Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/2N-7q5TUgtNJjxm0U-P63yRLHRY.roa
File: 2N-7q5TUgtNJjxm0U-P63yRLHRY.roa (raw, json)
Hash identifier: G9pkPwLHZYXpkwsIscu0rjXE3l/R0/mrWBJWr5iNXtU=
Subject key identifier: D8:DF:BB:AB:94:D4:82:D3:49:8F:19:B4:53:E3:FA:DF:24:4B:1D:16
Certificate issuer: /CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Certificate serial: 01941FFAB8EB4E324EDE88953CD7A295571A
Authority key identifier: 5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/2N-7q5TUgtNJjxm0U-P63yRLHRY.roa
Signing time: Wed 01 Jan 2025 03:48:32 +0000
ROA not before: Wed 01 Jan 2025 03:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31424
IP address blocks: 77.245.16.0/20 maxlen: 20
185.22.104.0/22 maxlen: 22
185.83.60.0/22 maxlen: 22
217.147.208.0/20 maxlen: 20
2001:4168::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b8:eb:4e:32:4e:de:88:95:3c:d7:a2:95:57:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Validity
Not Before: Jan 1 03:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8dfbbab94d482d3498f19b453e3fadf244b1d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dd:57:c3:d8:08:82:25:94:9d:85:35:d2:7b:
bc:0d:d4:df:6f:0c:1d:88:c1:61:f8:dd:cb:e6:22:
ae:91:6e:c8:2e:16:05:54:8d:41:45:bc:11:d7:72:
63:c4:79:f5:cf:8b:8a:14:77:1b:22:48:3c:ba:c3:
6f:b8:5f:db:6d:ad:bd:74:68:e4:7e:e3:cb:b1:a5:
4e:e6:9a:72:23:43:f2:fc:d3:af:8a:bd:ab:6c:10:
97:82:87:d4:d3:20:f8:85:c3:9a:cf:7e:9e:f3:04:
8b:e8:15:b8:d1:75:ab:03:87:eb:40:4e:f6:13:48:
e4:1a:81:df:6a:0f:38:b5:b9:d6:d2:e4:af:c2:e1:
7f:f5:c2:a3:8f:f1:bd:88:2c:84:dc:e6:c4:3b:0d:
aa:42:ee:5e:a7:7d:43:3c:0f:ac:50:a3:64:5b:6a:
8a:9c:3a:30:46:ce:05:46:b5:9d:a2:26:7f:77:be:
71:aa:d7:df:d1:42:bb:fa:9c:80:df:d0:2b:37:52:
5e:0d:0b:52:5b:e0:f6:98:dc:36:0a:fc:70:2a:26:
4c:94:14:b7:05:07:a1:9a:21:3d:84:7d:2c:c7:e7:
df:b2:02:18:8f:fc:aa:ab:ad:71:61:cb:fb:14:da:
14:b0:fb:f2:76:1b:d1:30:47:3f:17:cc:5e:0d:06:
5e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DF:BB:AB:94:D4:82:D3:49:8F:19:B4:53:E3:FA:DF:24:4B:1D:16
X509v3 Authority Key Identifier:
keyid:5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/2N-7q5TUgtNJjxm0U-P63yRLHRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.16.0/20
185.22.104.0/22
185.83.60.0/22
217.147.208.0/20
IPv6:
2001:4168::/32
Signature Algorithm: sha256WithRSAEncryption
e0:04:44:13:01:95:ef:d1:3a:80:20:26:d5:bf:08:4a:1b:8b:
65:c5:59:8f:60:b7:90:03:7d:a7:23:4a:ca:d4:17:8c:87:3f:
3d:19:aa:fc:35:41:0c:af:50:a3:0e:a4:3d:ab:43:d8:c0:eb:
dd:d2:36:a9:2e:4e:15:bc:62:4b:e8:e0:3d:89:81:3b:59:34:
39:34:c1:53:17:00:c7:5c:8f:c8:94:5e:75:7e:1f:80:af:9e:
6b:a8:eb:78:a2:75:6a:84:77:5a:a7:d1:b0:64:83:5a:4f:15:
27:8b:17:ac:e4:de:f1:9c:e5:2e:b3:66:0b:83:f1:4c:17:1e:
92:4c:6d:4f:33:db:fd:ad:38:77:bc:95:95:aa:6b:0f:47:09:
18:e7:d7:22:ea:31:83:3b:e0:e0:b1:72:74:3f:73:fe:4b:ad:
b5:af:f5:7a:45:f1:26:d7:f5:34:68:c0:70:6c:a4:81:5c:4c:
9a:24:87:7f:bd:71:32:72:e9:56:25:c6:98:ca:ab:c5:24:bb:
4f:17:95:db:92:75:5c:f4:da:d4:f4:85:35:59:54:ac:8f:82:
bd:31:22:a1:01:25:90:b4:5f:9e:c5:c2:e9:4d:6e:35:8a:b2:
eb:05:dd:e2:cf:5f:34:02:2f:aa:6a:44:2f:a3:9a:dc:26:cc:
32:bd:a3:bf
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQf+rjrTjJO3oiVPNeilVcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNGZjY2M5OTRlOTQxMzFkYzExYmZjOTVjNjQ1ODViMzQ1
ZTAxZjUwHhcNMjUwMTAxMDM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRmYmJhYjk0ZDQ4MmQzNDk4ZjE5YjQ1M2UzZmFkZjI0NGIxZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN1Xw9gIgiWUnYU10nu8DdTfbwwd
iMFh+N3L5iKukW7ILhYFVI1BRbwR13JjxHn1z4uKFHcbIkg8usNvuF/bba29dGjk
fuPLsaVO5ppyI0Py/NOvir2rbBCXgofU0yD4hcOaz36e8wSL6BW40XWrA4frQE72
E0jkGoHfag84tbnW0uSvwuF/9cKjj/G9iCyE3ObEOw2qQu5ep31DPA+sUKNkW2qK
nDowRs4FRrWdoiZ/d75xqtff0UK7+pyA39ArN1JeDQtSW+D2mNw2CvxwKiZMlBS3
BQehmiE9hH0sx+ffsgIYj/yqq61xYcv7FNoUsPvydhvRMEc/F8xeDQZe3wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNjfu6uU1ILTSY8ZtFPj+t8kSx0WMB8GA1UdIwQY
MBaAFF1PzMmU6UEx3BG/yVxkWFs0XgH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFVfTXlaVHBRVEhjRWJfSlhHUllXelJlQWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Zjk1NWItMmJhNS00ZmM0LTgzZjUt
MDJkYWUxMzEyNDZmLzEvMk4tN3E1VFVndE5KanhtMFUtUDYzeVJMSFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80Zjk1NWItMmJhNS00ZmM0LTgzZjUtMDJkYWUxMzEyNDZm
LzEvWFVfTXlaVHBRVEhjRWJfSlhHUllXelJlQWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfUQAwQC
uRZoAwQCuVM8AwQE2ZPQMA0EAgACMAcDBQAgAUFoMA0GCSqGSIb3DQEBCwUAA4IB
AQDgBEQTAZXv0TqAICbVvwhKG4tlxVmPYLeQA32nI0rK1BeMhz89Gar8NUEMr1Cj
DqQ9q0PYwOvd0japLk4VvGJL6OA9iYE7WTQ5NMFTFwDHXI/IlF51fh+Ar55rqOt4
onVqhHdap9GwZINaTxUnixes5N7xnOUus2YLg/FMFx6STG1PM9v9rTh3vJWVqmsP
RwkY59ci6jGDO+DgsXJ0P3P+S621r/V6RfEm1/U0aMBwbKSBXEyaJId/vXEyculW
JcaYyqvFJLtPF5XbknVc9NrU9IU1WVSsj4K9MSKhASWQtF+excLpTW41irLrBd3i
z180Ai+qakQvo5rcJswyvaO/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:32 2025 by rpki-client on console.sobornost.net