Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/cQGYII0oWa_it-a64CIhy86rZFM.roa
File: cQGYII0oWa_it-a64CIhy86rZFM.roa (raw, json)
Hash identifier: K03Kz6lMXyDGjb7Z/vj8jbw4mEpgwq779RTg2IF0I6Q=
Subject key identifier: 71:01:98:20:8D:28:59:AF:E2:B7:E6:BA:E0:22:21:CB:CE:AB:64:53
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01962B45D87C72016D4C3D2B6A504534EA00
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/cQGYII0oWa_it-a64CIhy86rZFM.roa
Signing time: Sat 12 Apr 2025 18:31:59 +0000
ROA not before: Sat 12 Apr 2025 18:31:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199785
IP address blocks: 37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2b:45:d8:7c:72:01:6d:4c:3d:2b:6a:50:45:34:ea:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 12 18:31:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=710198208d2859afe2b7e6bae02221cbceab6453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:31:a6:c0:c3:20:3c:9e:30:9a:9b:0a:ef:15:
55:71:9b:4d:d0:bf:ac:73:e9:ab:27:0a:98:1a:e3:
e7:70:e7:85:79:eb:da:79:e9:98:54:ac:42:e5:ae:
cf:43:a7:fa:01:d7:5d:c4:cc:b1:51:70:1d:03:5f:
99:b3:73:0f:d4:b2:39:eb:f2:94:93:3e:d7:e8:6d:
df:4d:3b:4f:be:5d:b0:a3:12:a3:48:4d:e3:63:32:
79:42:c6:f4:98:03:71:e2:13:3d:82:f2:8d:16:56:
f1:e4:d6:ad:d9:ae:82:63:81:22:34:8a:4c:e7:98:
fb:25:2c:c1:95:6c:67:ce:ed:61:02:d1:d8:f6:26:
52:ee:d0:25:a4:88:f1:12:43:d4:59:69:28:72:26:
13:33:cc:e2:b3:e5:93:fe:ee:ad:9c:c0:1d:aa:d4:
61:de:23:d7:40:0d:27:9b:bd:bb:f9:59:58:6f:43:
ad:af:cd:10:65:40:51:76:83:fb:66:ad:1f:fc:35:
6b:34:64:61:97:c7:07:eb:ce:41:e8:4e:96:43:8b:
44:3d:95:40:02:d7:91:79:ea:c5:9b:52:41:00:e4:
97:b0:e5:b7:ec:ee:71:6b:ca:36:51:e3:4b:4f:e5:
f2:74:7e:ad:60:36:32:b2:34:a3:bd:3c:3f:19:96:
1b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:01:98:20:8D:28:59:AF:E2:B7:E6:BA:E0:22:21:CB:CE:AB:64:53
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/cQGYII0oWa_it-a64CIhy86rZFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/22
64.188.99.0/24
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
a3:c1:9e:da:62:d3:c1:2c:ed:7f:e7:e3:0d:3d:21:2a:07:b6:
e1:65:0b:c8:a9:1f:84:e3:82:a8:b5:e0:45:f3:08:dc:11:ed:
ca:3f:65:72:3d:a9:86:41:cc:12:ad:bf:05:be:14:93:14:a6:
e5:75:f9:14:ff:32:98:70:c1:c7:86:ee:d6:58:df:19:d8:d6:
34:91:19:db:cf:54:99:c3:98:62:65:06:2b:04:4a:f8:89:df:
b7:87:2e:6b:9d:13:56:f2:e8:b6:d7:ca:4c:d3:6f:34:b9:1e:
3f:b2:eb:53:74:b7:ea:76:bd:a3:24:89:ab:1d:1d:4c:ef:f6:
3c:5c:57:da:5d:a7:2a:22:63:ab:b3:e3:ed:f7:3e:d3:90:12:
7e:da:56:19:fc:33:a4:fc:35:03:da:77:d6:b1:f2:5a:06:18:
a4:16:25:f6:f4:cf:eb:bb:93:61:d8:d4:8c:4a:58:d8:d6:87:
44:db:19:94:2e:0e:68:4a:2e:e8:20:f9:50:8d:8d:0b:18:32:
4a:7f:0c:57:27:b4:e9:ac:44:be:d7:09:89:d4:6d:d2:ba:75:
8b:c0:d8:f4:8a:43:80:b2:df:80:28:a7:6f:0b:4e:e4:7b:38:
9d:38:04:f5:79:fd:cd:56:d2:74:d3:5d:dc:d0:f3:e6:fb:07:
5f:0e:84:12
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZYrRdh8cgFtTD0ralBFNOoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDEyMTgzMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAxOTgyMDhkMjg1OWFmZTJiN2U2YmFlMDIyMjFjYmNlYWI2NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jGmwMMgPJ4wmpsK7xVVcZtN0L+s
c+mrJwqYGuPncOeFeevaeemYVKxC5a7PQ6f6AdddxMyxUXAdA1+Zs3MP1LI56/KU
kz7X6G3fTTtPvl2woxKjSE3jYzJ5Qsb0mANx4hM9gvKNFlbx5Nat2a6CY4EiNIpM
55j7JSzBlWxnzu1hAtHY9iZS7tAlpIjxEkPUWWkociYTM8zis+WT/u6tnMAdqtRh
3iPXQA0nm727+VlYb0Otr80QZUBRdoP7Zq0f/DVrNGRhl8cH685B6E6WQ4tEPZVA
AteReerFm1JBAOSXsOW37O5xa8o2UeNLT+XydH6tYDYysjSjvTw/GZYb2wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHEBmCCNKFmv4rfmuuAiIcvOq2RTMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvY1FHWUlJMG9XYV9pdC1hNjRDSWh5ODZyWkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCJS4QAwQA
QLxjMAwDBACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBAKPBntpi08Es7X/n
4w09ISoHtuFlC8ipH4Tjgqi14EXzCNwR7co/ZXI9qYZBzBKtvwW+FJMUpuV1+RT/
MphwwceG7tZY3xnY1jSRGdvPVJnDmGJlBisESviJ37eHLmudE1by6LbXykzTbzS5
Hj+y61N0t+p2vaMkiasdHUzv9jxcV9pdpyoiY6uz4+33PtOQEn7aVhn8M6T8NQPa
d9ax8loGGKQWJfb0z+u7k2HY1IxKWNjWh0TbGZQuDmhKLugg+VCNjQsYMkp/DFcn
tOmsRL7XCYnUbdK6dYvA2PSKQ4Cy34Aop28LTuR7OJ04BPV5/c1W0nTTXdzQ8+b7
B18OhBI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net