Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/53I3Xwp10sSBL-xtc_jqMRAMZEE.roa
File: 53I3Xwp10sSBL-xtc_jqMRAMZEE.roa (raw, json)
Hash identifier: 5EdJdIMmiKFhoj2g+ghy+33i5Mlz/mFCHlU2tz6Caf0=
Subject key identifier: E7:72:37:5F:0A:75:D2:C4:81:2F:EC:6D:73:F8:EA:31:10:0C:64:41
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 01942747184BF13F344F8F63903B80DFF08F
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/53I3Xwp10sSBL-xtc_jqMRAMZEE.roa
Signing time: Thu 02 Jan 2025 13:49:17 +0000
ROA not before: Thu 02 Jan 2025 13:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3330
IP address blocks: 62.249.64.0/18 maxlen: 18
185.92.100.0/22 maxlen: 22
193.186.161.0/24 maxlen: 24
194.112.128.0/18 maxlen: 18
194.112.192.0/18 maxlen: 18
2a02:5e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:18:4b:f1:3f:34:4f:8f:63:90:3b:80:df:f0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 2 13:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e772375f0a75d2c4812fec6d73f8ea31100c6441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:53:3a:cf:cf:2b:0d:c6:6d:77:a9:a5:d9:bd:
24:87:e0:ae:18:25:d5:9f:f4:88:f1:2e:47:b3:c6:
0c:f0:ca:59:26:a8:94:61:24:23:80:02:30:ff:65:
8b:c7:17:aa:8e:88:22:1a:1d:e7:46:15:02:4f:90:
47:64:4b:c2:65:67:b5:bb:bd:f0:ab:7e:20:cd:5e:
6d:8f:70:75:9e:b7:d0:33:bd:1a:24:71:8c:11:83:
97:f4:84:a3:04:b6:ef:3b:ad:91:de:1f:5e:7f:70:
46:32:a9:f2:9c:df:06:89:ac:48:27:a1:da:5e:80:
39:ce:c2:63:f2:c7:71:12:9a:fc:ce:dd:53:28:7e:
7c:f1:74:34:77:1f:2e:0b:fb:21:ac:8e:db:72:8b:
b9:81:74:53:9d:73:2b:22:27:7f:0f:f4:9d:a1:ba:
fd:e2:09:35:20:49:c2:4d:c5:de:21:18:e8:66:b7:
75:e1:a6:c9:d2:24:9f:99:46:3c:d7:b2:ff:1e:2f:
f5:81:37:98:3c:dd:0a:0f:9d:08:7b:fa:27:98:64:
3c:23:35:6e:bd:5d:14:6b:83:39:6c:a8:40:c2:b4:
b0:75:33:7e:48:86:0e:34:72:d7:3d:3f:58:f6:b0:
ab:42:13:66:46:cb:40:27:9b:8b:5f:93:d2:8c:90:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:72:37:5F:0A:75:D2:C4:81:2F:EC:6D:73:F8:EA:31:10:0C:64:41
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/53I3Xwp10sSBL-xtc_jqMRAMZEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.64.0/18
185.92.100.0/22
193.186.161.0/24
194.112.128.0/17
IPv6:
2a02:5e0::/32
Signature Algorithm: sha256WithRSAEncryption
27:c6:cc:80:0e:28:56:1c:58:34:cc:9b:e8:4c:f4:94:87:d4:
69:a2:65:4e:8f:97:99:80:19:5a:5b:ee:5a:c7:73:b7:11:b8:
c8:67:22:e2:fb:31:a1:16:2b:0b:0b:50:3d:15:ee:0b:b7:c1:
65:98:92:8c:52:d3:ac:d8:f3:ef:f4:c3:74:66:2e:2e:4f:77:
e3:77:6b:aa:7f:c9:7c:ed:85:b2:7a:c2:14:6c:20:60:c9:a2:
b8:ad:23:c0:3f:c5:21:45:d2:67:df:0d:de:e1:09:e9:f4:db:
3e:27:ed:c4:2a:f1:c1:77:70:d0:85:6b:84:19:f2:1c:23:28:
5c:2d:8c:c5:8a:f0:84:ee:8d:47:7d:a3:2f:06:d2:b5:42:e4:
af:e8:a1:6b:81:cf:84:a2:87:cf:93:13:bd:a8:81:c5:1b:32:
8b:1e:77:86:b6:d6:60:e5:35:3b:5b:ed:7a:ef:b3:ec:49:af:
35:de:31:ba:36:4e:a3:7a:5c:cb:34:10:2c:ac:18:1e:8b:98:
5e:db:e4:d3:20:ac:bf:d2:85:38:13:29:3c:af:f0:99:e3:39:
66:35:a8:0e:1a:85:bd:40:d9:15:67:25:e4:d7:61:c6:14:29:
d7:5e:c9:c8:8e:c4:60:2b:f9:b0:f7:00:0a:88:77:7c:1c:f4:
ed:8d:c9:f0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQnRxhL8T80T49jkDuA3/CPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjUwMTAyMTM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzcyMzc1ZjBhNzVkMmM0ODEyZmVjNmQ3M2Y4ZWEzMTEwMGM2NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1M6z88rDcZtd6ml2b0kh+CuGCXV
n/SI8S5Hs8YM8MpZJqiUYSQjgAIw/2WLxxeqjogiGh3nRhUCT5BHZEvCZWe1u73w
q34gzV5tj3B1nrfQM70aJHGMEYOX9ISjBLbvO62R3h9ef3BGMqnynN8GiaxIJ6Ha
XoA5zsJj8sdxEpr8zt1TKH588XQ0dx8uC/shrI7bcou5gXRTnXMrIid/D/Sdobr9
4gk1IEnCTcXeIRjoZrd14abJ0iSfmUY817L/Hi/1gTeYPN0KD50Ie/onmGQ8IzVu
vV0Ua4M5bKhAwrSwdTN+SIYONHLXPT9Y9rCrQhNmRstAJ5uLX5PSjJBcWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOdyN18KddLEgS/sbXP46jEQDGRBMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvNTNJM1h3cDEwc1NCTC14dGNfanFNUkFNWkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGPvlAAwQC
uVxkAwQAwbqhAwQHwnCAMA0EAgACMAcDBQAqAgXgMA0GCSqGSIb3DQEBCwUAA4IB
AQAnxsyADihWHFg0zJvoTPSUh9RpomVOj5eZgBlaW+5ax3O3EbjIZyLi+zGhFisL
C1A9Fe4Lt8FlmJKMUtOs2PPv9MN0Zi4uT3fjd2uqf8l87YWyesIUbCBgyaK4rSPA
P8UhRdJn3w3e4Qnp9Ns+J+3EKvHBd3DQhWuEGfIcIyhcLYzFivCE7o1HfaMvBtK1
QuSv6KFrgc+EoofPkxO9qIHFGzKLHneGttZg5TU7W+1677PsSa813jG6Nk6jelzL
NBAsrBgei5he2+TTIKy/0oU4Eyk8r/CZ4zlmNagOGoW9QNkVZyXk12HGFCnXXsnI
jsRgK/mw9wAKiHd8HPTtjcnw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:48 2025 by rpki-client on console.sobornost.net