Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/GelQ-wpEtVaOdgayfz6S6TVZ0zQ.roa
File: GelQ-wpEtVaOdgayfz6S6TVZ0zQ.roa (raw, json)
Hash identifier: /97Q6YMRjpTXM1yiFxK+BKHm6SI3QfLA+ZDxZJQchX4=
Subject key identifier: 19:E9:50:FB:0A:44:B5:56:8E:76:06:B2:7F:3E:92:E9:35:59:D3:34
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 01941F8C1BC6FF459966D0283174ADD4073C
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/GelQ-wpEtVaOdgayfz6S6TVZ0zQ.roa
Signing time: Wed 01 Jan 2025 01:47:43 +0000
ROA not before: Wed 01 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20836
IP address blocks: 95.157.64.0/19 maxlen: 24
95.157.96.0/19 maxlen: 24
178.249.184.0/21 maxlen: 24
178.249.189.0/24 maxlen: 24
185.47.228.0/22 maxlen: 24
217.171.32.0/20 maxlen: 24
2001:b60::/32 maxlen: 48
2001:b61::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1b:c6:ff:45:99:66:d0:28:31:74:ad:d4:07:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Jan 1 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19e950fb0a44b5568e7606b27f3e92e93559d334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:a7:71:2c:77:ad:54:9d:ab:c1:17:7c:f4:
a0:55:2e:ef:fa:e9:3e:fb:bc:a9:56:bd:df:97:f2:
2d:cd:e8:f1:77:f6:e2:d9:2e:7c:5b:27:f6:41:da:
0a:91:61:6f:e0:de:6a:6c:64:e9:33:ac:b0:2c:78:
a9:fb:b6:18:c6:59:23:86:d7:6c:14:6e:5e:5a:ec:
48:02:e3:0d:cc:a1:cc:27:d3:59:79:0a:3a:6b:9c:
b1:df:7b:b3:a9:d3:20:e2:63:fd:f4:24:da:eb:f2:
3e:a8:8c:cd:a2:73:af:1f:37:25:1f:c4:cc:91:d5:
40:ad:45:e0:b1:5f:52:13:6a:03:3b:ea:0e:09:43:
3f:10:b7:58:2b:6a:c3:fc:ac:65:d1:ac:28:a0:ec:
f3:b3:8d:ec:7a:f2:60:93:a6:0f:92:23:ef:2e:95:
32:c3:07:70:2a:2b:2c:19:89:62:45:21:f7:e5:ef:
5c:92:65:c3:10:2b:2f:50:99:82:93:c8:e3:4a:28:
2b:4a:da:df:a0:4d:22:6a:98:ad:91:5b:b1:c2:42:
60:63:bc:01:22:32:32:ed:be:53:01:40:bc:8f:21:
d8:7d:3b:62:52:1e:af:48:58:5f:ec:59:76:09:18:
db:7f:08:be:67:7e:4e:d4:90:fb:7f:5f:96:44:f9:
12:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E9:50:FB:0A:44:B5:56:8E:76:06:B2:7F:3E:92:E9:35:59:D3:34
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/GelQ-wpEtVaOdgayfz6S6TVZ0zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.64.0/18
178.249.184.0/21
185.47.228.0/22
217.171.32.0/20
IPv6:
2001:b60::/31
Signature Algorithm: sha256WithRSAEncryption
04:a1:f5:ad:8f:2a:8d:17:b3:43:d8:97:40:97:b9:b8:58:d6:
f2:42:44:5d:c3:50:a0:a9:92:df:db:95:ed:04:ac:c6:9d:b1:
af:b7:22:76:66:bf:e1:c2:1f:99:f2:ab:80:eb:31:a5:47:75:
3a:86:ec:4b:8d:97:4f:76:59:8d:ca:5c:67:24:d6:52:ad:b0:
5d:bd:5f:d8:ba:e7:be:86:6b:53:e8:7a:03:00:eb:d1:64:46:
93:bb:bc:9f:8a:05:39:30:90:02:4e:c7:1f:e2:ac:fa:aa:b0:
c2:75:d9:4c:61:b8:6a:a9:d2:2c:55:12:21:9c:18:37:a1:71:
d7:8c:1c:36:86:6c:9b:91:df:ad:83:4e:47:28:29:ee:58:22:
38:2c:db:a0:6a:ff:bc:6e:8b:37:5d:ee:63:3f:f3:40:02:e0:
ba:8e:a4:d8:3a:82:a4:64:bf:76:60:23:ee:39:4b:53:7b:cf:
c6:82:8d:83:84:b7:38:90:9e:59:34:ba:48:73:c8:8c:70:ae:
22:08:8b:b7:e1:5f:1c:77:40:99:32:a6:5a:8c:55:2b:e2:0c:
cd:4e:a0:93:98:9a:fa:75:79:16:0f:7d:cf:23:58:ab:e9:4b:
ba:15:3f:1d:d0:e5:8d:ac:19:3b:35:13:d8:9c:3e:92:e3:cd:
4b:20:4b:79
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjBvG/0WZZtAoMXSt1Ac8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjUwMTAxMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWU5NTBmYjBhNDRiNTU2OGU3NjA2YjI3ZjNlOTJlOTM1NTlkMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM6ncSx3rVSdq8EXfPSgVS7v+uk+
+7ypVr3fl/Itzejxd/bi2S58Wyf2QdoKkWFv4N5qbGTpM6ywLHip+7YYxlkjhtds
FG5eWuxIAuMNzKHMJ9NZeQo6a5yx33uzqdMg4mP99CTa6/I+qIzNonOvHzclH8TM
kdVArUXgsV9SE2oDO+oOCUM/ELdYK2rD/Kxl0awooOzzs43sevJgk6YPkiPvLpUy
wwdwKissGYliRSH35e9ckmXDECsvUJmCk8jjSigrStrfoE0iapitkVuxwkJgY7wB
IjIy7b5TAUC8jyHYfTtiUh6vSFhf7Fl2CRjbfwi+Z35O1JD7f1+WRPkSBwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBnpUPsKRLVWjnYGsn8+kuk1WdM0MB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvR2VsUS13cEV0VmFPZGdheWZ6NlM2VFZaMHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX51AAwQD
svm4AwQCuS/kAwQE2asgMA0EAgACMAcDBQEgAQtgMA0GCSqGSIb3DQEBCwUAA4IB
AQAEofWtjyqNF7ND2JdAl7m4WNbyQkRdw1CgqZLf25XtBKzGnbGvtyJ2Zr/hwh+Z
8quA6zGlR3U6huxLjZdPdlmNylxnJNZSrbBdvV/Yuue+hmtT6HoDAOvRZEaTu7yf
igU5MJACTscf4qz6qrDCddlMYbhqqdIsVRIhnBg3oXHXjBw2hmybkd+tg05HKCnu
WCI4LNugav+8bos3Xe5jP/NAAuC6jqTYOoKkZL92YCPuOUtTe8/Ggo2DhLc4kJ5Z
NLpIc8iMcK4iCIu34V8cd0CZMqZajFUr4gzNTqCTmJr6dXkWD33PI1ir6Uu6FT8d
0OWNrBk7NRPYnD6S481LIEt5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net