Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/1pjCPyjrDBH2c9AV9d3UwVHsKbs.roa
File: 1pjCPyjrDBH2c9AV9d3UwVHsKbs.roa (raw, json)
Hash identifier: Ql5Tmt/SEqxFVNDBVM1xT/p2kqsO25WJUVDlpfDvFn4=
Subject key identifier: D6:98:C2:3F:28:EB:0C:11:F6:73:D0:15:F5:DD:D4:C1:51:EC:29:BB
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01953D9B9AC6F576835271F8AD1160B0A661
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/1pjCPyjrDBH2c9AV9d3UwVHsKbs.roa
Signing time: Tue 25 Feb 2025 14:56:02 +0000
ROA not before: Tue 25 Feb 2025 14:56:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34444
IP address blocks: 84.22.64.0/19 maxlen: 19
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.85.0/24 maxlen: 24
195.234.248.0/22 maxlen: 22
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.240.0/21 maxlen: 24
213.180.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:9b:9a:c6:f5:76:83:52:71:f8:ad:11:60:b0:a6:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Feb 25 14:56:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d698c23f28eb0c11f673d015f5ddd4c151ec29bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9a:e1:84:d9:f0:ce:26:75:81:8f:a6:aa:89:
bb:d4:e6:13:c1:ea:27:5b:aa:c5:8f:5a:17:5c:ea:
72:d4:14:eb:ac:12:f9:b4:48:d9:d0:d3:82:3e:43:
b3:2a:a3:c4:7d:73:18:6d:20:45:ec:27:33:ca:3f:
a5:ba:97:4d:03:87:99:37:8b:75:91:c9:86:39:c9:
13:b5:b5:80:25:92:25:99:db:d3:bd:eb:40:19:9d:
79:7f:2a:70:f0:59:be:90:78:67:0d:e9:a5:a5:d9:
c6:4f:0d:2f:d9:18:35:d0:7a:ee:ad:d0:43:58:3a:
14:74:07:19:07:38:0d:da:b9:64:7e:c3:27:64:9e:
92:0d:ae:f4:a7:ef:ad:f2:c1:79:86:47:a4:3b:03:
a1:97:9c:6b:2b:e3:13:f2:1c:76:be:41:a0:b4:a0:
99:03:72:22:38:3f:af:36:bc:5b:da:ca:1f:01:57:
05:5e:08:f3:63:7a:8b:40:ec:83:9e:64:79:47:d8:
64:fb:4f:50:56:e3:dc:69:40:ce:c2:d3:a9:85:e2:
6e:7f:35:06:28:1f:68:08:a0:04:8a:1e:a1:f7:60:
33:73:ae:c4:f7:e8:28:a9:3c:52:3e:15:e6:12:36:
d0:c2:ef:02:9a:d7:c6:c7:fd:88:31:af:64:60:c4:
94:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:98:C2:3F:28:EB:0C:11:F6:73:D0:15:F5:DD:D4:C1:51:EC:29:BB
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/1pjCPyjrDBH2c9AV9d3UwVHsKbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
195.234.248.0/22
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.240.0/21
Signature Algorithm: sha256WithRSAEncryption
84:8f:d7:9a:33:13:d9:d8:64:38:2f:fc:71:9e:fc:76:8a:f8:
d6:39:6c:81:26:2e:1a:ae:90:fb:aa:1a:9d:83:83:10:55:86:
47:40:b9:b5:4d:6b:82:19:8b:68:45:2e:f8:b6:5c:b4:a4:57:
98:28:fb:61:83:c4:d1:81:d1:45:a9:05:de:ab:62:91:41:f4:
23:f4:32:8b:16:2e:d3:87:af:16:47:c5:fb:ea:c2:b7:a8:3a:
6a:95:c9:9b:76:a4:d6:50:fe:72:0d:f9:d0:7a:73:3a:61:aa:
6d:54:43:b7:75:22:7d:d8:57:5a:ab:81:4b:f5:81:9f:f7:08:
f4:b6:61:20:52:da:5f:0e:35:58:f8:7b:b8:06:4d:68:14:af:
43:79:20:6e:ac:2e:85:db:63:26:9c:a7:bf:53:03:e3:9c:6e:
f5:16:63:1f:cb:11:e5:bc:f3:2e:14:f5:eb:cc:f3:d5:43:69:
80:84:69:af:e2:b5:4d:de:5f:21:d9:35:04:19:25:31:e8:b5:
68:56:92:e4:69:ac:d4:a7:15:01:d9:26:cc:82:11:c1:12:8b:
0d:c7:71:2e:5e:d8:39:50:9a:77:bf:60:ba:d9:22:e8:f4:bd:
6a:9b:e2:d5:12:0a:5f:0c:53:15:85:05:08:6d:97:c2:62:7a:
f8:f4:70:54
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZU9m5rG9XaDUnH4rRFgsKZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwMjI1MTQ1NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk4YzIzZjI4ZWIwYzExZjY3M2QwMTVmNWRkZDRjMTUxZWMyOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJrhhNnwziZ1gY+mqom71OYTweon
W6rFj1oXXOpy1BTrrBL5tEjZ0NOCPkOzKqPEfXMYbSBF7Cczyj+lupdNA4eZN4t1
kcmGOckTtbWAJZIlmdvTvetAGZ15fypw8Fm+kHhnDemlpdnGTw0v2Rg10HrurdBD
WDoUdAcZBzgN2rlkfsMnZJ6SDa70p++t8sF5hkekOwOhl5xrK+MT8hx2vkGgtKCZ
A3IiOD+vNrxb2sofAVcFXgjzY3qLQOyDnmR5R9hk+09QVuPcaUDOwtOpheJufzUG
KB9oCKAEih6h92Azc67E9+goqTxSPhXmEjbQwu8CmtfGx/2IMa9kYMSUIwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNaYwj8o6wwR9nPQFfXd1MFR7Cm7MB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvMXBqQ1B5anJEQkgyYzlBVjlkM1V3VkhzS2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQFVBZAAwQC
w+r4MAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW05gMEA9W08DANBgkqhkiG9w0B
AQsFAAOCAQEAhI/XmjMT2dhkOC/8cZ78dor41jlsgSYuGq6Q+6oanYODEFWGR0C5
tU1rghmLaEUu+LZctKRXmCj7YYPE0YHRRakF3qtikUH0I/QyixYu04evFkfF++rC
t6g6apXJm3ak1lD+cg350HpzOmGqbVRDt3UifdhXWquBS/WBn/cI9LZhIFLaXw41
WPh7uAZNaBSvQ3kgbqwuhdtjJpynv1MD45xu9RZjH8sR5bzzLhT168zz1UNpgIRp
r+K1Td5fIdk1BBklMei1aFaS5Gms1KcVAdkmzIIRwRKLDcdxLl7YOVCad79gutki
6PS9apvi1RIKXwxTFYUFCG2XwmJ6+PRwVA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:17 2025 by rpki-client on console.sobornost.net