Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/tgxx8eKKt9THon5yuqezJ7Gyv60.roa
File: tgxx8eKKt9THon5yuqezJ7Gyv60.roa (raw, json)
Hash identifier: uNDSHqnE8JqGtw2yUrw4/9adIpOhVHGi34SjFmkEDYQ=
Subject key identifier: B6:0C:71:F1:E2:8A:B7:D4:C7:A2:7E:72:BA:A7:B3:27:B1:B2:BF:AD
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 019427B639C4475CE2E34C4B412083ADB95A
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/tgxx8eKKt9THon5yuqezJ7Gyv60.roa
Signing time: Thu 02 Jan 2025 15:50:41 +0000
ROA not before: Thu 02 Jan 2025 15:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25052
IP address blocks: 31.133.101.0/24 maxlen: 24
83.229.80.0/24 maxlen: 24
83.229.81.0/24 maxlen: 24
109.207.77.0/24 maxlen: 24
109.207.78.0/24 maxlen: 24
185.162.127.0/24 maxlen: 24
185.220.206.0/24 maxlen: 24
2a06:c5c0:400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:39:c4:47:5c:e2:e3:4c:4b:41:20:83:ad:b9:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Jan 2 15:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b60c71f1e28ab7d4c7a27e72baa7b327b1b2bfad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:79:3c:a5:54:e1:d2:94:12:31:61:06:25:73:
8c:e4:29:89:81:e7:22:d6:fe:74:e3:15:94:ec:4d:
0a:ac:f6:08:00:cc:c5:55:7a:90:7e:89:5b:ec:7f:
15:7a:c5:89:bd:ef:a7:3f:6d:d2:c4:3a:a0:58:e9:
b3:6d:f3:9c:d0:2b:3d:d6:af:14:81:b9:e6:ad:b1:
d5:e9:92:a2:8b:32:4d:de:b9:d7:e7:9c:7a:4f:4b:
86:85:49:66:42:d7:14:b5:01:7a:52:b9:92:f3:c8:
da:06:3d:dc:ad:51:96:c8:87:26:51:5f:66:c7:1a:
71:8c:47:0d:06:9b:3f:8f:ef:fb:11:da:b1:8f:79:
01:eb:b1:37:17:b6:66:40:0e:53:41:0d:cd:6e:82:
32:b2:61:10:f3:26:a1:fa:ae:03:51:9a:90:d2:69:
df:ad:c3:7c:6d:12:f5:3d:59:fd:7d:54:b5:a6:ea:
0a:db:a0:85:09:5e:38:a9:7e:05:7d:e7:7f:26:11:
a9:50:99:dc:29:5b:32:1a:9e:99:79:32:62:a1:25:
01:63:fb:da:d6:fd:fe:42:3e:9c:a7:5e:2f:f0:d8:
65:e3:0a:1f:6b:e7:74:51:79:d5:d5:f7:33:d9:71:
43:d0:54:ca:54:48:05:60:ca:d7:f6:5d:0d:3e:e0:
79:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0C:71:F1:E2:8A:B7:D4:C7:A2:7E:72:BA:A7:B3:27:B1:B2:BF:AD
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/tgxx8eKKt9THon5yuqezJ7Gyv60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.101.0/24
83.229.80.0/23
109.207.77.0-109.207.78.255
185.162.127.0/24
185.220.206.0/24
IPv6:
2a06:c5c0:400::/48
Signature Algorithm: sha256WithRSAEncryption
1c:6d:43:13:66:b7:1c:9e:e6:bc:8d:3f:5b:ae:ce:95:a6:25:
0f:a2:9c:34:2c:e1:aa:63:ac:e4:45:75:61:df:f1:f8:97:4b:
a6:78:d9:ba:3e:e6:06:58:e1:f7:b1:a6:bc:ee:22:6b:39:be:
c8:95:8f:7b:9b:57:af:8c:d6:24:58:92:a3:51:64:78:69:af:
f7:cb:3d:17:49:9b:0c:b8:98:bf:5d:ab:bd:55:cb:23:fb:36:
8b:a2:99:33:16:61:fd:15:1a:09:f9:f8:c5:47:f3:87:84:2e:
f3:ca:5b:92:5e:6a:6b:93:7d:f7:87:a9:a7:99:df:5e:7f:c4:
40:bc:2c:96:aa:a4:c7:99:8a:de:ae:3e:ad:87:6d:f0:f1:bc:
2e:ec:a4:4a:3e:a9:9b:f6:8b:9c:d4:f3:61:c5:21:73:9c:6d:
46:5d:dc:d4:a4:f5:15:d7:11:a8:d2:48:e1:1f:93:9b:4c:32:
55:57:33:54:55:8d:ea:33:b4:c6:a1:79:9e:a3:c8:1b:4a:98:
ca:e2:a6:35:16:82:7b:5b:41:1d:0c:d6:b4:fd:5b:10:22:89:
dc:37:1d:39:47:06:b6:b3:46:b9:9c:e7:4a:3a:6d:13:95:56:
29:54:a6:3b:d1:0f:95:67:53:34:e9:3a:ee:b2:4f:21:5e:6e:
5f:d7:69:e0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQntjnER1zi40xLQSCDrblaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjUwMTAyMTU1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBjNzFmMWUyOGFiN2Q0YzdhMjdlNzJiYWE3YjMyN2IxYjJiZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Hk8pVTh0pQSMWEGJXOM5CmJgeci
1v504xWU7E0KrPYIAMzFVXqQfolb7H8VesWJve+nP23SxDqgWOmzbfOc0Cs91q8U
gbnmrbHV6ZKiizJN3rnX55x6T0uGhUlmQtcUtQF6UrmS88jaBj3crVGWyIcmUV9m
xxpxjEcNBps/j+/7Edqxj3kB67E3F7ZmQA5TQQ3NboIysmEQ8yah+q4DUZqQ0mnf
rcN8bRL1PVn9fVS1puoK26CFCV44qX4Ffed/JhGpUJncKVsyGp6ZeTJioSUBY/va
1v3+Qj6cp14v8Nhl4wofa+d0UXnV1fcz2XFD0FTKVEgFYMrX9l0NPuB5fQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLYMcfHiirfUx6J+crqnsyexsr+tMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvdGd4eDhlS0t0OVRIb241eXVxZXpKN0d5djYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQAH4VlAwQB
U+VQMAwDBABtz00DBABtz04DBAC5on8DBAC53M4wDwQCAAIwCQMHACoGxcAEADAN
BgkqhkiG9w0BAQsFAAOCAQEAHG1DE2a3HJ7mvI0/W67OlaYlD6KcNCzhqmOs5EV1
Yd/x+JdLpnjZuj7mBljh97GmvO4iazm+yJWPe5tXr4zWJFiSo1FkeGmv98s9F0mb
DLiYv12rvVXLI/s2i6KZMxZh/RUaCfn4xUfzh4Qu88pbkl5qa5N994epp5nfXn/E
QLwslqqkx5mK3q4+rYdt8PG8LuykSj6pm/aLnNTzYcUhc5xtRl3c1KT1FdcRqNJI
4R+Tm0wyVVczVFWN6jO0xqF5nqPIG0qYyuKmNRaCe1tBHQzWtP1bECKJ3DcdOUcG
trNGuZznSjptE5VWKVSmO9EPlWdTNOk67rJPIV5uX9dp4A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net