Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/t4qANnEhvVWnrRLkZS7CKoTPpCQ.roa
File: t4qANnEhvVWnrRLkZS7CKoTPpCQ.roa (raw, json)
Hash identifier: dm6ZxXeDx09W/sn7TAuJSwJg3JzyL+0jwWDxaTnORrU=
Subject key identifier: B7:8A:80:36:71:21:BD:55:A7:AD:12:E4:65:2E:C2:2A:84:CF:A4:24
Certificate issuer: /CN=bbc264b5a6494f890fa314f61fd7d27587e35830
Certificate serial: 0194CB3FD7F08CB73039559658F2031C6ACB
Authority key identifier: BB:C2:64:B5:A6:49:4F:89:0F:A3:14:F6:1F:D7:D2:75:87:E3:58:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8JktaZJT4kPoxT2H9fSdYfjWDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/t4qANnEhvVWnrRLkZS7CKoTPpCQ.roa
Signing time: Mon 03 Feb 2025 09:59:06 +0000
ROA not before: Mon 03 Feb 2025 09:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200026
IP address blocks: 145.14.248.0/21 maxlen: 24
145.14.255.0/24 maxlen: 24
153.92.112.0/21 maxlen: 21
185.40.52.0/22 maxlen: 22
2a00:f120::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:3f:d7:f0:8c:b7:30:39:55:96:58:f2:03:1c:6a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbc264b5a6494f890fa314f61fd7d27587e35830
Validity
Not Before: Feb 3 09:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b78a80367121bd55a7ad12e4652ec22a84cfa424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:a4:81:67:8e:ef:be:ed:7b:da:ec:23:7d:
bd:cb:e4:e7:fa:6d:ef:9e:84:3e:8a:79:a3:2f:54:
d7:a2:53:56:ae:9b:7b:2d:63:7a:a5:22:f8:cc:fd:
3d:21:a1:79:c0:50:53:c1:64:ec:0f:57:6e:30:bc:
58:7c:f8:c3:cc:25:39:c6:71:82:4e:f6:f0:51:c6:
23:77:eb:58:3c:e7:f6:2e:1b:44:a1:3b:71:9d:9a:
38:2a:b7:38:77:d4:19:f7:16:17:d3:1c:b9:7a:32:
fd:76:ff:e2:78:96:50:05:8c:ef:59:2e:e4:b2:25:
ce:9d:f0:47:e7:24:15:65:6e:93:f8:e0:3a:40:fe:
b9:c1:af:9e:6c:d7:68:96:8c:d5:bd:1a:09:c1:c9:
5d:76:95:b0:12:8e:d2:48:b4:1f:1a:07:68:41:cb:
57:84:92:f7:d5:82:63:2a:94:83:ab:3d:b3:17:38:
38:32:6d:4c:ee:e4:15:d2:8e:ca:03:08:d5:44:3d:
d6:ab:54:e5:e6:83:b2:1f:0e:83:eb:ac:33:b7:9f:
76:d4:fc:34:7d:8c:5c:cb:6d:de:12:87:a0:f1:41:
ef:57:72:f6:f9:4d:fb:81:51:a9:ba:91:29:36:cf:
a4:ad:52:03:57:f3:6b:73:61:0f:4f:df:7a:77:7c:
e6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8A:80:36:71:21:BD:55:A7:AD:12:E4:65:2E:C2:2A:84:CF:A4:24
X509v3 Authority Key Identifier:
keyid:BB:C2:64:B5:A6:49:4F:89:0F:A3:14:F6:1F:D7:D2:75:87:E3:58:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8JktaZJT4kPoxT2H9fSdYfjWDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/t4qANnEhvVWnrRLkZS7CKoTPpCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/u8JktaZJT4kPoxT2H9fSdYfjWDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.248.0/21
153.92.112.0/21
185.40.52.0/22
IPv6:
2a00:f120::/32
Signature Algorithm: sha256WithRSAEncryption
7c:ed:dd:50:ba:65:5a:6f:43:21:bc:26:12:47:ae:ca:27:e8:
81:4d:b5:e8:49:b6:f3:d6:48:d7:7a:8d:e0:7a:00:07:56:be:
55:b5:5c:27:48:07:f4:21:2e:53:62:ee:ec:03:0c:7d:ce:7a:
38:b4:63:93:35:aa:e3:38:ee:fe:5d:6f:c4:16:bf:b4:9a:8a:
0b:b4:f6:da:df:8b:23:52:f7:87:67:1d:06:e6:47:06:fa:3d:
da:d5:06:76:a7:73:d6:a9:e3:84:28:28:26:15:2c:8d:ca:85:
83:d1:ae:65:61:6c:8b:3a:da:75:ff:7a:c2:1a:a1:3b:b8:ba:
33:e7:21:91:f0:9c:e3:a6:70:0a:bd:e1:e8:84:9f:d0:2e:2d:
48:50:ba:60:46:bf:c4:f3:e1:40:12:cc:b7:c2:b4:56:9d:4d:
b6:e2:cd:44:dc:2c:8a:ea:89:3e:81:45:57:3d:46:ec:a3:30:
ae:dd:0b:19:e0:b0:9a:32:ce:5b:c2:14:c7:63:6e:05:9f:e8:
4f:22:77:f5:3e:4a:b0:d3:c0:89:66:e0:60:48:b4:2a:03:8d:
fb:3f:96:2e:d3:02:c8:d5:f8:18:9e:e2:2f:ab:4e:09:59:01:
f3:76:f3:2c:57:00:a3:fb:94:7d:6c:7e:3a:13:a1:e2:64:6c:
b5:e3:86:10
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZTLP9fwjLcwOVWWWPIDHGrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYzI2NGI1YTY0OTRmODkwZmEzMTRmNjFmZDdkMjc1ODdl
MzU4MzAwHhcNMjUwMjAzMDk1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhhODAzNjcxMjFiZDU1YTdhZDEyZTQ2NTJlYzIyYTg0Y2ZhNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDakgWeO777te9rsI329y+Tn+m3v
noQ+inmjL1TXolNWrpt7LWN6pSL4zP09IaF5wFBTwWTsD1duMLxYfPjDzCU5xnGC
TvbwUcYjd+tYPOf2LhtEoTtxnZo4Krc4d9QZ9xYX0xy5ejL9dv/ieJZQBYzvWS7k
siXOnfBH5yQVZW6T+OA6QP65wa+ebNdolozVvRoJwclddpWwEo7SSLQfGgdoQctX
hJL31YJjKpSDqz2zFzg4Mm1M7uQV0o7KAwjVRD3Wq1Tl5oOyHw6D66wzt5921Pw0
fYxcy23eEoeg8UHvV3L2+U37gVGpupEpNs+krVIDV/Nrc2EPT996d3zmbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLeKgDZxIb1Vp60S5GUuwiqEz6QkMB8GA1UdIwQY
MBaAFLvCZLWmSU+JD6MU9h/X0nWH41gwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThKa3RhWkpUNGtQb3hUMkg5ZlNkWWZqV0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9lYTRlNjQtNmQ3MC00YmZkLTkwOWQt
ZjA1NDZjZmFiMDYxLzEvdDRxQU5uRWh2VlduclJMa1pTN0NLb1RQcENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9lYTRlNjQtNmQ3MC00YmZkLTkwOWQtZjA1NDZjZmFiMDYx
LzEvdThKa3RhWkpUNGtQb3hUMkg5ZlNkWWZqV0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDkQ74AwQD
mVxwAwQCuSg0MA0EAgACMAcDBQAqAPEgMA0GCSqGSIb3DQEBCwUAA4IBAQB87d1Q
umVab0MhvCYSR67KJ+iBTbXoSbbz1kjXeo3gegAHVr5VtVwnSAf0IS5TYu7sAwx9
zno4tGOTNarjOO7+XW/EFr+0mooLtPba34sjUveHZx0G5kcG+j3a1QZ2p3PWqeOE
KCgmFSyNyoWD0a5lYWyLOtp1/3rCGqE7uLoz5yGR8JzjpnAKveHohJ/QLi1IULpg
Rr/E8+FAEsy3wrRWnU224s1E3CyK6ok+gUVXPUbsozCu3QsZ4LCaMs5bwhTHY24F
n+hPInf1Pkqw08CJZuBgSLQqA437P5Yu0wLI1fgYnuIvq04JWQHzdvMsVwCj+5R9
bH46E6HiZGy144YQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net