:91:19:e7:28:7b:
db:2f:cd:89:c3:89:0f:b1:56:68:ac:d1:05:3f:09:2a:a8:dc:
c8:66:7e:b1:d7:84:ad:dd:d7:49:07:20:35:d9:07:32:0a:f0:
b8:b8:12:bf:08:3b:f5:c7:32:c2:65:bf:a3:51:c4:08:0e:80:
98:5f:45:28
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZYBRb6gZSVhPkMsokdwjiiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWZlYjZiMDQ0YmJmNjExMTc3NWJjYTAzOGQ2NWU2ZDIy
MzBmMTQwHhcNMjUwNDA0MTQ0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjZDRiNTBmMjExNGViM2VmMTUzODY4MzFiM2YxZmU5NjNlODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqStUcIlbCE9p4VhtoPesx5rVlDP4
rbzBaO6Pn+z9Cmiq6qwtdmH5Sfng+N5+tQgRuHRPTGwKFjZM2DvXlZ9tnsJOTisQ
+41EoM6Fh8quDHR7FFQhCjkvm8H0Isjpm2dj8pFtIgFBq3866eQr5XelnUtVDEsC
jTq1ygXrpU5V4JOyOGbwJvH8QVvGFp3287FaKR3CFaxUcmoVEtN1V+aeOM+x80UI
E0jjsY+Kdizp7SEWFDs5cOE08tKUgIZwpMtclzfSJoR+altkfgFxyLZp1gmNx3li
8gWKOHhUy0fsILNCuZqKg7fqqrXRxKqJVege63H+9Qsr26d6xeTTIWM0FwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCGM1LUPIRTrPvFThoMbPx/pY+hEMB8GA1UdIwQY
MBaAFI4f62sES79hEXdbygONZebSIw8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhfcmF3Ukx2MkVSZDF2S0E0MWw1dElqRHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi83ZjFmMjktMTI0Mi00MWY0LWEwOTAt
MGQ4ZmNlM2ViZmJiLzEvSVl6VXRROGhGT3MtOFZPR2d4c19ILWxqNkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi83ZjFmMjktMTI0Mi00MWY0LWEwOTAtMGQ4ZmNlM2ViZmJi
LzEvamhfcmF3Ukx2MkVSZDF2S0E0MWw1dElqRHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABY0g8D
BAJY0hADBAFY0hYDBADUdiwDBAHUdi4wDQYJKoZIhvcNAQELBQADggEBAFM9mPp+
rG2inPdToAYL7Vf/xW+wJWIvYDBvgRYnAswoJjJ3pM4CFmNuoQ52swyz3AHVNZr3
buu/5JJzvs5ImpxpJvT31mIPELUC9cgcv8dDt9CcKWfY+Utv7seakDZ3ibZxzXqn
HiQXOTmnIWsrOKhb3QB92+nfnYdIUHDTLA/1OTPui+hIldgujLxWS6bqDoh222dW
qpmxUXmVn4kcOOkP85SQXQn+WY8VaxdVdfNYGeMFNHf5Yp49FjvWd0aqpj2RGeco
e9svzYnDiQ+xVmis0QU/CSqo3MhmfrHXhK3d10kHIDXZBzIK8Li4Er8IO/XHMsJl
v6NRxAgOgJhfRSg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net