Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/7Jg06ldxKlvbz-CEYbOTLWDbPQE.roa
File: 7Jg06ldxKlvbz-CEYbOTLWDbPQE.roa (raw, json)
Hash identifier: pFruh1e8rswIQqQRB2tI9O+JmHtlnpYn4xJr1wtjctA=
Subject key identifier: EC:98:34:EA:57:71:2A:5B:DB:CF:E0:84:61:B3:93:2D:60:DB:3D:01
Certificate issuer: /CN=945efd6c477806bd6b45267558d6828feec61ea6
Certificate serial: 019421B23E5C5EE300C08CEA693D735B5FC1
Authority key identifier: 94:5E:FD:6C:47:78:06:BD:6B:45:26:75:58:D6:82:8F:EE:C6:1E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lF79bEd4Br1rRSZ1WNaCj-7GHqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/7Jg06ldxKlvbz-CEYbOTLWDbPQE.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197113
IP address blocks: 46.174.224.0/21 maxlen: 21
185.242.152.0/23 maxlen: 24
185.242.154.0/23 maxlen: 24
2a0c:ce80::/44 maxlen: 64
2a0c:ce80:10::/44 maxlen: 44
2a0c:ce80:20::/44 maxlen: 44
2a0c:ce80:30::/44 maxlen: 44
2a0c:ce80:40::/44 maxlen: 44
2a0c:ce80:50::/44 maxlen: 44
2a0c:ce80:60::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3e:5c:5e:e3:00:c0:8c:ea:69:3d:73:5b:5f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945efd6c477806bd6b45267558d6828feec61ea6
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec9834ea57712a5bdbcfe08461b3932d60db3d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:77:62:f2:b3:34:c6:65:f7:50:32:e3:70:44:
e4:4d:21:ff:0b:7d:3c:03:94:ab:60:16:5c:45:64:
c3:03:8b:1b:2c:c0:6e:05:68:a5:cb:f9:00:78:08:
16:8a:d8:64:28:c2:23:79:9b:ff:66:e9:c6:ee:37:
67:60:a0:d2:36:8b:41:18:d3:d4:b6:50:eb:67:35:
cc:e3:af:d2:d5:cf:bf:93:97:f6:37:d8:5c:35:a5:
77:7f:68:9a:77:87:66:ee:11:8f:1e:10:05:0a:42:
19:ef:b6:9b:d9:d3:f6:54:d4:57:b7:d3:a0:24:9e:
d6:4c:a5:cd:e4:44:11:e5:df:56:48:1e:07:c1:2d:
6a:57:c8:ae:b7:4a:d0:01:aa:7d:a1:c3:17:90:4a:
23:8a:4c:7a:a8:4b:c7:a5:3f:2c:ac:cf:e3:2d:a3:
30:83:23:85:a8:ab:88:28:48:f2:f1:2d:09:74:b8:
fa:01:54:a7:24:f8:5f:ef:89:21:d0:0e:cd:e3:df:
b2:74:5c:1f:6c:ce:68:9e:a6:94:05:dc:b1:37:5b:
e2:a8:16:39:62:1e:f2:04:97:3f:ed:8e:20:f0:14:
24:c3:b1:20:26:f4:b2:ee:87:23:53:67:8d:73:16:
00:01:52:0c:f7:04:1c:f3:71:3f:f4:19:45:b2:02:
f6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:98:34:EA:57:71:2A:5B:DB:CF:E0:84:61:B3:93:2D:60:DB:3D:01
X509v3 Authority Key Identifier:
keyid:94:5E:FD:6C:47:78:06:BD:6B:45:26:75:58:D6:82:8F:EE:C6:1E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lF79bEd4Br1rRSZ1WNaCj-7GHqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/7Jg06ldxKlvbz-CEYbOTLWDbPQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/328fab-4ebc-4e1f-840e-bc424349a16e/1/lF79bEd4Br1rRSZ1WNaCj-7GHqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.224.0/21
185.242.152.0/22
IPv6:
2a0c:ce80::-2a0c:ce80:6f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
aa:64:60:23:2f:aa:76:49:02:4c:48:58:43:b9:ce:de:ab:83:
02:00:0d:37:27:70:db:1e:77:e7:9c:33:31:72:a7:65:00:0c:
af:87:34:29:0d:2a:1d:40:29:77:38:7a:d9:41:40:25:3e:17:
0d:57:9f:ec:eb:d8:fe:c4:4b:2b:75:53:20:5c:20:29:8d:22:
93:2b:23:76:b7:b5:23:9b:19:22:86:a1:63:2b:d2:81:a8:47:
4a:1d:18:3a:43:33:c7:17:dc:ab:9b:8f:d7:5c:83:66:d9:eb:
75:04:4a:32:a4:cd:96:fc:f8:30:c6:46:71:e5:dc:6a:45:b3:
03:d8:a6:50:76:e9:ef:7d:7b:d3:21:7f:f1:f2:1a:e5:8d:d7:
f8:6a:5e:da:f9:31:05:b3:72:dd:5e:c2:04:f6:ad:f6:7b:7b:
97:75:1d:6f:e3:c6:e3:13:bf:a5:8e:e6:9e:9c:e5:dd:9f:fc:
ae:58:88:cb:07:ee:ec:c1:2e:57:f4:b5:25:18:82:b2:00:c3:
54:35:70:56:71:6f:a6:3b:ae:01:e7:9c:01:e0:97:97:a7:52:
af:02:bd:38:20:99:cd:f8:be:5f:84:48:42:42:25:3e:43:8a:
b4:13:47:ab:6c:6d:7f:20:dc:33:53:f3:7d:94:c5:8c:9e:06:
c9:0f:4d:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQhsj5cXuMAwIzqaT1zW1/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWVmZDZjNDc3ODA2YmQ2YjQ1MjY3NTU4ZDY4MjhmZWVj
NjFlYTYwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk4MzRlYTU3NzEyYTViZGJjZmUwODQ2MWIzOTMyZDYwZGIzZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHdi8rM0xmX3UDLjcETkTSH/C308
A5SrYBZcRWTDA4sbLMBuBWily/kAeAgWithkKMIjeZv/ZunG7jdnYKDSNotBGNPU
tlDrZzXM46/S1c+/k5f2N9hcNaV3f2iad4dm7hGPHhAFCkIZ77ab2dP2VNRXt9Og
JJ7WTKXN5EQR5d9WSB4HwS1qV8iut0rQAap9ocMXkEojikx6qEvHpT8srM/jLaMw
gyOFqKuIKEjy8S0JdLj6AVSnJPhf74kh0A7N49+ydFwfbM5onqaUBdyxN1viqBY5
Yh7yBJc/7Y4g8BQkw7EgJvSy7ocjU2eNcxYAAVIM9wQc83E/9BlFsgL2rQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOyYNOpXcSpb28/ghGGzky1g2z0BMB8GA1UdIwQY
MBaAFJRe/WxHeAa9a0UmdVjWgo/uxh6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEY3OWJFZDRCcjFyUlNaMVdOYUNqLTdHSHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zMjhmYWItNGViYy00ZTFmLTg0MGUt
YmM0MjQzNDlhMTZlLzEvN0pnMDZsZHhLbHZiei1DRVliT1RMV0RiUFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zMjhmYWItNGViYy00ZTFmLTg0MGUtYmM0MjQzNDlhMTZl
LzEvbEY3OWJFZDRCcjFyUlNaMVdOYUNqLTdHSHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQDLq7gAwQC
ufKYMBgEAgACMBIwEAMFByoMzoADBwQqDM6AAGAwDQYJKoZIhvcNAQELBQADggEB
AKpkYCMvqnZJAkxIWEO5zt6rgwIADTcncNsed+ecMzFyp2UADK+HNCkNKh1AKXc4
etlBQCU+Fw1Xn+zr2P7ESyt1UyBcICmNIpMrI3a3tSObGSKGoWMr0oGoR0odGDpD
M8cX3Kubj9dcg2bZ63UESjKkzZb8+DDGRnHl3GpFswPYplB26e99e9Mhf/HyGuWN
1/hqXtr5MQWzct1ewgT2rfZ7e5d1HW/jxuMTv6WO5p6c5d2f/K5YiMsH7uzBLlf0
tSUYgrIAw1Q1cFZxb6Y7rgHnnAHgl5enUq8CvTggmc34vl+ESEJCJT5DirQTR6ts
bX8g3DNT832UxYyeBskPTW4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net