Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/pINkd1ie7Nky3a9FoR_Ki_Xg6PU.roa
File: pINkd1ie7Nky3a9FoR_Ki_Xg6PU.roa (raw, json)
Hash identifier: 1pjr0LqYiVuPSX7h6gFNcW7XvM1YOW/CpMKInu1F1x4=
Subject key identifier: A4:83:64:77:58:9E:EC:D9:32:DD:AF:45:A1:1F:CA:8B:F5:E0:E8:F5
Certificate issuer: /CN=8e55ca00bb616fdc4747cbfa4b54456c23f37284
Certificate serial: 01941F8CA525D18F0A753C9B169BB1E494E5
Authority key identifier: 8E:55:CA:00:BB:61:6F:DC:47:47:CB:FA:4B:54:45:6C:23:F3:72:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlXKALthb9xHR8v6S1RFbCPzcoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/pINkd1ie7Nky3a9FoR_Ki_Xg6PU.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203201
IP address blocks: 78.142.240.0/24 maxlen: 24
80.80.239.0/24 maxlen: 24
185.142.152.0/22 maxlen: 22
185.142.152.0/23 maxlen: 23
185.142.152.0/24 maxlen: 24
185.142.153.0/24 maxlen: 24
185.142.154.0/23 maxlen: 23
185.142.154.0/24 maxlen: 24
185.142.155.0/24 maxlen: 24
185.145.192.0/22 maxlen: 24
185.145.192.0/23 maxlen: 23
185.145.192.0/24 maxlen: 24
185.145.193.0/24 maxlen: 24
185.145.194.0/23 maxlen: 23
185.145.194.0/24 maxlen: 24
185.145.195.0/24 maxlen: 24
2a07:2e80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a5:25:d1:8f:0a:75:3c:9b:16:9b:b1:e4:94:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e55ca00bb616fdc4747cbfa4b54456c23f37284
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4836477589eecd932ddaf45a11fca8bf5e0e8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ac:a8:18:a9:39:65:7c:0e:2a:9f:c9:51:61:
c5:11:a3:03:6e:97:1a:20:7c:a5:74:1d:1e:67:ef:
fd:f2:43:3d:e9:e7:00:6a:5d:cd:de:53:3e:c3:d1:
ed:bc:f3:82:41:07:b5:5c:f0:e6:17:f4:91:bc:db:
3a:a9:3f:c9:07:1e:a6:8f:fc:d9:ac:dc:a1:fc:07:
2d:69:ea:d3:0a:48:c6:fe:f1:d4:43:ea:7d:0c:2a:
41:54:6c:ed:b4:e4:a5:c3:c4:b1:0e:8f:03:9a:5d:
49:bd:9d:13:55:b7:9d:83:e5:88:95:b0:ca:a5:02:
41:f3:4b:36:e8:6e:64:5d:c0:ff:25:02:13:f3:29:
68:bc:1c:6d:5a:4c:20:10:ed:c6:64:6c:04:e3:6d:
d7:a5:c0:03:95:cc:18:92:6f:a1:1b:c8:d4:5c:49:
b8:c6:cd:2f:5d:fd:d8:69:10:c0:4a:2d:92:24:77:
db:58:23:af:7d:18:93:a4:c9:0c:7b:5a:0c:a8:5a:
bf:76:56:50:06:7c:9e:14:f5:5f:05:70:53:a9:6f:
1c:48:2c:25:81:87:93:05:dc:68:1d:4f:73:43:d9:
3b:17:3b:41:f1:97:ff:e9:03:d6:f4:f6:7d:65:d0:
06:11:e8:2c:08:50:f7:a8:d0:09:76:c4:e6:64:eb:
c1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:83:64:77:58:9E:EC:D9:32:DD:AF:45:A1:1F:CA:8B:F5:E0:E8:F5
X509v3 Authority Key Identifier:
keyid:8E:55:CA:00:BB:61:6F:DC:47:47:CB:FA:4B:54:45:6C:23:F3:72:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlXKALthb9xHR8v6S1RFbCPzcoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/pINkd1ie7Nky3a9FoR_Ki_Xg6PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/jlXKALthb9xHR8v6S1RFbCPzcoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.240.0/24
80.80.239.0/24
185.142.152.0/22
185.145.192.0/22
IPv6:
2a07:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
58:38:10:d4:e6:bf:60:a2:a6:96:be:42:73:ad:81:38:50:9f:
90:f2:be:45:f3:72:12:e3:94:db:6b:24:62:77:63:a7:92:d5:
c9:3c:ef:94:f1:6b:04:e4:73:8e:d1:3c:70:52:a8:98:ab:11:
5b:cc:f8:61:d1:03:7c:94:3d:3a:0a:f4:bf:80:8e:94:c8:85:
c3:51:1a:b9:33:07:9b:da:88:18:06:37:6f:fb:4e:45:cb:85:
81:18:25:f5:91:5f:1e:2a:4f:75:bd:15:8e:38:d9:02:59:84:
bd:c1:df:2f:ac:9f:1e:50:9f:d3:63:07:e5:c2:8d:4e:f8:30:
b0:fb:8a:1f:52:71:a2:49:a4:2b:18:e0:c0:df:4a:eb:5c:68:
a1:98:eb:a8:d2:16:2e:33:a4:50:aa:0f:55:55:8e:8d:ed:da:
6f:53:48:66:d0:1d:0e:de:12:92:20:b4:fb:62:e9:25:20:9c:
e8:22:17:a4:bf:70:88:a4:0c:ee:81:17:38:fe:fa:f0:6a:d5:
7c:72:ad:40:bc:80:c9:28:cb:e7:de:e2:32:6b:35:2c:ff:a6:
ee:20:36:8d:2d:97:d1:6f:90:4d:45:01:e1:ec:78:4f:2f:dc:
cf:c0:3e:37:de:90:48:b9:b7:86:a7:7b:1c:34:f5:b4:57:25:
f6:a4:d9:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjKUl0Y8KdTybFpux5JTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNTVjYTAwYmI2MTZmZGM0NzQ3Y2JmYTRiNTQ0NTZjMjNm
MzcyODQwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDgzNjQ3NzU4OWVlY2Q5MzJkZGFmNDVhMTFmY2E4YmY1ZTBlOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKyoGKk5ZXwOKp/JUWHFEaMDbpca
IHyldB0eZ+/98kM96ecAal3N3lM+w9HtvPOCQQe1XPDmF/SRvNs6qT/JBx6mj/zZ
rNyh/ActaerTCkjG/vHUQ+p9DCpBVGzttOSlw8SxDo8Dml1JvZ0TVbedg+WIlbDK
pQJB80s26G5kXcD/JQIT8ylovBxtWkwgEO3GZGwE423XpcADlcwYkm+hG8jUXEm4
xs0vXf3YaRDASi2SJHfbWCOvfRiTpMkMe1oMqFq/dlZQBnyeFPVfBXBTqW8cSCwl
gYeTBdxoHU9zQ9k7FztB8Zf/6QPW9PZ9ZdAGEegsCFD3qNAJdsTmZOvB9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKSDZHdYnuzZMt2vRaEfyov14Oj1MB8GA1UdIwQY
MBaAFI5VygC7YW/cR0fL+ktURWwj83KEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamxYS0FMdGhiOXhIUjh2NlMxUkZiQ1B6Y29RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9mMTRkZGItZGI1OS00ODVjLTk5NDQt
ZTcxMTViYTQyMDhmLzEvcElOa2QxaWU3Tmt5M2E5Rm9SX0tpX1hnNlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9mMTRkZGItZGI1OS00ODVjLTk5NDQtZTcxMTViYTQyMDhm
LzEvamxYS0FMdGhiOXhIUjh2NlMxUkZiQ1B6Y29RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQATo7wAwQA
UFDvAwQCuY6YAwQCuZHAMA0EAgACMAcDBQMqBy6AMA0GCSqGSIb3DQEBCwUAA4IB
AQBYOBDU5r9goqaWvkJzrYE4UJ+Q8r5F83IS45TbayRid2OnktXJPO+U8WsE5HOO
0TxwUqiYqxFbzPhh0QN8lD06CvS/gI6UyIXDURq5Mweb2ogYBjdv+05Fy4WBGCX1
kV8eKk91vRWOONkCWYS9wd8vrJ8eUJ/TYwflwo1O+DCw+4ofUnGiSaQrGODA30rr
XGihmOuo0hYuM6RQqg9VVY6N7dpvU0hm0B0O3hKSILT7YuklIJzoIhekv3CIpAzu
gRc4/vrwatV8cq1AvIDJKMvn3uIyazUs/6buIDaNLZfRb5BNRQHh7HhPL9zPwD43
3pBIubeGp3scNPW0VyX2pNmd
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:32 2025 by rpki-client on console.sobornost.net