Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/isGPTkBcxk2AKZ3pqWNrimW3LHo.roa
File: isGPTkBcxk2AKZ3pqWNrimW3LHo.roa (raw, json)
Hash identifier: Y2V5pd0IY6biUxiXA3E5dpmuRX9YWawCufz2noSbIak=
Subject key identifier: 8A:C1:8F:4E:40:5C:C6:4D:80:29:9D:E9:A9:63:6B:8A:65:B7:2C:7A
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 01958A6FAE3A58273FAD8EA25D174C64779D
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/isGPTkBcxk2AKZ3pqWNrimW3LHo.roa
Signing time: Wed 12 Mar 2025 12:58:49 +0000
ROA not before: Wed 12 Mar 2025 12:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9063
IP address blocks: 31.220.32.0/22 maxlen: 22
37.230.0.0/19 maxlen: 19
91.184.160.0/19 maxlen: 19
93.186.0.0/20 maxlen: 20
109.75.80.0/20 maxlen: 20
147.93.216.0/21 maxlen: 21
176.126.64.0/23 maxlen: 23
176.126.68.0/23 maxlen: 23
176.126.71.0/24 maxlen: 24
176.126.72.0/23 maxlen: 23
176.126.75.0/24 maxlen: 24
176.126.76.0/24 maxlen: 24
176.126.79.0/24 maxlen: 24
176.126.80.0/23 maxlen: 23
176.126.82.0/24 maxlen: 24
185.35.109.0/24 maxlen: 24
185.35.110.0/23 maxlen: 23
185.161.200.0/23 maxlen: 23
185.166.189.0/24 maxlen: 24
185.166.190.0/23 maxlen: 23
185.168.8.0/24 maxlen: 24
185.168.11.0/24 maxlen: 24
185.186.144.0/23 maxlen: 23
185.194.151.0/24 maxlen: 24
185.203.123.0/24 maxlen: 24
185.222.139.0/24 maxlen: 24
185.231.252.0/22 maxlen: 22
194.35.184.0/23 maxlen: 23
194.35.188.0/23 maxlen: 23
212.82.48.0/20 maxlen: 20
212.88.128.0/19 maxlen: 19
217.24.224.0/20 maxlen: 20
2a02:5a0::/29 maxlen: 29
2a02:5a0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:6f:ae:3a:58:27:3f:ad:8e:a2:5d:17:4c:64:77:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Mar 12 12:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ac18f4e405cc64d80299de9a9636b8a65b72c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:e4:ce:9f:55:a8:a9:b5:fa:32:25:e8:d0:7d:
58:f4:70:7b:b1:ea:13:8c:e2:87:72:4c:af:13:d6:
e2:57:b9:82:8a:9b:6f:c9:11:51:89:79:ce:a3:e9:
9a:17:2a:ce:8f:f4:3d:45:95:ce:2f:54:01:89:61:
bd:66:a6:e9:39:a4:20:21:3c:9e:83:cb:9d:b0:d8:
03:f8:de:72:f4:d6:c2:4d:3d:36:2b:b5:b0:63:5c:
d7:e9:85:d1:3b:5b:ac:d6:12:fa:c4:fe:05:4e:63:
07:dd:25:19:61:20:fb:a8:00:e6:3d:02:04:03:91:
71:b4:c3:ac:ee:66:05:87:15:5e:8a:60:36:18:c9:
d9:04:99:85:05:13:92:a6:c7:da:7b:05:ca:ac:ff:
73:f1:ba:db:d5:62:82:99:63:f2:6a:97:5f:fb:77:
09:b6:91:2e:5b:08:27:17:7b:a8:50:86:55:1d:00:
7f:01:c8:a9:e1:91:11:62:58:a6:11:26:2f:9c:cf:
b1:15:54:f1:51:6b:af:e0:3a:a6:2a:1b:5c:b7:02:
6b:14:75:91:fe:51:f6:7d:72:95:e8:62:a3:fb:6c:
5d:aa:68:30:80:6c:1d:5a:4e:0c:dc:a1:15:b8:cb:
22:e8:01:c9:80:ac:d6:4c:cc:80:d6:14:19:9d:bf:
49:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C1:8F:4E:40:5C:C6:4D:80:29:9D:E9:A9:63:6B:8A:65:B7:2C:7A
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/isGPTkBcxk2AKZ3pqWNrimW3LHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.32.0/22
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
147.93.216.0/21
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:96:e2:13:10:5c:cd:06:8d:82:b9:b3:22:03:a1:6e:5e:f7:
17:c9:0a:80:61:bf:11:c8:f9:16:33:2c:db:21:3f:40:c9:12:
08:2d:02:5a:ec:9c:c1:9c:e6:d7:ce:6d:23:0d:1d:dc:66:fd:
06:a6:a0:35:e8:88:c1:ef:41:39:2d:7b:e2:79:bd:97:7a:86:
96:a3:c1:f8:10:68:29:fb:a7:22:ec:dd:6c:98:24:4e:91:ee:
50:1a:ef:30:b3:9c:e2:32:f0:6a:fd:d6:34:a4:94:94:c4:f1:
65:79:1d:01:29:12:a4:3d:74:f2:fb:f4:65:26:87:7e:5b:d7:
5c:e9:a9:7f:8c:bc:fd:d8:3b:a9:b4:9b:fc:eb:9a:41:dc:17:
f0:91:cc:1d:57:a0:68:e5:f1:18:b3:86:2d:11:b2:24:3d:b6:
bb:34:42:49:e0:0b:4c:df:a5:5f:10:17:84:6b:30:24:34:ac:
bb:ed:d3:0c:12:84:37:bf:0d:3d:15:5f:fc:56:87:e8:33:05:
e7:4e:d4:1a:34:d8:6d:e1:8e:85:8f:56:c9:cb:b1:4f:f8:d2:
47:2a:3e:29:ec:03:57:f9:6d:d4:5d:4f:be:d8:d2:22:36:62:
5d:a3:38:76:ae:fa:35:7a:9d:fb:3e:8e:4c:b6:7d:cf:2f:26:
31:5f:4b:8c
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgISAZWKb646WCc/rY6iXRdMZHedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx
MzFjNDYwHhcNMjUwMzEyMTI1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWMxOGY0ZTQwNWNjNjRkODAyOTlkZTlhOTYzNmI4YTY1YjcyYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/OTOn1WoqbX6MiXo0H1Y9HB7seoT
jOKHckyvE9biV7mCiptvyRFRiXnOo+maFyrOj/Q9RZXOL1QBiWG9ZqbpOaQgITye
g8udsNgD+N5y9NbCTT02K7WwY1zX6YXRO1us1hL6xP4FTmMH3SUZYSD7qADmPQIE
A5FxtMOs7mYFhxVeimA2GMnZBJmFBROSpsfaewXKrP9z8brb1WKCmWPyapdf+3cJ
tpEuWwgnF3uoUIZVHQB/Acip4ZERYlimESYvnM+xFVTxUWuv4DqmKhtctwJrFHWR
/lH2fXKV6GKj+2xdqmgwgGwdWk4M3KEVuMsi6AHJgKzWTMyA1hQZnb9J1wIDAQAB
o4IC2zCCAtcwHQYDVR0OBBYEFIrBj05AXMZNgCmd6alja4pltyx6MB8GA1UdIwQY
MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt
NzI1NjhmMDZmZTEwLzEvaXNHUFRrQmN4azJBS1ozcHFXTnJpbVczTEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw
LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHwBggrBgEFBQcBBwEB/wSB4DCB3TCBywQCAAEwgcQDBAIf
3CADBAUl5gADBAVbuKADBARdugADBARtS1ADBAOTXdgDBAGwfkADBAGwfkQwDAME
ALB+RwMEAbB+SDAMAwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAMEALkjbQME
BLkjYAMEAbmhyDAMAwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQAwQAucKX
AwQAuct7AwQAud6LAwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiAAwQE2Rjg
MA0EAgACMAcDBQMqAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQB+luITEFzNBo2CubMi
A6FuXvcXyQqAYb8RyPkWMyzbIT9AyRIILQJa7JzBnObXzm0jDR3cZv0GpqA16IjB
70E5LXvieb2XeoaWo8H4EGgp+6ci7N1smCROke5QGu8ws5ziMvBq/dY0pJSUxPFl
eR0BKRKkPXTy+/RlJod+W9dc6al/jLz92DuptJv865pB3BfwkcwdV6Bo5fEYs4Yt
EbIkPba7NEJJ4AtM36VfEBeEazAkNKy77dMMEoQ3vw09FV/8VofoMwXnTtQaNNht
4Y6Fj1bJy7FP+NJHKj4p7ANX+W3UXU++2NIiNmJdozh2rvo1ep37Po5Mtn3PLyYx
X0uM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net