Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/1-qjOvMD_gOLy6H4ikM5iY4VGQ8.roa
File: 1-qjOvMD_gOLy6H4ikM5iY4VGQ8.roa (raw, json)
Hash identifier: x56Lu5EMx6deCo6ci/ec7JVHm+rQMFgfSVpjOag6Bkc=
Subject key identifier: D7:EA:A3:3A:F3:03:FE:03:8B:CB:A1:F8:8A:43:39:89:8E:15:19:0F
Certificate issuer: /CN=b62dd60548b67cc41e67b6a616a12ec53bf42978
Certificate serial: 019421B22B190F38B0F4E4EBF06900E47780
Authority key identifier: B6:2D:D6:05:48:B6:7C:C4:1E:67:B6:A6:16:A1:2E:C5:3B:F4:29:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti3WBUi2fMQeZ7amFqEuxTv0KXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/1-qjOvMD_gOLy6H4ikM5iY4VGQ8.roa
Signing time: Wed 01 Jan 2025 11:48:32 +0000
ROA not before: Wed 01 Jan 2025 11:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201401
IP address blocks: 31.14.11.0/24 maxlen: 24
31.14.32.0/24 maxlen: 24
31.14.44.0/24 maxlen: 24
31.14.48.0/24 maxlen: 24
45.157.76.0/22 maxlen: 22
89.31.56.0/21 maxlen: 21
185.76.88.0/22 maxlen: 22
185.76.168.0/22 maxlen: 22
2a05:52a0::/30 maxlen: 30
2a10:c240::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2b:19:0f:38:b0:f4:e4:eb:f0:69:00:e4:77:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62dd60548b67cc41e67b6a616a12ec53bf42978
Validity
Not Before: Jan 1 11:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7eaa33af303fe038bcba1f88a4339898e15190f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:6a:f4:b7:23:69:4e:61:83:72:30:5e:c9:
fb:23:2f:6c:51:b6:81:68:e1:27:09:01:3c:5b:a2:
5f:a7:6a:2d:42:1d:81:48:6c:5e:03:e8:d1:9a:af:
4c:d2:eb:3c:2b:38:88:d8:6b:89:ff:23:33:04:86:
9c:bf:13:55:14:d2:30:da:6d:91:1f:3c:5e:bd:b9:
47:b4:ee:6b:29:01:8b:ba:70:f2:ef:ee:13:0a:40:
36:ff:ca:65:c6:4d:2a:65:2f:76:99:62:da:6f:7d:
2e:1d:eb:32:69:db:c5:8c:77:ec:a8:e7:ac:7e:07:
27:65:f0:ef:30:35:58:60:30:11:18:c7:49:8b:9a:
3e:f8:5c:24:d9:84:e3:db:fe:1e:0d:47:5e:9c:60:
7b:3e:68:91:6e:10:57:d6:97:e5:ee:29:47:f0:64:
08:2e:a1:fd:a9:ae:f6:6a:cb:76:8f:b3:5f:52:91:
9e:97:2e:43:11:6d:1a:45:bb:77:76:99:3f:dc:da:
9c:d7:3e:55:92:30:bd:ac:f6:ba:0c:f0:2b:dc:41:
4c:be:95:8a:e0:85:91:3b:f5:7a:36:2f:39:4a:00:
0c:84:68:fb:4d:b7:ef:8a:e0:85:6c:af:d5:70:ce:
79:4d:0b:74:32:e3:01:04:93:7f:c4:44:66:38:14:
18:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EA:A3:3A:F3:03:FE:03:8B:CB:A1:F8:8A:43:39:89:8E:15:19:0F
X509v3 Authority Key Identifier:
keyid:B6:2D:D6:05:48:B6:7C:C4:1E:67:B6:A6:16:A1:2E:C5:3B:F4:29:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti3WBUi2fMQeZ7amFqEuxTv0KXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/1-qjOvMD_gOLy6H4ikM5iY4VGQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/ti3WBUi2fMQeZ7amFqEuxTv0KXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.11.0/24
31.14.32.0/24
31.14.44.0/24
31.14.48.0/24
45.157.76.0/22
89.31.56.0/21
185.76.88.0/22
185.76.168.0/22
IPv6:
2a05:52a0::/30
2a10:c240::/32
Signature Algorithm: sha256WithRSAEncryption
54:33:33:e1:15:00:da:e6:11:25:c7:ce:65:99:b6:bf:73:f7:
20:44:31:ac:2b:4f:41:77:a6:4a:df:34:11:e3:60:35:dd:e5:
2b:ef:0b:2f:e2:ea:7a:53:c2:1e:25:57:df:40:74:c0:6f:92:
10:4d:6f:d0:c6:91:cc:2b:e0:42:e7:75:48:10:bb:33:d8:ba:
ce:15:95:bd:66:b5:ca:cd:dc:c5:9f:b4:47:db:05:69:80:e1:
17:52:ad:89:04:69:6a:45:a8:17:3f:2a:a5:97:d1:51:0c:9b:
b1:ae:8c:ee:b9:df:f5:51:5c:68:58:b2:30:5b:26:87:f2:8d:
76:d8:f8:71:6c:3c:ea:5e:73:0c:6e:43:55:d5:85:8c:81:e7:
8a:21:fe:de:47:fd:72:82:5a:98:2d:02:34:43:58:ac:08:33:
d7:e6:a2:8e:ec:29:0d:4f:2b:81:f6:c9:59:45:36:8f:c6:db:
5b:a5:f2:83:da:82:52:73:09:a6:59:07:17:f8:8c:08:f4:7f:
32:5a:73:51:e7:8f:38:b8:3e:5e:55:5f:68:ab:bc:72:38:80:
c7:e9:ab:71:39:6e:29:dc:43:1f:2e:b6:50:00:20:7e:bc:4c:
ba:dc:10:68:9e:51:b8:08:8f:e9:70:e5:67:bc:dd:6a:6f:40:
b1:69:54:07
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQhsisZDziw9OTr8GkA5HeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmRkNjA1NDhiNjdjYzQxZTY3YjZhNjE2YTEyZWM1M2Jm
NDI5NzgwHhcNMjUwMTAxMTE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VhYTMzYWYzMDNmZTAzOGJjYmExZjg4YTQzMzk4OThlMTUxOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpBq9LcjaU5hg3IwXsn7Iy9sUbaB
aOEnCQE8W6Jfp2otQh2BSGxeA+jRmq9M0us8KziI2GuJ/yMzBIacvxNVFNIw2m2R
HzxevblHtO5rKQGLunDy7+4TCkA2/8plxk0qZS92mWLab30uHesyadvFjHfsqOes
fgcnZfDvMDVYYDARGMdJi5o++Fwk2YTj2/4eDUdenGB7PmiRbhBX1pfl7ilH8GQI
LqH9qa72ast2j7NfUpGely5DEW0aRbt3dpk/3Nqc1z5VkjC9rPa6DPAr3EFMvpWK
4IWRO/V6Ni85SgAMhGj7TbfviuCFbK/VcM55TQt0MuMBBJN/xERmOBQY8QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNfqozrzA/4Di8uh+IpDOYmOFRkPMB8GA1UdIwQY
MBaAFLYt1gVItnzEHme2phahLsU79Cl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkzV0JVaTJmTVFlWjdhbUZxRXV4VHYwS1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80OTBlMTItMWE0NS00YjAwLWE0NmMt
YWYxZTZkMDc3ZTBjLzEvMS1xak92TURfZ09MeTZINGlrTTVpWTRWR1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80OTBlMTItMWE0NS00YjAwLWE0NmMtYWYxZTZkMDc3ZTBj
LzEvdGkzV0JVaTJmTVFlWjdhbUZxRXV4VHYwS1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAHw4LAwQA
Hw4gAwQAHw4sAwQAHw4wAwQCLZ1MAwQDWR84AwQCuUxYAwQCuUyoMBQEAgACMA4D
BQIqBVKgAwUAKhDCQDANBgkqhkiG9w0BAQsFAAOCAQEAVDMz4RUA2uYRJcfOZZm2
v3P3IEQxrCtPQXemSt80EeNgNd3lK+8LL+LqelPCHiVX30B0wG+SEE1v0MaRzCvg
Qud1SBC7M9i6zhWVvWa1ys3cxZ+0R9sFaYDhF1KtiQRpakWoFz8qpZfRUQybsa6M
7rnf9VFcaFiyMFsmh/KNdtj4cWw86l5zDG5DVdWFjIHniiH+3kf9coJamC0CNENY
rAgz1+aijuwpDU8rgfbJWUU2j8bbW6Xyg9qCUnMJplkHF/iMCPR/MlpzUeePOLg+
XlVfaKu8cjiAx+mrcTluKdxDHy62UAAgfrxMutwQaJ5RuAiP6XDlZ7zdam9AsWlU
Bw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:33 2025 by rpki-client on console.sobornost.net