Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/WD7CCMj1boEtISgVQIZGdGTenUQ.roa
File: WD7CCMj1boEtISgVQIZGdGTenUQ.roa (raw, json)
Hash identifier: 4IOANIE3kXmhVP0/F3MzPDZJAgrgCHcPBEmcnYUkUzc=
Subject key identifier: 58:3E:C2:08:C8:F5:6E:81:2D:21:28:15:40:86:46:74:64:DE:9D:44
Certificate issuer: /CN=808c3a6c5cbff0739e438d05744405b16197b15b
Certificate serial: 0195131C64FC480F53DAC61DB78E76360AF1
Authority key identifier: 80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/WD7CCMj1boEtISgVQIZGdGTenUQ.roa
Signing time: Mon 17 Feb 2025 08:53:02 +0000
ROA not before: Mon 17 Feb 2025 08:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41435
IP address blocks: 79.110.128.0/20 maxlen: 20
79.110.128.0/22 maxlen: 22
79.110.128.0/23 maxlen: 23
79.110.130.0/23 maxlen: 23
79.110.132.0/22 maxlen: 22
79.110.132.0/23 maxlen: 23
79.110.134.0/23 maxlen: 23
91.193.32.0/22 maxlen: 22
91.193.32.0/23 maxlen: 23
91.193.34.0/23 maxlen: 23
176.104.0.0/18 maxlen: 18
176.104.0.0/19 maxlen: 19
176.104.32.0/19 maxlen: 19
194.9.36.0/23 maxlen: 23
194.9.36.0/24 maxlen: 24
194.9.37.0/24 maxlen: 24
213.109.80.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:1c:64:fc:48:0f:53:da:c6:1d:b7:8e:76:36:0a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808c3a6c5cbff0739e438d05744405b16197b15b
Validity
Not Before: Feb 17 08:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=583ec208c8f56e812d2128154086467464de9d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:74:f8:be:fc:c8:a3:e6:95:45:9a:23:7a:75:
98:29:4b:bf:b3:2c:86:11:72:eb:3c:72:33:21:47:
33:da:57:4e:48:66:9e:11:e0:9d:81:0c:5d:fd:c9:
5d:43:03:25:58:dd:41:8b:12:64:e8:0e:96:3a:0d:
e6:71:8e:0b:96:66:7b:6d:fd:08:3b:9b:2f:80:cc:
93:87:70:82:8f:0b:eb:1a:74:db:ff:f0:9c:ba:48:
cc:7c:09:35:e7:0e:e4:ed:42:1f:1c:d2:05:2e:9e:
6e:e7:e8:d9:20:19:ee:92:09:25:35:84:b7:e5:e7:
2e:55:d6:d8:6d:16:08:f7:a9:41:1d:14:e2:ee:3b:
fd:17:79:3a:b6:06:e4:b2:d8:50:f2:7f:6f:97:5f:
18:b0:18:2c:d8:6f:84:a5:a4:64:85:27:ec:3e:76:
02:5b:7f:8c:6e:f6:d4:9d:e6:12:77:2e:07:ec:87:
5e:cc:f2:85:3e:cc:8f:65:1e:94:7a:4d:2a:bb:42:
52:0d:f6:98:7b:9f:31:d5:be:64:22:52:75:76:bf:
20:d7:75:49:b6:48:49:c3:2d:d3:ea:82:cd:8b:43:
97:ea:e6:39:b8:9b:82:22:09:8f:d4:48:1a:1f:95:
40:4b:8a:cd:2c:fd:ea:bd:fb:c9:2e:b0:7e:25:a9:
5c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3E:C2:08:C8:F5:6E:81:2D:21:28:15:40:86:46:74:64:DE:9D:44
X509v3 Authority Key Identifier:
keyid:80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/WD7CCMj1boEtISgVQIZGdGTenUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.128.0/20
91.193.32.0/22
176.104.0.0/18
194.9.36.0/23
213.109.80.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:ec:6e:de:89:b6:52:80:1c:4d:b6:1b:a8:db:83:01:a6:cc:
9e:31:f1:c9:b7:8b:b2:7f:b5:7c:61:a9:a3:6e:46:c9:39:f7:
2c:45:27:4b:02:46:a0:2e:2a:6f:ee:68:9e:42:11:b3:f3:ce:
2a:9f:0d:f5:42:c0:64:d8:dd:61:62:0a:d7:2c:de:9c:ec:7c:
61:3b:dd:34:03:60:b0:7f:02:9d:32:34:30:5a:29:01:b2:99:
21:4f:8f:d7:f5:a3:c1:8e:83:d1:18:1a:c3:6f:3f:fd:5b:8e:
a0:92:c7:e3:97:0d:71:f7:c5:c5:0a:fa:77:8b:04:b0:6d:03:
99:0c:48:75:83:3e:1c:2f:fa:83:34:68:70:8d:28:9d:89:7d:
71:4c:be:84:68:bd:9b:c9:89:77:c2:6b:82:2d:e7:5d:35:f5:
8b:df:a8:31:82:fe:f2:ba:2a:a2:0d:ab:6c:aa:f3:c4:1f:f3:
cd:ff:68:84:d8:b0:ca:43:bd:ed:55:de:cf:29:f5:4b:0f:13:
1c:b5:9d:d7:c5:fc:29:27:e1:89:55:b3:3d:d3:92:bd:03:f5:
c7:61:cd:41:4e:ad:2d:b6:09:0f:60:d0:fa:b2:cb:78:92:c5:
7e:fd:d8:84:70:5a:18:27:87:d6:6c:38:a5:5e:2f:83:92:e2:
bf:9c:8a:c1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZUTHGT8SA9T2sYdt452NgrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGMzYTZjNWNiZmYwNzM5ZTQzOGQwNTc0NDQwNWIxNjE5
N2IxNWIwHhcNMjUwMjE3MDg1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODNlYzIwOGM4ZjU2ZTgxMmQyMTI4MTU0MDg2NDY3NDY0ZGU5ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHT4vvzIo+aVRZojenWYKUu/syyG
EXLrPHIzIUcz2ldOSGaeEeCdgQxd/cldQwMlWN1BixJk6A6WOg3mcY4LlmZ7bf0I
O5svgMyTh3CCjwvrGnTb//CcukjMfAk15w7k7UIfHNIFLp5u5+jZIBnukgklNYS3
5ecuVdbYbRYI96lBHRTi7jv9F3k6tgbksthQ8n9vl18YsBgs2G+EpaRkhSfsPnYC
W3+MbvbUneYSdy4H7IdezPKFPsyPZR6Uek0qu0JSDfaYe58x1b5kIlJ1dr8g13VJ
tkhJwy3T6oLNi0OX6uY5uJuCIgmP1EgaH5VAS4rNLP3qvfvJLrB+JalcIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFg+wgjI9W6BLSEoFUCGRnRk3p1EMB8GA1UdIwQY
MBaAFICMOmxcv/BznkONBXREBbFhl7FbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUt
NjE4MTljNDgwY2JlLzEvV0Q3Q0NNajFib0V0SVNnVlFJWkdkR1RlblVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUtNjE4MTljNDgwY2Jl
LzEvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQET26AAwQC
W8EgAwQGsGgAAwQBwgkkAwQE1W1QMA0GCSqGSIb3DQEBCwUAA4IBAQAa7G7eibZS
gBxNthuo24MBpsyeMfHJt4uyf7V8YamjbkbJOfcsRSdLAkagLipv7mieQhGz884q
nw31QsBk2N1hYgrXLN6c7HxhO900A2CwfwKdMjQwWikBspkhT4/X9aPBjoPRGBrD
bz/9W46gksfjlw1x98XFCvp3iwSwbQOZDEh1gz4cL/qDNGhwjSidiX1xTL6EaL2b
yYl3wmuCLeddNfWL36gxgv7yuiqiDatsqvPEH/PN/2iE2LDKQ73tVd7PKfVLDxMc
tZ3XxfwpJ+GJVbM905K9A/XHYc1BTq0ttgkPYND6sst4ksV+/diEcFoYJ4fWbDil
Xi+DkuK/nIrB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net