Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/qTxl1xyWT-CwK0lpwwzATCTbhPI.roa
File: qTxl1xyWT-CwK0lpwwzATCTbhPI.roa (raw, json)
Hash identifier: tiK+C1dm9HMHgaXNUBiPQBNlxgP3c8Zxs4Zrc7empII=
Subject key identifier: A9:3C:65:D7:1C:96:4F:E0:B0:2B:49:69:C3:0C:C0:4C:24:DB:84:F2
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E40C2B3F33BBDE4CB4CD669FBC466
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/qTxl1xyWT-CwK0lpwwzATCTbhPI.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:40:c2:b3:f3:3b:bd:e4:cb:4c:d6:69:fb:c4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a93c65d71c964fe0b02b4969c30cc04c24db84f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:84:85:e3:b2:6b:7d:ed:c2:95:58:a3:26:96:
e1:d1:7e:63:e9:06:dd:e2:6e:4a:48:5f:40:77:17:
8f:8a:77:dc:8d:31:59:0e:ce:4b:e0:8d:d3:a0:15:
a2:92:5d:3a:82:a8:c9:6a:a5:81:85:db:92:f1:7a:
dd:b9:8c:34:87:69:98:ef:5a:f5:e7:1d:24:40:b9:
af:04:1e:06:38:e2:96:b6:53:c5:f6:1b:6b:90:6c:
29:f6:1e:d7:01:3f:83:2f:b6:88:c8:67:cc:12:da:
75:1d:44:60:29:26:b7:74:40:dc:33:6a:c1:bd:dc:
c5:c0:ff:82:fe:6a:9c:10:74:44:83:ae:12:05:e2:
6f:57:dc:4f:79:39:ca:d8:b5:ae:9d:3d:e7:da:71:
f5:4a:e2:6c:cb:25:46:5b:58:c1:37:16:b2:ee:98:
10:ce:ea:e3:8f:c0:3c:18:45:dc:f0:0d:57:f4:51:
3e:e1:64:7f:bb:85:fe:cc:a8:18:3d:fc:a3:72:67:
64:30:f8:e9:49:9a:1f:19:86:38:b3:ce:22:cb:ab:
e0:99:72:31:04:40:c9:86:46:44:61:93:06:9c:2b:
48:c2:f6:47:52:d8:14:5e:9b:70:df:d4:3b:d1:2d:
fc:e5:6d:6f:7a:04:ab:d2:be:1e:a1:0c:24:0b:e2:
27:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3C:65:D7:1C:96:4F:E0:B0:2B:49:69:C3:0C:C0:4C:24:DB:84:F2
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/qTxl1xyWT-CwK0lpwwzATCTbhPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
90:f8:0e:64:90:b9:26:5c:91:d9:2d:07:73:d9:02:2f:ed:6b:
fe:c8:4c:ae:c7:6c:84:85:e5:9b:4c:b4:b4:2d:98:11:12:2a:
ec:b8:18:77:24:89:e2:7f:25:18:95:45:41:a9:8e:b1:f1:7c:
96:4a:9d:cb:f9:e8:e9:89:0e:fa:df:ba:85:9e:1e:18:31:53:
db:ed:bd:8d:4b:1f:39:80:de:5f:03:e5:db:37:4e:e2:e0:e1:
fa:1a:96:e1:50:eb:b4:3c:a1:85:ee:05:72:4b:f6:c6:aa:61:
e2:01:83:ca:50:ed:60:31:3b:9b:b6:3e:d6:8d:51:07:62:11:
70:a1:16:ce:17:42:04:3f:75:05:7a:68:74:b3:87:20:ec:58:
89:df:27:6e:77:81:be:3b:20:59:cc:b1:12:f7:b8:5b:f9:ed:
04:22:ff:a9:3f:2f:d4:54:ef:db:af:ca:b6:f8:24:d0:3c:6d:
a8:9e:75:19:34:0f:f9:89:a3:78:c0:48:4d:50:2c:30:74:35:
12:ad:d2:3a:bd:ac:88:4f:b9:3f:91:e6:95:0d:08:b2:c3:07:
ce:e6:f6:8b:db:f0:6e:f2:3b:97:ad:01:c4:db:db:bc:2b:f7:
58:79:8b:8f:ac:37:a5:4f:e9:75:fd:77:b9:0c:a6:10:7d:b1:
4f:65:37:19
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQijkDCs/M7veTLTNZp+8RmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNjNjVkNzFjOTY0ZmUwYjAyYjQ5NjljMzBjYzA0YzI0ZGI4NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4SF47Jrfe3ClVijJpbh0X5j6Qbd
4m5KSF9AdxePinfcjTFZDs5L4I3ToBWikl06gqjJaqWBhduS8XrduYw0h2mY71r1
5x0kQLmvBB4GOOKWtlPF9htrkGwp9h7XAT+DL7aIyGfMEtp1HURgKSa3dEDcM2rB
vdzFwP+C/mqcEHREg64SBeJvV9xPeTnK2LWunT3n2nH1SuJsyyVGW1jBNxay7pgQ
zurjj8A8GEXc8A1X9FE+4WR/u4X+zKgYPfyjcmdkMPjpSZofGYY4s84iy6vgmXIx
BEDJhkZEYZMGnCtIwvZHUtgUXptw39Q70S385W1vegSr0r4eoQwkC+InhQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKk8Zdcclk/gsCtJacMMwEwk24TyMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvcVR4bDF4eVdULUN3SzBscHd3ekFUQ1RiaFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEAkPgO
ZJC5JlyR2S0Hc9kCL+1r/shMrsdshIXlm0y0tC2YERIq7LgYdySJ4n8lGJVFQamO
sfF8lkqdy/no6YkO+t+6hZ4eGDFT2+29jUsfOYDeXwPl2zdO4uDh+hqW4VDrtDyh
he4Fckv2xqph4gGDylDtYDE7m7Y+1o1RB2IRcKEWzhdCBD91BXpodLOHIOxYid8n
bneBvjsgWcyxEve4W/ntBCL/qT8v1FTv26/Ktvgk0DxtqJ51GTQP+YmjeMBITVAs
MHQ1Eq3SOr2siE+5P5HmlQ0IssMHzub2i9vwbvI7l60BxNvbvCv3WHmLj6w3pU/p
df13uQymEH2xT2U3GQ==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:28 2025 by rpki-client on console.sobornost.net