Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/Prk8tkpReDDrWlVwaB7JsXw3SRc.roa
File: Prk8tkpReDDrWlVwaB7JsXw3SRc.roa (raw, json)
Hash identifier: B+oy2+L+o88ApZfWzbpjY5Mj3PJT44y2vbtbnzkUCHQ=
Subject key identifier: 3E:B9:3C:B6:4A:51:78:30:EB:5A:55:70:68:1E:C9:B1:7C:37:49:17
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019537905CC698943EA0E7B49155B194242E
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/Prk8tkpReDDrWlVwaB7JsXw3SRc.roa
Signing time: Mon 24 Feb 2025 10:46:02 +0000
ROA not before: Mon 24 Feb 2025 10:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
45.130.212.0/22 maxlen: 24
77.73.233.0/24 maxlen: 24
77.73.235.0/24 maxlen: 24
77.73.238.0/24 maxlen: 24
82.202.128.0/22 maxlen: 24
83.222.20.0/23 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:90:5c:c6:98:94:3e:a0:e7:b4:91:55:b1:94:24:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Feb 24 10:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3eb93cb64a517830eb5a5570681ec9b17c374917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:62:8f:9e:a7:19:42:da:22:06:1c:5a:8b:d4:
bd:7c:0a:8e:60:f4:ea:9e:43:2e:f2:5d:1e:ec:d5:
5a:8f:7b:19:a8:9a:5e:0c:bd:0f:37:01:13:af:af:
a3:8a:c8:6a:5b:c0:ae:d6:4b:83:90:79:53:f5:3c:
21:a9:d7:62:5e:82:d6:68:3f:21:94:a1:b7:ab:67:
29:9d:57:48:4a:5b:f0:89:2a:b5:c5:52:4d:e6:d9:
d5:cb:25:2f:b2:06:1a:ea:42:08:74:cc:e5:42:9d:
34:0e:eb:52:84:d2:11:c9:91:96:f8:37:b7:7c:8a:
db:f8:5e:1b:e9:84:14:03:cb:74:6d:d5:b8:c4:b6:
aa:06:15:95:c3:24:63:31:02:08:86:b2:a0:73:e3:
d3:c0:36:c4:37:43:7e:bb:30:31:8f:74:26:d9:a5:
66:e7:e0:ad:a5:09:fd:92:77:08:17:33:d6:4c:d3:
72:e3:3f:4a:b6:41:06:2e:8c:e6:89:7c:b2:d0:87:
0f:5a:c8:57:45:35:a8:19:5f:24:47:f5:10:75:e9:
ff:a5:84:b8:e8:ff:fa:d4:32:c4:4f:d0:f4:69:f2:
82:7d:6c:18:b8:b0:b8:7e:a9:b1:d7:58:34:66:e9:
d5:46:64:26:f9:02:45:40:2a:da:ae:15:f2:c3:04:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B9:3C:B6:4A:51:78:30:EB:5A:55:70:68:1E:C9:B1:7C:37:49:17
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/Prk8tkpReDDrWlVwaB7JsXw3SRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
45.130.212.0/22
77.73.233.0/24
77.73.235.0/24
77.73.238.0/24
82.202.128.0/22
83.222.20.0/23
90.156.254.0/23
91.218.142.0/23
Signature Algorithm: sha256WithRSAEncryption
04:e9:4a:83:06:1b:c9:76:44:23:66:9f:97:c8:97:eb:16:d8:
07:04:a0:de:66:e1:76:06:79:c5:81:7e:a9:de:43:4c:78:7a:
4f:57:9d:77:38:cc:f5:d4:f5:ed:5f:24:40:81:b4:4e:d5:2b:
4e:56:d6:35:46:a9:34:0f:43:22:5f:00:3f:da:aa:fd:e0:86:
28:f9:0d:31:77:0e:81:de:f1:29:97:f7:96:d2:a2:82:c2:f8:
47:30:4f:8e:6c:4c:e2:03:1c:44:a5:23:b8:bd:85:74:35:b9:
ac:c3:4e:5e:96:f3:5d:bd:ce:7a:73:2c:c7:b9:18:bb:65:e2:
f8:f6:29:bd:5d:f2:3d:c5:1c:a9:0f:5c:e2:3f:ec:c6:5c:29:
2f:52:50:24:23:f0:cc:37:1d:35:65:f8:f8:ea:ba:f4:49:37:
4b:34:31:37:59:e8:23:95:7f:cb:7a:e8:09:f1:29:29:f3:d5:
fd:36:24:e0:a0:a6:2c:0c:36:c7:58:d8:1e:b3:bc:e9:89:ec:
ae:45:65:8b:3a:54:5b:da:08:67:3d:19:b8:31:04:7b:aa:97:
16:11:cc:83:e0:13:b7:fc:d5:6f:c4:56:77:7f:89:08:22:fb:
d2:f3:78:63:1a:11:19:d2:c0:10:b9:a3:d3:5e:c8:0d:e4:77:
95:c5:69:80
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZU3kFzGmJQ+oOe0kVWxlCQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwMjI0MTA0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI5M2NiNjRhNTE3ODMwZWI1YTU1NzA2ODFlYzliMTdjMzc0OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGKPnqcZQtoiBhxai9S9fAqOYPTq
nkMu8l0e7NVaj3sZqJpeDL0PNwETr6+jishqW8Cu1kuDkHlT9TwhqddiXoLWaD8h
lKG3q2cpnVdISlvwiSq1xVJN5tnVyyUvsgYa6kIIdMzlQp00DutShNIRyZGW+De3
fIrb+F4b6YQUA8t0bdW4xLaqBhWVwyRjMQIIhrKgc+PTwDbEN0N+uzAxj3Qm2aVm
5+CtpQn9kncIFzPWTNNy4z9KtkEGLozmiXyy0IcPWshXRTWoGV8kR/UQden/pYS4
6P/61DLET9D0afKCfWwYuLC4fqmx11g0ZunVRmQm+QJFQCrarhXywwQTlQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFD65PLZKUXgw61pVcGgeybF8N0kXMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvUHJrOHRrcFJlRERyV2xWd2FCN0pzWHczU1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCH4AgAwQC
LYLUAwQATUnpAwQATUnrAwQATUnuAwQCUsqAAwQBU94UAwQBWpz+AwQBW9qOMA0G
CSqGSIb3DQEBCwUAA4IBAQAE6UqDBhvJdkQjZp+XyJfrFtgHBKDeZuF2BnnFgX6p
3kNMeHpPV513OMz11PXtXyRAgbRO1StOVtY1Rqk0D0MiXwA/2qr94IYo+Q0xdw6B
3vEpl/eW0qKCwvhHME+ObEziAxxEpSO4vYV0Nbmsw05elvNdvc56cyzHuRi7ZeL4
9im9XfI9xRypD1ziP+zGXCkvUlAkI/DMNx01Zfj46rr0STdLNDE3WegjlX/LeugJ
8Skp89X9NiTgoKYsDDbHWNges7zpieyuRWWLOlRb2ghnPRm4MQR7qpcWEcyD4BO3
/NVvxFZ3f4kIIvvS83hjGhEZ0sAQuaPTXsgN5HeVxWmA
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:16:43 2025 by rpki-client on console.sobornost.net