Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/KWbEbWMWx8GsR8Asb1Hi7iVj3A8.roa
File: KWbEbWMWx8GsR8Asb1Hi7iVj3A8.roa (raw, json)
Hash identifier: w7QiyqZy99cacAStF09i7GMZP3QKH24tEZwntPEoeMs=
Subject key identifier: 29:66:C4:6D:63:16:C7:C1:AC:47:C0:2C:6F:51:E2:EE:25:63:DC:0F
Certificate issuer: /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Certificate serial: 01942825E2B022B4757B8108AE2B2AB6E5FF
Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/KWbEbWMWx8GsR8Asb1Hi7iVj3A8.roa
Signing time: Thu 02 Jan 2025 17:52:38 +0000
ROA not before: Thu 02 Jan 2025 17:52:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61081
IP address blocks: 5.133.80.0/22 maxlen: 24
185.24.72.0/22 maxlen: 24
2a04:2ac0::/29 maxlen: 64
2a09:6a00::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:e2:b0:22:b4:75:7b:81:08:ae:2b:2a:b6:e5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Validity
Not Before: Jan 2 17:52:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2966c46d6316c7c1ac47c02c6f51e2ee2563dc0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:25:ab:5f:60:a3:8f:ba:f8:a5:b8:25:7c:ca:
0a:2b:52:90:76:a5:97:45:a7:8e:2a:56:e9:23:72:
44:af:69:00:2b:93:6d:55:be:5d:3a:ac:40:60:fb:
fd:0b:db:47:9f:ed:1a:31:75:18:32:47:ef:22:48:
b5:0e:cc:50:f1:fb:63:33:6b:3f:7e:bd:76:97:9f:
c6:1c:33:e2:4d:8b:b0:e2:44:07:fc:53:3b:51:41:
64:2b:63:72:d7:78:e6:ce:d5:e1:72:ce:71:cc:f4:
96:cf:bc:66:da:d5:7e:b2:a4:4b:17:b1:55:14:a8:
68:cf:ac:8b:bf:4e:86:71:c0:4f:e4:85:34:e0:55:
16:40:e6:66:e2:25:e7:ba:ca:ba:c7:60:b7:ff:03:
77:49:b1:49:f6:ce:db:11:f4:8c:20:92:74:78:7c:
31:97:ce:64:29:07:99:8f:1a:a2:76:63:9f:eb:f4:
cf:8f:3d:b0:a6:34:6b:57:33:96:cd:bf:f7:f0:78:
8a:bb:b3:8c:9d:14:ee:89:c9:f7:d5:a5:bc:96:96:
c5:f0:71:4e:15:d7:54:f8:50:32:a9:26:2d:29:ea:
f4:aa:9d:62:ca:c5:95:89:ea:5b:e3:1e:34:c9:ec:
f4:59:87:81:5b:5f:d5:50:54:42:26:fe:32:0e:6f:
29:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:66:C4:6D:63:16:C7:C1:AC:47:C0:2C:6F:51:E2:EE:25:63:DC:0F
X509v3 Authority Key Identifier:
keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/KWbEbWMWx8GsR8Asb1Hi7iVj3A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.80.0/22
185.24.72.0/22
IPv6:
2a04:2ac0::/29
2a09:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
47:b0:29:28:ad:80:b8:50:63:f8:ec:1b:90:79:da:98:8e:06:
60:86:5c:19:31:1a:0b:d3:9e:ce:13:bc:27:4d:8e:ad:8d:13:
2a:93:98:72:ff:5f:dc:17:9e:f6:7a:6d:1e:be:76:e9:c4:ef:
16:ac:e3:b8:06:1d:ef:1d:39:71:24:c3:f5:1b:b3:60:e1:0a:
cc:da:33:cd:bf:8e:8e:52:a3:2e:ce:87:ca:00:72:d9:de:c6:
83:08:f3:f2:19:6f:1f:5e:04:f6:ed:15:7b:7f:d5:cd:4a:1b:
56:2a:c1:98:31:39:94:c7:c0:80:7e:0c:3f:93:1d:88:6d:d8:
45:70:d7:a6:c8:bd:96:4b:4a:23:99:00:cb:84:42:46:03:5c:
4f:37:8a:9b:08:2e:9a:27:1e:cd:d1:e8:1f:51:87:2b:8b:ca:
a8:c0:7d:71:59:1a:85:0c:47:f6:0e:7d:e3:a2:11:3a:0e:52:
28:c7:93:1a:66:82:9d:dc:3d:fb:8c:4f:e5:47:42:de:4e:5a:
50:ac:04:e1:9f:4e:7d:f2:42:18:43:06:5d:5a:ca:f8:13:09:
3d:d0:82:d9:57:85:83:25:3a:d1:15:58:2a:63:e5:98:a6:73:
ec:23:0c:f7:33:85:e2:bc:2b:f4:d8:60:2e:54:5d:70:aa:65:
df:b3:6c:80
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQoJeKwIrR1e4EIrisqtuX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YWI0ODVhZjkyM2QxYjQ2YzVhMzIxZmM3YTNmODU2YzA0
ZmI2ZmMwHhcNMjUwMTAyMTc1MjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY2YzQ2ZDYzMTZjN2MxYWM0N2MwMmM2ZjUxZTJlZTI1NjNkYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSWrX2Cjj7r4pbglfMoKK1KQdqWX
RaeOKlbpI3JEr2kAK5NtVb5dOqxAYPv9C9tHn+0aMXUYMkfvIki1DsxQ8ftjM2s/
fr12l5/GHDPiTYuw4kQH/FM7UUFkK2Ny13jmztXhcs5xzPSWz7xm2tV+sqRLF7FV
FKhoz6yLv06GccBP5IU04FUWQOZm4iXnusq6x2C3/wN3SbFJ9s7bEfSMIJJ0eHwx
l85kKQeZjxqidmOf6/TPjz2wpjRrVzOWzb/38HiKu7OMnRTuicn31aW8lpbF8HFO
FddU+FAyqSYtKer0qp1iysWViepb4x40yez0WYeBW1/VUFRCJv4yDm8p0wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFClmxG1jFsfBrEfALG9R4u4lY9wPMB8GA1UdIwQY
MBaAFGWrSFr5I9G0bFoyH8ej+FbAT7b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUt
ODk4NjM0OTQyMjg1LzEvS1diRWJXTVd4OEdzUjhBc2IxSGk3aVZqM0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUtODk4NjM0OTQyMjg1
LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCBYVQAwQC
uRhIMBQEAgACMA4DBQMqBCrAAwUDKglqADANBgkqhkiG9w0BAQsFAAOCAQEAR7Ap
KK2AuFBj+OwbkHnamI4GYIZcGTEaC9OezhO8J02OrY0TKpOYcv9f3Bee9nptHr52
6cTvFqzjuAYd7x05cSTD9RuzYOEKzNozzb+OjlKjLs6HygBy2d7Ggwjz8hlvH14E
9u0Ve3/VzUobVirBmDE5lMfAgH4MP5MdiG3YRXDXpsi9lktKI5kAy4RCRgNcTzeK
mwgumicezdHoH1GHK4vKqMB9cVkahQxH9g5946IROg5SKMeTGmaCndw9+4xP5UdC
3k5aUKwE4Z9OffJCGEMGXVrK+BMJPdCC2VeFgyU60RVYKmPlmKZz7CMM9zOF4rwr
9NhgLlRdcKpl37NsgA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:54 2025 by rpki-client on console.sobornost.net