Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/Blmy2f8OWilx5iyKeJl19yxz130.roa
File: Blmy2f8OWilx5iyKeJl19yxz130.roa (raw, json)
Hash identifier: hBJbqMLATjqE7T1aEx82BrgYKE+8rAT6ZSYbo8s5Glc=
Subject key identifier: 06:59:B2:D9:FF:0E:5A:29:71:E6:2C:8A:78:99:75:F7:2C:73:D7:7D
Certificate issuer: /CN=44df4fcb8ea51e18d290805c8f50f0df4340dbd5
Certificate serial: 019421B218D8DE18DB9BB88D1C79B53DA3D9
Authority key identifier: 44:DF:4F:CB:8E:A5:1E:18:D2:90:80:5C:8F:50:F0:DF:43:40:DB:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/Blmy2f8OWilx5iyKeJl19yxz130.roa
Signing time: Wed 01 Jan 2025 11:48:27 +0000
ROA not before: Wed 01 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49747
IP address blocks: 146.19.1.0/24 maxlen: 24
146.19.238.0/24 maxlen: 24
188.64.141.0/24 maxlen: 24
193.200.206.0/24 maxlen: 24
2001:67c:c6c::/48 maxlen: 48
2a14:5f40:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:18:d8:de:18:db:9b:b8:8d:1c:79:b5:3d:a3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44df4fcb8ea51e18d290805c8f50f0df4340dbd5
Validity
Not Before: Jan 1 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0659b2d9ff0e5a2971e62c8a789975f72c73d77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:b2:99:5a:0b:c8:1b:40:83:fd:19:77:52:
06:83:22:69:1e:12:80:8b:7b:bc:b7:a0:49:04:a9:
9b:db:e2:3a:4d:62:3c:23:cf:f8:fa:c0:c8:4c:6c:
33:8b:15:14:86:1b:aa:ae:66:79:4e:f9:2e:47:38:
29:f7:e2:27:77:a5:85:e9:7d:5e:33:af:e1:7c:e4:
01:09:6f:3d:4d:02:4f:b3:74:ad:aa:d3:8f:25:d5:
17:3d:49:1e:f8:71:89:f4:95:9b:dc:ec:e8:c0:56:
fa:94:e8:15:c2:57:fa:b0:5c:26:e0:53:11:eb:78:
9e:bb:8a:12:d9:05:78:36:a5:93:0d:d6:43:fd:62:
73:60:cc:44:5d:4e:36:bb:28:4f:ff:34:50:5b:6e:
9a:d4:da:5a:31:bb:51:c7:bd:c4:d7:3e:8f:0c:6a:
4c:b3:40:63:55:52:9a:63:8c:3d:57:3c:9f:4e:b3:
f9:0d:67:af:71:a3:8d:14:5c:94:74:3d:49:ad:c3:
5e:63:c3:80:ce:66:8e:65:28:29:1f:c5:39:75:2b:
e7:81:9d:92:b4:20:8a:05:f3:bd:fc:15:a1:fa:1c:
e7:e5:06:7f:b9:f4:5c:59:e5:e8:c5:ea:fc:4d:1a:
a4:40:86:ea:00:03:24:74:ad:7b:f5:e3:e6:3c:0d:
e3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:59:B2:D9:FF:0E:5A:29:71:E6:2C:8A:78:99:75:F7:2C:73:D7:7D
X509v3 Authority Key Identifier:
keyid:44:DF:4F:CB:8E:A5:1E:18:D2:90:80:5C:8F:50:F0:DF:43:40:DB:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/Blmy2f8OWilx5iyKeJl19yxz130.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.1.0/24
146.19.238.0/24
188.64.141.0/24
193.200.206.0/24
IPv6:
2001:67c:c6c::/48
2a14:5f40:1::/48
Signature Algorithm: sha256WithRSAEncryption
52:7f:bc:98:0e:eb:2d:ff:51:a9:ad:17:b2:7f:ae:66:d8:c7:
bd:91:6d:f1:7a:dc:dc:c1:8a:af:4f:7a:06:ce:0b:18:39:61:
7e:c2:d7:cb:45:7f:1d:5e:1e:13:a9:de:45:d0:26:bd:52:b4:
b8:28:94:fe:cc:0f:40:fa:61:84:87:b8:e3:c3:2a:d2:6c:8a:
a9:40:3f:e7:63:5e:93:4f:8b:c2:a0:2f:6d:63:ae:23:44:5f:
16:cb:3d:be:78:2b:52:89:dc:09:42:d3:9e:bc:bb:7f:9d:ca:
7d:ba:e3:32:eb:af:3d:1d:4a:5c:ef:5f:01:06:7f:5e:26:4f:
59:79:28:da:e9:c8:88:1c:fb:0d:54:ee:d7:cb:9c:84:8e:dd:
55:0e:84:09:56:5b:b3:08:52:74:ae:6a:32:f1:32:63:31:86:
41:ba:70:0e:32:60:24:7e:58:be:a5:d0:01:20:ec:95:41:c1:
80:41:32:74:05:d7:15:34:06:e0:14:ee:11:9f:8c:60:cb:cc:
4f:7a:07:16:84:93:17:c6:8a:8b:01:a7:75:58:4b:9b:a4:87:
fa:e1:63:b6:86:b5:aa:4d:02:70:e5:2c:ef:38:3b:73:b4:9b:
b0:5b:b1:7b:fa:61:b6:6c:95:dc:35:c1:a3:7e:84:63:1d:bd:
04:ce:20:86
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQhshjY3hjbm7iNHHm1PaPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGY0ZmNiOGVhNTFlMThkMjkwODA1YzhmNTBmMGRmNDM0
MGRiZDUwHhcNMjUwMTAxMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU5YjJkOWZmMGU1YTI5NzFlNjJjOGE3ODk5NzVmNzJjNzNkNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUGymVoLyBtAg/0Zd1IGgyJpHhKA
i3u8t6BJBKmb2+I6TWI8I8/4+sDITGwzixUUhhuqrmZ5TvkuRzgp9+Ind6WF6X1e
M6/hfOQBCW89TQJPs3StqtOPJdUXPUke+HGJ9JWb3OzowFb6lOgVwlf6sFwm4FMR
63ieu4oS2QV4NqWTDdZD/WJzYMxEXU42uyhP/zRQW26a1NpaMbtRx73E1z6PDGpM
s0BjVVKaY4w9VzyfTrP5DWevcaONFFyUdD1JrcNeY8OAzmaOZSgpH8U5dSvngZ2S
tCCKBfO9/BWh+hzn5QZ/ufRcWeXoxer8TRqkQIbqAAMkdK179ePmPA3j5QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAZZstn/DlopceYsiniZdfcsc9d9MB8GA1UdIwQY
MBaAFETfT8uOpR4Y0pCAXI9Q8N9DQNvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk45UHk0NmxIaGpTa0lCY2oxRHczME5BMjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83Y2MxODMtZWJhNS00NzQ3LThiMTAt
ZjM4Yzc0OWI2ZTM5LzEvQmxteTJmOE9XaWx4NWl5S2VKbDE5eXh6MTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83Y2MxODMtZWJhNS00NzQ3LThiMTAtZjM4Yzc0OWI2ZTM5
LzEvUk45UHk0NmxIaGpTa0lCY2oxRHczME5BMjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAkhMBAwQA
khPuAwQAvECNAwQAwcjOMBgEAgACMBIDBwAgAQZ8DGwDBwAqFF9AAAEwDQYJKoZI
hvcNAQELBQADggEBAFJ/vJgO6y3/UamtF7J/rmbYx72RbfF63NzBiq9PegbOCxg5
YX7C18tFfx1eHhOp3kXQJr1StLgolP7MD0D6YYSHuOPDKtJsiqlAP+djXpNPi8Kg
L21jriNEXxbLPb54K1KJ3AlC0568u3+dyn264zLrrz0dSlzvXwEGf14mT1l5KNrp
yIgc+w1U7tfLnISO3VUOhAlWW7MIUnSuajLxMmMxhkG6cA4yYCR+WL6l0AEg7JVB
wYBBMnQF1xU0BuAU7hGfjGDLzE96BxaEkxfGiosBp3VYS5ukh/rhY7aGtapNAnDl
LO84O3O0m7BbsXv6YbZsldw1waN+hGMdvQTOIIY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net