Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/IaBz7IBS18EOrfG55R0yavdCWsU.roa
File: IaBz7IBS18EOrfG55R0yavdCWsU.roa (raw, json)
Hash identifier: Nap3apHF6QYSf7K8N+JIx5e68+UiwKI1rUfObY2f9CA=
Subject key identifier: 21:A0:73:EC:80:52:D7:C1:0E:AD:F1:B9:E5:1D:32:6A:F7:42:5A:C5
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 0194236A060A1FD9A0A645C405838DF12A95
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/IaBz7IBS18EOrfG55R0yavdCWsU.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41275
IP address blocks: 5.35.112.0/22 maxlen: 22
5.35.113.0/24 maxlen: 24
62.217.184.0/21 maxlen: 21
85.198.104.0/23 maxlen: 23
89.169.48.0/22 maxlen: 22
89.207.216.0/21 maxlen: 21
89.207.221.0/24 maxlen: 24
93.157.244.0/22 maxlen: 22
95.131.144.0/21 maxlen: 21
185.136.76.0/22 maxlen: 22
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
217.150.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:06:0a:1f:d9:a0:a6:45:c4:05:83:8d:f1:2a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21a073ec8052d7c10eadf1b9e51d326af7425ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:80:8b:15:61:bf:d7:9d:2a:77:75:00:f9:99:
9b:36:fb:27:d4:d8:5f:a2:22:70:fd:36:75:53:96:
75:22:4e:00:02:c1:3b:4c:a2:0d:64:d1:57:eb:42:
aa:0f:5a:f8:42:c2:17:b4:61:8e:25:bd:69:f9:8f:
92:6b:07:92:41:b8:a0:29:2f:06:a3:ef:68:10:1f:
33:aa:f3:b7:7f:cc:cc:dc:a9:20:1d:37:09:eb:cd:
c4:12:9b:3b:65:e2:9c:56:58:4f:d3:ee:d5:f2:ad:
cb:25:51:b9:ad:5f:93:1a:82:09:44:15:a8:ea:31:
e7:5c:20:05:8d:90:3c:77:ab:40:6a:7f:96:85:ea:
73:99:85:5a:81:6f:21:fa:46:3e:a9:89:96:75:09:
44:0b:46:c7:47:f4:53:2e:35:37:4a:d3:53:64:90:
c3:9e:d3:74:71:44:46:96:9a:73:c2:e1:f9:ba:b0:
0e:c9:f6:5d:2d:a8:32:6b:75:1d:c0:84:d0:26:71:
45:3c:f1:27:6c:7f:28:c6:bc:6a:42:a3:2c:e8:c0:
34:ab:6b:e5:66:69:79:4a:9d:e2:2a:1e:54:37:82:
2e:67:75:2a:dd:2d:1c:6c:1c:66:ec:01:b5:b4:ad:
aa:cf:1d:bb:dd:b4:da:a6:50:e8:6f:64:6f:a1:b2:
22:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A0:73:EC:80:52:D7:C1:0E:AD:F1:B9:E5:1D:32:6A:F7:42:5A:C5
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/IaBz7IBS18EOrfG55R0yavdCWsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
85.198.104.0/23
89.169.48.0/22
89.207.216.0/21
93.157.244.0/22
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
217.150.200.0/23
Signature Algorithm: sha256WithRSAEncryption
51:fb:ab:60:d1:ff:51:33:46:66:3e:16:4c:45:e6:10:f8:aa:
22:27:86:d0:4b:6b:8a:29:a6:2b:2d:8e:85:1f:9c:a6:49:db:
d7:e4:e8:09:90:a4:b9:cd:bd:6e:f1:cd:c7:78:90:d5:da:d2:
e8:ca:e7:dd:6f:a5:ee:d7:7a:01:12:33:db:58:7e:eb:0c:ae:
e8:41:5f:3d:e7:93:ae:84:7d:c5:dc:f3:b8:d9:de:c1:8b:aa:
c9:01:2d:fc:61:81:9a:6c:99:3e:36:6e:4b:c3:9f:0a:79:75:
17:8d:6f:d3:db:f9:3e:0a:18:6c:44:34:48:d1:6a:cf:2a:a7:
cd:e7:f0:3f:44:99:ee:53:8d:6d:89:b4:d3:5f:b5:e5:0f:08:
4f:59:81:13:c6:73:d5:e4:39:c0:4f:bd:10:43:ad:d3:93:5e:
46:dc:c9:6d:8f:57:20:18:98:13:c0:fa:ef:fd:ac:47:b2:4e:
87:c5:24:7f:1c:cd:c1:43:e0:60:9e:47:1c:bc:54:5e:f1:1c:
0c:e2:91:c1:bb:b7:61:e0:15:ac:87:0f:8d:26:c4:f4:14:e6:
cc:52:15:c8:a4:6c:a4:20:4f:e9:62:2c:7a:58:01:63:e4:54:
f4:e2:20:54:c9:76:ab:ce:11:70:b2:09:50:92:52:a6:9c:a6:
18:17:38:1f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQjagYKH9mgpkXEBYON8SqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWEwNzNlYzgwNTJkN2MxMGVhZGYxYjllNTFkMzI2YWY3NDI1YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoCLFWG/150qd3UA+ZmbNvsn1Nhf
oiJw/TZ1U5Z1Ik4AAsE7TKINZNFX60KqD1r4QsIXtGGOJb1p+Y+SaweSQbigKS8G
o+9oEB8zqvO3f8zM3KkgHTcJ683EEps7ZeKcVlhP0+7V8q3LJVG5rV+TGoIJRBWo
6jHnXCAFjZA8d6tAan+WhepzmYVagW8h+kY+qYmWdQlEC0bHR/RTLjU3StNTZJDD
ntN0cURGlppzwuH5urAOyfZdLagya3UdwITQJnFFPPEnbH8oxrxqQqMs6MA0q2vl
Zml5Sp3iKh5UN4IuZ3Uq3S0cbBxm7AG1tK2qzx273bTaplDob2RvobIisQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCGgc+yAUtfBDq3xueUdMmr3QlrFMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvSWFCejdJQlMxOEVPcmZHNTVSMHlhdmRDV3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCBSNwAwQD
Ptm4AwQBVcZoAwQCWakwAwQDWc/YAwQCXZ30AwQDX4OQAwQCuYhMMAwDBAC5mxED
BAK5mxADBAHZlsgwDQYJKoZIhvcNAQELBQADggEBAFH7q2DR/1EzRmY+FkxF5hD4
qiInhtBLa4oppistjoUfnKZJ29fk6AmQpLnNvW7xzcd4kNXa0ujK591vpe7XegES
M9tYfusMruhBXz3nk66EfcXc87jZ3sGLqskBLfxhgZpsmT42bkvDnwp5dReNb9Pb
+T4KGGxENEjRas8qp83n8D9Eme5TjW2JtNNfteUPCE9ZgRPGc9XkOcBPvRBDrdOT
XkbcyW2PVyAYmBPA+u/9rEeyTofFJH8czcFD4GCeRxy8VF7xHAzikcG7t2HgFayH
D40mxPQU5sxSFcikbKQgT+liLHpYAWPkVPTiIFTJdqvOEXCyCVCSUqacphgXOB8=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:55:24 2025 by rpki-client on console.sobornost.net