Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/8ZSiBVB9h2VqcjNcGsXVM5lUjmI.roa
File: 8ZSiBVB9h2VqcjNcGsXVM5lUjmI.roa (raw, json)
Hash identifier: hKEwzTFWQZO4iHIgYWy7xoBKPXgQqTPB0mui/ew+61o=
Subject key identifier: F1:94:A2:05:50:7D:87:65:6A:72:33:5C:1A:C5:D5:33:99:54:8E:62
Certificate issuer: /CN=739f3ebcd26792b913c1dcb9941996e998f16078
Certificate serial: 019424B3D0D594A87BA45B52AB489D545C31
Authority key identifier: 73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/8ZSiBVB9h2VqcjNcGsXVM5lUjmI.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35063
IP address blocks: 31.7.40.0/21 maxlen: 21
46.29.144.0/21 maxlen: 24
85.237.160.0/19 maxlen: 24
185.18.140.0/22 maxlen: 22
212.109.160.0/21 maxlen: 21
217.171.48.0/20 maxlen: 24
2a03:9500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d0:d5:94:a8:7b:a4:5b:52:ab:48:9d:54:5c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=739f3ebcd26792b913c1dcb9941996e998f16078
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f194a205507d87656a72335c1ac5d53399548e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:c1:de:95:a4:2a:7e:79:a9:00:07:11:bd:
19:63:f2:a2:78:99:50:1f:2f:76:68:3b:60:3f:67:
1c:d0:d8:b7:76:34:96:23:a5:ed:c4:71:4f:de:11:
f2:6a:ff:ec:22:f6:21:88:5a:16:f4:4f:06:97:d8:
7e:04:12:55:8e:a6:9c:31:4b:79:9c:b7:77:4e:0a:
3a:56:0d:ec:b3:f3:71:2d:b1:c0:09:b5:27:c0:b1:
b5:3b:fc:fc:ae:07:43:bb:7d:14:c8:06:9f:bf:ee:
48:bd:4b:3e:f4:96:7d:42:c6:07:ed:ad:f4:20:58:
9b:6a:8f:50:24:15:02:d6:23:ed:6f:c1:2a:bf:18:
ba:a4:db:0c:c6:d7:4c:bb:2a:2e:a4:dd:9b:c7:eb:
55:cb:d2:93:e4:40:2b:92:91:57:af:75:ce:b7:75:
f9:67:1e:d1:9a:59:bd:32:1d:fa:91:a4:85:f3:b2:
53:e8:e4:3c:a5:3c:4c:ff:6b:b9:9e:57:4c:bd:70:
bf:b1:a6:29:1f:10:05:d7:8e:6d:51:42:9a:35:76:
46:c1:1d:86:02:3e:9a:d6:b5:1f:94:10:77:29:db:
f8:62:60:4a:13:5d:32:32:57:78:c6:59:47:ce:73:
9e:6a:92:4d:3a:3b:2a:8e:96:ce:2c:ac:eb:b8:a5:
53:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:94:A2:05:50:7D:87:65:6A:72:33:5C:1A:C5:D5:33:99:54:8E:62
X509v3 Authority Key Identifier:
keyid:73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/8ZSiBVB9h2VqcjNcGsXVM5lUjmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.40.0/21
46.29.144.0/21
85.237.160.0/19
185.18.140.0/22
212.109.160.0/21
217.171.48.0/20
IPv6:
2a03:9500::/32
Signature Algorithm: sha256WithRSAEncryption
a4:94:5a:ae:eb:30:ca:2b:35:7e:5b:6f:83:42:d0:f5:48:cc:
1c:51:30:cb:19:2c:db:87:57:04:ef:bf:6a:56:9d:b3:90:df:
92:2e:41:e6:55:d3:91:bf:00:61:91:e0:7f:2f:57:43:e6:ea:
de:d6:5f:b0:63:0f:fd:37:96:d5:f1:2b:05:2f:db:60:c6:52:
de:1f:f5:17:52:93:18:bb:ea:21:cf:51:00:37:63:bf:aa:0f:
63:27:87:b4:02:4b:56:39:44:0a:8a:3b:fc:86:1a:ec:bc:ce:
cc:ad:84:fb:1c:5b:e3:00:09:19:7f:a3:64:3f:2a:81:f0:4f:
b0:76:3d:f8:9a:ab:6f:11:b7:1a:69:07:75:96:f9:5f:92:f2:
06:8c:ff:4a:3a:50:e0:4d:6a:29:76:8f:0a:d4:31:45:63:3a:
0e:29:de:e2:8b:3e:65:ae:49:da:4b:d7:3d:59:a5:b8:22:c4:
49:97:40:75:68:4c:e7:4e:13:a3:55:0f:a8:69:fc:d5:df:54:
d8:c7:1b:b9:94:40:0b:3a:8e:18:87:20:d5:a9:4a:a4:a4:c4:
96:b9:f0:99:d1:51:98:4a:a0:93:2d:bc:59:5c:29:26:85:d0:
d6:2c:33:e5:59:11:43:ad:4e:3a:1a:33:e3:ef:50:f3:6e:46:
21:81:0b:d1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQks9DVlKh7pFtSq0idVFwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOWYzZWJjZDI2NzkyYjkxM2MxZGNiOTk0MTk5NmU5OThm
MTYwNzgwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTk0YTIwNTUwN2Q4NzY1NmE3MjMzNWMxYWM1ZDUzMzk5NTQ4ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF/B3pWkKn55qQAHEb0ZY/KieJlQ
Hy92aDtgP2cc0Ni3djSWI6XtxHFP3hHyav/sIvYhiFoW9E8Gl9h+BBJVjqacMUt5
nLd3Tgo6Vg3ss/NxLbHACbUnwLG1O/z8rgdDu30UyAafv+5IvUs+9JZ9QsYH7a30
IFibao9QJBUC1iPtb8Eqvxi6pNsMxtdMuyoupN2bx+tVy9KT5EArkpFXr3XOt3X5
Zx7Rmlm9Mh36kaSF87JT6OQ8pTxM/2u5nldMvXC/saYpHxAF145tUUKaNXZGwR2G
Aj6a1rUflBB3Kdv4YmBKE10yMld4xllHznOeapJNOjsqjpbOLKzruKVTkwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPGUogVQfYdlanIzXBrF1TOZVI5iMB8GA1UdIwQY
MBaAFHOfPrzSZ5K5E8HcuZQZlumY8WB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUt
YTExYTk2ZDIxODYxLzEvOFpTaUJWQjloMlZxY2pOY0dzWFZNNWxVam1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUtYTExYTk2ZDIxODYx
LzEvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHwcoAwQD
Lh2QAwQFVe2gAwQCuRKMAwQD1G2gAwQE2aswMA0EAgACMAcDBQAqA5UAMA0GCSqG
SIb3DQEBCwUAA4IBAQCklFqu6zDKKzV+W2+DQtD1SMwcUTDLGSzbh1cE779qVp2z
kN+SLkHmVdORvwBhkeB/L1dD5ure1l+wYw/9N5bV8SsFL9tgxlLeH/UXUpMYu+oh
z1EAN2O/qg9jJ4e0AktWOUQKijv8hhrsvM7MrYT7HFvjAAkZf6NkPyqB8E+wdj34
mqtvEbcaaQd1lvlfkvIGjP9KOlDgTWopdo8K1DFFYzoOKd7iiz5lrknaS9c9WaW4
IsRJl0B1aEznThOjVQ+oafzV31TYxxu5lEALOo4YhyDVqUqkpMSWufCZ0VGYSqCT
LbxZXCkmhdDWLDPlWRFDrU46GjPj71DzbkYhgQvR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:11 2025 by rpki-client on console.sobornost.net