Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/fQowbtBwRpKjCzhE3ojDTNtTyaM.roa
File: fQowbtBwRpKjCzhE3ojDTNtTyaM.roa (raw, json)
Hash identifier: 5hmuOcmFlB2Eh4C339cOr4B957mNZCHeN0L/cBjITLk=
Subject key identifier: 7D:0A:30:6E:D0:70:46:92:A3:0B:38:44:DE:88:C3:4C:DB:53:C9:A3
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D74E92B5F1CC5635C722CF934F3990
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/fQowbtBwRpKjCzhE3ojDTNtTyaM.roa
Signing time: Wed 01 Jan 2025 21:48:20 +0000
ROA not before: Wed 01 Jan 2025 21:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43160
IP address blocks: 5.40.32.0/23 maxlen: 23
5.40.86.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
5.40.191.0/24 maxlen: 24
5.40.252.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
62.82.238.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
89.140.112.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4e:92:b5:f1:cc:56:35:c7:22:cf:93:4f:39:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d0a306ed0704692a30b3844de88c34cdb53c9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:79:02:2b:83:b4:8f:79:32:48:db:c5:08:cb:
37:3c:bf:21:65:69:f0:f5:60:34:29:9a:33:71:6a:
58:5c:47:ca:36:0c:4a:5a:33:62:50:f3:3c:a2:2c:
71:0b:8a:22:aa:da:7a:0c:b5:ed:90:3b:9c:c7:66:
18:89:46:8a:74:94:63:c5:fb:7b:34:5e:95:d7:0f:
25:33:f7:96:12:9c:01:aa:ef:a3:ac:48:fd:f5:e1:
5e:1c:70:3c:77:0a:fc:15:66:b9:5f:38:03:21:7b:
57:61:69:de:f9:82:77:ad:3f:cf:3a:e4:8c:58:0d:
f4:07:72:81:38:cc:bf:64:38:93:1f:3a:c6:8c:68:
8e:c7:9c:3f:fb:26:de:dc:fd:e1:c3:98:5a:8a:9d:
c3:af:ec:a8:16:93:2a:05:85:ee:4e:df:bc:aa:30:
d6:8a:ea:02:aa:b2:ed:b7:b1:21:34:b1:31:16:dc:
f7:ee:35:71:c2:ba:08:67:78:9c:02:3b:d0:8e:73:
e0:8f:f1:c0:b7:f2:72:c8:44:89:fd:34:e5:ea:03:
f7:6b:80:a0:f5:ee:e3:45:79:a7:05:23:82:80:6e:
bb:1f:a5:20:1b:dc:1d:53:bc:a4:70:94:0e:22:c7:
49:3e:e0:55:ad:26:b2:3e:13:cf:44:17:48:9c:9f:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0A:30:6E:D0:70:46:92:A3:0B:38:44:DE:88:C3:4C:DB:53:C9:A3
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/fQowbtBwRpKjCzhE3ojDTNtTyaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
58:50:91:67:35:88:3f:e9:62:fa:b7:d3:80:cc:46:ec:0f:35:
68:fe:1a:c2:ac:80:3f:06:9b:cf:dc:70:82:a8:a7:ff:5f:f8:
2c:c0:2e:23:d6:a2:9e:ac:9a:13:77:e6:91:6f:00:0b:73:5b:
39:8a:af:b4:6f:2d:72:6e:a9:59:57:3d:6c:c1:89:70:e7:60:
d5:97:39:d1:ad:51:a0:11:34:9d:c4:62:a8:39:4d:e9:9e:02:
60:07:b6:74:97:64:9e:6b:2b:97:0f:12:c7:24:44:48:39:6d:
10:74:be:4b:a3:1f:5f:a8:c7:a8:0c:bd:c6:6f:c4:a3:bf:9d:
b4:76:e7:20:d3:f4:eb:93:3e:f7:69:73:95:0d:d8:dc:d3:0a:
7e:c2:62:26:31:9f:fd:90:e5:d7:b7:5a:b7:7e:1f:68:ab:27:
83:0b:21:5d:16:06:7d:d4:e4:f8:b3:bb:82:8d:3e:56:66:7a:
c0:a4:33:af:2a:0e:98:20:d6:03:fc:e8:c4:e9:df:ac:e9:f3:
34:64:b8:28:8e:1d:c7:77:f0:f6:f9:a9:0f:b8:8a:00:01:71:
c5:70:f3:04:78:3d:2e:93:1b:bb:a0:04:06:93:9c:8e:34:30:
0e:8c:19:e8:1d:30:06:ae:71:99:37:fb:c1:24:7d:9e:95:98:
af:5d:fb:40
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQj106StfHMVjXHIs+TTzmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDBhMzA2ZWQwNzA0NjkyYTMwYjM4NDRkZTg4YzM0Y2RiNTNjOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HkCK4O0j3kySNvFCMs3PL8hZWnw
9WA0KZozcWpYXEfKNgxKWjNiUPM8oixxC4oiqtp6DLXtkDucx2YYiUaKdJRjxft7
NF6V1w8lM/eWEpwBqu+jrEj99eFeHHA8dwr8FWa5XzgDIXtXYWne+YJ3rT/POuSM
WA30B3KBOMy/ZDiTHzrGjGiOx5w/+ybe3P3hw5haip3Dr+yoFpMqBYXuTt+8qjDW
iuoCqrLtt7EhNLExFtz37jVxwroIZ3icAjvQjnPgj/HAt/JyyESJ/TTl6gP3a4Cg
9e7jRXmnBSOCgG67H6UgG9wdU7ykcJQOIsdJPuBVrSayPhPPRBdInJ/FAQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFH0KMG7QcEaSows4RN6Iw0zbU8mjMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvZlFvd2J0QndScEtqQ3poRTNvakRUTnRUeWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSggAwQA
BShWAwQABSiAAwQABSi/AwQABSj8AwQAPlJUAwQAPlLuAwQAPq/KAwQAVHx0AwQB
WYwoAwQAWYxwAwQAWYx4AwQAWYx6AwQAWYzFMA0GCSqGSIb3DQEBCwUAA4IBAQBY
UJFnNYg/6WL6t9OAzEbsDzVo/hrCrIA/BpvP3HCCqKf/X/gswC4j1qKerJoTd+aR
bwALc1s5iq+0by1ybqlZVz1swYlw52DVlznRrVGgETSdxGKoOU3pngJgB7Z0l2Se
ayuXDxLHJERIOW0QdL5Lox9fqMeoDL3Gb8Sjv520ducg0/Trkz73aXOVDdjc0wp+
wmImMZ/9kOXXt1q3fh9oqyeDCyFdFgZ91OT4s7uCjT5WZnrApDOvKg6YINYD/OjE
6d+s6fM0ZLgojh3Hd/D2+akPuIoAAXHFcPMEeD0ukxu7oAQGk5yONDAOjBnoHTAG
rnGZN/vBJH2elZivXftA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net