Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/FAOYdRa4uoJSdoI3e8-q11iXfiE.roa
File: FAOYdRa4uoJSdoI3e8-q11iXfiE.roa (raw, json)
Hash identifier: FqMdw256VpvhGAmP1nnLAhKDEQ1LXuBv38BkFocmRoU=
Subject key identifier: 14:03:98:75:16:B8:BA:82:52:76:82:37:7B:CF:AA:D7:58:97:7E:21
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 0194258FB30C77E5BEE0615C8C94F45189C6
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/FAOYdRa4uoJSdoI3e8-q11iXfiE.roa
Signing time: Thu 02 Jan 2025 05:49:21 +0000
ROA not before: Thu 02 Jan 2025 05:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198102
IP address blocks: 78.111.224.0/20 maxlen: 24
86.105.236.0/22 maxlen: 24
89.35.168.0/22 maxlen: 24
89.45.212.0/22 maxlen: 24
91.231.62.0/24 maxlen: 24
128.65.200.0/21 maxlen: 21
134.255.164.0/22 maxlen: 24
134.255.168.0/22 maxlen: 24
185.85.192.0/22 maxlen: 22
195.28.8.0/23 maxlen: 24
195.210.40.0/23 maxlen: 24
195.225.40.0/23 maxlen: 24
195.238.80.0/23 maxlen: 24
213.225.240.0/20 maxlen: 24
2a00:4060::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b3:0c:77:e5:be:e0:61:5c:8c:94:f4:51:89:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jan 2 05:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1403987516b8ba82527682377bcfaad758977e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:47:00:c5:4e:56:7e:81:15:e4:e5:0e:d3:dc:
d8:e6:69:1c:b4:a8:af:54:a4:5f:fd:27:89:ec:30:
90:b3:a6:bd:5a:5e:05:1c:9f:d6:d7:10:bd:f6:96:
2b:2b:cb:29:8b:9b:48:73:17:e4:fe:a6:19:c6:e8:
18:91:40:9b:98:c1:3d:23:da:d4:97:a3:1d:77:ec:
bd:56:74:7b:db:fb:b2:fa:ef:d9:4a:4a:48:8f:c9:
fa:cb:7e:f1:96:0a:eb:03:33:c5:10:2e:d4:20:21:
53:66:9b:05:91:c7:b1:5c:b2:34:40:85:04:0a:a1:
8c:85:09:63:8e:1d:e7:9e:ca:b1:27:44:df:30:52:
5e:6f:13:62:4d:0a:76:be:d5:42:61:91:83:73:e9:
f5:e6:c0:ca:f7:e6:0e:ed:74:8e:b2:53:0f:92:c9:
34:ca:8c:8d:5b:1b:66:1b:8e:be:cf:6b:5a:33:5b:
8d:ca:95:f1:29:64:cf:31:81:d9:11:7a:a8:8c:8f:
35:eb:e4:cf:b8:57:9b:e6:f3:75:9e:e5:11:dd:35:
f1:4d:69:85:26:c7:64:68:10:1f:53:1e:6e:7a:b1:
00:50:4b:41:fe:dc:dc:6c:11:13:2a:a3:f7:54:85:
1c:98:8f:37:c5:5a:17:97:13:36:5f:1d:57:0c:e6:
27:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:03:98:75:16:B8:BA:82:52:76:82:37:7B:CF:AA:D7:58:97:7E:21
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/FAOYdRa4uoJSdoI3e8-q11iXfiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.224.0/20
86.105.236.0/22
89.35.168.0/22
89.45.212.0/22
91.231.62.0/24
128.65.200.0/21
134.255.164.0-134.255.171.255
185.85.192.0/22
195.28.8.0/23
195.210.40.0/23
195.225.40.0/23
195.238.80.0/23
213.225.240.0/20
IPv6:
2a00:4060::/29
Signature Algorithm: sha256WithRSAEncryption
15:61:bf:e7:34:c3:81:ac:4a:f3:43:9b:74:69:34:7a:cd:a0:
19:65:25:7a:97:0c:06:89:f5:3c:9f:8a:96:a9:4b:ee:e6:7e:
b6:92:5d:cd:d4:25:48:9a:46:29:0e:d5:64:2e:66:b9:62:cd:
72:2f:03:1b:49:47:91:54:86:e0:57:0b:13:26:ef:91:84:c4:
f2:46:b9:38:78:2f:67:08:9f:1e:61:61:b4:ec:73:fd:e9:23:
e6:ca:1f:4f:39:dd:0f:0f:d0:13:b3:b0:86:90:12:d5:e3:6b:
63:6e:06:cc:0c:05:d9:26:16:6b:63:85:07:18:de:22:4e:ca:
bc:ff:48:c5:4c:4f:86:51:69:d9:50:69:ff:ba:52:40:7b:f0:
b5:46:b2:e5:45:74:a6:33:ef:fa:29:45:29:49:8b:1c:08:e2:
14:b4:d8:b7:0f:db:d2:8d:1c:11:1b:54:96:31:bb:34:49:48:
1b:4f:30:25:ee:06:22:6e:d5:4d:ac:f8:1b:3d:69:08:17:36:
58:c8:e8:d0:04:84:62:07:19:31:c3:0a:b1:fd:8d:0d:45:8b:
00:79:5d:9d:7d:3e:81:f0:23:af:79:39:7f:e5:22:72:b6:ec:
50:27:10:d6:6e:8f:3c:c2:cf:74:17:e2:35:47:56:a8:46:c4:
a7:67:c9:b4
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZQlj7MMd+W+4GFcjJT0UYnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjUwMTAyMDU0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDAzOTg3NTE2YjhiYTgyNTI3NjgyMzc3YmNmYWFkNzU4OTc3ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EcAxU5WfoEV5OUO09zY5mkctKiv
VKRf/SeJ7DCQs6a9Wl4FHJ/W1xC99pYrK8spi5tIcxfk/qYZxugYkUCbmME9I9rU
l6Mdd+y9VnR72/uy+u/ZSkpIj8n6y37xlgrrAzPFEC7UICFTZpsFkcexXLI0QIUE
CqGMhQljjh3nnsqxJ0TfMFJebxNiTQp2vtVCYZGDc+n15sDK9+YO7XSOslMPksk0
yoyNWxtmG46+z2taM1uNypXxKWTPMYHZEXqojI816+TPuFeb5vN1nuUR3TXxTWmF
JsdkaBAfUx5uerEAUEtB/tzcbBETKqP3VIUcmI83xVoXlxM2Xx1XDOYn2wIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFBQDmHUWuLqCUnaCN3vPqtdYl34hMB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvRkFPWWRSYTR1b0pTZG9JM2U4LXExMWlYZmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQETm/gAwQC
VmnsAwQCWSOoAwQCWS3UAwQAW+c+AwQDgEHIMAwDBAKG/6QDBAKG/6gDBAK5VcAD
BAHDHAgDBAHD0igDBAHD4SgDBAHD7lADBATV4fAwDQQCAAIwBwMFAyoAQGAwDQYJ
KoZIhvcNAQELBQADggEBABVhv+c0w4GsSvNDm3RpNHrNoBllJXqXDAaJ9Tyfipap
S+7mfraSXc3UJUiaRikO1WQuZrlizXIvAxtJR5FUhuBXCxMm75GExPJGuTh4L2cI
nx5hYbTsc/3pI+bKH0853Q8P0BOzsIaQEtXja2NuBswMBdkmFmtjhQcY3iJOyrz/
SMVMT4ZRadlQaf+6UkB78LVGsuVFdKYz7/opRSlJixwI4hS02LcP29KNHBEbVJYx
uzRJSBtPMCXuBiJu1U2s+Bs9aQgXNljI6NAEhGIHGTHDCrH9jQ1FiwB5XZ19PoHw
I695OX/lInK27FAnENZujzzCz3QX4jVHVqhGxKdnybQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:49 2025 by rpki-client on console.sobornost.net