Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/T9bNkG4I3s8n3g58fHkxigNB_U0.roa
File: T9bNkG4I3s8n3g58fHkxigNB_U0.roa (raw, json)
Hash identifier: tamI5rsYWvwnY2M03caNhEktomZ/hKBYz1dFBAwGcIk=
Subject key identifier: 4F:D6:CD:90:6E:08:DE:CF:27:DE:0E:7C:7C:79:31:8A:03:41:FD:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01958973EC11FAC30E8E9F78DDC216F5FB6A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/T9bNkG4I3s8n3g58fHkxigNB_U0.roa
Signing time: Wed 12 Mar 2025 08:23:50 +0000
ROA not before: Wed 12 Mar 2025 08:23:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34577
IP address blocks: 37.60.141.0/24 maxlen: 32
87.120.0.0/22 maxlen: 32
87.120.12.0/24 maxlen: 32
87.120.14.0/23 maxlen: 32
87.120.44.0/23 maxlen: 32
87.120.45.119/32 maxlen: 32
87.120.178.0/23 maxlen: 32
87.120.180.0/22 maxlen: 32
87.120.184.0/23 maxlen: 32
87.120.190.0/24 maxlen: 32
87.121.48.0/22 maxlen: 32
93.123.40.0/22 maxlen: 32
93.123.40.0/24 maxlen: 32
93.123.41.0/24 maxlen: 32
93.123.42.0/24 maxlen: 32
93.123.43.0/24 maxlen: 32
93.123.44.0/24 maxlen: 32
93.123.66.0/24 maxlen: 32
93.123.67.0/24 maxlen: 32
93.123.96.0/22 maxlen: 32
94.156.123.0/24 maxlen: 32
212.73.149.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:73:ec:11:fa:c3:0e:8e:9f:78:dd:c2:16:f5:fb:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 12 08:23:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fd6cd906e08decf27de0e7c7c79318a0341fd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c6:dc:92:83:f7:37:3e:f6:a8:67:6c:ad:58:
74:f2:f9:45:7e:da:dd:c5:a8:da:91:7e:9d:b9:16:
f5:bd:c4:ce:17:68:00:71:4c:f3:d4:87:4e:0b:36:
3f:de:e6:fb:b4:07:b8:ab:92:2a:ae:3b:91:42:4c:
5a:95:25:01:c5:b2:fd:75:5d:d6:47:ee:a9:f4:55:
ed:f0:49:a1:6f:15:d5:ee:d8:98:e6:1e:c4:df:aa:
34:af:b1:ea:dc:5d:96:81:bd:9c:a6:d7:41:32:cf:
3e:53:21:26:76:c5:de:06:dd:3f:af:08:7a:61:d7:
5c:94:6a:44:d9:c1:79:a9:aa:cc:ac:33:84:5e:64:
f2:dc:3e:00:b2:fb:25:a3:52:3d:60:e3:cc:a0:82:
e2:d1:10:47:69:b4:15:f5:fe:e1:ff:cf:a7:e6:39:
f9:25:7d:5d:5a:5b:b4:45:86:00:17:33:14:20:0c:
dc:3e:fb:07:82:e4:46:e9:58:08:78:e8:49:6d:ac:
c6:55:0e:51:0b:c6:88:69:b2:09:ba:2a:cb:9e:73:
54:a1:9d:9b:33:d7:29:c6:41:b0:5b:3a:c6:86:15:
b6:14:f2:43:7a:f2:c6:60:0c:c0:b8:2e:bd:f0:c8:
8d:25:cc:59:c6:8f:67:9f:27:7b:a0:83:9d:31:f1:
82:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D6:CD:90:6E:08:DE:CF:27:DE:0E:7C:7C:79:31:8A:03:41:FD:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/T9bNkG4I3s8n3g58fHkxigNB_U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.141.0/24
87.120.0.0/22
87.120.12.0/24
87.120.14.0/23
87.120.44.0/23
87.120.178.0-87.120.185.255
87.120.190.0/24
87.121.48.0/22
93.123.40.0-93.123.44.255
93.123.66.0/23
93.123.96.0/22
94.156.123.0/24
212.73.149.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:6a:a6:83:ec:c1:21:a1:42:54:d5:ed:ef:96:71:78:4a:38:
ad:33:2a:7e:23:48:4f:d5:15:0d:ae:e8:c5:ac:e2:71:12:a1:
46:9c:5e:03:ed:14:ae:56:d2:29:32:0e:a8:1e:6c:a2:16:50:
81:a3:9a:0f:e4:59:90:66:1e:7a:6f:62:7b:01:f8:2d:52:35:
c8:6b:c2:4b:bb:5e:ee:e4:aa:49:7a:7b:a8:e7:04:44:5e:88:
8a:d5:39:bb:61:25:e7:1d:04:b4:43:bc:38:b2:86:39:96:84:
43:d4:83:bf:d3:f9:71:e3:4b:d1:00:50:44:7d:35:ff:49:f8:
43:97:21:10:57:d4:1b:23:40:f3:5c:6c:0f:ce:c4:7a:6e:53:
6b:c3:17:d8:b9:43:6e:17:3b:7f:7b:c0:57:4b:08:ae:c6:04:
70:e2:91:b0:2f:57:9f:33:6f:61:db:42:6f:aa:1c:45:13:1f:
72:7a:8e:2a:16:6b:bd:85:c9:55:f2:91:c9:ff:89:e7:b6:dc:
b4:58:9c:60:df:6b:fd:aa:ad:19:e3:fc:1a:6c:12:a3:69:5b:
0a:bc:c1:cf:2e:d8:4d:64:28:58:ba:dd:8a:de:11:d6:01:be:
83:fb:37:70:c5:3a:3f:ff:c5:44:8a:af:64:de:08:c4:51:63:
c0:0a:80:08
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZWJc+wR+sMOjp943cIW9ftqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzEyMDgyMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ2Y2Q5MDZlMDhkZWNmMjdkZTBlN2M3Yzc5MzE4YTAzNDFmZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cbckoP3Nz72qGdsrVh08vlFftrd
xajakX6duRb1vcTOF2gAcUzz1IdOCzY/3ub7tAe4q5IqrjuRQkxalSUBxbL9dV3W
R+6p9FXt8EmhbxXV7tiY5h7E36o0r7Hq3F2Wgb2cptdBMs8+UyEmdsXeBt0/rwh6
YddclGpE2cF5qarMrDOEXmTy3D4Asvslo1I9YOPMoILi0RBHabQV9f7h/8+n5jn5
JX1dWlu0RYYAFzMUIAzcPvsHguRG6VgIeOhJbazGVQ5RC8aIabIJuirLnnNUoZ2b
M9cpxkGwWzrGhhW2FPJDevLGYAzAuC698MiNJcxZxo9nnyd7oIOdMfGCyQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFE/WzZBuCN7PJ94OfHx5MYoDQf1NMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVDliTmtHNEkzczhuM2c1OGZIa3hpZ05CX1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAJTyNAwQC
V3gAAwQAV3gMAwQBV3gOAwQBV3gsMAwDBAFXeLIDBAFXeLgDBABXeL4DBAJXeTAw
DAMEA117KAMEAF17LAMEAV17QgMEAl17YAMEAF6cewMEANRJlTANBgkqhkiG9w0B
AQsFAAOCAQEAnmqmg+zBIaFCVNXt75ZxeEo4rTMqfiNIT9UVDa7oxazicRKhRpxe
A+0UrlbSKTIOqB5sohZQgaOaD+RZkGYeem9iewH4LVI1yGvCS7te7uSqSXp7qOcE
RF6IitU5u2El5x0EtEO8OLKGOZaEQ9SDv9P5ceNL0QBQRH01/0n4Q5chEFfUGyNA
81xsD87Eem5Ta8MX2LlDbhc7f3vAV0sIrsYEcOKRsC9XnzNvYdtCb6ocRRMfcnqO
KhZrvYXJVfKRyf+J57bctFicYN9r/aqtGeP8GmwSo2lbCrzBzy7YTWQoWLrdit4R
1gG+g/s3cMU6P//FRIqvZN4IxFFjwAqACA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:27:24 2025 by rpki-client