Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/8U8kKdz2fVZxTqZwqIjaA_g2nWA.roa
File: 8U8kKdz2fVZxTqZwqIjaA_g2nWA.roa (raw, json)
Hash identifier: VPZpp0pYKoi2I1Ak52XiESxXc7FZdh4MhOiiuF6UR+U=
Subject key identifier: F1:4F:24:29:DC:F6:7D:56:71:4E:A6:70:A8:88:DA:03:F8:36:9D:60
Certificate issuer: /CN=8beb65a71af02959272acc00d5c4c1958385de94
Certificate serial: 0194258EB79AC4DCC4DB51A27B4BFC221494
Authority key identifier: 8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/8U8kKdz2fVZxTqZwqIjaA_g2nWA.roa
Signing time: Thu 02 Jan 2025 05:48:17 +0000
ROA not before: Thu 02 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41676
IP address blocks: 77.46.0.0/22 maxlen: 22
80.238.96.0/19 maxlen: 19
93.174.24.0/21 maxlen: 21
109.233.88.0/21 maxlen: 21
176.241.240.0/21 maxlen: 21
185.25.216.0/22 maxlen: 22
185.78.132.0/22 maxlen: 22
185.93.92.0/22 maxlen: 22
185.102.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:b7:9a:c4:dc:c4:db:51:a2:7b:4b:fc:22:14:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8beb65a71af02959272acc00d5c4c1958385de94
Validity
Not Before: Jan 2 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f14f2429dcf67d56714ea670a888da03f8369d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:70:d5:99:ae:24:a6:40:aa:3f:36:2d:6f:66:
9d:56:39:bf:66:70:c7:78:81:53:11:50:c6:8d:db:
ab:3f:05:0b:c3:8d:11:6c:2d:ad:6e:b3:85:79:4b:
41:a6:a4:86:83:4b:4f:a2:75:94:68:a3:2c:f6:3a:
fa:32:ea:ee:65:9e:6f:a4:5f:d7:91:1c:bf:93:88:
47:46:78:46:62:a3:bd:ec:e0:11:f1:b8:d6:aa:1c:
04:1f:aa:9f:19:ef:4b:d8:c0:b5:08:82:91:af:a8:
0a:0b:8b:db:68:32:d3:f2:76:17:b7:b7:1b:1d:e1:
db:c3:d2:07:5e:0c:5c:8f:53:87:cd:78:93:70:f4:
8d:59:29:bc:c9:ee:33:7d:d7:b2:e2:5c:a8:79:10:
32:42:34:c8:fe:90:34:e1:1f:4e:8f:a5:d1:52:26:
05:50:ca:9b:19:da:42:5b:42:c9:86:05:7f:6b:ed:
56:16:9b:b0:80:9b:6f:bd:a9:f3:d8:86:e4:ad:12:
7b:47:7b:fa:c6:0e:3c:6c:03:8e:8f:ea:be:7e:dd:
f9:3a:7e:dd:96:99:bf:e1:e3:17:bf:9b:62:46:60:
80:52:2a:5b:67:82:88:70:c8:22:49:03:6a:46:b4:
cc:3a:a3:74:e8:ca:d3:92:e7:74:bf:e6:95:de:b9:
2d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4F:24:29:DC:F6:7D:56:71:4E:A6:70:A8:88:DA:03:F8:36:9D:60
X509v3 Authority Key Identifier:
keyid:8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/8U8kKdz2fVZxTqZwqIjaA_g2nWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/i-tlpxrwKVknKswA1cTBlYOF3pQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.0.0/22
80.238.96.0/19
93.174.24.0/21
109.233.88.0/21
176.241.240.0/21
185.25.216.0/22
185.78.132.0/22
185.93.92.0/22
185.102.188.0/22
Signature Algorithm: sha256WithRSAEncryption
65:68:07:74:45:94:a8:b4:e0:47:a5:a5:e3:3e:12:6a:af:d3:
e0:8c:e8:5e:b3:cf:f2:03:41:a6:c3:a3:c3:a8:fc:eb:2b:83:
90:f3:cf:c4:b0:66:86:ec:94:6e:ec:0c:d4:86:2f:a7:b0:36:
6c:6c:62:81:7d:dc:e1:62:6f:10:ac:8a:59:71:9d:b7:32:c1:
a2:8c:0a:0e:07:ab:ec:c4:a5:c4:a8:e0:2d:e9:d4:3c:12:5c:
31:43:bf:57:53:d6:5f:e9:53:70:f8:6b:32:22:79:c3:61:1b:
5b:81:76:a6:ea:e2:f6:16:c4:80:4a:5d:03:13:0f:e9:bd:57:
12:b7:43:2e:cf:c4:fb:4e:ab:88:8f:05:80:8b:9e:58:9a:10:
87:a2:4c:07:e7:b3:d5:1d:d4:d8:8c:29:c3:d9:28:9a:20:f4:
eb:82:3d:2e:9e:c7:54:09:da:ad:6d:83:06:5d:4c:e1:2c:02:
84:8f:c0:74:2e:9e:13:35:cc:9a:de:6b:25:bd:1c:d2:08:27:
38:93:73:a1:c3:b6:3f:e3:48:bd:cf:47:da:9e:5d:4a:35:e0:
04:26:28:f3:da:54:d5:0b:95:e1:9a:94:cd:f8:29:13:d7:cb:
28:a3:44:a8:ea:a9:40:5f:bb:25:6a:94:31:ab:6f:e4:9a:08:
2d:8d:89:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljreaxNzE21Gie0v8IhSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZWI2NWE3MWFmMDI5NTkyNzJhY2MwMGQ1YzRjMTk1ODM4
NWRlOTQwHhcNMjUwMTAyMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTRmMjQyOWRjZjY3ZDU2NzE0ZWE2NzBhODg4ZGEwM2Y4MzY5ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XDVma4kpkCqPzYtb2adVjm/ZnDH
eIFTEVDGjdurPwULw40RbC2tbrOFeUtBpqSGg0tPonWUaKMs9jr6MuruZZ5vpF/X
kRy/k4hHRnhGYqO97OAR8bjWqhwEH6qfGe9L2MC1CIKRr6gKC4vbaDLT8nYXt7cb
HeHbw9IHXgxcj1OHzXiTcPSNWSm8ye4zfdey4lyoeRAyQjTI/pA04R9Oj6XRUiYF
UMqbGdpCW0LJhgV/a+1WFpuwgJtvvanz2IbkrRJ7R3v6xg48bAOOj+q+ft35On7d
lpm/4eMXv5tiRmCAUipbZ4KIcMgiSQNqRrTMOqN06MrTkud0v+aV3rktNQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPFPJCnc9n1WcU6mcKiI2gP4Np1gMB8GA1UdIwQY
MBaAFIvrZaca8ClZJyrMANXEwZWDhd6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaS10bHB4cndLVmtuS3N3QTFjVEJsWU9GM3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kZTk5NTctYzdjYy00OTk3LWEyMmIt
MTY1YTg0NmQ0ODFkLzEvOFU4a0tkejJmVlp4VHFad3FJamFBX2cybldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kZTk5NTctYzdjYy00OTk3LWEyMmItMTY1YTg0NmQ0ODFk
LzEvaS10bHB4cndLVmtuS3N3QTFjVEJsWU9GM3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCTS4AAwQF
UO5gAwQDXa4YAwQDbelYAwQDsPHwAwQCuRnYAwQCuU6EAwQCuV1cAwQCuWa8MA0G
CSqGSIb3DQEBCwUAA4IBAQBlaAd0RZSotOBHpaXjPhJqr9PgjOhes8/yA0Gmw6PD
qPzrK4OQ88/EsGaG7JRu7AzUhi+nsDZsbGKBfdzhYm8QrIpZcZ23MsGijAoOB6vs
xKXEqOAt6dQ8ElwxQ79XU9Zf6VNw+GsyInnDYRtbgXam6uL2FsSASl0DEw/pvVcS
t0Muz8T7TquIjwWAi55YmhCHokwH57PVHdTYjCnD2SiaIPTrgj0unsdUCdqtbYMG
XUzhLAKEj8B0Lp4TNcya3mslvRzSCCc4k3Ohw7Y/40i9z0fanl1KNeAEJijz2lTV
C5XhmpTN+CkT18soo0So6qlAX7slapQxq2/kmggtjYml
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net