Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/te8WoSPpdBUUYvd1WKkLZbO72RM.roa
File: te8WoSPpdBUUYvd1WKkLZbO72RM.roa (raw, json)
Hash identifier: o04bmvCElYlWOOu299mgLz7Vc+VKn0vUSkUyiAJD0o0=
Subject key identifier: B5:EF:16:A1:23:E9:74:15:14:62:F7:75:58:A9:0B:65:B3:BB:D9:13
Certificate issuer: /CN=7a1bb036db40d799d861198a5243b3c03d56c20a
Certificate serial: 0195EAE28A0523C1E737C06D7EA1B96A9F83
Authority key identifier: 7A:1B:B0:36:DB:40:D7:99:D8:61:19:8A:52:43:B3:C0:3D:56:C2:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehuwNttA15nYYRmKUkOzwD1Wwgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/te8WoSPpdBUUYvd1WKkLZbO72RM.roa
Signing time: Mon 31 Mar 2025 06:27:49 +0000
ROA not before: Mon 31 Mar 2025 06:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39097
IP address blocks: 176.57.249.0/24 maxlen: 24
176.57.250.0/24 maxlen: 24
176.57.251.0/24 maxlen: 24
176.57.252.0/24 maxlen: 24
176.57.253.0/24 maxlen: 24
176.57.254.0/24 maxlen: 24
176.57.255.0/24 maxlen: 24
185.181.144.0/24 maxlen: 24
185.181.145.0/24 maxlen: 24
185.181.146.0/24 maxlen: 24
185.181.147.0/24 maxlen: 24
195.60.196.0/24 maxlen: 24
195.60.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:e2:8a:05:23:c1:e7:37:c0:6d:7e:a1:b9:6a:9f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a1bb036db40d799d861198a5243b3c03d56c20a
Validity
Not Before: Mar 31 06:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5ef16a123e974151462f77558a90b65b3bbd913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:67:ea:c5:64:98:9a:58:e5:b0:4e:25:b5:db:
9b:8d:28:8f:f2:a4:a5:32:34:a0:b9:4f:dc:a1:e0:
aa:4b:ca:8e:b6:a0:e7:b5:41:ea:ec:b8:7c:69:7a:
df:a2:ea:4d:8d:22:70:fd:4b:9a:a1:10:a5:05:4c:
87:61:18:c3:7c:1c:4c:6d:f4:99:fe:85:0b:91:b5:
da:57:80:8a:1a:92:f6:19:cc:1a:2c:0b:f5:d7:c3:
fa:72:a2:55:56:6b:86:88:de:11:2a:b2:4d:99:aa:
2e:36:71:69:7b:ac:69:3d:b6:d5:2d:a1:40:d1:2d:
c8:f1:c6:1a:cf:ff:31:f7:aa:4c:ad:70:3c:74:33:
18:4a:9d:d9:25:b9:ad:91:7e:0f:79:51:35:b1:df:
e1:f0:42:60:22:62:1e:9f:b6:5c:57:06:1f:67:7a:
49:1c:46:fc:9b:f9:b0:54:4b:36:ce:98:15:fe:ba:
08:d1:29:99:b3:14:36:df:46:16:4b:8c:68:c8:42:
2a:8b:3e:a2:03:eb:ca:c1:b8:82:29:d0:bf:b1:73:
c0:bc:5c:ec:95:21:0e:ba:a9:c3:8b:46:77:1e:b1:
9e:77:33:87:07:61:2a:d4:8f:7d:3c:c4:76:3d:6e:
04:ea:3d:5b:9a:06:a3:38:3b:f2:a7:c3:d5:ac:f7:
36:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EF:16:A1:23:E9:74:15:14:62:F7:75:58:A9:0B:65:B3:BB:D9:13
X509v3 Authority Key Identifier:
keyid:7A:1B:B0:36:DB:40:D7:99:D8:61:19:8A:52:43:B3:C0:3D:56:C2:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehuwNttA15nYYRmKUkOzwD1Wwgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/te8WoSPpdBUUYvd1WKkLZbO72RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6da5b3-24c7-4ee5-95dc-b08db3c36fbb/1/ehuwNttA15nYYRmKUkOzwD1Wwgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.249.0-176.57.255.255
185.181.144.0/22
195.60.196.0/23
Signature Algorithm: sha256WithRSAEncryption
86:15:94:88:c7:3e:87:46:34:6f:01:3a:c2:73:f6:b0:a6:41:
e2:8c:dd:96:9f:94:be:15:09:cb:71:5d:20:95:87:ff:f2:1a:
68:d5:57:4d:2f:9e:f1:35:7d:59:98:01:3b:02:39:19:35:2a:
b8:05:63:d5:a5:10:cd:76:7c:d0:31:ce:17:c8:ca:96:07:01:
8f:6b:73:b8:11:1d:16:25:cd:3c:2e:f3:b3:b8:53:61:f4:c1:
c0:59:c8:d4:1f:20:11:e4:04:2e:08:e4:57:c0:6d:af:e3:9e:
64:0c:eb:2b:e1:e8:5b:7f:cc:f5:19:38:82:70:30:9e:72:c2:
b8:53:11:44:67:e9:bf:f4:ef:57:7c:30:a1:15:a4:38:7e:ea:
98:73:78:7b:e9:ef:44:91:86:7c:c5:e5:41:be:89:46:f0:d0:
53:a8:3f:b8:db:67:27:c1:eb:7f:fc:bf:1f:2b:56:6c:9c:d6:
fd:3b:da:f3:cc:a9:87:cf:06:08:80:4a:16:91:4d:db:4c:a4:
b4:2d:1e:7f:bb:3b:af:1c:ed:98:f1:4a:b8:3e:93:0f:98:54:
f5:36:12:74:44:cf:81:74:c4:a2:e9:5c:f1:b0:32:e9:fb:e3:
8a:4a:70:ee:82:53:9b:6a:ce:5a:d9:90:80:5b:38:b2:6f:ac:
f0:80:e4:c9
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZXq4ooFI8HnN8BtfqG5ap+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMWJiMDM2ZGI0MGQ3OTlkODYxMTk4YTUyNDNiM2MwM2Q1
NmMyMGEwHhcNMjUwMzMxMDYyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWVmMTZhMTIzZTk3NDE1MTQ2MmY3NzU1OGE5MGI2NWIzYmJkOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2fqxWSYmljlsE4ltdubjSiP8qSl
MjSguU/coeCqS8qOtqDntUHq7Lh8aXrfoupNjSJw/UuaoRClBUyHYRjDfBxMbfSZ
/oULkbXaV4CKGpL2GcwaLAv118P6cqJVVmuGiN4RKrJNmaouNnFpe6xpPbbVLaFA
0S3I8cYaz/8x96pMrXA8dDMYSp3ZJbmtkX4PeVE1sd/h8EJgImIen7ZcVwYfZ3pJ
HEb8m/mwVEs2zpgV/roI0SmZsxQ230YWS4xoyEIqiz6iA+vKwbiCKdC/sXPAvFzs
lSEOuqnDi0Z3HrGedzOHB2Eq1I99PMR2PW4E6j1bmgajODvyp8PVrPc2zQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFLXvFqEj6XQVFGL3dVipC2Wzu9kTMB8GA1UdIwQY
MBaAFHobsDbbQNeZ2GEZilJDs8A9VsIKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWh1d050dEExNW5ZWVJtS1VrT3p3RDFXd2dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ZGE1YjMtMjRjNy00ZWU1LTk1ZGMt
YjA4ZGIzYzM2ZmJiLzEvdGU4V29TUHBkQlVVWXZkMVdLa0xaYk83MlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ZGE1YjMtMjRjNy00ZWU1LTk1ZGMtYjA4ZGIzYzM2ZmJi
LzEvZWh1d050dEExNW5ZWVJtS1VrT3p3RDFXd2dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDBACwOfkD
AwGwOAMEArm1kAMEAcM8xDANBgkqhkiG9w0BAQsFAAOCAQEAhhWUiMc+h0Y0bwE6
wnP2sKZB4ozdlp+UvhUJy3FdIJWH//IaaNVXTS+e8TV9WZgBOwI5GTUquAVj1aUQ
zXZ80DHOF8jKlgcBj2tzuBEdFiXNPC7zs7hTYfTBwFnI1B8gEeQELgjkV8Btr+Oe
ZAzrK+HoW3/M9Rk4gnAwnnLCuFMRRGfpv/TvV3wwoRWkOH7qmHN4e+nvRJGGfMXl
Qb6JRvDQU6g/uNtnJ8Hrf/y/HytWbJzW/Tva88yph88GCIBKFpFN20yktC0ef7s7
rxztmPFKuD6TD5hU9TYSdETPgXTEoulc8bAy6fvjikpw7oJTm2rOWtmQgFs4sm+s
8IDkyQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:18 2025 by rpki-client on console.sobornost.net