Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/BMAYKoufU7pujnEDum3l-Sh7Jm0.roa
File: BMAYKoufU7pujnEDum3l-Sh7Jm0.roa (raw, json)
Hash identifier: JCA/TWQlrOJKd5IE/d0Yfz64No5Tx1ptBD9+mN0UFqs=
Subject key identifier: 04:C0:18:2A:8B:9F:53:BA:6E:8E:71:03:BA:6D:E5:F9:28:7B:26:6D
Certificate issuer: /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Certificate serial: 019423D7024F200FE7DF836B044454C4DDE7
Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/BMAYKoufU7pujnEDum3l-Sh7Jm0.roa
Signing time: Wed 01 Jan 2025 21:48:00 +0000
ROA not before: Wed 01 Jan 2025 21:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8676
IP address blocks: 31.7.8.0/21 maxlen: 24
185.109.136.0/23 maxlen: 24
185.109.138.0/24 maxlen: 24
217.65.160.0/20 maxlen: 24
2001:1420::/30 maxlen: 48
2a03:9f00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:02:4f:20:0f:e7:df:83:6b:04:44:54:c4:dd:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Validity
Not Before: Jan 1 21:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04c0182a8b9f53ba6e8e7103ba6de5f9287b266d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:52:3c:92:e4:f6:f2:11:4a:40:66:3f:fa:a4:
90:92:6a:71:ea:ff:12:6e:af:41:5c:be:50:93:4f:
d1:6f:7b:a8:bd:20:5b:e1:c6:87:57:79:2e:cb:35:
71:d2:60:ee:43:06:fd:d1:6e:e5:f8:26:8f:31:e7:
0b:e8:41:85:4a:60:12:96:3b:4c:3f:2b:b8:a7:3a:
3e:9b:17:cf:bd:8b:88:17:f1:37:9f:aa:59:e8:76:
7b:dd:5c:f5:8b:c9:f9:6d:c1:f7:c2:2b:4c:79:c6:
b8:a0:5a:ea:4b:90:f9:fc:a8:38:6d:b3:bf:22:ff:
05:4c:c3:1c:e5:8a:85:2c:07:d6:28:a4:02:db:04:
95:ee:56:2a:12:6c:8a:a2:46:9b:42:19:9e:f4:62:
40:c5:66:74:d9:c3:95:e4:a1:cf:89:02:bd:76:3d:
d7:78:57:f2:2d:dc:fd:f7:af:dc:19:ed:35:0e:3e:
be:47:94:b2:91:5b:d9:77:a2:08:66:6c:58:c5:c4:
d2:21:fb:c3:ce:a6:9b:0a:f5:4b:fc:8b:01:bd:d8:
38:cf:d2:7f:93:49:31:33:45:4f:01:05:24:9e:71:
4f:f9:b0:bb:33:7d:ec:08:2b:fa:d2:46:4b:72:12:
24:47:38:ff:44:1f:c1:79:d3:ed:ca:c5:4e:cd:58:
2f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C0:18:2A:8B:9F:53:BA:6E:8E:71:03:BA:6D:E5:F9:28:7B:26:6D
X509v3 Authority Key Identifier:
keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/BMAYKoufU7pujnEDum3l-Sh7Jm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.8.0/21
185.109.136.0-185.109.138.255
217.65.160.0/20
IPv6:
2001:1420::/30
2a03:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
6d:e2:35:4c:6e:22:0c:81:5e:6e:3d:3b:2f:50:48:e6:d4:73:
4e:24:86:41:49:79:d9:49:ff:41:67:14:db:94:5a:09:cf:be:
a5:a4:70:b9:7d:57:90:2e:26:f8:24:a8:79:41:e5:12:43:0a:
0a:00:58:76:6b:f3:a2:2d:bd:f3:59:5e:f9:c6:a8:f6:9e:99:
fc:1c:58:4e:73:12:c0:73:4e:a0:40:2a:d5:9e:31:15:a6:dd:
93:a8:b8:9c:70:f7:2c:31:b0:d9:6d:60:3e:57:7e:5c:9b:59:
3e:c3:5c:cd:52:8d:f0:e5:ed:c1:c8:61:40:d5:d3:d2:24:d9:
af:b4:f3:ed:94:eb:64:8d:79:95:30:5c:ac:a7:fa:78:25:c0:
b2:fd:2c:52:bc:90:55:ba:5d:50:0a:ff:ac:93:00:67:14:ef:
aa:d0:94:17:b8:e2:0a:0a:00:cb:4e:30:f7:2d:4c:ce:a9:b3:
ef:0f:2c:f0:d6:aa:6e:56:2e:06:f1:f7:24:78:14:c8:d2:4e:
a8:d6:52:c9:7b:6f:8d:29:0c:a0:69:38:dd:fc:ce:75:0a:74:
41:5f:9e:7c:08:21:eb:57:2b:7d:ae:19:7e:11:e6:1f:e7:b0:
48:cf:49:75:c2:4e:82:c2:ea:71:ab:62:8c:1b:31:47:78:f6:
7b:fe:f6:54
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQj1wJPIA/n34NrBERUxN3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm
ZGI5MzEwHhcNMjUwMTAxMjE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGMwMTgyYThiOWY1M2JhNmU4ZTcxMDNiYTZkZTVmOTI4N2IyNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1I8kuT28hFKQGY/+qSQkmpx6v8S
bq9BXL5Qk0/Rb3uovSBb4caHV3kuyzVx0mDuQwb90W7l+CaPMecL6EGFSmASljtM
Pyu4pzo+mxfPvYuIF/E3n6pZ6HZ73Vz1i8n5bcH3witMeca4oFrqS5D5/Kg4bbO/
Iv8FTMMc5YqFLAfWKKQC2wSV7lYqEmyKokabQhme9GJAxWZ02cOV5KHPiQK9dj3X
eFfyLdz996/cGe01Dj6+R5SykVvZd6IIZmxYxcTSIfvDzqabCvVL/IsBvdg4z9J/
k0kxM0VPAQUknnFP+bC7M33sCCv60kZLchIkRzj/RB/BedPtysVOzVgvqQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFATAGCqLn1O6bo5xA7pt5fkoeyZtMB8GA1UdIwQY
MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt
YTgzZjkxNDAzNWIzLzEvQk1BWUtvdWZVN3B1am5FRHVtM2wtU2g3Sm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz
LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaAwQDHwcIMAwD
BAO5bYgDBAC5bYoDBATZQaAwFAQCAAIwDgMFAiABFCADBQAqA58AMA0GCSqGSIb3
DQEBCwUAA4IBAQBt4jVMbiIMgV5uPTsvUEjm1HNOJIZBSXnZSf9BZxTblFoJz76l
pHC5fVeQLib4JKh5QeUSQwoKAFh2a/OiLb3zWV75xqj2npn8HFhOcxLAc06gQCrV
njEVpt2TqLiccPcsMbDZbWA+V35cm1k+w1zNUo3w5e3ByGFA1dPSJNmvtPPtlOtk
jXmVMFysp/p4JcCy/SxSvJBVul1QCv+skwBnFO+q0JQXuOIKCgDLTjD3LUzOqbPv
Dyzw1qpuVi4G8fckeBTI0k6o1lLJe2+NKQygaTjd/M51CnRBX558CCHrVyt9rhl+
EeYf57BIz0l1wk6Cwupxq2KMGzFHePZ7/vZU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:45 2025 by rpki-client on console.sobornost.net