Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/qM3ZAvps-gKGvN30T9QvpmI8sJE.roa
File: qM3ZAvps-gKGvN30T9QvpmI8sJE.roa (raw, json)
Hash identifier: xtyLgmvHq7ABuRoQiqspwHHgcXHUL2RCU/HQCa1ypNE=
Subject key identifier: A8:CD:D9:02:FA:6C:FA:02:86:BC:DD:F4:4F:D4:2F:A6:62:3C:B0:91
Certificate issuer: /CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Certificate serial: 0194244484EB03A452F1091BC2CB7CC27180
Authority key identifier: FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/qM3ZAvps-gKGvN30T9QvpmI8sJE.roa
Signing time: Wed 01 Jan 2025 23:47:37 +0000
ROA not before: Wed 01 Jan 2025 23:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15552
IP address blocks: 5.56.136.0/21 maxlen: 21
5.57.216.0/21 maxlen: 21
5.101.224.0/19 maxlen: 19
37.114.0.0/21 maxlen: 21
85.232.96.0/19 maxlen: 19
91.204.22.0/24 maxlen: 24
91.204.23.0/24 maxlen: 24
145.255.32.0/20 maxlen: 20
185.6.116.0/22 maxlen: 22
185.6.216.0/22 maxlen: 22
212.232.0.0/20 maxlen: 20
2a04:d2c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:84:eb:03:a4:52:f1:09:1b:c2:cb:7c:c2:71:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Validity
Not Before: Jan 1 23:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8cdd902fa6cfa0286bcddf44fd42fa6623cb091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:04:9b:2f:2d:50:55:7c:6e:f0:19:79:45:b9:
6f:d1:f8:4c:68:7a:5f:03:fe:6f:4a:ad:44:4a:6b:
41:21:18:8f:11:5f:43:06:96:cd:1c:74:05:cc:0a:
c2:c1:b6:3c:1a:18:02:79:2e:8f:1d:d0:27:50:70:
76:84:3b:eb:b1:e2:aa:45:48:cf:9e:79:1a:6a:77:
c1:67:36:ef:da:fd:fe:85:b4:1e:da:eb:ec:ac:8a:
d1:10:2b:9b:de:d1:bc:e2:a5:33:f1:61:7a:e4:d0:
64:d7:a8:66:b0:e0:8a:44:2a:a9:11:a5:5b:11:8f:
bd:5e:c4:d7:38:82:fa:da:33:63:b2:80:ae:7b:d6:
45:44:6a:72:dc:ba:80:5e:c0:a9:f4:0a:09:ee:bb:
eb:d8:dc:09:e7:63:7e:c6:f0:a8:65:9b:07:11:fd:
d4:b8:e1:18:c5:71:1c:ea:ba:d0:2a:b2:cd:41:d2:
54:56:2a:82:eb:1e:c1:b7:33:e1:42:1d:8d:cd:dc:
c0:5a:d5:d9:a9:df:26:01:dd:d3:3f:df:ef:58:b7:
e9:dc:31:61:70:56:c3:b8:57:4f:52:a6:80:a6:42:
c0:16:9a:61:08:48:dc:b7:4d:7b:88:f7:bf:47:45:
fd:c5:d9:21:67:b9:78:4a:54:7d:91:31:ec:d6:37:
0f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CD:D9:02:FA:6C:FA:02:86:BC:DD:F4:4F:D4:2F:A6:62:3C:B0:91
X509v3 Authority Key Identifier:
keyid:FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/qM3ZAvps-gKGvN30T9QvpmI8sJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.136.0/21
5.57.216.0/21
5.101.224.0/19
37.114.0.0/21
85.232.96.0/19
91.204.22.0/23
145.255.32.0/20
185.6.116.0/22
185.6.216.0/22
212.232.0.0/20
IPv6:
2a04:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
72:59:31:2f:d5:a2:b2:fd:9c:fe:df:0b:e6:4e:a4:d2:f2:45:
c9:27:4d:51:ae:f6:dc:c4:c5:72:45:d1:b6:ac:80:f2:65:ea:
bb:ff:ce:e4:3a:6b:1d:ec:0e:a3:11:6c:b9:83:f1:18:76:7f:
35:d0:76:e8:5c:a1:bc:21:09:0a:3f:5d:c2:de:b1:96:fa:6c:
b7:ab:e2:2a:81:a3:98:88:dc:c7:22:81:3e:7a:fc:c2:5c:92:
08:3d:c8:53:2a:fb:c1:f8:d3:eb:25:7f:36:be:35:af:81:aa:
8c:d7:f5:21:5a:e9:d2:f1:72:9d:d3:a2:e4:af:09:fd:39:4a:
91:db:16:2f:44:06:cf:74:94:02:de:f3:af:ad:4d:04:7b:86:
ed:b0:57:24:2c:9b:79:33:dd:08:ba:3f:9a:68:64:96:96:1a:
e6:8f:7d:1d:a8:57:b9:41:1f:ce:39:2f:60:30:74:8c:d3:f6:
fb:ca:7d:19:17:da:1d:19:0b:e5:4d:de:fe:aa:17:3a:9e:d8:
a0:6a:09:8c:24:69:d2:0a:68:9a:9a:ed:4f:32:47:ed:af:f4:
47:5a:03:b4:15:f1:b7:bf:e4:db:6d:7f:0b:75:db:62:16:63:
9c:37:fc:e2:ca:1a:68:d3:3f:e2:06:1c:f4:e2:7b:e0:70:9e:
22:61:8b:eb
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQkRITrA6RS8Qkbwst8wnGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjllNzBhZjJmN2UxOGNiYzE5Zjk3Y2NhOGZkNmMwNTA5
OTc0MWQwHhcNMjUwMTAxMjM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNkZDkwMmZhNmNmYTAyODZiY2RkZjQ0ZmQ0MmZhNjYyM2NiMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxASbLy1QVXxu8Bl5Rblv0fhMaHpf
A/5vSq1ESmtBIRiPEV9DBpbNHHQFzArCwbY8GhgCeS6PHdAnUHB2hDvrseKqRUjP
nnkaanfBZzbv2v3+hbQe2uvsrIrRECub3tG84qUz8WF65NBk16hmsOCKRCqpEaVb
EY+9XsTXOIL62jNjsoCue9ZFRGpy3LqAXsCp9AoJ7rvr2NwJ52N+xvCoZZsHEf3U
uOEYxXEc6rrQKrLNQdJUViqC6x7BtzPhQh2NzdzAWtXZqd8mAd3TP9/vWLfp3DFh
cFbDuFdPUqaApkLAFpphCEjct017iPe/R0X9xdkhZ7l4SlR9kTHs1jcPvwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKjN2QL6bPoChrzd9E/UL6ZiPLCRMB8GA1UdIwQY
MBaAFP8p5wry9+GMvBn5fMqP1sBQmXQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2Et
Y2YyMGU1YjY3ZmM4LzEvcU0zWkF2cHMtZ0tHdk4zMFQ5UXZwbUk4c0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2EtY2YyMGU1YjY3ZmM4
LzEvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBTiIAwQD
BTnYAwQFBWXgAwQDJXIAAwQFVehgAwQBW8wWAwQEkf8gAwQCuQZ0AwQCuQbYAwQE
1OgAMA0EAgACMAcDBQMqBNLAMA0GCSqGSIb3DQEBCwUAA4IBAQByWTEv1aKy/Zz+
3wvmTqTS8kXJJ01RrvbcxMVyRdG2rIDyZeq7/87kOmsd7A6jEWy5g/EYdn810Hbo
XKG8IQkKP13C3rGW+my3q+IqgaOYiNzHIoE+evzCXJIIPchTKvvB+NPrJX82vjWv
gaqM1/UhWunS8XKd06Lkrwn9OUqR2xYvRAbPdJQC3vOvrU0Ee4btsFckLJt5M90I
uj+aaGSWlhrmj30dqFe5QR/OOS9gMHSM0/b7yn0ZF9odGQvlTd7+qhc6ntigagmM
JGnSCmiamu1PMkftr/RHWgO0FfG3v+TbbX8LddtiFmOcN/ziyhpo0z/iBhz04nvg
cJ4iYYvr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:19 2025 by rpki-client on console.sobornost.net