Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/pK0zNVVROWwSBYXkm-_AZ9cWWms.roa
File: pK0zNVVROWwSBYXkm-_AZ9cWWms.roa (raw, json)
Hash identifier: w5rywyoxW3AL5tWJwQte8wQhxyh0QhNZOHhznEPJBbw=
Subject key identifier: A4:AD:33:35:55:51:39:6C:12:05:85:E4:9B:EF:C0:67:D7:16:5A:6B
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 019424B3B4A12FAEF270EB2DADEEEAEB6FC8
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/pK0zNVVROWwSBYXkm-_AZ9cWWms.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200088
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
188.225.14.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b4:a1:2f:ae:f2:70:eb:2d:ad:ee:ea:eb:6f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4ad33355551396c120585e49befc067d7165a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:dd:f1:33:2d:1c:1f:46:e8:e2:85:f0:b3:59:
67:30:ba:7a:de:8f:56:07:9f:00:e1:34:c1:9b:aa:
0c:ec:53:7b:a7:a3:ca:0f:24:c4:36:c6:f1:08:be:
72:97:85:a5:7a:89:a3:09:4e:32:68:48:f7:d4:2a:
c5:fc:3e:6c:69:93:b3:a6:31:83:9b:77:f8:c9:ea:
a5:89:bd:0a:54:89:b3:ac:e4:2d:d8:18:19:d0:b8:
fc:89:8a:fd:7a:4a:48:08:c8:78:bb:f4:c0:91:a2:
a6:62:d6:9a:c4:7f:14:b9:f6:3b:29:e7:51:d4:fc:
c4:d6:5c:84:89:cf:9e:03:12:c5:d4:6e:73:09:76:
61:8b:02:af:b3:1c:ef:5e:f2:78:ca:4b:87:b6:52:
e9:3a:84:f7:e2:2d:3b:2e:0a:23:cf:8b:24:14:1f:
c3:a2:06:ce:ea:9c:ca:52:4c:f7:10:56:9d:e1:b8:
16:c5:5f:7f:cb:3d:d9:7b:09:4e:da:0a:59:36:ba:
14:13:2f:e3:81:06:ec:bf:48:e1:5a:4e:52:13:0b:
76:12:13:9c:27:3f:d3:f7:b4:00:b5:e7:ce:89:5c:
f6:dd:7e:2e:4c:0b:f0:63:18:ca:0b:51:f0:21:ba:
2d:82:17:9e:e3:66:b8:8b:51:6a:6e:df:5d:5f:50:
cf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AD:33:35:55:51:39:6C:12:05:85:E4:9B:EF:C0:67:D7:16:5A:6B
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/pK0zNVVROWwSBYXkm-_AZ9cWWms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
9c:57:d8:11:b1:e1:01:89:6d:69:94:3d:eb:2e:17:6e:6d:bf:
89:b8:5f:07:df:b9:35:63:60:e0:72:e8:49:94:05:ad:b6:4c:
e9:de:1d:06:35:d6:3a:09:e0:79:59:5f:a2:c4:37:a2:61:54:
87:b2:1d:cd:06:b7:94:a3:9e:d7:13:cf:4c:45:db:fa:d5:3d:
70:ba:3e:b1:28:0c:0e:a9:c4:07:e0:e2:cd:12:7d:e4:d6:5f:
46:70:9c:cf:23:e9:e6:d4:d5:90:90:37:68:e7:7c:5a:89:75:
ba:de:28:cb:8f:89:dd:92:41:ce:ac:43:6b:96:be:47:58:2c:
f3:08:99:19:40:c4:67:73:57:ba:2f:ab:d8:42:83:84:82:13:
eb:68:61:c5:fe:ce:9a:c5:de:25:81:fc:fc:f0:4d:e1:49:cc:
2f:ce:dc:94:e9:ef:02:3d:09:b3:d1:ed:ee:d8:4b:44:20:25:
21:d9:1f:7d:af:13:7e:43:9e:d8:46:a6:1c:7a:74:09:bf:d8:
fa:7b:ec:a5:7f:8b:26:f4:37:e5:6f:99:37:f5:0b:52:08:d6:
8e:16:f7:80:47:37:2d:02:83:a7:82:61:60:77:7a:e8:5b:2e:
d7:54:28:03:78:29:cc:99:32:e5:08:c2:0a:d7:a3:f5:ae:f6:
67:71:bf:d3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAZQks7ShL67ycOstre7q62/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFkMzMzNTU1NTEzOTZjMTIwNTg1ZTQ5YmVmYzA2N2Q3MTY1YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5N3xMy0cH0bo4oXws1lnMLp63o9W
B58A4TTBm6oM7FN7p6PKDyTENsbxCL5yl4WleomjCU4yaEj31CrF/D5saZOzpjGD
m3f4yeqlib0KVImzrOQt2BgZ0Lj8iYr9ekpICMh4u/TAkaKmYtaaxH8UufY7KedR
1PzE1lyEic+eAxLF1G5zCXZhiwKvsxzvXvJ4ykuHtlLpOoT34i07Lgojz4skFB/D
ogbO6pzKUkz3EFad4bgWxV9/yz3ZewlO2gpZNroUEy/jgQbsv0jhWk5SEwt2EhOc
Jz/T97QAtefOiVz23X4uTAvwYxjKC1HwIbotghee42a4i1Fqbt9dX1DPVQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFKStMzVVUTlsEgWF5JvvwGfXFlprMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvcEswek5WVlJPV3dTQllYa20tX0FaOWNXV21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAsDnd
AwQAuWhwAwQAuWhzAwQAufcQAwQAvOEOAwQAvOE8AwQAwclzAwQCwiN0AwQA2Rlb
AwQA2RlfAwQA2ZflAwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQEL
BQADggEBAJxX2BGx4QGJbWmUPesuF25tv4m4XwffuTVjYOBy6EmUBa22TOneHQY1
1joJ4HlZX6LEN6JhVIeyHc0Gt5SjntcTz0xF2/rVPXC6PrEoDA6pxAfg4s0SfeTW
X0ZwnM8j6ebU1ZCQN2jnfFqJdbreKMuPid2SQc6sQ2uWvkdYLPMImRlAxGdzV7ov
q9hCg4SCE+toYcX+zprF3iWB/PzwTeFJzC/O3JTp7wI9CbPR7e7YS0QgJSHZH32v
E35DnthGphx6dAm/2Pp77KV/iyb0N+VvmTf1C1II1o4W94BHNy0Cg6eCYWB3euhb
LtdUKAN4KcyZMuUIwgrXo/Wu9mdxv9M=
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:25:30 2025 by rpki-client on console.sobornost.net