Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/IoQeF12RJ4sobu5Ga8Eq38fp9lU.roa
File: IoQeF12RJ4sobu5Ga8Eq38fp9lU.roa (raw, json)
Hash identifier: ZHXqTkRKDBNra810QH5vCpMO7yqivWRXintrYhNzM9E=
Subject key identifier: 22:84:1E:17:5D:91:27:8B:28:6E:EE:46:6B:C1:2A:DF:C7:E9:F6:55
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0195DC0B196B59666980A7DF2B9DC7DC247C
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/IoQeF12RJ4sobu5Ga8Eq38fp9lU.roa
Signing time: Fri 28 Mar 2025 09:17:49 +0000
ROA not before: Fri 28 Mar 2025 09:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8257
IP address blocks: 85.135.128.0/17 maxlen: 20
176.61.192.0/18 maxlen: 20
176.61.192.0/20 maxlen: 20
176.61.208.0/20 maxlen: 20
176.61.224.0/21 maxlen: 21
176.61.232.0/21 maxlen: 21
178.253.128.0/18 maxlen: 18
178.253.128.0/19 maxlen: 19
178.253.160.0/19 maxlen: 19
185.37.240.0/22 maxlen: 22
188.112.64.0/18 maxlen: 18
188.112.64.0/19 maxlen: 19
188.112.96.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:0b:19:6b:59:66:69:80:a7:df:2b:9d:c7:dc:24:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 28 09:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22841e175d91278b286eee466bc12adfc7e9f655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d4:ca:48:e2:e8:2e:4f:72:35:e7:ec:87:76:
20:d9:c6:6d:8e:0e:a1:d3:c3:42:69:67:5f:dd:bf:
66:b2:5a:76:ad:ff:a5:52:b6:4e:71:28:62:c8:51:
d0:f3:4b:0d:f8:72:99:26:f3:fa:e1:88:83:0c:bf:
fc:69:ba:95:17:47:13:36:92:5b:ad:8c:f2:cf:70:
bb:f1:ad:e8:a9:bf:6b:7f:0b:72:58:fd:20:fc:35:
4c:7f:39:99:b5:42:94:09:0d:1d:37:15:d7:ef:34:
89:1b:ce:e8:3d:8c:81:df:63:3d:1a:65:50:a1:93:
a8:5d:bf:8e:c2:ea:17:af:9e:f2:2d:69:e1:22:c1:
c0:ec:56:2f:eb:55:56:5b:e8:85:36:78:28:28:d0:
dd:cd:94:f8:e7:89:cd:65:a7:e1:5a:9b:ab:ae:92:
1d:b2:fd:8a:ee:7e:d2:4e:28:7e:58:76:c6:87:eb:
d6:5c:c1:37:1c:f1:d9:70:8b:f9:10:1d:bd:8f:7a:
4e:0d:fa:17:d0:03:4d:bf:13:87:10:19:6e:fa:06:
97:60:e7:73:a8:70:da:22:4b:62:64:87:cf:a0:cc:
68:5d:4a:38:47:31:29:48:73:55:72:30:e7:cf:5e:
d9:0d:72:0b:3e:ec:a9:76:31:80:ad:be:46:9c:04:
5b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:84:1E:17:5D:91:27:8B:28:6E:EE:46:6B:C1:2A:DF:C7:E9:F6:55
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/IoQeF12RJ4sobu5Ga8Eq38fp9lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.135.128.0/17
176.61.192.0/18
178.253.128.0/18
185.37.240.0/22
188.112.64.0/18
Signature Algorithm: sha256WithRSAEncryption
36:77:ba:ad:0d:e5:a3:d9:d8:06:33:a9:fd:56:94:20:b5:b7:
78:0f:6b:be:96:dd:c8:3d:57:bb:0d:1a:e8:3e:bf:16:a9:65:
bd:1a:04:7d:a9:87:de:62:f0:5d:76:16:aa:8e:8c:e5:fd:21:
13:64:08:50:76:59:a4:84:7c:e6:b3:86:da:29:5e:b5:19:b4:
92:07:94:9d:a7:60:30:ef:7e:93:52:54:01:a3:81:ce:6c:cb:
6b:11:d1:09:3c:fe:a4:56:05:f7:f7:70:6f:64:ef:b3:fb:a5:
a7:ea:a8:84:82:97:cb:0a:8a:55:61:3e:f6:8c:63:48:4f:e2:
88:6e:51:ae:d9:02:63:f0:4e:e0:57:da:47:ca:07:8f:02:8b:
bd:68:af:77:fc:b6:80:3c:8c:f3:76:23:aa:dc:b0:6c:39:6a:
0a:f3:8f:d4:c8:ce:26:ed:94:07:00:05:6d:b2:ef:b0:6a:71:
e4:16:98:f0:6d:8c:2c:71:ff:8f:7d:a9:2c:eb:57:ea:cf:dd:
d4:b6:a6:c7:ba:53:95:35:ca:16:f8:08:2e:05:7e:d3:b1:ce:
3e:ef:20:8a:f9:ec:33:38:de:a6:56:d0:9a:33:f0:a9:8a:cc:
4d:81:ab:77:40:a6:de:84:c4:90:2f:49:2e:12:33:16:ea:6a:
ce:fe:c8:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXcCxlrWWZpgKffK53H3CR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjUwMzI4MDkxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg0MWUxNzVkOTEyNzhiMjg2ZWVlNDY2YmMxMmFkZmM3ZTlmNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9TKSOLoLk9yNefsh3Yg2cZtjg6h
08NCaWdf3b9mslp2rf+lUrZOcShiyFHQ80sN+HKZJvP64YiDDL/8abqVF0cTNpJb
rYzyz3C78a3oqb9rfwtyWP0g/DVMfzmZtUKUCQ0dNxXX7zSJG87oPYyB32M9GmVQ
oZOoXb+OwuoXr57yLWnhIsHA7FYv61VWW+iFNngoKNDdzZT454nNZafhWpurrpId
sv2K7n7STih+WHbGh+vWXME3HPHZcIv5EB29j3pODfoX0ANNvxOHEBlu+gaXYOdz
qHDaIktiZIfPoMxoXUo4RzEpSHNVcjDnz17ZDXILPuypdjGArb5GnARbVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCKEHhddkSeLKG7uRmvBKt/H6fZVMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvSW9RZUYxMlJKNHNvYnU1R2E4RXEzOGZwOWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHVYeAAwQG
sD3AAwQGsv2AAwQCuSXwAwQGvHBAMA0GCSqGSIb3DQEBCwUAA4IBAQA2d7qtDeWj
2dgGM6n9VpQgtbd4D2u+lt3IPVe7DRroPr8WqWW9GgR9qYfeYvBddhaqjozl/SET
ZAhQdlmkhHzms4baKV61GbSSB5Sdp2Aw736TUlQBo4HObMtrEdEJPP6kVgX393Bv
ZO+z+6Wn6qiEgpfLCopVYT72jGNIT+KIblGu2QJj8E7gV9pHygePAou9aK93/LaA
PIzzdiOq3LBsOWoK84/UyM4m7ZQHAAVtsu+wanHkFpjwbYwscf+Pfaks61fqz93U
tqbHulOVNcoW+AguBX7Tsc4+7yCK+ewzON6mVtCaM/CpisxNgat3QKbehMSQL0ku
EjMW6mrO/sim
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:46 2025 by rpki-client on console.sobornost.net