Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/PUvtKljRLvuOqowlndxBwGQKDl4.roa
File: PUvtKljRLvuOqowlndxBwGQKDl4.roa (raw, json)
Hash identifier: U5kHad25poEIvcwR4qtcel7KCFYyUvjuPf1N4FDV5NU=
Subject key identifier: 3D:4B:ED:2A:58:D1:2E:FB:8E:AA:8C:25:9D:DC:41:C0:64:0A:0E:5E
Certificate issuer: /CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Certificate serial: 0194221FA7D2C04B5AEFC80460AE25CA6669
Authority key identifier: 01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/PUvtKljRLvuOqowlndxBwGQKDl4.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42568
IP address blocks: 31.14.222.0/23 maxlen: 23
89.33.10.0/24 maxlen: 24
89.33.11.0/24 maxlen: 24
89.33.202.0/23 maxlen: 23
89.36.152.0/23 maxlen: 23
89.41.174.0/23 maxlen: 23
89.42.176.0/23 maxlen: 23
89.42.234.0/24 maxlen: 24
89.42.235.0/24 maxlen: 24
89.45.64.0/23 maxlen: 23
89.45.160.0/23 maxlen: 23
93.114.140.0/24 maxlen: 24
188.213.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a7:d2:c0:4b:5a:ef:c8:04:60:ae:25:ca:66:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d4bed2a58d12efb8eaa8c259ddc41c0640a0e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:43:16:d9:e8:a4:4c:a2:10:88:5c:64:b9:5d:
36:bc:aa:e7:77:4f:1e:b3:3c:8b:21:04:ac:6d:25:
0e:5d:de:e6:96:cf:19:4e:44:ca:79:1f:15:a7:3f:
4f:ca:ec:2a:4f:3f:11:ee:28:ec:48:39:11:7b:01:
85:9e:46:83:54:c2:77:cd:a4:7a:9e:28:55:c6:44:
28:6c:d4:5a:9f:9e:bb:4e:64:b8:35:ee:03:b5:df:
91:06:34:71:85:2a:bb:b7:d4:6c:63:fa:e0:15:f8:
77:e5:56:51:a3:b9:e2:93:c4:f1:f2:7e:1d:d3:c4:
ec:a9:af:48:fa:d4:f6:65:25:10:5c:f5:74:13:10:
f7:9f:ed:be:93:f0:16:c5:ec:8e:04:1b:be:38:d9:
3a:66:7c:5f:d7:7a:6d:26:76:7c:6c:26:47:a7:7a:
59:73:9c:84:d9:41:e0:fb:17:f0:de:31:34:b4:a3:
d9:d9:a6:cb:f2:8e:ad:2e:3d:26:4b:91:60:3d:32:
6f:d0:66:03:48:69:89:c4:0d:33:52:57:aa:de:fc:
db:54:d5:e8:58:73:fa:94:16:64:22:98:fc:a0:2d:
de:3e:fa:b8:6f:ef:26:cf:56:fe:0a:9b:22:3c:88:
24:1f:40:ee:ed:37:64:18:12:5c:54:91:e8:45:f3:
f7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4B:ED:2A:58:D1:2E:FB:8E:AA:8C:25:9D:DC:41:C0:64:0A:0E:5E
X509v3 Authority Key Identifier:
keyid:01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/PUvtKljRLvuOqowlndxBwGQKDl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/AUa0KfjElhH8_qHvoaUbnA7dtuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.222.0/23
89.33.10.0/23
89.33.202.0/23
89.36.152.0/23
89.41.174.0/23
89.42.176.0/23
89.42.234.0/23
89.45.64.0/23
89.45.160.0/23
93.114.140.0/24
188.213.200.0/23
Signature Algorithm: sha256WithRSAEncryption
63:35:0f:fb:4f:5a:a3:c8:14:e1:c5:ab:68:5d:e9:6b:c1:0a:
18:be:2c:37:8b:1b:60:aa:1b:4d:66:31:b1:34:fa:66:cd:b9:
35:86:aa:c3:e6:a8:4d:fb:fe:78:5e:cd:22:0d:88:07:95:00:
03:00:ac:8a:3d:a6:1b:60:bd:7c:6a:da:da:8b:0a:a8:a9:e7:
8b:ad:b0:c0:9e:47:ff:80:f4:d5:53:4c:85:a0:62:3e:20:1a:
ce:2e:69:55:00:6e:4f:f6:b3:e6:03:b9:3f:60:f3:b4:2f:92:
a2:c2:d4:ed:2f:77:7d:54:eb:b2:af:c7:bc:8a:ae:3e:ac:42:
aa:d5:90:14:fd:8d:74:5b:0d:4b:de:46:5f:79:5e:63:a2:83:
94:f0:e5:16:92:5c:d0:68:e4:c9:98:09:81:55:e8:2c:10:9f:
70:fd:ee:4b:31:9a:e0:d2:e7:06:a8:2b:9a:36:8e:17:ee:0d:
13:ba:61:da:0b:c6:7e:be:d2:e9:23:da:36:36:3e:a1:ac:4f:
19:4d:e3:de:95:f6:4c:65:b6:4d:17:9a:5e:06:b5:9c:b9:a2:
86:ed:fb:4b:2a:38:1c:a1:75:d9:99:de:54:e2:bd:df:d8:73:
77:0c:9e:36:c4:9c:4a:52:a0:f4:46:4f:86:55:4d:5b:cb:f4:
8f:ae:27:c3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQiH6fSwEta78gEYK4lymZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNDZiNDI5ZjhjNDk2MTFmY2ZlYTFlZmExYTUxYjljMGVk
ZGI2ZTcwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRiZWQyYTU4ZDEyZWZiOGVhYThjMjU5ZGRjNDFjMDY0MGEwZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUMW2eikTKIQiFxkuV02vKrnd08e
szyLIQSsbSUOXd7mls8ZTkTKeR8Vpz9PyuwqTz8R7ijsSDkRewGFnkaDVMJ3zaR6
nihVxkQobNRan567TmS4Ne4Dtd+RBjRxhSq7t9RsY/rgFfh35VZRo7nik8Tx8n4d
08Tsqa9I+tT2ZSUQXPV0ExD3n+2+k/AWxeyOBBu+ONk6Znxf13ptJnZ8bCZHp3pZ
c5yE2UHg+xfw3jE0tKPZ2abL8o6tLj0mS5FgPTJv0GYDSGmJxA0zUleq3vzbVNXo
WHP6lBZkIpj8oC3ePvq4b+8mz1b+CpsiPIgkH0Du7TdkGBJcVJHoRfP3tQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFD1L7SpY0S77jqqMJZ3cQcBkCg5eMB8GA1UdIwQY
MBaAFAFGtCn4xJYR/P6h76GlG5wO3bbnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVVhMEtmakVsaEg4X3FIdm9hVWJuQTdkdHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lNWUzNzktNjU2ZC00NjIyLWE3YmMt
ZWEyNmU3NDZhMGFkLzEvUFV2dEtsalJMdnVPcW93bG5keEJ3R1FLRGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lNWUzNzktNjU2ZC00NjIyLWE3YmMtZWEyNmU3NDZhMGFk
LzEvQVVhMEtmakVsaEg4X3FIdm9hVWJuQTdkdHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBHw7eAwQB
WSEKAwQBWSHKAwQBWSSYAwQBWSmuAwQBWSqwAwQBWSrqAwQBWS1AAwQBWS2gAwQA
XXKMAwQBvNXIMA0GCSqGSIb3DQEBCwUAA4IBAQBjNQ/7T1qjyBThxatoXelrwQoY
viw3ixtgqhtNZjGxNPpmzbk1hqrD5qhN+/54Xs0iDYgHlQADAKyKPaYbYL18atra
iwqoqeeLrbDAnkf/gPTVU0yFoGI+IBrOLmlVAG5P9rPmA7k/YPO0L5KiwtTtL3d9
VOuyr8e8iq4+rEKq1ZAU/Y10Ww1L3kZfeV5jooOU8OUWklzQaOTJmAmBVegsEJ9w
/e5LMZrg0ucGqCuaNo4X7g0TumHaC8Z+vtLpI9o2Nj6hrE8ZTePelfZMZbZNF5pe
BrWcuaKG7ftLKjgcoXXZmd5U4r3f2HN3DJ42xJxKUqD0Rk+GVU1by/SPrifD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:04 2025 by rpki-client on console.sobornost.net