Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/sqZ6AtAoscTLuSbJUsk3W14dTDk.roa
File: sqZ6AtAoscTLuSbJUsk3W14dTDk.roa (raw, json)
Hash identifier: 5N6Dz7LxTX6s/W6RwvFwXOBJJhCL1Lo6JqWUSH17UMs=
Subject key identifier: B2:A6:7A:02:D0:28:B1:C4:CB:B9:26:C9:52:C9:37:5B:5E:1D:4C:39
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 019424455255E8DE3E35FC48B2344C032C00
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/sqZ6AtAoscTLuSbJUsk3W14dTDk.roa
Signing time: Wed 01 Jan 2025 23:48:30 +0000
ROA not before: Wed 01 Jan 2025 23:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51275
IP address blocks: 89.107.249.0/24 maxlen: 24
109.232.200.0/21 maxlen: 21
109.232.200.0/24 maxlen: 24
109.232.201.0/24 maxlen: 24
109.232.202.0/24 maxlen: 24
193.23.138.0/24 maxlen: 24
193.23.139.0/24 maxlen: 24
2a00:1608::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:52:55:e8:de:3e:35:fc:48:b2:34:4c:03:2c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 23:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2a67a02d028b1c4cbb926c952c9375b5e1d4c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f5:d0:f9:10:63:32:87:c1:b1:b1:72:11:8b:
7d:9d:4d:8c:04:37:16:f1:d3:b6:70:e7:7a:58:a8:
09:da:51:ac:a8:67:c3:c8:b8:71:4f:22:b1:e6:c6:
19:86:6d:35:9e:dd:f5:d6:42:8a:d9:50:38:a8:01:
46:06:a3:97:ef:09:1d:61:85:00:3d:a2:ff:3a:e7:
c4:a9:b1:50:80:22:cc:13:53:14:86:3e:e7:3e:33:
6c:55:11:42:d9:fb:65:45:d0:de:e4:4c:1d:7c:94:
44:aa:8e:00:6b:70:fb:aa:c3:49:9f:1d:01:6e:83:
17:2d:5d:0e:32:27:b8:ad:2a:0c:55:ae:d0:fb:4d:
22:c1:b4:de:3e:4a:a3:73:c5:ba:39:3c:75:87:05:
fe:67:31:87:f5:27:a0:9b:b4:64:bc:76:2e:20:5c:
84:32:21:20:fa:e8:6e:23:ce:fb:58:3b:47:0b:5e:
7e:e9:2c:9c:90:f3:6f:bf:53:f1:9d:5a:a4:05:d6:
5b:7a:de:79:eb:0a:41:91:75:6c:a9:28:0e:70:c2:
66:1c:4a:57:36:04:d3:6c:44:a3:5d:7e:d1:cf:b9:
73:e3:7a:12:44:e9:f4:78:cd:93:55:d3:d7:38:ae:
69:b9:6f:34:76:08:c8:39:ed:14:57:81:92:8b:be:
52:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A6:7A:02:D0:28:B1:C4:CB:B9:26:C9:52:C9:37:5B:5E:1D:4C:39
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/sqZ6AtAoscTLuSbJUsk3W14dTDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.249.0/24
109.232.200.0/21
193.23.138.0/23
IPv6:
2a00:1608::/32
Signature Algorithm: sha256WithRSAEncryption
21:eb:7d:e6:9b:18:1d:5e:83:7e:25:c8:74:bb:ed:02:28:03:
fc:23:f6:15:13:ee:b2:17:e0:02:db:33:22:0d:bc:64:29:b4:
c7:4a:34:81:e2:4a:39:cd:1c:1d:ea:ec:52:61:90:62:03:69:
96:03:a3:3f:0d:f4:6a:6c:8e:48:77:72:29:1b:79:d7:94:f4:
03:46:4e:a3:ca:5e:d8:5a:86:8d:79:9b:e9:77:24:b3:3e:0f:
50:26:05:7e:d6:d9:71:2a:8b:cc:69:87:2e:e0:a1:99:b0:e3:
5e:ef:fb:b0:94:2a:eb:cc:93:2b:7d:60:50:6b:a6:0a:c1:08:
c1:cd:76:82:d0:69:ee:33:76:db:89:14:52:92:86:22:72:e8:
54:cf:c6:80:c7:44:b9:bc:e6:84:6f:b3:a1:bc:48:95:4b:d9:
32:b1:07:df:07:35:24:f2:59:45:6c:99:a2:e0:71:21:af:31:
b1:33:df:c2:28:b3:43:f5:28:1c:96:1c:ea:15:55:0b:1a:b9:
6d:e4:88:cf:6b:c5:86:7e:92:49:31:9a:13:95:70:d7:ca:59:
0c:9a:dd:d7:1b:f6:ac:3a:41:f1:13:45:03:11:9d:f1:de:17:
fd:60:a8:18:c9:84:22:ce:fd:55:0a:48:d2:31:45:49:38:d4:
ca:ff:e9:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQkRVJV6N4+NfxIsjRMAywAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjUwMTAxMjM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE2N2EwMmQwMjhiMWM0Y2JiOTI2Yzk1MmM5Mzc1YjVlMWQ0YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPXQ+RBjMofBsbFyEYt9nU2MBDcW
8dO2cOd6WKgJ2lGsqGfDyLhxTyKx5sYZhm01nt311kKK2VA4qAFGBqOX7wkdYYUA
PaL/OufEqbFQgCLME1MUhj7nPjNsVRFC2ftlRdDe5EwdfJREqo4Aa3D7qsNJnx0B
boMXLV0OMie4rSoMVa7Q+00iwbTePkqjc8W6OTx1hwX+ZzGH9Segm7RkvHYuIFyE
MiEg+uhuI877WDtHC15+6SyckPNvv1PxnVqkBdZbet556wpBkXVsqSgOcMJmHEpX
NgTTbESjXX7Rz7lz43oSROn0eM2TVdPXOK5puW80dgjIOe0UV4GSi75SbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLKmegLQKLHEy7kmyVLJN1teHUw5MB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvc3FaNkF0QW9zY1RMdVNiSlVzazNXMTRkVERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWWv5AwQD
bejIAwQBwReKMA0EAgACMAcDBQAqABYIMA0GCSqGSIb3DQEBCwUAA4IBAQAh633m
mxgdXoN+Jch0u+0CKAP8I/YVE+6yF+AC2zMiDbxkKbTHSjSB4ko5zRwd6uxSYZBi
A2mWA6M/DfRqbI5Id3IpG3nXlPQDRk6jyl7YWoaNeZvpdySzPg9QJgV+1tlxKovM
aYcu4KGZsONe7/uwlCrrzJMrfWBQa6YKwQjBzXaC0GnuM3bbiRRSkoYicuhUz8aA
x0S5vOaEb7OhvEiVS9kysQffBzUk8llFbJmi4HEhrzGxM9/CKLND9SgclhzqFVUL
Grlt5IjPa8WGfpJJMZoTlXDXylkMmt3XG/asOkHxE0UDEZ3x3hf9YKgYyYQizv1V
CkjSMUVJONTK/+lk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net