Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/G0J3ZwqY7nqQ1F-r-kfCdSWuyO4.roa
File: G0J3ZwqY7nqQ1F-r-kfCdSWuyO4.roa (raw, json)
Hash identifier: +njzM6YBvg7QKHzm9fDQxiSdZRBXgF7BQneYn5PkN18=
Subject key identifier: 1B:42:77:67:0A:98:EE:7A:90:D4:5F:AB:FA:47:C2:75:25:AE:C8:EE
Certificate issuer: /CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Certificate serial: 01941FFA17601855E0AD7532FD58F634EC07
Authority key identifier: 0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/G0J3ZwqY7nqQ1F-r-kfCdSWuyO4.roa
Signing time: Wed 01 Jan 2025 03:47:51 +0000
ROA not before: Wed 01 Jan 2025 03:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41557
IP address blocks: 89.205.0.0/17 maxlen: 17
89.205.0.0/21 maxlen: 21
89.205.8.0/21 maxlen: 21
89.205.16.0/21 maxlen: 21
89.205.24.0/21 maxlen: 21
89.205.32.0/21 maxlen: 21
185.47.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:17:60:18:55:e0:ad:75:32:fd:58:f6:34:ec:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Validity
Not Before: Jan 1 03:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b4277670a98ee7a90d45fabfa47c27525aec8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:77:54:fe:7e:97:7c:f4:26:a4:d9:27:1d:69:
e3:ff:57:04:5f:ae:9e:3c:40:38:83:cd:1d:00:b1:
91:a1:a3:65:2a:ff:a3:8c:86:d7:a6:2e:47:11:42:
11:30:2a:96:51:fc:e4:b7:62:db:da:9d:ea:b4:82:
34:ee:6a:51:8b:3a:1d:3d:45:b9:6a:eb:50:04:77:
9b:d5:68:be:9d:00:60:71:42:ab:bf:2d:48:44:1e:
83:dc:ae:e3:a7:7e:46:c1:0d:4d:46:73:19:b3:1d:
19:88:08:cf:c5:98:18:23:ef:cc:c6:1f:1d:32:fd:
d9:ce:ad:05:85:06:95:de:c6:05:e4:21:21:2a:22:
14:a2:03:cc:50:03:0c:34:78:0d:b9:ef:21:27:38:
90:08:09:ef:a7:d0:16:6a:1b:d7:22:3c:0e:18:1f:
46:6b:ef:53:63:c0:e0:3e:87:e4:35:f2:61:cd:2d:
d3:0c:61:e2:b2:d5:00:f1:fb:40:3f:59:d7:80:07:
93:d6:91:53:25:4a:83:44:d8:75:1b:69:34:e3:90:
97:97:c2:c1:b2:e3:59:28:9b:68:43:75:aa:96:d6:
c4:35:00:2a:52:af:ca:fa:03:fc:6a:7a:7a:8c:dc:
c5:59:98:78:79:21:61:26:6e:f2:ff:20:21:6e:1b:
13:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:42:77:67:0A:98:EE:7A:90:D4:5F:AB:FA:47:C2:75:25:AE:C8:EE
X509v3 Authority Key Identifier:
keyid:0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/G0J3ZwqY7nqQ1F-r-kfCdSWuyO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/DBA3wXvBWnydhWmIf1sFg1zjLSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.205.0.0/17
185.47.56.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:89:43:b2:92:da:89:3e:c5:aa:98:c6:34:9a:eb:78:15:d4:
81:15:a5:d5:2b:4c:e5:8a:ac:db:99:70:c4:6e:c0:cd:b7:68:
1d:32:f1:e2:d9:61:4e:e4:a4:33:92:38:44:4a:c8:f0:ab:a3:
71:2d:23:04:85:35:26:53:bf:68:c7:69:3b:0a:a6:ae:13:06:
de:99:96:b0:8b:60:6c:ae:bb:41:1f:93:f5:25:35:cb:88:f7:
4f:63:9f:07:99:67:45:9b:09:d8:b8:45:43:9a:e2:c8:6c:6f:
1e:1c:88:13:80:0f:b3:18:9d:c2:f1:35:4b:41:94:52:3c:e5:
db:b8:1c:20:6b:f7:9f:b5:07:a1:bd:60:08:a0:12:8d:91:64:
59:5d:5d:b7:4c:72:1a:fa:5c:eb:ef:95:45:fc:1f:89:f4:c0:
d3:ca:ae:a3:e4:a3:9b:79:15:d3:84:de:09:7e:49:6e:bd:9e:
78:e9:e2:96:50:83:31:c5:d0:ca:9a:4a:39:5e:8e:70:d5:00:
c6:93:32:4e:69:34:d9:04:f8:23:f1:07:3f:91:06:ae:43:3a:
4d:15:7b:65:2b:f7:00:a3:a8:44:bd:bf:ad:96:35:2b:5f:69:
cc:a6:b6:02:4e:bf:98:48:ad:86:ea:63:5a:54:2f:6b:f4:f0:
a5:29:f7:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+hdgGFXgrXUy/Vj2NOwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTAzN2MxN2JjMTVhN2M5ZDg1Njk4ODdmNWIwNTgzNWNl
MzJkMjcwHhcNMjUwMTAxMDM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQyNzc2NzBhOThlZTdhOTBkNDVmYWJmYTQ3YzI3NTI1YWVjOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3dU/n6XfPQmpNknHWnj/1cEX66e
PEA4g80dALGRoaNlKv+jjIbXpi5HEUIRMCqWUfzkt2Lb2p3qtII07mpRizodPUW5
autQBHeb1Wi+nQBgcUKrvy1IRB6D3K7jp35GwQ1NRnMZsx0ZiAjPxZgYI+/Mxh8d
Mv3Zzq0FhQaV3sYF5CEhKiIUogPMUAMMNHgNue8hJziQCAnvp9AWahvXIjwOGB9G
a+9TY8DgPofkNfJhzS3TDGHistUA8ftAP1nXgAeT1pFTJUqDRNh1G2k045CXl8LB
suNZKJtoQ3WqltbENQAqUq/K+gP8anp6jNzFWZh4eSFhJm7y/yAhbhsTewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBtCd2cKmO56kNRfq/pHwnUlrsjuMB8GA1UdIwQY
MBaAFAwQN8F7wVp8nYVpiH9bBYNc4y0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJBM3dYdkJXbnlkaFdtSWYxc0ZnMXpqTFNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNjJhN2ItOGY3Ni00ODk5LWExNTMt
OGM1MDAyOTVjYjk2LzEvRzBKM1p3cVk3bnFRMUYtci1rZkNkU1d1eU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNjJhN2ItOGY3Ni00ODk5LWExNTMtOGM1MDAyOTVjYjk2
LzEvREJBM3dYdkJXbnlkaFdtSWYxc0ZnMXpqTFNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHWc0AAwQC
uS84MA0GCSqGSIb3DQEBCwUAA4IBAQB7iUOyktqJPsWqmMY0mut4FdSBFaXVK0zl
iqzbmXDEbsDNt2gdMvHi2WFO5KQzkjhESsjwq6NxLSMEhTUmU79ox2k7CqauEwbe
mZawi2BsrrtBH5P1JTXLiPdPY58HmWdFmwnYuEVDmuLIbG8eHIgTgA+zGJ3C8TVL
QZRSPOXbuBwga/eftQehvWAIoBKNkWRZXV23THIa+lzr75VF/B+J9MDTyq6j5KOb
eRXThN4JfkluvZ546eKWUIMxxdDKmko5Xo5w1QDGkzJOaTTZBPgj8Qc/kQauQzpN
FXtlK/cAo6hEvb+tljUrX2nMprYCTr+YSK2G6mNaVC9r9PClKfcS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net