Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/JUZrH7esHXuIUR8S80TNsOfBgq4.roa
File: JUZrH7esHXuIUR8S80TNsOfBgq4.roa (raw, json)
Hash identifier: U7uEaoA1okVxydwdN7xgsZxq5XRAaznjumXB+lt8BF4=
Subject key identifier: 25:46:6B:1F:B7:AC:1D:7B:88:51:1F:12:F3:44:CD:B0:E7:C1:82:AE
Certificate issuer: /CN=1e8612e30e96ccba89e75e04b7bba1c2b797c5c3
Certificate serial: 0195C978C487D3C8940F67A8A8CA9648C8A4
Authority key identifier: 1E:86:12:E3:0E:96:CC:BA:89:E7:5E:04:B7:BB:A1:C2:B7:97:C5:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HoYS4w6WzLqJ514Et7uhwreXxcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/JUZrH7esHXuIUR8S80TNsOfBgq4.roa
Signing time: Mon 24 Mar 2025 18:44:49 +0000
ROA not before: Mon 24 Mar 2025 18:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200665
IP address blocks: 141.195.8.0/21 maxlen: 23
176.124.60.0/22 maxlen: 22
176.125.244.0/22 maxlen: 22
185.97.196.0/22 maxlen: 22
185.180.232.0/22 maxlen: 22
185.181.80.0/22 maxlen: 22
2a06:700::/29 maxlen: 29
2a0a:9b80::/32 maxlen: 32
2a0a:9c80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:78:c4:87:d3:c8:94:0f:67:a8:a8:ca:96:48:c8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8612e30e96ccba89e75e04b7bba1c2b797c5c3
Validity
Not Before: Mar 24 18:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25466b1fb7ac1d7b88511f12f344cdb0e7c182ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:77:2b:64:b6:4d:e1:ba:a2:88:54:d1:f6:ae:
70:19:ba:49:21:29:38:b2:6f:de:a0:37:d4:db:a3:
f9:98:f7:cc:b6:35:e9:7b:ec:be:d0:2c:de:83:2f:
0a:90:97:5e:1b:31:6f:17:d5:39:99:6d:41:62:5a:
dc:98:12:c5:7b:79:fb:c8:e2:64:1b:ea:a3:8d:b7:
a3:ec:09:15:42:cf:41:70:96:ac:57:f5:cb:ed:6a:
68:72:b7:8a:74:07:76:61:5e:3e:ee:44:c1:f3:ed:
2f:5c:fb:d2:63:dd:93:9f:db:9e:18:7e:42:10:88:
e5:54:e5:b5:32:3d:2c:2d:b8:52:50:2b:23:5d:60:
48:d3:0f:64:b6:09:16:f9:92:26:39:1d:29:8e:ae:
da:a4:14:a8:76:9c:2f:14:94:22:fe:df:40:47:ac:
aa:cf:96:41:d2:e7:67:ff:d1:f1:68:6b:d6:fb:dc:
f4:b6:6d:8e:7e:8a:d9:41:43:25:72:68:7f:20:35:
bb:91:75:39:d8:0a:26:2e:50:27:5c:1d:58:4c:58:
75:b0:11:e0:cd:28:2d:16:a8:86:3a:19:12:a0:80:
ab:9d:72:36:a9:3b:11:6e:c3:e0:8b:4e:b2:2f:3b:
c2:6a:b8:d2:55:37:18:cd:31:36:1c:4a:d6:e3:4a:
2c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:46:6B:1F:B7:AC:1D:7B:88:51:1F:12:F3:44:CD:B0:E7:C1:82:AE
X509v3 Authority Key Identifier:
keyid:1E:86:12:E3:0E:96:CC:BA:89:E7:5E:04:B7:BB:A1:C2:B7:97:C5:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HoYS4w6WzLqJ514Et7uhwreXxcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/JUZrH7esHXuIUR8S80TNsOfBgq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/730bd4-db33-4552-bad5-b6dc2b7bf30a/1/HoYS4w6WzLqJ514Et7uhwreXxcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.195.8.0/21
176.124.60.0/22
176.125.244.0/22
185.97.196.0/22
185.180.232.0/22
185.181.80.0/22
IPv6:
2a06:700::/29
2a0a:9b80::/32
2a0a:9c80::/32
Signature Algorithm: sha256WithRSAEncryption
98:20:29:7c:43:f2:de:22:02:8b:02:95:3a:7b:ae:ee:8a:24:
90:68:bf:68:71:a1:5b:5d:a4:f1:5d:87:54:24:83:8e:f4:9b:
38:13:da:de:e0:71:fe:ad:66:c5:68:c5:e7:c7:04:17:30:4e:
d3:b7:26:65:99:21:49:b6:f2:d5:cd:c9:c4:aa:47:27:6d:03:
c3:32:79:44:27:5f:10:78:5e:c9:8d:2b:fa:24:ef:ab:a5:4a:
db:fb:3e:3c:fd:71:6d:d6:c3:17:a8:ad:94:98:af:36:fd:23:
19:cf:73:f8:fe:1f:65:28:51:b2:81:64:b3:44:9d:98:15:e3:
e2:4e:8f:ef:e0:5f:83:a0:d8:1a:b4:af:2d:b5:f1:f9:12:66:
46:4c:35:fe:1d:6c:1e:0a:5e:32:bd:65:31:c5:3d:2d:de:e7:
8b:12:5d:0b:d3:25:ee:72:4d:83:39:96:ce:c0:1d:22:6f:7d:
b0:98:23:c6:cc:c7:f2:80:63:48:e4:fd:5b:a0:87:ec:2a:7d:
8d:27:69:f3:07:87:3b:f9:8c:85:ed:06:07:4b:23:ea:66:a2:
be:37:b9:9d:f4:2f:ba:58:22:e2:4f:2c:5d:a1:01:1d:b1:c6:
46:a5:28:2e:06:d5:d1:db:34:62:fb:20:33:67:f7:63:72:8a:
1b:0b:68:1c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZXJeMSH08iUD2eoqMqWSMikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlODYxMmUzMGU5NmNjYmE4OWU3NWUwNGI3YmJhMWMyYjc5
N2M1YzMwHhcNMjUwMzI0MTg0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQ2NmIxZmI3YWMxZDdiODg1MTFmMTJmMzQ0Y2RiMGU3YzE4MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ncrZLZN4bqiiFTR9q5wGbpJISk4
sm/eoDfU26P5mPfMtjXpe+y+0Czegy8KkJdeGzFvF9U5mW1BYlrcmBLFe3n7yOJk
G+qjjbej7AkVQs9BcJasV/XL7WpocreKdAd2YV4+7kTB8+0vXPvSY92Tn9ueGH5C
EIjlVOW1Mj0sLbhSUCsjXWBI0w9ktgkW+ZImOR0pjq7apBSodpwvFJQi/t9AR6yq
z5ZB0udn/9HxaGvW+9z0tm2OforZQUMlcmh/IDW7kXU52AomLlAnXB1YTFh1sBHg
zSgtFqiGOhkSoICrnXI2qTsRbsPgi06yLzvCarjSVTcYzTE2HErW40osOQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFCVGax+3rB17iFEfEvNEzbDnwYKuMB8GA1UdIwQY
MBaAFB6GEuMOlsy6iedeBLe7ocK3l8XDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG9ZUzR3Nld6THFKNTE0RXQ3dWh3cmVYeGNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC83MzBiZDQtZGIzMy00NTUyLWJhZDUt
YjZkYzJiN2JmMzBhLzEvSlVackg3ZXNIWHVJVVI4UzgwVE5zT2ZCZ3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC83MzBiZDQtZGIzMy00NTUyLWJhZDUtYjZkYzJiN2JmMzBh
LzEvSG9ZUzR3Nld6THFKNTE0RXQ3dWh3cmVYeGNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDjcMIAwQC
sHw8AwQCsH30AwQCuWHEAwQCubToAwQCubVQMBsEAgACMBUDBQMqBgcAAwUAKgqb
gAMFACoKnIAwDQYJKoZIhvcNAQELBQADggEBAJggKXxD8t4iAosClTp7ru6KJJBo
v2hxoVtdpPFdh1Qkg470mzgT2t7gcf6tZsVoxefHBBcwTtO3JmWZIUm28tXNycSq
RydtA8MyeUQnXxB4XsmNK/ok76ulStv7Pjz9cW3WwxeorZSYrzb9IxnPc/j+H2Uo
UbKBZLNEnZgV4+JOj+/gX4Og2Bq0ry218fkSZkZMNf4dbB4KXjK9ZTHFPS3e54sS
XQvTJe5yTYM5ls7AHSJvfbCYI8bMx/KAY0jk/Vugh+wqfY0nafMHhzv5jIXtBgdL
I+pmor43uZ30L7pYIuJPLF2hAR2xxkalKC4G1dHbNGL7IDNn92NyihsLaBw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:49 2025 by rpki-client on console.sobornost.net