Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/nq4bzy4h6lHvAq7WfQfvLT3Lcxs.roa
File: nq4bzy4h6lHvAq7WfQfvLT3Lcxs.roa (raw, json)
Hash identifier: AUW0hCwolQea98JTwSo4ol+MpnG7tQ7XKxKB7k262zg=
Subject key identifier: 9E:AE:1B:CF:2E:21:EA:51:EF:02:AE:D6:7D:07:EF:2D:3D:CB:73:1B
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 0194221FA04CDD71F4BBF6A807421AE51407
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/nq4bzy4h6lHvAq7WfQfvLT3Lcxs.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7393
IP address blocks: 62.106.81.0/24 maxlen: 24
77.75.229.0/24 maxlen: 24
79.110.224.0/24 maxlen: 24
91.246.36.0/24 maxlen: 24
146.19.149.0/24 maxlen: 24
176.116.10.0/24 maxlen: 24
185.230.246.0/24 maxlen: 24
188.244.125.0/24 maxlen: 24
193.243.186.0/24 maxlen: 24
194.150.79.0/24 maxlen: 24
212.18.119.0/24 maxlen: 24
213.173.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a0:4c:dd:71:f4:bb:f6:a8:07:42:1a:e5:14:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eae1bcf2e21ea51ef02aed67d07ef2d3dcb731b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:95:0f:f6:6d:8e:72:91:18:32:6f:8d:1d:
9e:9a:6b:a2:60:67:23:42:2d:92:05:27:1e:e0:be:
75:8c:57:56:3a:20:19:b7:08:56:3e:4a:07:4c:49:
92:9c:5b:bb:fe:54:83:3a:13:30:d8:0c:51:e4:38:
4a:50:e2:38:44:80:4d:ab:08:20:87:0b:28:f1:3b:
51:f8:fd:a7:91:a1:13:44:0c:37:bb:e5:6c:6f:73:
d3:16:eb:58:05:c1:8f:ba:bc:12:65:76:b1:a8:26:
7b:65:58:fd:e7:8b:bf:23:0f:aa:38:b8:f6:5c:1d:
e2:37:95:fb:72:45:72:b4:a9:bf:e3:e1:cf:3b:fc:
c8:67:47:a3:88:f6:28:0a:00:b6:c9:11:b4:84:a9:
cb:46:84:1d:85:d4:44:61:ed:67:ac:08:cf:dc:ae:
4d:de:83:e2:46:c8:ce:a0:24:8b:af:81:c5:1b:85:
37:be:c9:51:04:67:96:7d:70:1a:e5:14:d8:7e:e9:
39:f8:28:93:19:94:81:2b:1e:f5:82:21:92:53:36:
14:e5:e2:d0:84:af:fb:b6:e4:62:e4:38:9d:98:3f:
f3:3e:e3:65:d1:96:83:df:45:c6:0a:4c:0b:4c:c9:
e1:ee:47:9a:44:bb:b6:7a:98:61:c2:8e:1a:7b:2e:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AE:1B:CF:2E:21:EA:51:EF:02:AE:D6:7D:07:EF:2D:3D:CB:73:1B
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/nq4bzy4h6lHvAq7WfQfvLT3Lcxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.81.0/24
77.75.229.0/24
79.110.224.0/24
91.246.36.0/24
146.19.149.0/24
176.116.10.0/24
185.230.246.0/24
188.244.125.0/24
193.243.186.0/24
194.150.79.0/24
212.18.119.0/24
213.173.38.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:d5:6e:7f:30:4c:bf:a4:08:77:ba:29:c3:36:7c:6e:3e:a2:
c8:07:fa:2e:53:8b:43:7c:5b:e0:de:5a:3b:89:ba:da:18:a0:
64:54:c3:8a:cc:01:52:74:3c:d1:f2:1f:ea:7a:d4:09:2d:a2:
e2:94:e3:90:9c:80:85:d0:27:a5:23:b7:f3:2b:25:2d:3a:00:
43:d9:8a:f7:fc:7a:b1:ef:41:71:cf:88:ea:d4:fe:37:bf:48:
79:7b:44:c4:e5:12:15:01:2b:c7:ae:57:9d:f4:02:1c:62:ec:
c6:ce:00:48:31:a4:ad:47:fc:0c:5b:0d:e1:a1:80:e3:77:e1:
4d:e5:88:ba:6f:50:2c:35:d5:63:8a:ba:eb:e1:b7:c4:fd:df:
bb:48:b3:85:67:2b:49:8d:83:a1:27:b1:21:bf:ee:7a:65:9b:
bb:12:e5:ee:ed:8e:68:6d:ec:b4:a3:fa:a6:7a:a3:19:68:74:
f8:d0:9a:21:06:c6:d0:7e:10:c0:e6:19:b6:e4:a4:40:46:bf:
52:d0:9a:96:a4:7e:22:2b:0e:9c:c9:0e:33:9f:5c:68:ac:f5:
fd:38:0c:1a:ff:6e:c9:99:a0:ab:dc:46:e4:92:b9:67:81:f4:
1d:62:d0:28:1d:c1:38:d0:40:6f:e7:be:f0:d4:1e:5a:41:2e:
cd:88:2d:88
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQiH6BM3XH0u/aoB0Ia5RQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFlMWJjZjJlMjFlYTUxZWYwMmFlZDY3ZDA3ZWYyZDNkY2I3MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrWVD/ZtjnKRGDJvjR2emmuiYGcj
Qi2SBSce4L51jFdWOiAZtwhWPkoHTEmSnFu7/lSDOhMw2AxR5DhKUOI4RIBNqwgg
hwso8TtR+P2nkaETRAw3u+Vsb3PTFutYBcGPurwSZXaxqCZ7ZVj954u/Iw+qOLj2
XB3iN5X7ckVytKm/4+HPO/zIZ0ejiPYoCgC2yRG0hKnLRoQdhdREYe1nrAjP3K5N
3oPiRsjOoCSLr4HFG4U3vslRBGeWfXAa5RTYfuk5+CiTGZSBKx71giGSUzYU5eLQ
hK/7tuRi5DidmD/zPuNl0ZaD30XGCkwLTMnh7keaRLu2ephhwo4aey4ZAwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJ6uG88uIepR7wKu1n0H7y09y3MbMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvbnE0Ynp5NGg2bEh2QXE3V2ZRZnZMVDNMY3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAPmpRAwQA
TUvlAwQAT27gAwQAW/YkAwQAkhOVAwQAsHQKAwQAueb2AwQAvPR9AwQAwfO6AwQA
wpZPAwQA1BJ3AwQA1a0mMA0GCSqGSIb3DQEBCwUAA4IBAQC01W5/MEy/pAh3uinD
NnxuPqLIB/ouU4tDfFvg3lo7ibraGKBkVMOKzAFSdDzR8h/qetQJLaLilOOQnICF
0CelI7fzKyUtOgBD2Yr3/Hqx70Fxz4jq1P43v0h5e0TE5RIVASvHrled9AIcYuzG
zgBIMaStR/wMWw3hoYDjd+FN5Yi6b1AsNdVjirrr4bfE/d+7SLOFZytJjYOhJ7Eh
v+56ZZu7EuXu7Y5obey0o/qmeqMZaHT40JohBsbQfhDA5hm25KRARr9S0JqWpH4i
Kw6cyQ4zn1xorPX9OAwa/27JmaCr3EbkkrlngfQdYtAoHcE40EBv577w1B5aQS7N
iC2I
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net