Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/6oQVLR_TbSIT2IcKGWMYExl-eWw.roa
File: 6oQVLR_TbSIT2IcKGWMYExl-eWw.roa (raw, json)
Hash identifier: 8lLdtv1wEEFd8BpjTk0jEfx9zS8irHAnpJqyHaJ1f3Y=
Subject key identifier: EA:84:15:2D:1F:D3:6D:22:13:D8:87:0A:19:63:18:13:19:7E:79:6C
Certificate issuer: /CN=923603c981868916b0b1701dcf3720caa2484fdc
Certificate serial: 01942143AD764883803955C998624E34289A
Authority key identifier: 92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/6oQVLR_TbSIT2IcKGWMYExl-eWw.roa
Signing time: Wed 01 Jan 2025 09:47:50 +0000
ROA not before: Wed 01 Jan 2025 09:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16044
IP address blocks: 91.226.252.0/22 maxlen: 22
91.226.252.0/24 maxlen: 24
91.226.253.0/24 maxlen: 24
91.226.254.0/24 maxlen: 24
91.226.255.0/24 maxlen: 24
193.34.60.0/22 maxlen: 22
193.34.60.0/24 maxlen: 24
193.34.61.0/24 maxlen: 24
193.34.62.0/24 maxlen: 24
193.34.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ad:76:48:83:80:39:55:c9:98:62:4e:34:28:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923603c981868916b0b1701dcf3720caa2484fdc
Validity
Not Before: Jan 1 09:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea84152d1fd36d2213d8870a19631813197e796c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:03:9a:80:06:8a:f2:72:59:ab:5c:0a:00:5d:
a4:35:a9:b3:73:dc:9e:39:1a:0b:be:fe:c9:fe:08:
a4:40:35:09:50:66:e6:b5:5c:64:13:4a:6c:08:87:
a5:0c:fd:03:99:16:46:37:10:da:24:6b:bd:27:66:
d1:46:02:ed:41:7d:87:e2:a3:10:25:87:53:06:a8:
43:1e:99:d4:cf:38:21:05:3c:da:c3:30:24:c4:0c:
f0:22:4e:fb:36:de:4f:c1:b5:40:f8:39:2e:a5:5f:
2e:18:b6:77:ee:6e:5d:ad:3d:38:2b:00:86:69:d2:
d8:fb:27:f5:50:3f:ce:8e:ee:7f:4b:85:0f:09:f4:
57:0c:fe:73:0e:8e:e7:d0:36:46:57:f8:e9:65:ce:
76:ed:0e:1c:96:a3:99:15:21:44:11:53:28:36:45:
3b:83:28:1e:d0:d7:8c:4e:6c:4b:d3:75:97:fe:2e:
8d:65:fe:56:c4:5f:15:a9:7c:ab:89:ab:4f:97:45:
82:c1:f8:c7:d6:94:fe:91:6e:9c:71:62:0e:1f:d8:
ff:5b:21:69:49:7d:cb:87:65:92:3b:bc:3b:97:eb:
60:97:61:79:20:1a:f7:25:89:15:0a:d9:89:08:a0:
05:c1:42:ae:36:76:6b:10:bf:07:6c:d0:d9:0a:36:
76:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:84:15:2D:1F:D3:6D:22:13:D8:87:0A:19:63:18:13:19:7E:79:6C
X509v3 Authority Key Identifier:
keyid:92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/6oQVLR_TbSIT2IcKGWMYExl-eWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/kjYDyYGGiRawsXAdzzcgyqJIT9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.252.0/22
193.34.60.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:6a:37:8f:e9:f2:41:ce:c1:28:08:08:7f:88:74:24:6e:1e:
d8:9c:5f:0d:b3:c5:f5:93:d7:07:a4:d5:61:49:1b:6b:48:2e:
a8:50:1d:7f:c3:b3:81:d8:84:a9:7c:9e:ba:4c:13:0a:f0:ce:
18:33:63:f2:fd:36:f1:1a:6d:0d:74:9d:a4:58:a0:ca:42:8f:
9c:56:11:d9:8d:00:30:f4:14:58:ae:08:d4:1b:9d:a3:14:85:
3d:d4:be:5e:89:99:f6:77:c2:6d:98:1d:e1:0a:56:bf:19:89:
32:49:bc:58:29:dc:f3:8e:22:36:83:1e:32:29:ff:79:ed:11:
62:62:f5:30:eb:55:7c:7a:12:a0:d4:86:0e:b8:47:bd:2d:2d:
a8:52:fb:f8:ed:80:04:fc:16:28:ee:33:f2:fa:20:8e:2d:4e:
87:a3:4c:42:91:ac:d4:05:41:1f:a1:cb:26:ec:e2:32:d3:72:
4a:d9:d4:6f:a5:db:6d:9a:2b:19:48:50:61:a3:d9:52:a4:57:
c8:2f:90:39:98:0b:94:3d:6c:e3:d0:ef:f4:43:bc:c5:5a:48:
5e:f1:74:23:62:76:29:89:cf:82:8c:8c:2b:ab:28:ec:f8:5f:
a9:9d:e2:19:47:bb:17:5d:59:80:94:a4:63:f9:ae:ad:b6:4c:
83:5c:59:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ612SIOAOVXJmGJONCiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzYwM2M5ODE4Njg5MTZiMGIxNzAxZGNmMzcyMGNhYTI0
ODRmZGMwHhcNMjUwMTAxMDk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTg0MTUyZDFmZDM2ZDIyMTNkODg3MGExOTYzMTgxMzE5N2U3OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywOagAaK8nJZq1wKAF2kNamzc9ye
ORoLvv7J/gikQDUJUGbmtVxkE0psCIelDP0DmRZGNxDaJGu9J2bRRgLtQX2H4qMQ
JYdTBqhDHpnUzzghBTzawzAkxAzwIk77Nt5PwbVA+DkupV8uGLZ37m5drT04KwCG
adLY+yf1UD/Oju5/S4UPCfRXDP5zDo7n0DZGV/jpZc527Q4clqOZFSFEEVMoNkU7
gyge0NeMTmxL03WX/i6NZf5WxF8VqXyriatPl0WCwfjH1pT+kW6ccWIOH9j/WyFp
SX3Lh2WSO7w7l+tgl2F5IBr3JYkVCtmJCKAFwUKuNnZrEL8HbNDZCjZ2kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOqEFS0f020iE9iHChljGBMZfnlsMB8GA1UdIwQY
MBaAFJI2A8mBhokWsLFwHc83IMqiSE/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pZRHlZR0dpUmF3c1hBZHp6Y2d5cUpJVDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hZjI2NzEtMDUxOC00MTlmLTk5ZTAt
YTMxOTllYThkMTNlLzEvNm9RVkxSX1RiU0lUMkljS0dXTVlFeGwtZVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hZjI2NzEtMDUxOC00MTlmLTk5ZTAtYTMxOTllYThkMTNl
LzEva2pZRHlZR0dpUmF3c1hBZHp6Y2d5cUpJVDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+L8AwQC
wSI8MA0GCSqGSIb3DQEBCwUAA4IBAQC1ajeP6fJBzsEoCAh/iHQkbh7YnF8Ns8X1
k9cHpNVhSRtrSC6oUB1/w7OB2ISpfJ66TBMK8M4YM2Py/TbxGm0NdJ2kWKDKQo+c
VhHZjQAw9BRYrgjUG52jFIU91L5eiZn2d8JtmB3hCla/GYkySbxYKdzzjiI2gx4y
Kf957RFiYvUw61V8ehKg1IYOuEe9LS2oUvv47YAE/BYo7jPy+iCOLU6Ho0xCkazU
BUEfocsm7OIy03JK2dRvpdttmisZSFBho9lSpFfIL5A5mAuUPWzj0O/0Q7zFWkhe
8XQjYnYpic+CjIwrqyjs+F+pneIZR7sXXVmAlKRj+a6ttkyDXFlC
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:18 2025 by rpki-client on console.sobornost.net