Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/CxgP4WGmDc-j3ZUPD_Rcb4uV8ns.roa
File: CxgP4WGmDc-j3ZUPD_Rcb4uV8ns.roa (raw, json)
Hash identifier: XodVBcVXpLoQd1C4J0bRPfMq7vIVpbrh7r32+gpZkVk=
Subject key identifier: 0B:18:0F:E1:61:A6:0D:CF:A3:DD:95:0F:0F:F4:5C:6F:8B:95:F2:7B
Certificate issuer: /CN=303789258e609f3e558d77b3bfd08acf3515fa92
Certificate serial: 0194236A36465731C4FE0291E83BF9AD93D8
Authority key identifier: 30:37:89:25:8E:60:9F:3E:55:8D:77:B3:BF:D0:8A:CF:35:15:FA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDeJJY5gnz5VjXezv9CKzzUV-pI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/CxgP4WGmDc-j3ZUPD_Rcb4uV8ns.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59431
IP address blocks: 164.138.16.0/21 maxlen: 24
164.138.16.0/24 maxlen: 24
164.138.17.0/24 maxlen: 24
164.138.18.0/24 maxlen: 24
164.138.19.0/24 maxlen: 24
164.138.20.0/24 maxlen: 24
164.138.21.0/24 maxlen: 24
164.138.22.0/24 maxlen: 24
164.138.23.0/24 maxlen: 24
185.86.36.0/22 maxlen: 24
185.86.36.0/24 maxlen: 24
185.86.37.0/24 maxlen: 24
185.86.38.0/24 maxlen: 24
185.86.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:36:46:57:31:c4:fe:02:91:e8:3b:f9:ad:93:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=303789258e609f3e558d77b3bfd08acf3515fa92
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b180fe161a60dcfa3dd950f0ff45c6f8b95f27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ee:a7:33:1a:ff:b2:17:65:75:cc:e9:5d:aa:
08:d4:1c:3b:31:b8:61:06:8a:22:69:9c:80:3d:91:
5e:09:b1:9f:e6:8f:7c:ee:fa:42:df:2a:41:e5:71:
d7:78:5a:de:e0:28:75:38:bc:6c:0b:66:04:11:5c:
38:c1:b3:75:a7:66:94:11:6b:e7:0f:26:01:1b:5b:
e2:1f:49:f2:7e:e2:37:ab:21:5c:1e:ec:13:28:d0:
61:3e:c2:85:fb:18:7b:84:58:a6:c4:74:f9:b5:6c:
96:be:27:bd:c4:d7:bf:7f:5c:d8:2b:a3:76:aa:4b:
5c:b2:3f:79:e5:52:2b:db:7a:45:96:44:52:2c:fc:
a1:69:d2:df:e0:8d:07:c1:be:61:0a:c2:4b:51:20:
6d:bc:26:d6:7f:2a:fb:fa:7a:d6:80:30:e1:4f:8b:
dc:57:8f:2b:7e:bf:6c:5e:c4:ac:9e:29:05:ae:eb:
c2:31:b9:f6:38:f6:9b:10:aa:02:b8:9d:f0:5e:7d:
85:ad:6c:0c:32:2f:2d:65:7d:ac:04:85:94:21:c5:
f0:0e:68:b0:a7:a2:d6:dd:01:25:36:35:07:e4:50:
d6:25:a3:d7:3c:9a:55:4a:3c:11:45:a1:d6:f2:ef:
e2:78:6f:91:38:9b:c0:ce:9f:82:1c:0a:e6:01:e6:
b8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:18:0F:E1:61:A6:0D:CF:A3:DD:95:0F:0F:F4:5C:6F:8B:95:F2:7B
X509v3 Authority Key Identifier:
keyid:30:37:89:25:8E:60:9F:3E:55:8D:77:B3:BF:D0:8A:CF:35:15:FA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDeJJY5gnz5VjXezv9CKzzUV-pI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/CxgP4WGmDc-j3ZUPD_Rcb4uV8ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c934da-978a-46f9-87a7-4f219db78508/1/MDeJJY5gnz5VjXezv9CKzzUV-pI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.16.0/21
185.86.36.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:c4:34:3e:1f:7d:e6:1d:df:52:64:56:97:39:a2:99:29:ed:
5c:dc:d4:85:90:33:c3:40:bb:96:d6:4e:97:20:eb:0b:4e:f3:
c0:2c:75:e3:a1:f1:d5:e2:9c:46:63:8e:7a:8b:e8:77:5e:ab:
62:8c:ae:e5:09:d0:ee:a2:5c:fe:43:2f:0b:13:5e:8c:da:4c:
84:e5:ec:dc:79:43:d4:1f:0b:c8:87:7d:ee:b2:99:2d:ec:e7:
0e:19:2f:17:5d:73:c8:66:42:a1:e1:d0:2c:96:d5:5c:83:e4:
e6:8c:eb:69:9a:63:71:88:ab:31:e4:3a:b7:7a:05:62:a2:cf:
24:34:a7:54:9f:22:92:a2:71:ec:de:c3:7a:93:32:b0:fd:da:
ae:ca:2d:38:14:de:d4:10:bd:84:35:0c:43:12:8c:4f:1c:91:
82:79:1c:08:be:5b:c3:89:6b:b5:2e:04:14:14:62:d2:78:3f:
ef:fa:8c:4a:6a:ec:0c:71:f4:35:39:31:ba:9f:34:02:a8:81:
13:96:75:11:13:2e:ca:2f:dd:d6:92:9e:44:13:79:6e:d0:53:
eb:2b:4b:8d:0e:3a:7e:0b:8c:d8:91:a0:7a:e9:35:13:06:b1:
44:bd:9a:96:c1:92:48:29:a3:fa:39:5e:54:5a:10:2a:d5:d9:
b7:a3:18:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjajZGVzHE/gKR6Dv5rZPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMzc4OTI1OGU2MDlmM2U1NThkNzdiM2JmZDA4YWNmMzUx
NWZhOTIwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE4MGZlMTYxYTYwZGNmYTNkZDk1MGYwZmY0NWM2ZjhiOTVmMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5u6nMxr/shdldczpXaoI1Bw7Mbhh
BooiaZyAPZFeCbGf5o987vpC3ypB5XHXeFre4Ch1OLxsC2YEEVw4wbN1p2aUEWvn
DyYBG1viH0nyfuI3qyFcHuwTKNBhPsKF+xh7hFimxHT5tWyWvie9xNe/f1zYK6N2
qktcsj955VIr23pFlkRSLPyhadLf4I0Hwb5hCsJLUSBtvCbWfyr7+nrWgDDhT4vc
V48rfr9sXsSsnikFruvCMbn2OPabEKoCuJ3wXn2FrWwMMi8tZX2sBIWUIcXwDmiw
p6LW3QElNjUH5FDWJaPXPJpVSjwRRaHW8u/ieG+ROJvAzp+CHArmAea4/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAsYD+Fhpg3Po92VDw/0XG+LlfJ7MB8GA1UdIwQY
MBaAFDA3iSWOYJ8+VY13s7/Qis81FfqSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURlSkpZNWduejVWalhlenY5Q0t6elVWLXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jOTM0ZGEtOTc4YS00NmY5LTg3YTct
NGYyMTlkYjc4NTA4LzEvQ3hnUDRXR21EYy1qM1pVUERfUmNiNHVWOG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jOTM0ZGEtOTc4YS00NmY5LTg3YTctNGYyMTlkYjc4NTA4
LzEvTURlSkpZNWduejVWalhlenY5Q0t6elVWLXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDpIoQAwQC
uVYkMA0GCSqGSIb3DQEBCwUAA4IBAQA8xDQ+H33mHd9SZFaXOaKZKe1c3NSFkDPD
QLuW1k6XIOsLTvPALHXjofHV4pxGY456i+h3XqtijK7lCdDuolz+Qy8LE16M2kyE
5ezceUPUHwvIh33uspkt7OcOGS8XXXPIZkKh4dAsltVcg+TmjOtpmmNxiKsx5Dq3
egVios8kNKdUnyKSonHs3sN6kzKw/dquyi04FN7UEL2ENQxDEoxPHJGCeRwIvlvD
iWu1LgQUFGLSeD/v+oxKauwMcfQ1OTG6nzQCqIETlnUREy7KL93Wkp5EE3lu0FPr
K0uNDjp+C4zYkaB66TUTBrFEvZqWwZJIKaP6OV5UWhAq1dm3oxjR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net