Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/kdLvrEBXn-CHh74t-w6MV1EGNHo.roa
File: kdLvrEBXn-CHh74t-w6MV1EGNHo.roa (raw, json)
Hash identifier: gyiLAbj2kYbSToHhx7++uI/ewpeHDKzVyci4zfX1uw4=
Subject key identifier: 91:D2:EF:AC:40:57:9F:E0:87:87:BE:2D:FB:0E:8C:57:51:06:34:7A
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 019421B21EAA7BDE7CFF04D9AB4E895B243E
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/kdLvrEBXn-CHh74t-w6MV1EGNHo.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5408
IP address blocks: 37.32.128.0/17 maxlen: 17
62.217.64.0/18 maxlen: 24
83.212.0.0/16 maxlen: 24
91.227.108.0/24 maxlen: 24
185.5.76.0/22 maxlen: 22
185.81.196.0/22 maxlen: 22
193.105.109.0/24 maxlen: 24
194.42.50.0/23 maxlen: 23
194.42.52.0/23 maxlen: 23
194.42.54.0/24 maxlen: 24
194.177.192.0/19 maxlen: 24
195.130.64.0/18 maxlen: 24
195.251.0.0/16 maxlen: 24
195.251.2.0/24 maxlen: 24
2001:648::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1e:aa:7b:de:7c:ff:04:d9:ab:4e:89:5b:24:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91d2efac40579fe08787be2dfb0e8c575106347a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:05:3e:19:fc:87:ed:34:4a:17:89:7a:cb:6d:
4a:59:bf:9b:42:f9:2f:1c:16:ef:51:3e:90:da:b5:
82:c3:06:04:80:aa:fb:68:0c:cc:bb:5b:30:e5:dc:
65:96:eb:35:fa:05:f9:2b:66:ac:54:65:4f:41:80:
1d:b3:a9:15:23:c4:63:48:18:00:d4:25:65:f4:fc:
9b:47:72:27:c3:9a:0f:dc:40:b9:d8:2d:82:16:2d:
ea:40:e5:43:08:d8:9e:d0:3f:c7:e1:b8:49:b1:dc:
13:be:23:a1:dc:0e:e0:7d:d0:13:9f:ca:0d:fc:e1:
75:0f:cc:1f:07:08:5f:6b:a8:9b:00:3b:5f:da:2e:
a2:c3:ec:ea:4a:f8:f1:ad:ba:ad:f7:0a:6b:c2:4e:
b4:2b:f4:e7:ec:96:80:fe:77:10:0d:9d:23:f4:c3:
fc:3c:df:74:33:cc:fc:20:0c:ec:bb:d7:9a:c4:82:
9a:a8:32:ab:aa:7a:d3:de:2b:b4:46:ef:cb:06:2b:
c2:0a:ae:40:02:20:72:67:fa:ef:21:b8:07:fd:0f:
36:cd:69:ba:07:b9:7c:a4:f7:da:fc:ac:b3:cc:7e:
16:ea:77:df:69:8f:28:a5:e2:cb:5d:bd:89:37:55:
66:a0:a8:1f:ab:c6:16:2f:59:6a:c1:3b:a4:d6:98:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D2:EF:AC:40:57:9F:E0:87:87:BE:2D:FB:0E:8C:57:51:06:34:7A
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/kdLvrEBXn-CHh74t-w6MV1EGNHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.128.0/17
62.217.64.0/18
83.212.0.0/16
91.227.108.0/24
185.5.76.0/22
185.81.196.0/22
193.105.109.0/24
194.42.50.0-194.42.54.255
194.177.192.0/19
195.130.64.0/18
195.251.0.0/16
IPv6:
2001:648::/29
Signature Algorithm: sha256WithRSAEncryption
5d:ce:9e:e6:38:af:00:46:72:43:b8:bb:e9:d2:c8:29:59:cd:
b0:90:93:1b:f1:d8:ca:b8:18:8d:27:40:1b:fa:f9:63:b7:1f:
14:6f:84:8e:09:64:e0:ee:bb:c1:0c:e3:78:57:70:19:41:f1:
00:0f:3f:ba:38:18:a1:3e:a1:58:f7:7d:f4:90:1d:9c:21:31:
44:15:7c:3c:52:e3:59:82:e2:a7:64:bd:f6:bd:c6:55:11:45:
6f:76:64:ee:85:18:97:7d:82:b2:c6:d4:f1:d2:7a:63:33:84:
63:b9:5d:9b:64:4c:a0:44:2e:c4:79:e0:2a:cf:9d:40:dc:1e:
0c:10:69:98:9f:13:76:a4:09:eb:6f:54:36:94:19:6c:db:6d:
ac:36:fa:13:c5:33:e2:d0:7c:a1:d2:ec:49:63:75:e6:01:7d:
9c:0d:67:0b:33:b2:1c:72:54:28:2f:8f:e3:60:fd:b4:b1:a8:
36:ac:cf:7c:46:a6:ba:9d:25:c6:04:a0:c1:34:24:56:c4:36:
4f:bb:f3:25:40:ed:04:ca:72:29:c3:6a:b0:6d:36:9a:a6:32:
80:03:a8:cd:3f:18:93:bb:a8:31:aa:e4:49:07:a2:61:be:69:
a0:c5:20:7b:4a:5c:0a:50:87:8b:47:29:9b:92:d4:0d:4f:31:
81:78:95:94
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQhsh6qe958/wTZq06JWyQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQyZWZhYzQwNTc5ZmUwODc4N2JlMmRmYjBlOGM1NzUxMDYzNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQU+GfyH7TRKF4l6y21KWb+bQvkv
HBbvUT6Q2rWCwwYEgKr7aAzMu1sw5dxllus1+gX5K2asVGVPQYAds6kVI8RjSBgA
1CVl9PybR3Inw5oP3EC52C2CFi3qQOVDCNie0D/H4bhJsdwTviOh3A7gfdATn8oN
/OF1D8wfBwhfa6ibADtf2i6iw+zqSvjxrbqt9wprwk60K/Tn7JaA/ncQDZ0j9MP8
PN90M8z8IAzsu9eaxIKaqDKrqnrT3iu0Ru/LBivCCq5AAiByZ/rvIbgH/Q82zWm6
B7l8pPfa/KyzzH4W6nffaY8opeLLXb2JN1VmoKgfq8YWL1lqwTuk1pgt3QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJHS76xAV5/gh4e+LfsOjFdRBjR6MB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEva2RMdnJFQlhuLUNIaDc0dC13Nk1WMUVHTkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHJSCAAwQG
PtlAAwMAU9QDBABb42wDBAK5BUwDBAK5UcQDBADBaW0wDAMEAcIqMgMEAMIqNgME
BcKxwAMEBsOCQAMDAMP7MA0EAgACMAcDBQMgAQZIMA0GCSqGSIb3DQEBCwUAA4IB
AQBdzp7mOK8ARnJDuLvp0sgpWc2wkJMb8djKuBiNJ0Ab+vljtx8Ub4SOCWTg7rvB
DON4V3AZQfEADz+6OBihPqFY9330kB2cITFEFXw8UuNZguKnZL32vcZVEUVvdmTu
hRiXfYKyxtTx0npjM4RjuV2bZEygRC7EeeAqz51A3B4MEGmYnxN2pAnrb1Q2lBls
222sNvoTxTPi0Hyh0uxJY3XmAX2cDWcLM7IcclQoL4/jYP20sag2rM98Rqa6nSXG
BKDBNCRWxDZPu/MlQO0EynIpw2qwbTaapjKAA6jNPxiTu6gxquRJB6JhvmmgxSB7
SlwKUIeLRymbktQNTzGBeJWU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net