Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/3q5cMH_JMDPWbBWsvj1oSnffC60.roa
File: 3q5cMH_JMDPWbBWsvj1oSnffC60.roa (raw, json)
Hash identifier: PsjJWV+kYSf71t9/bKVlp3KCFoEso5Ik+VCJED3EfZo=
Subject key identifier: DE:AE:5C:30:7F:C9:30:33:D6:6C:15:AC:BE:3D:68:4A:77:DF:0B:AD
Certificate issuer: /CN=63f97267e7c00795309509f1e8d3d9cde0a76c4e
Certificate serial: 019422FC0D14E3CFE751E71562CE2545909D
Authority key identifier: 63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/3q5cMH_JMDPWbBWsvj1oSnffC60.roa
Signing time: Wed 01 Jan 2025 17:48:51 +0000
ROA not before: Wed 01 Jan 2025 17:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39892
IP address blocks: 185.79.196.0/23 maxlen: 23
185.79.196.0/24 maxlen: 24
185.79.197.0/24 maxlen: 24
185.79.198.0/23 maxlen: 23
185.79.198.0/24 maxlen: 24
185.79.199.0/24 maxlen: 24
2a05:7780::/32 maxlen: 32
2a05:7780:105::/48 maxlen: 48
2a05:7781::/32 maxlen: 32
2a05:7782::/32 maxlen: 32
2a05:7783::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0d:14:e3:cf:e7:51:e7:15:62:ce:25:45:90:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f97267e7c00795309509f1e8d3d9cde0a76c4e
Validity
Not Before: Jan 1 17:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deae5c307fc93033d66c15acbe3d684a77df0bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:18:f2:23:a6:62:58:b5:09:d0:d0:b3:26:3d:
81:c0:ac:0e:31:47:95:86:2a:dc:cc:a2:ac:83:92:
75:5c:32:43:00:c3:bc:bc:74:7f:b3:71:84:03:35:
c0:31:65:a8:a6:8a:66:4d:a2:f3:e6:c3:90:a9:8e:
f6:5d:7e:cc:c4:18:eb:2d:b0:ea:72:9b:c2:8b:b9:
2e:1b:c2:bc:76:0b:7a:3f:06:0a:c5:9e:17:32:66:
ed:76:5f:97:3a:b7:e2:ae:63:06:69:0d:f2:21:bb:
e6:41:1b:20:48:7e:06:b4:21:b0:5e:95:5f:32:43:
7a:45:0d:5b:2a:30:2b:63:ad:5b:74:d6:e8:15:9d:
cd:f9:97:c2:2d:75:0d:79:42:f4:12:06:26:e5:60:
84:82:66:76:93:8f:f1:db:1d:6a:7c:69:35:aa:65:
78:23:e1:48:b6:8c:fc:c9:82:4e:00:f3:d3:6e:5f:
94:80:70:6f:c5:83:a5:5e:12:85:76:75:1f:38:3f:
ff:00:fa:bd:44:d2:ca:8e:68:a5:37:d8:d3:b1:19:
74:77:9c:91:a7:2a:59:18:9e:60:53:53:2a:c7:7d:
9b:68:64:b9:2f:8d:62:12:f1:08:53:7c:48:49:94:
28:98:f6:0a:b6:66:b3:20:5b:b6:97:52:da:c6:94:
21:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AE:5C:30:7F:C9:30:33:D6:6C:15:AC:BE:3D:68:4A:77:DF:0B:AD
X509v3 Authority Key Identifier:
keyid:63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/3q5cMH_JMDPWbBWsvj1oSnffC60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.196.0/22
IPv6:
2a05:7780::/30
Signature Algorithm: sha256WithRSAEncryption
98:4c:06:05:07:31:53:2a:3a:77:bd:14:ae:fc:60:d6:97:06:
45:72:61:cb:22:ba:29:df:6c:16:db:ea:3a:70:9e:fd:a8:01:
89:2a:e3:8e:79:96:01:52:14:a6:f9:6d:01:ba:1a:bf:cc:35:
9c:83:2b:43:b0:df:a7:37:35:f1:ac:fb:a9:3f:d9:8c:88:2c:
3a:de:7c:d4:de:5a:43:18:d0:e3:31:48:f5:85:89:07:30:68:
1c:4f:67:22:57:ed:2c:de:e3:4b:70:63:8c:5e:44:34:7f:9d:
cb:e9:f4:1a:08:b3:f4:12:f8:9f:e7:a8:a0:54:ab:4a:62:bb:
67:ac:4b:d7:49:b3:4e:04:a2:f6:c5:89:5a:d9:89:22:48:ca:
83:35:4a:af:23:5c:eb:55:96:4e:b7:fc:63:82:6c:02:00:d8:
3b:90:06:74:2a:d6:68:e6:2c:b5:81:41:a6:2a:80:73:fc:53:
2d:71:47:fd:47:25:53:f7:26:e5:ba:2d:22:22:ae:fe:42:b1:
d8:0b:1f:6a:08:33:2c:51:14:3a:99:2f:cc:4f:81:f6:fb:f9:
3d:b8:a9:4d:d5:4f:38:a3:dd:a9:7c:70:3b:91:95:3a:ca:97:
61:51:0a:4c:b9:79:ea:46:26:21:d9:59:ed:41:8e:34:da:06:
4a:ed:c3:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/A0U48/nUecVYs4lRZCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjk3MjY3ZTdjMDA3OTUzMDk1MDlmMWU4ZDNkOWNkZTBh
NzZjNGUwHhcNMjUwMTAxMTc0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWFlNWMzMDdmYzkzMDMzZDY2YzE1YWNiZTNkNjg0YTc3ZGYwYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xjyI6ZiWLUJ0NCzJj2BwKwOMUeV
hirczKKsg5J1XDJDAMO8vHR/s3GEAzXAMWWopopmTaLz5sOQqY72XX7MxBjrLbDq
cpvCi7kuG8K8dgt6PwYKxZ4XMmbtdl+XOrfirmMGaQ3yIbvmQRsgSH4GtCGwXpVf
MkN6RQ1bKjArY61bdNboFZ3N+ZfCLXUNeUL0EgYm5WCEgmZ2k4/x2x1qfGk1qmV4
I+FItoz8yYJOAPPTbl+UgHBvxYOlXhKFdnUfOD//APq9RNLKjmilN9jTsRl0d5yR
pypZGJ5gU1Mqx32baGS5L41iEvEIU3xISZQomPYKtmazIFu2l1LaxpQh5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN6uXDB/yTAz1mwVrL49aEp33wutMB8GA1UdIwQY
MBaAFGP5cmfnwAeVMJUJ8ejT2c3gp2xOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9seVotZkFCNVV3bFFueDZOUFp6ZUNuYkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83YTFjMmUtNzVmYi00NGM2LWE4M2Mt
MTQ2NzNjNzJhMWRmLzEvM3E1Y01IX0pNRFBXYkJXc3ZqMW9TbmZmQzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83YTFjMmUtNzVmYi00NGM2LWE4M2MtMTQ2NzNjNzJhMWRm
LzEvWV9seVotZkFCNVV3bFFueDZOUFp6ZUNuYkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU/EMA0E
AgACMAcDBQIqBXeAMA0GCSqGSIb3DQEBCwUAA4IBAQCYTAYFBzFTKjp3vRSu/GDW
lwZFcmHLIrop32wW2+o6cJ79qAGJKuOOeZYBUhSm+W0Buhq/zDWcgytDsN+nNzXx
rPupP9mMiCw63nzU3lpDGNDjMUj1hYkHMGgcT2ciV+0s3uNLcGOMXkQ0f53L6fQa
CLP0Evif56igVKtKYrtnrEvXSbNOBKL2xYla2YkiSMqDNUqvI1zrVZZOt/xjgmwC
ANg7kAZ0KtZo5iy1gUGmKoBz/FMtcUf9RyVT9yblui0iIq7+QrHYCx9qCDMsURQ6
mS/MT4H2+/k9uKlN1U84o92pfHA7kZU6ypdhUQpMuXnqRiYh2VntQY402gZK7cMW
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net