Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/PM9vUgvftogOQeT0OmZK9fL4cPE.roa
File: PM9vUgvftogOQeT0OmZK9fL4cPE.roa (raw, json)
Hash identifier: w38RqWqCQvckgI8s1dDuKDyQH4CjWPVhD0xwM2FPrMY=
Subject key identifier: 3C:CF:6F:52:0B:DF:B6:88:0E:41:E4:F4:3A:66:4A:F5:F2:F8:70:F1
Certificate issuer: /CN=b039ab8298fa363ae837e530028969cc5cbf104e
Certificate serial: 019424B3D44C79359F49C5A1B1B57F73E0D1
Authority key identifier: B0:39:AB:82:98:FA:36:3A:E8:37:E5:30:02:89:69:CC:5C:BF:10:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/PM9vUgvftogOQeT0OmZK9fL4cPE.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214865
IP address blocks: 62.169.139.0/24 maxlen: 24
2a14:5140::/32 maxlen: 32
2a14:5140::/40 maxlen: 40
2a14:5140:100::/40 maxlen: 40
2a14:5140:200::/40 maxlen: 40
2a14:5140:300::/40 maxlen: 40
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d4:4c:79:35:9f:49:c5:a1:b1:b5:7f:73:e0:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b039ab8298fa363ae837e530028969cc5cbf104e
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ccf6f520bdfb6880e41e4f43a664af5f2f870f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:92:af:36:7b:d8:82:d6:b9:05:a7:42:19:09:
15:83:d8:d8:22:d3:62:ae:a7:61:90:5c:18:a0:a8:
41:9f:40:3a:c2:54:38:97:1a:47:71:fb:e0:d4:d3:
f8:67:4c:b2:e6:64:33:71:6d:14:90:3b:a8:b8:03:
9f:3f:cd:2b:d9:f8:bd:4f:1e:10:77:7b:43:60:ae:
e4:8b:6c:4b:9e:a0:a5:e4:0e:fc:71:23:a7:e7:11:
16:fe:36:95:f8:3a:39:9e:39:c0:59:9a:a6:b9:f9:
5e:84:69:7d:a6:59:ea:d1:42:f9:8d:3b:ed:92:10:
fd:4e:55:2d:b1:9c:5d:30:04:e8:5e:df:7d:93:3d:
a8:ca:78:4c:1f:99:6d:01:ef:51:45:c2:c1:c9:40:
fc:3d:e5:c5:db:48:63:ba:25:ae:64:96:ad:0a:2e:
e2:93:56:45:c7:9e:9f:ce:ce:7e:b7:e1:d9:4c:50:
5e:d1:5e:bf:9b:a5:91:5e:df:fb:0e:e6:d9:24:27:
37:cf:31:d9:8d:33:4b:1b:7b:21:15:22:c7:29:52:
10:f9:6f:31:47:01:c7:a4:c6:a8:80:26:32:a6:5f:
7f:4f:1c:ca:6e:23:2a:e3:a5:7f:fb:ad:88:8f:c0:
51:df:19:61:1d:08:ad:9c:21:fb:ab:dd:17:a3:e3:
b5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CF:6F:52:0B:DF:B6:88:0E:41:E4:F4:3A:66:4A:F5:F2:F8:70:F1
X509v3 Authority Key Identifier:
keyid:B0:39:AB:82:98:FA:36:3A:E8:37:E5:30:02:89:69:CC:5C:BF:10:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/PM9vUgvftogOQeT0OmZK9fL4cPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/sDmrgpj6NjroN-UwAolpzFy_EE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.139.0/24
IPv6:
2a14:5140::/32
Signature Algorithm: sha256WithRSAEncryption
8e:34:ef:1a:b6:d6:a7:ec:76:c4:52:ac:b6:43:aa:30:b0:9a:
80:cd:70:17:51:28:da:35:3b:1a:b0:f3:52:53:d5:f9:40:34:
19:c5:98:09:73:72:d3:16:95:51:5a:9f:d0:8d:31:7a:9e:f2:
b0:2e:8e:d4:0b:5f:18:ce:54:79:7f:7f:c4:bd:a4:42:f1:f7:
95:32:c6:32:4d:ab:6b:39:d2:00:d3:61:47:70:91:80:00:2a:
37:44:f6:08:a8:09:dc:f4:54:fd:dc:05:c6:d3:25:0e:f3:34:
d3:52:29:6a:f5:7d:6a:b6:b9:c5:42:80:4e:87:24:8d:5a:4e:
87:7d:bc:6e:39:83:ee:da:e2:a8:d3:c0:78:ba:75:b3:46:95:
25:e1:87:1f:53:72:a4:82:10:a8:7d:a0:e1:02:6c:a5:ad:bd:
ed:a2:6b:c7:ca:89:77:41:1f:26:f5:55:5a:e3:8d:9f:e3:54:
a9:a1:56:d9:8b:c9:7d:55:22:40:e3:4a:95:80:aa:7c:ce:ef:
43:f7:87:ec:61:c7:1f:d1:c4:96:de:e5:b6:b2:41:5d:8d:05:
a1:a5:f5:64:38:50:26:22:37:a3:fd:32:12:07:4d:7a:f7:67:
0b:e1:4e:22:02:57:ec:f0:05:75:96:71:e4:89:60:9c:aa:d5:
7f:30:73:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks9RMeTWfScWhsbV/c+DRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMzlhYjgyOThmYTM2M2FlODM3ZTUzMDAyODk2OWNjNWNi
ZjEwNGUwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NmNmY1MjBiZGZiNjg4MGU0MWU0ZjQzYTY2NGFmNWYyZjg3MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ZKvNnvYgta5BadCGQkVg9jYItNi
rqdhkFwYoKhBn0A6wlQ4lxpHcfvg1NP4Z0yy5mQzcW0UkDuouAOfP80r2fi9Tx4Q
d3tDYK7ki2xLnqCl5A78cSOn5xEW/jaV+Do5njnAWZqmuflehGl9plnq0UL5jTvt
khD9TlUtsZxdMAToXt99kz2oynhMH5ltAe9RRcLByUD8PeXF20hjuiWuZJatCi7i
k1ZFx56fzs5+t+HZTFBe0V6/m6WRXt/7DubZJCc3zzHZjTNLG3shFSLHKVIQ+W8x
RwHHpMaogCYypl9/TxzKbiMq46V/+62Ij8BR3xlhHQitnCH7q90Xo+O1IwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDzPb1IL37aIDkHk9DpmSvXy+HDxMB8GA1UdIwQY
MBaAFLA5q4KY+jY66DflMAKJacxcvxBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0RtcmdwajZOanJvTi1Vd0FvbHB6RnlfRUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZmQ3MmYtZWY3Ny00NTM3LTg5ZTkt
OWZiZDk2M2E1MTNjLzEvUE05dlVndmZ0b2dPUWVUME9tWks5Zkw0Y1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZmQ3MmYtZWY3Ny00NTM3LTg5ZTktOWZiZDk2M2E1MTNj
LzEvc0RtcmdwajZOanJvTi1Vd0FvbHB6RnlfRUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPqmLMA0E
AgACMAcDBQAqFFFAMA0GCSqGSIb3DQEBCwUAA4IBAQCONO8attan7HbEUqy2Q6ow
sJqAzXAXUSjaNTsasPNSU9X5QDQZxZgJc3LTFpVRWp/QjTF6nvKwLo7UC18YzlR5
f3/EvaRC8feVMsYyTatrOdIA02FHcJGAACo3RPYIqAnc9FT93AXG0yUO8zTTUilq
9X1qtrnFQoBOhySNWk6HfbxuOYPu2uKo08B4unWzRpUl4YcfU3KkghCofaDhAmyl
rb3tomvHyol3QR8m9VVa442f41SpoVbZi8l9VSJA40qVgKp8zu9D94fsYccf0cSW
3uW2skFdjQWhpfVkOFAmIjej/TISB01692cL4U4iAlfs8AV1lnHkiWCcqtV/MHOQ
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:22:43 2025 by rpki-client on console.sobornost.net