Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/JiXA3NEuZkH0QXN05zeuUA5jMwY.roa
File: JiXA3NEuZkH0QXN05zeuUA5jMwY.roa (raw, json)
Hash identifier: YFDd4vweHXAu3AFKCBPOWScIToP/BlFEZooHjiGGKLQ=
Subject key identifier: 26:25:C0:DC:D1:2E:66:41:F4:41:73:74:E7:37:AE:50:0E:63:33:06
Certificate issuer: /CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Certificate serial: 019614298E46C2AFD27A0507C567101E61B7
Authority key identifier: DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/JiXA3NEuZkH0QXN05zeuUA5jMwY.roa
Signing time: Tue 08 Apr 2025 06:49:49 +0000
ROA not before: Tue 08 Apr 2025 06:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43284
IP address blocks: 77.73.240.0/21 maxlen: 21
80.241.96.0/20 maxlen: 20
185.69.136.0/22 maxlen: 22
194.56.219.0/24 maxlen: 24
213.159.80.0/20 maxlen: 20
2a02:2108::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:29:8e:46:c2:af:d2:7a:05:07:c5:67:10:1e:61:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Validity
Not Before: Apr 8 06:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2625c0dcd12e6641f4417374e737ae500e633306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ad:c4:3c:e5:0c:e5:f9:fb:30:42:6c:51:61:
01:21:ef:fb:0e:16:9d:5a:08:65:e6:7d:2c:17:04:
10:a0:08:f5:67:77:02:e9:f6:83:aa:ed:9b:ad:ef:
68:98:d1:37:96:1d:47:ae:54:9f:8f:9a:86:94:90:
ac:64:6b:c2:1b:2f:c4:a8:bf:4b:37:57:84:fa:07:
55:da:88:bb:92:2f:94:dc:62:0a:78:8c:59:17:18:
d8:e9:50:9f:d3:9f:a8:2e:98:5a:29:f0:b4:66:0d:
37:b7:8e:50:23:f9:cf:1a:01:d9:32:25:91:b4:4f:
8e:31:37:6b:38:22:40:53:b9:89:61:05:42:ac:48:
d2:32:d5:2a:cf:7d:7e:36:56:9e:de:94:a4:3f:85:
c2:ed:98:8b:aa:09:be:23:2f:72:a2:66:fa:68:fa:
a6:80:38:6d:a5:44:de:50:ce:d7:32:9b:db:33:74:
94:f3:8d:44:5e:c3:09:c1:ef:0c:b9:e3:43:eb:2b:
a8:e0:31:51:fc:48:78:df:3b:be:85:2d:59:87:65:
bf:b1:13:60:1a:15:08:68:2f:09:51:d2:81:22:34:
c7:34:46:f1:3d:f3:ed:a9:3c:0d:d4:3f:cb:4f:fb:
65:ff:62:b9:64:ba:d5:82:b0:c2:0f:3d:21:95:f4:
2d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:25:C0:DC:D1:2E:66:41:F4:41:73:74:E7:37:AE:50:0E:63:33:06
X509v3 Authority Key Identifier:
keyid:DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/JiXA3NEuZkH0QXN05zeuUA5jMwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.240.0/21
80.241.96.0/20
185.69.136.0/22
194.56.219.0/24
213.159.80.0/20
IPv6:
2a02:2108::/32
Signature Algorithm: sha256WithRSAEncryption
5c:e3:5b:2a:d2:51:99:92:28:ef:17:ca:4c:cb:77:03:a1:f3:
48:3a:88:aa:f5:bc:74:3c:4c:e1:bf:b5:4f:5a:fa:58:a1:24:
b6:d4:72:22:7f:8b:0f:d0:0d:9b:88:7b:ed:d3:ed:62:b6:07:
a4:00:4e:3d:5d:e0:fc:f0:68:b3:5d:5c:3a:c1:d1:b6:bc:c5:
46:80:c5:0f:b7:b9:08:29:8a:72:0c:b2:a0:f7:a9:27:57:6a:
df:e8:f1:6c:14:a3:83:6d:58:47:ac:32:1a:6a:5e:b6:9f:38:
6e:a2:1f:33:0e:fd:6a:78:49:ab:a2:de:3d:c1:40:f9:3c:61:
c8:38:c7:09:f4:b6:36:c4:36:e4:47:4f:88:86:be:ec:68:33:
cd:dc:72:1e:26:c2:c9:e2:47:64:c5:8f:84:5a:5a:4e:8e:ee:
3b:bc:c1:1d:48:9d:65:e6:a0:7e:02:71:54:e1:84:82:ff:05:
e1:e7:3a:e7:93:63:27:fc:ce:3f:a2:b5:03:3e:01:07:d6:98:
49:40:a4:79:fe:24:ca:b0:1d:05:6f:21:49:6d:7d:96:01:05:
2f:71:fa:9d:8b:7c:de:e0:b1:92:c9:89:f7:90:a0:33:f8:f4:
9c:5e:5a:a2:d3:6f:fe:19:71:fa:2b:44:68:03:e4:d4:8a:77:
61:bd:cd:85
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZYUKY5Gwq/SegUHxWcQHmG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNmEzNzQyZjBmMGZiMTIwOTIyYjMzOWVmMDFjZWNmODdm
NGQxZWUwHhcNMjUwNDA4MDY0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjI1YzBkY2QxMmU2NjQxZjQ0MTczNzRlNzM3YWU1MDBlNjMzMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6q3EPOUM5fn7MEJsUWEBIe/7Dhad
Wghl5n0sFwQQoAj1Z3cC6faDqu2bre9omNE3lh1HrlSfj5qGlJCsZGvCGy/EqL9L
N1eE+gdV2oi7ki+U3GIKeIxZFxjY6VCf05+oLphaKfC0Zg03t45QI/nPGgHZMiWR
tE+OMTdrOCJAU7mJYQVCrEjSMtUqz31+Nlae3pSkP4XC7ZiLqgm+Iy9yomb6aPqm
gDhtpUTeUM7XMpvbM3SU841EXsMJwe8MueND6yuo4DFR/Eh43zu+hS1Zh2W/sRNg
GhUIaC8JUdKBIjTHNEbxPfPtqTwN1D/LT/tl/2K5ZLrVgrDCDz0hlfQtkwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCYlwNzRLmZB9EFzdOc3rlAOYzMGMB8GA1UdIwQY
MBaAFNxqN0Lw8PsSCSKzOe8Bzs+H9NHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgt
Y2MxZDJjNWUxYjMxLzEvSmlYQTNORXVaa0gwUVhOMDV6ZXVVQTVqTXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgtY2MxZDJjNWUxYjMx
LzEvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUnwAwQE
UPFgAwQCuUWIAwQAwjjbAwQE1Z9QMA0EAgACMAcDBQAqAiEIMA0GCSqGSIb3DQEB
CwUAA4IBAQBc41sq0lGZkijvF8pMy3cDofNIOoiq9bx0PEzhv7VPWvpYoSS21HIi
f4sP0A2biHvt0+1itgekAE49XeD88GizXVw6wdG2vMVGgMUPt7kIKYpyDLKg96kn
V2rf6PFsFKODbVhHrDIaal62nzhuoh8zDv1qeEmrot49wUD5PGHIOMcJ9LY2xDbk
R0+Ihr7saDPN3HIeJsLJ4kdkxY+EWlpOju47vMEdSJ1l5qB+AnFU4YSC/wXh5zrn
k2Mn/M4/orUDPgEH1phJQKR5/iTKsB0FbyFJbX2WAQUvcfqdi3ze4LGSyYn3kKAz
+PScXlqi02/+GXH6K0RoA+TUindhvc2F
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net