Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/fbSU4CetWJWd7HjfcvFRSKXI4vQ.roa
File: fbSU4CetWJWd7HjfcvFRSKXI4vQ.roa (raw, json)
Hash identifier: M6PMLWPUKWtxm5Wbn3SEv1XfrPfer8GOoDCQkV5wMxI=
Subject key identifier: 7D:B4:94:E0:27:AD:58:95:9D:EC:78:DF:72:F1:51:48:A5:C8:E2:F4
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 01942747DB9433098F4C9645E1810E5D908C
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/fbSU4CetWJWd7HjfcvFRSKXI4vQ.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206943
IP address blocks: 31.42.128.0/20 maxlen: 20
31.42.144.0/20 maxlen: 20
178.159.64.0/20 maxlen: 20
178.218.128.0/21 maxlen: 21
178.218.136.0/21 maxlen: 21
185.102.48.0/22 maxlen: 23
185.171.28.0/23 maxlen: 23
185.171.30.0/23 maxlen: 23
185.183.88.0/23 maxlen: 23
185.183.90.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:db:94:33:09:8f:4c:96:45:e1:81:0e:5d:90:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7db494e027ad58959dec78df72f15148a5c8e2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:87:90:a6:34:0b:a9:1d:ec:35:b7:86:09:c1:
89:9b:d6:54:b0:7b:e5:92:da:19:a5:7c:80:23:6b:
12:15:61:7a:37:6f:70:1e:09:06:91:f7:b5:c3:33:
d9:4d:05:29:5f:d9:06:89:f4:c9:f6:20:e9:0d:5c:
94:98:f0:ec:a8:be:8b:06:b6:05:0f:4f:37:a4:18:
27:df:8d:80:86:00:b9:b2:80:b9:58:a6:2a:fc:e3:
d0:c3:d3:67:79:c6:61:57:d6:e9:4a:40:42:99:69:
cc:ca:1a:59:b6:94:27:1b:1e:62:09:c6:0e:bd:df:
0e:22:5a:ee:bd:12:fd:aa:7b:bb:f9:33:5a:8b:81:
70:58:25:2f:31:a6:0f:ee:1f:22:1f:64:7f:e5:17:
ed:61:c9:be:8e:3a:70:72:e0:a1:45:e5:ee:9b:d9:
21:4f:62:44:9a:2d:04:72:ef:28:bb:89:8a:ab:84:
36:65:b7:d1:55:e7:34:3b:ab:e7:a2:6f:2e:0c:06:
3d:3d:8f:f8:3c:fa:fe:97:42:e4:4c:4b:13:c5:0d:
7e:7e:b2:be:25:d2:76:1c:0b:c4:2e:12:31:8a:73:
5c:02:22:83:03:2c:06:d6:8a:7e:45:37:13:11:90:
5c:c9:c4:ec:25:3e:ce:98:67:c2:cf:05:3e:9e:7a:
82:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B4:94:E0:27:AD:58:95:9D:EC:78:DF:72:F1:51:48:A5:C8:E2:F4
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/fbSU4CetWJWd7HjfcvFRSKXI4vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/19
178.159.64.0/20
178.218.128.0/20
185.102.48.0/22
185.171.28.0/22
185.183.88.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:12:27:98:87:3f:b1:0b:98:8f:c7:1e:42:0d:e2:7c:f1:01:
6c:a1:7e:3e:73:2a:74:38:73:17:9b:a0:b0:df:f1:ac:b3:86:
42:eb:83:17:56:55:bc:7e:32:70:86:1a:74:f6:45:42:4b:51:
71:01:46:4a:f4:ce:eb:5b:91:3d:45:5e:04:6f:ab:63:43:c3:
e1:36:8c:b0:85:aa:71:3f:0a:ac:b5:a7:d2:71:f2:dd:77:ea:
b9:5c:f2:dd:18:2b:1a:03:1c:77:6e:84:b7:c4:7e:d5:4b:28:
3e:7a:8c:ea:a6:08:6b:db:09:1d:50:6f:e1:7e:33:ef:ec:aa:
73:e3:fb:d4:12:2a:c5:1b:08:2b:0c:37:38:98:6d:4a:fd:34:
c8:42:9f:2a:29:da:7f:f9:51:d0:84:38:ff:93:73:21:ac:e3:
7d:d6:f8:8d:b6:9a:83:4b:48:50:a8:39:91:23:38:c4:4a:92:
57:f2:c9:cf:56:8a:e1:6d:52:a2:9f:4e:24:5f:83:a2:37:1a:
f0:9d:e4:68:d4:3a:16:dc:e7:43:c7:f2:c1:ff:50:3b:fa:7f:
40:d2:5c:1a:c6:fb:37:77:43:c6:eb:46:b5:48:cd:6d:cc:35:
37:9a:e3:77:ad:52:35:75:59:8f:1e:88:64:a9:d1:a0:58:32:
6b:e1:12:59
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnR9uUMwmPTJZF4YEOXZCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI0OTRlMDI3YWQ1ODk1OWRlYzc4ZGY3MmYxNTE0OGE1YzhlMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oeQpjQLqR3sNbeGCcGJm9ZUsHvl
ktoZpXyAI2sSFWF6N29wHgkGkfe1wzPZTQUpX9kGifTJ9iDpDVyUmPDsqL6LBrYF
D083pBgn342AhgC5soC5WKYq/OPQw9NnecZhV9bpSkBCmWnMyhpZtpQnGx5iCcYO
vd8OIlruvRL9qnu7+TNai4FwWCUvMaYP7h8iH2R/5RftYcm+jjpwcuChReXum9kh
T2JEmi0Ecu8ou4mKq4Q2ZbfRVec0O6vnom8uDAY9PY/4PPr+l0LkTEsTxQ1+frK+
JdJ2HAvELhIxinNcAiKDAywG1op+RTcTEZBcycTsJT7OmGfCzwU+nnqCgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH20lOAnrViVnex433LxUUilyOL0MB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvZmJTVTRDZXRXSldkN0hqZmN2RlJTS1hJNHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFHyqAAwQE
sp9AAwQEstqAAwQCuWYwAwQCuascAwQCubdYMA0GCSqGSIb3DQEBCwUAA4IBAQDO
EieYhz+xC5iPxx5CDeJ88QFsoX4+cyp0OHMXm6Cw3/Gss4ZC64MXVlW8fjJwhhp0
9kVCS1FxAUZK9M7rW5E9RV4Eb6tjQ8PhNoywhapxPwqstafScfLdd+q5XPLdGCsa
Axx3boS3xH7VSyg+eozqpghr2wkdUG/hfjPv7Kpz4/vUEirFGwgrDDc4mG1K/TTI
Qp8qKdp/+VHQhDj/k3MhrON91viNtpqDS0hQqDmRIzjESpJX8snPVorhbVKin04k
X4OiNxrwneRo1DoW3OdDx/LB/1A7+n9A0lwaxvs3d0PG60a1SM1tzDU3muN3rVI1
dVmPHohkqdGgWDJr4RJZ
-----END CERTIFICATE-----
Generated at Tue Jan 21 15:04:19 2025 by rpki-client on console.sobornost.net