Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/1tY0n_P9pCmxuMHMwVN4kuuE9Yw.roa
File: 1tY0n_P9pCmxuMHMwVN4kuuE9Yw.roa (raw, json)
Hash identifier: OMoFTls8LA8ewzB3QD+33fEfQjFe6IrAty5YO50hD+U=
Subject key identifier: D6:D6:34:9F:F3:FD:A4:29:B1:B8:C1:CC:C1:53:78:92:EB:84:F5:8C
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 019508E779BF0B381B038ADE6987BE030125
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/1tY0n_P9pCmxuMHMwVN4kuuE9Yw.roa
Signing time: Sat 15 Feb 2025 09:19:02 +0000
ROA not before: Sat 15 Feb 2025 09:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215853
IP address blocks: 82.146.23.0/24 maxlen: 24
84.238.223.0/24 maxlen: 24
185.32.148.0/24 maxlen: 24
185.32.149.0/24 maxlen: 24
185.32.150.0/24 maxlen: 24
185.32.151.0/24 maxlen: 24
185.240.180.0/24 maxlen: 24
185.240.181.0/24 maxlen: 24
185.240.182.0/24 maxlen: 24
185.240.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:08:e7:79:bf:0b:38:1b:03:8a:de:69:87:be:03:01:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Feb 15 09:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6d6349ff3fda429b1b8c1ccc1537892eb84f58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f0:3c:a0:f9:2d:de:91:d2:f3:61:b7:2b:d7:
eb:1e:2f:5d:46:8a:ff:07:bd:12:44:14:20:2f:4a:
2a:80:89:ef:5b:6c:4b:b5:e0:6d:75:83:e2:66:2f:
15:b8:9d:70:db:b0:34:d7:1d:90:de:cd:b3:e6:9c:
ed:3c:39:7d:a9:8a:5f:ad:ac:83:66:40:ed:11:82:
92:33:8f:16:f4:84:a3:21:14:cf:c7:c2:d2:eb:0d:
78:07:07:3e:59:68:0d:88:43:11:2c:28:10:99:d2:
96:cb:39:fd:d4:4e:78:f6:c9:d4:ae:b7:24:05:fb:
13:0f:15:58:f2:a0:f4:66:d0:e5:9d:d5:82:1d:7d:
ac:18:39:32:20:2b:4a:26:a5:c1:6e:6d:c4:b7:ec:
d2:93:3e:5e:77:70:9a:f7:42:3a:c2:b0:a2:a9:2d:
24:99:31:67:bb:38:9a:29:2b:96:a9:af:fd:37:90:
84:d8:53:23:1a:ca:f7:70:74:fe:c3:5d:99:15:36:
07:7d:33:34:6d:7c:10:61:65:a2:90:b8:b2:32:61:
33:8a:a2:26:25:e8:d8:0f:a5:72:c7:04:a6:8c:f6:
2a:a4:59:8e:cd:db:56:d8:9b:ea:da:10:61:8f:fe:
d6:e8:23:f6:f8:4a:68:8a:c0:69:7a:61:0f:4e:17:
52:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D6:34:9F:F3:FD:A4:29:B1:B8:C1:CC:C1:53:78:92:EB:84:F5:8C
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/1tY0n_P9pCmxuMHMwVN4kuuE9Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.23.0/24
84.238.223.0/24
185.32.148.0/22
185.240.180.0/22
Signature Algorithm: sha256WithRSAEncryption
29:3c:a0:06:05:5c:82:7f:40:b6:97:71:f5:5a:e8:4e:80:c7:
06:56:0f:6e:d6:6c:32:78:81:92:7a:88:cd:48:84:48:bf:84:
53:ef:be:bc:ce:73:0b:a4:96:78:26:2f:23:a0:41:c7:f9:d7:
54:3c:b7:6a:a9:44:44:e9:da:12:0e:ef:e0:93:ea:68:3f:00:
b2:cf:d2:ea:8f:c2:be:b9:f6:e5:a3:2c:67:55:90:da:53:d4:
0b:97:4f:f9:33:94:07:96:18:33:bc:2f:01:83:38:84:66:93:
9b:87:d8:38:b1:41:8e:33:86:17:e4:f8:cc:7d:9e:2c:a1:78:
10:87:2c:c1:d0:ca:0f:4b:ae:44:c2:2f:25:91:14:38:02:5f:
39:06:09:3b:d8:58:89:73:b1:ff:7e:c4:02:1c:13:2c:fc:11:
09:3a:a7:7d:10:20:58:48:02:b1:21:f1:9b:a5:73:36:7d:a9:
07:25:3e:f7:07:66:1b:88:70:ea:cd:20:ef:69:c1:ca:ed:5c:
54:6e:54:e4:0c:ae:3c:2e:f6:12:e2:7b:73:f5:64:fe:cc:80:
3e:f1:23:39:df:d0:0d:5e:c1:c5:38:bd:26:4d:70:38:11:52:
cb:4a:fc:77:d9:1c:92:7d:db:fc:5f:12:76:dd:84:73:9e:75:
97:1d:17:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUI53m/CzgbA4reaYe+AwElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZGMzY2IxZTA3ZDcxNGI3MjVmNTFhNjZkMWRjZmQ4N2Fl
MWM1MWEwHhcNMjUwMjE1MDkxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ2MzQ5ZmYzZmRhNDI5YjFiOGMxY2NjMTUzNzg5MmViODRmNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fA8oPkt3pHS82G3K9frHi9dRor/
B70SRBQgL0oqgInvW2xLteBtdYPiZi8VuJ1w27A01x2Q3s2z5pztPDl9qYpfrayD
ZkDtEYKSM48W9ISjIRTPx8LS6w14Bwc+WWgNiEMRLCgQmdKWyzn91E549snUrrck
BfsTDxVY8qD0ZtDlndWCHX2sGDkyICtKJqXBbm3Et+zSkz5ed3Ca90I6wrCiqS0k
mTFnuziaKSuWqa/9N5CE2FMjGsr3cHT+w12ZFTYHfTM0bXwQYWWikLiyMmEziqIm
JejYD6VyxwSmjPYqpFmOzdtW2Jvq2hBhj/7W6CP2+EpoisBpemEPThdStwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNbWNJ/z/aQpsbjBzMFTeJLrhPWMMB8GA1UdIwQY
MBaAFBXcPLHgfXFLcl9Rpm0dz9h64cUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQt
ZmUyY2I0MzFjZjJmLzEvMXRZMG5fUDlwQ214dU1ITXdWTjRrdXVFOVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQtZmUyY2I0MzFjZjJm
LzEvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpIXAwQA
VO7fAwQCuSCUAwQCufC0MA0GCSqGSIb3DQEBCwUAA4IBAQApPKAGBVyCf0C2l3H1
WuhOgMcGVg9u1mwyeIGSeojNSIRIv4RT7768znMLpJZ4Ji8joEHH+ddUPLdqqURE
6doSDu/gk+poPwCyz9Lqj8K+ufbloyxnVZDaU9QLl0/5M5QHlhgzvC8BgziEZpOb
h9g4sUGOM4YX5PjMfZ4soXgQhyzB0MoPS65Ewi8lkRQ4Al85Bgk72FiJc7H/fsQC
HBMs/BEJOqd9ECBYSAKxIfGbpXM2fakHJT73B2YbiHDqzSDvacHK7VxUblTkDK48
LvYS4ntz9WT+zIA+8SM539ANXsHFOL0mTXA4EVLLSvx32RySfdv8XxJ23YRznnWX
HReK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net