Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/gL8L6RZ2XqjaOf7a7aVACmgbZKI.roa
File: gL8L6RZ2XqjaOf7a7aVACmgbZKI.roa (raw, json)
Hash identifier: kLhGxAypt99j/jO34VpwpOJzvqgyVsGY/56bargYYM8=
Subject key identifier: 80:BF:0B:E9:16:76:5E:A8:DA:39:FE:DA:ED:A5:40:0A:68:1B:64:A2
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D752CD47A1731F612B95B23ED89238
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/gL8L6RZ2XqjaOf7a7aVACmgbZKI.roa
Signing time: Wed 01 Jan 2025 21:48:21 +0000
ROA not before: Wed 01 Jan 2025 21:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199478
IP address blocks: 62.82.32.0/23 maxlen: 24
89.140.116.0/22 maxlen: 24
89.140.229.0/24 maxlen: 24
89.140.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:52:cd:47:a1:73:1f:61:2b:95:b2:3e:d8:92:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80bf0be916765ea8da39fedaeda5400a681b64a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:67:9a:79:04:97:ef:7d:4d:77:ff:c7:40:
28:77:d4:07:99:a5:69:da:1b:eb:57:0f:c8:4d:82:
ee:5e:06:29:e3:46:f2:ed:12:0d:13:51:69:40:e9:
42:a7:a7:7e:8b:19:10:85:e4:8b:fd:87:ca:b1:c6:
e5:8f:c2:e9:98:11:22:df:b5:58:6a:48:85:e8:f5:
55:78:0b:ab:11:ad:d6:84:3d:96:4b:dc:68:90:93:
5f:6a:fa:4c:3b:fe:d0:7e:22:d0:65:50:d7:f0:f8:
dc:57:74:e7:d5:44:14:dc:82:49:54:e8:50:db:9c:
49:6c:5a:ab:ab:01:24:4b:fb:96:94:18:c3:90:de:
93:a5:b0:4b:73:3a:aa:5b:ea:bf:11:5a:d2:96:18:
e5:d5:9d:d1:33:7a:82:dd:da:22:fe:09:30:67:36:
ec:ee:bb:42:85:c6:be:11:8a:ee:92:34:2a:f5:ad:
bd:a9:de:2d:01:73:0c:14:57:8f:50:48:94:b1:d9:
fd:f1:b1:4e:51:8d:06:da:66:82:25:0e:15:a5:4f:
c6:51:a0:ca:e3:08:a4:1d:ec:6f:e8:61:53:68:eb:
47:ec:7d:80:08:00:fa:b3:4e:99:14:54:4f:2f:87:
53:60:7f:4a:c4:5e:6e:c0:02:83:5a:b9:71:9e:e6:
ea:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BF:0B:E9:16:76:5E:A8:DA:39:FE:DA:ED:A5:40:0A:68:1B:64:A2
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/gL8L6RZ2XqjaOf7a7aVACmgbZKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.82.32.0/23
89.140.116.0/22
89.140.229.0/24
89.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:2b:19:8a:a7:2a:20:45:4c:54:87:95:08:fe:04:ce:64:8b:
af:e3:ce:89:67:b1:d6:6a:b6:41:a9:53:45:cb:b5:37:01:2b:
08:2f:75:89:36:d0:1f:c1:49:90:33:8c:34:f2:46:3a:99:97:
4e:1f:05:ae:9b:b5:ea:04:85:f2:03:18:31:f8:69:d0:78:e9:
77:f4:6c:4f:a6:66:a6:a6:7b:1d:41:6c:b1:09:e7:2b:fd:7c:
4b:fd:11:42:2d:72:0c:3d:11:4f:54:5b:48:22:cd:9b:ec:bc:
f3:3d:ef:b2:44:8a:08:b5:4c:5e:00:ea:c5:5e:bb:5a:ee:40:
3a:da:3e:0b:c2:17:dd:0b:6f:0e:97:1e:17:9c:9a:78:cd:4b:
b2:42:b2:2b:d2:d9:c1:8a:a0:19:4c:ab:0d:82:57:53:72:36:
ca:a0:d1:08:c2:fa:a0:4a:2b:f5:f2:1f:b9:a8:be:2b:55:ff:
b7:e9:ae:b1:15:42:b2:03:35:a0:2e:07:7f:c2:8e:a9:af:39:
94:8d:d9:10:b6:e2:2c:aa:74:94:71:a3:00:d9:8c:7d:b7:0c:
52:2d:a5:71:1c:2f:4f:77:8e:79:c2:43:6e:ef:66:82:9d:33:
78:f6:d9:cf:73:14:84:c0:21:e1:00:d8:14:fd:f3:3a:aa:78:
4a:6e:44:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj11LNR6FzH2ErlbI+2JI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJmMGJlOTE2NzY1ZWE4ZGEzOWZlZGFlZGE1NDAwYTY4MWI2NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudFnmnkEl+99TXf/x0Aod9QHmaVp
2hvrVw/ITYLuXgYp40by7RINE1FpQOlCp6d+ixkQheSL/YfKscblj8LpmBEi37VY
akiF6PVVeAurEa3WhD2WS9xokJNfavpMO/7QfiLQZVDX8PjcV3Tn1UQU3IJJVOhQ
25xJbFqrqwEkS/uWlBjDkN6TpbBLczqqW+q/EVrSlhjl1Z3RM3qC3doi/gkwZzbs
7rtChca+EYrukjQq9a29qd4tAXMMFFePUEiUsdn98bFOUY0G2maCJQ4VpU/GUaDK
4wikHexv6GFTaOtH7H2ACAD6s06ZFFRPL4dTYH9KxF5uwAKDWrlxnubqCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIC/C+kWdl6o2jn+2u2lQApoG2SiMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvZ0w4TDZSWjJYcWphT2Y3YTdhVkFDbWdiWktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBPlIgAwQC
WYx0AwQAWYzlAwQBWYzqMA0GCSqGSIb3DQEBCwUAA4IBAQB8KxmKpyogRUxUh5UI
/gTOZIuv486JZ7HWarZBqVNFy7U3ASsIL3WJNtAfwUmQM4w08kY6mZdOHwWum7Xq
BIXyAxgx+GnQeOl39GxPpmampnsdQWyxCecr/XxL/RFCLXIMPRFPVFtIIs2b7Lzz
Pe+yRIoItUxeAOrFXrta7kA62j4LwhfdC28Olx4XnJp4zUuyQrIr0tnBiqAZTKsN
gldTcjbKoNEIwvqgSiv18h+5qL4rVf+36a6xFUKyAzWgLgd/wo6przmUjdkQtuIs
qnSUcaMA2Yx9twxSLaVxHC9Pd455wkNu72aCnTN49tnPcxSEwCHhANgU/fM6qnhK
bkSt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net