Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4f751d-a355-40f3-aa44-7cca6773601a/1/FbrLEhPNzeP3YBaAHf9eFxRuW4Q.roa
File: FbrLEhPNzeP3YBaAHf9eFxRuW4Q.roa (raw, json)
Hash identifier: tIvIpmdcEwWZjqwN5z7sH3lNkK7Yv5zoicIS3DqlnGI=
Subject key identifier: 15:BA:CB:12:13:CD:CD:E3:F7:60:16:80:1D:FF:5E:17:14:6E:5B:84
Certificate issuer: /CN=c9e7aac3d724d9d49f3027133633ba119bb367fb
Certificate serial: 019546C9C3222346051C1AA8B47B58B2C72C
Authority key identifier: C9:E7:AA:C3:D7:24:D9:D4:9F:30:27:13:36:33:BA:11:9B:B3:67:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yeeqw9ck2dSfMCcTNjO6EZuzZ_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4f751d-a355-40f3-aa44-7cca6773601a/1/FbrLEhPNzeP3YBaAHf9eFxRuW4Q.roa
Signing time: Thu 27 Feb 2025 09:43:02 +0000
ROA not before: Thu 27 Feb 2025 09:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48815
IP address blocks: 109.233.120.0/24 maxlen: 24
109.233.121.0/24 maxlen: 24
109.233.122.0/24 maxlen: 24
109.233.123.0/24 maxlen: 24
109.233.124.0/24 maxlen: 24
109.233.125.0/24 maxlen: 24
109.233.126.0/24 maxlen: 24
109.233.127.0/24 maxlen: 24
176.221.48.0/24 maxlen: 24
176.221.49.0/24 maxlen: 24
176.221.50.0/24 maxlen: 24
176.221.51.0/24 maxlen: 24
176.221.52.0/24 maxlen: 24
176.221.53.0/24 maxlen: 24
176.221.54.0/24 maxlen: 24
176.221.55.0/24 maxlen: 24
195.88.6.0/23 maxlen: 23
212.112.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:c9:c3:22:23:46:05:1c:1a:a8:b4:7b:58:b2:c7:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9e7aac3d724d9d49f3027133633ba119bb367fb
Validity
Not Before: Feb 27 09:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15bacb1213cdcde3f76016801dff5e17146e5b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:25:72:7f:83:5b:63:23:87:ba:f5:c0:10:
d4:bb:dc:1c:fa:0f:33:32:c5:a7:c0:1a:33:c2:43:
62:e5:0b:bf:62:eb:0b:0e:71:c8:7d:fb:17:a7:dc:
23:78:85:55:1b:81:de:c2:47:52:22:05:e3:9d:12:
7d:b3:5c:90:d9:c1:44:49:8f:b3:20:f8:71:12:21:
f9:37:1e:82:11:d8:94:d7:91:9a:7c:30:e2:80:90:
8b:f5:ef:f6:95:09:90:00:e9:2b:fa:4f:90:4c:4b:
37:94:4b:7b:2a:9c:af:6b:b5:1e:a0:72:a8:f0:ba:
5f:5c:7d:13:aa:6d:79:05:17:2f:d8:80:cf:31:43:
d6:a9:6b:11:4d:29:07:12:7c:53:e6:ea:6b:24:38:
79:ea:07:1e:33:53:61:7e:e4:02:a2:05:ff:0f:ab:
e9:56:6f:06:6c:d3:e2:5d:72:75:8d:a5:73:d5:27:
b3:7d:ef:50:01:37:d0:00:ae:d2:51:88:00:77:3a:
93:24:87:6a:d3:bd:23:0a:f3:ca:94:00:63:dc:cc:
62:b3:90:59:b6:28:13:c3:73:56:b0:5a:c1:67:1d:
de:6f:47:39:34:92:7e:33:07:b2:32:75:de:9e:65:
06:ce:18:98:69:c2:33:40:d5:01:d7:fc:3d:60:70:
7a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BA:CB:12:13:CD:CD:E3:F7:60:16:80:1D:FF:5E:17:14:6E:5B:84
X509v3 Authority Key Identifier:
keyid:C9:E7:AA:C3:D7:24:D9:D4:9F:30:27:13:36:33:BA:11:9B:B3:67:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yeeqw9ck2dSfMCcTNjO6EZuzZ_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4f751d-a355-40f3-aa44-7cca6773601a/1/FbrLEhPNzeP3YBaAHf9eFxRuW4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4f751d-a355-40f3-aa44-7cca6773601a/1/yeeqw9ck2dSfMCcTNjO6EZuzZ_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.120.0/21
176.221.48.0/21
195.88.6.0/23
212.112.74.0/24
Signature Algorithm: sha256WithRSAEncryption
76:70:f9:ac:04:b4:08:e6:aa:bb:8a:c5:c7:2c:84:1b:b1:0a:
42:8d:bb:df:20:e6:1f:74:a4:b1:63:a0:13:e8:c1:13:24:6c:
93:d9:83:2b:66:3c:de:4d:4f:bc:5e:8b:22:2a:25:c3:2f:12:
12:c2:44:0c:e0:3f:03:a6:06:22:3b:28:58:48:06:16:fd:7e:
86:00:57:a0:49:5a:07:1a:cd:0b:d3:02:d6:41:65:f3:6a:a7:
f6:53:40:d6:d8:bf:93:40:67:6d:75:26:85:00:b4:ed:4f:ba:
ed:02:26:a1:7f:19:9a:ca:1d:10:20:ce:ac:fa:be:18:49:29:
1e:f4:16:1c:31:a7:cf:0c:a8:65:53:73:f8:d4:5e:c4:a9:e7:
bc:33:f6:27:6d:2c:73:6e:f8:f4:db:fd:c9:12:ca:a2:5f:d6:
1e:43:65:44:7c:78:d2:3a:0a:9a:68:5f:0e:d3:9c:88:13:33:
7e:e8:fc:e1:1b:19:4f:ad:00:ae:15:bf:41:35:38:73:ee:e0:
86:75:da:ba:a1:dd:78:d9:fd:3b:98:55:83:af:1a:a1:64:cc:
dc:b2:e6:c8:12:29:4f:0a:ce:64:af:43:4c:c2:d6:0b:a2:d8:
1e:69:41:e0:4c:73:1b:93:15:6a:d6:cc:b6:23:36:43:12:1f:
3a:86:28:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVGycMiI0YFHBqotHtYsscsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZTdhYWMzZDcyNGQ5ZDQ5ZjMwMjcxMzM2MzNiYTExOWJi
MzY3ZmIwHhcNMjUwMjI3MDk0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWJhY2IxMjEzY2RjZGUzZjc2MDE2ODAxZGZmNWUxNzE0NmU1Yjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMQlcn+DW2Mjh7r1wBDUu9wc+g8z
MsWnwBozwkNi5Qu/YusLDnHIffsXp9wjeIVVG4HewkdSIgXjnRJ9s1yQ2cFESY+z
IPhxEiH5Nx6CEdiU15GafDDigJCL9e/2lQmQAOkr+k+QTEs3lEt7Kpyva7UeoHKo
8LpfXH0Tqm15BRcv2IDPMUPWqWsRTSkHEnxT5uprJDh56gceM1NhfuQCogX/D6vp
Vm8GbNPiXXJ1jaVz1Sezfe9QATfQAK7SUYgAdzqTJIdq070jCvPKlABj3Mxis5BZ
tigTw3NWsFrBZx3eb0c5NJJ+MweyMnXenmUGzhiYacIzQNUB1/w9YHB6DwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBW6yxITzc3j92AWgB3/XhcUbluEMB8GA1UdIwQY
MBaAFMnnqsPXJNnUnzAnEzYzuhGbs2f7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWVlcXc5Y2syZFNmTUNjVE5qTzZFWnV6Wl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80Zjc1MWQtYTM1NS00MGYzLWFhNDQt
N2NjYTY3NzM2MDFhLzEvRmJyTEVoUE56ZVAzWUJhQUhmOWVGeFJ1VzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80Zjc1MWQtYTM1NS00MGYzLWFhNDQtN2NjYTY3NzM2MDFh
LzEveWVlcXc5Y2syZFNmTUNjVE5qTzZFWnV6Wl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDbel4AwQD
sN0wAwQBw1gGAwQA1HBKMA0GCSqGSIb3DQEBCwUAA4IBAQB2cPmsBLQI5qq7isXH
LIQbsQpCjbvfIOYfdKSxY6AT6METJGyT2YMrZjzeTU+8XosiKiXDLxISwkQM4D8D
pgYiOyhYSAYW/X6GAFegSVoHGs0L0wLWQWXzaqf2U0DW2L+TQGdtdSaFALTtT7rt
Aiahfxmayh0QIM6s+r4YSSke9BYcMafPDKhlU3P41F7Eqee8M/YnbSxzbvj02/3J
EsqiX9YeQ2VEfHjSOgqaaF8O05yIEzN+6PzhGxlPrQCuFb9BNThz7uCGddq6od14
2f07mFWDrxqhZMzcsubIEilPCs5kr0NMwtYLotgeaUHgTHMbkxVq1sy2IzZDEh86
hiiE
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:56 2025 by rpki-client on console.sobornost.net