Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/A-erq4E_vS_sClsVUy_BTwx19Hg.roa
File: A-erq4E_vS_sClsVUy_BTwx19Hg.roa (raw, json)
Hash identifier: SUYK7DPP7bSBUCJQQsp/hEymfhhjYuiakYraASHFaU0=
Subject key identifier: 03:E7:AB:AB:81:3F:BD:2F:EC:0A:5B:15:53:2F:C1:4F:0C:75:F4:78
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01955BBF0610AD332D52B93B58DAAD27046D
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/A-erq4E_vS_sClsVUy_BTwx19Hg.roa
Signing time: Mon 03 Mar 2025 11:23:20 +0000
ROA not before: Mon 03 Mar 2025 11:23:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51223
IP address blocks: 89.32.80.0/21 maxlen: 24
176.113.84.0/22 maxlen: 24
178.237.128.0/20 maxlen: 24
185.26.4.0/22 maxlen: 24
212.119.48.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:bf:06:10:ad:33:2d:52:b9:3b:58:da:ad:27:04:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 3 11:23:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03e7abab813fbd2fec0a5b15532fc14f0c75f478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:77:ae:1b:57:bf:47:fe:50:ec:be:67:fa:1f:
87:5a:e0:5b:7b:98:51:09:00:49:ed:d3:5f:7e:29:
d3:38:6b:64:a2:29:93:f8:7d:44:46:48:66:5c:00:
4d:97:22:99:03:67:06:2a:26:bf:cd:97:e9:ef:30:
0a:2e:cf:f7:f9:7c:8a:21:ce:bf:a8:86:3b:d8:ed:
45:80:cc:14:01:9a:18:f7:5c:c9:83:3b:c3:c4:e9:
3e:98:c1:e5:59:d8:0c:89:4e:fe:8c:d1:29:22:92:
0e:3a:3d:1c:96:2b:72:77:db:1a:12:3b:27:08:e1:
9e:b7:77:31:db:25:ee:1d:38:8d:a2:f9:2d:d9:c6:
90:3d:d2:90:02:8d:04:ca:01:36:26:fc:c4:81:ee:
6f:bc:31:44:c5:eb:15:c4:4b:33:c4:ab:d7:41:65:
4a:33:87:b7:0f:45:6e:c0:0f:78:80:61:6c:2a:7e:
f2:a1:56:0e:2a:b4:ab:7a:ef:9b:05:40:b0:84:8a:
55:24:08:40:85:e3:d1:df:a6:eb:f5:d8:67:1b:93:
0c:47:95:0a:29:c0:57:60:e4:ae:4b:8f:3c:7d:71:
bb:ae:8f:12:cf:9d:0e:3e:ca:d2:f5:e6:03:d5:b5:
c0:c9:a0:7f:50:ef:b3:28:e5:00:56:5b:a1:fc:a7:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E7:AB:AB:81:3F:BD:2F:EC:0A:5B:15:53:2F:C1:4F:0C:75:F4:78
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/A-erq4E_vS_sClsVUy_BTwx19Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.80.0/21
176.113.84.0/22
178.237.128.0/20
185.26.4.0/22
212.119.48.0/22
Signature Algorithm: sha256WithRSAEncryption
88:62:f7:c9:10:98:f6:92:5d:67:ab:40:55:11:63:15:18:f9:
3b:80:32:5f:2d:db:87:57:8a:43:23:10:4c:58:ba:da:ba:0c:
c5:07:c0:4f:bb:8c:14:0b:79:f0:b8:50:99:96:6f:34:77:8b:
2f:47:40:94:b3:da:88:ad:b3:f9:67:1a:c6:31:94:6b:20:99:
b3:0a:5a:78:e4:be:b2:2c:7e:f9:58:e2:ae:45:eb:82:f7:04:
99:2c:56:8d:d6:93:d3:3a:4a:18:c6:e1:5e:03:fa:bb:0f:83:
87:db:72:a8:00:0b:3d:c2:e7:2c:96:b5:f4:e3:60:36:f8:7f:
c7:d1:ad:0c:de:46:ca:63:0b:cc:4a:13:2a:4f:6c:69:cd:f7:
34:64:96:5a:a7:29:86:00:98:9f:a9:fe:fb:a4:29:2b:13:6c:
68:69:8c:71:7f:7f:28:ac:89:34:ae:92:9d:4d:19:a1:90:2b:
4d:2b:b7:3b:43:df:50:48:83:1f:66:5b:d9:af:dc:8f:88:1b:
01:4b:d1:12:bc:68:a3:62:7a:6b:d0:70:b4:49:40:c7:59:99:
da:db:ca:3e:9a:0d:6d:ad:b0:be:f6:88:34:14:fa:7b:19:0d:
8f:de:6e:62:61:e2:07:6d:4c:30:ac:79:86:20:48:2c:3a:b4:
91:fe:b7:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVbvwYQrTMtUrk7WNqtJwRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMzAzMTEyMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U3YWJhYjgxM2ZiZDJmZWMwYTViMTU1MzJmYzE0ZjBjNzVmNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnneuG1e/R/5Q7L5n+h+HWuBbe5hR
CQBJ7dNffinTOGtkoimT+H1ERkhmXABNlyKZA2cGKia/zZfp7zAKLs/3+XyKIc6/
qIY72O1FgMwUAZoY91zJgzvDxOk+mMHlWdgMiU7+jNEpIpIOOj0clityd9saEjsn
COGet3cx2yXuHTiNovkt2caQPdKQAo0EygE2JvzEge5vvDFExesVxEszxKvXQWVK
M4e3D0VuwA94gGFsKn7yoVYOKrSreu+bBUCwhIpVJAhAhePR36br9dhnG5MMR5UK
KcBXYOSuS488fXG7ro8Sz50OPsrS9eYD1bXAyaB/UO+zKOUAVluh/KfejQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAPnq6uBP70v7ApbFVMvwU8MdfR4MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvQS1lcnE0RV92U19zQ2xzVlV5X0JUd3gxOUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDWSBQAwQC
sHFUAwQEsu2AAwQCuRoEAwQC1HcwMA0GCSqGSIb3DQEBCwUAA4IBAQCIYvfJEJj2
kl1nq0BVEWMVGPk7gDJfLduHV4pDIxBMWLraugzFB8BPu4wUC3nwuFCZlm80d4sv
R0CUs9qIrbP5ZxrGMZRrIJmzClp45L6yLH75WOKuReuC9wSZLFaN1pPTOkoYxuFe
A/q7D4OH23KoAAs9wucslrX042A2+H/H0a0M3kbKYwvMShMqT2xpzfc0ZJZapymG
AJifqf77pCkrE2xoaYxxf38orIk0rpKdTRmhkCtNK7c7Q99QSIMfZlvZr9yPiBsB
S9ESvGijYnpr0HC0SUDHWZna28o+mg1trbC+9og0FPp7GQ2P3m5iYeIHbUwwrHmG
IEgsOrSR/rcQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net