Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/kGnfTHr85sL5Cuumt5Dnx0qL5MU.roa
File: kGnfTHr85sL5Cuumt5Dnx0qL5MU.roa (raw, json)
Hash identifier: /ktxjRteMjuycv2FIDyewLmv3JEgrt8HdHlHgSEbFjg=
Subject key identifier: 90:69:DF:4C:7A:FC:E6:C2:F9:0A:EB:A6:B7:90:E7:C7:4A:8B:E4:C5
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 019461E391AE5DB7F0F8875CD2E5EFB103D2
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/kGnfTHr85sL5Cuumt5Dnx0qL5MU.roa
Signing time: Mon 13 Jan 2025 22:58:11 +0000
ROA not before: Mon 13 Jan 2025 22:58:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216205
IP address blocks: 46.36.99.0/24 maxlen: 24
46.36.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:e3:91:ae:5d:b7:f0:f8:87:5c:d2:e5:ef:b1:03:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Jan 13 22:58:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9069df4c7afce6c2f90aeba6b790e7c74a8be4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bb:05:4e:69:00:63:11:c5:e6:7c:c5:b6:f0:
6d:0b:fd:06:a3:7a:a0:12:4e:1b:e5:c5:57:7c:dd:
05:01:21:3e:1b:38:1d:e8:fa:4c:70:39:a6:64:57:
c6:d6:73:02:38:67:75:aa:c4:63:77:e3:ef:7b:47:
9c:f4:01:74:bb:ae:71:31:e0:95:56:7c:7c:18:bb:
68:2c:e4:60:fd:f3:65:0b:9d:15:ad:d4:b9:2e:d8:
83:7d:af:a5:06:a8:7e:68:79:8e:ac:65:cc:db:d1:
2b:5f:20:96:39:01:7f:0b:69:24:b1:ae:6e:15:dc:
b7:50:80:8a:9c:c1:84:6c:11:18:6f:37:03:4c:ea:
52:bf:50:ff:34:91:63:44:94:7f:b1:16:be:fe:fc:
30:1a:23:3e:28:9e:a9:47:99:7b:67:fe:b8:b0:52:
5d:75:6e:3d:f1:2f:14:a2:c4:1d:86:f1:a1:53:8b:
7a:37:e4:57:30:51:08:9e:79:e4:7c:df:a9:c1:b2:
d3:dc:95:c7:18:56:73:9f:05:ca:b3:32:5c:e5:4d:
e4:1e:c7:a5:40:e7:0d:ff:e0:7b:63:9c:09:e0:d0:
b4:4c:68:30:a6:8d:52:7f:96:96:18:9b:0a:62:8d:
73:0c:8e:a1:0d:21:aa:d6:d6:d1:b5:7f:95:80:80:
a1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:69:DF:4C:7A:FC:E6:C2:F9:0A:EB:A6:B7:90:E7:C7:4A:8B:E4:C5
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/kGnfTHr85sL5Cuumt5Dnx0qL5MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.99.0/24
46.36.105.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:df:f5:34:5e:15:e6:96:b3:c3:ca:a3:91:16:84:85:8d:0b:
50:cd:24:1a:6b:6a:75:67:32:0d:bd:0d:35:92:60:ff:90:a3:
4f:34:a0:b9:cd:f0:4a:df:46:54:6a:1e:3c:df:11:1a:ed:07:
6a:e9:f9:48:f3:4d:aa:c0:03:b3:0b:bd:69:a2:ca:c7:76:27:
02:6a:cf:09:7c:ad:28:2a:50:9c:b2:cf:86:be:9d:f9:b4:50:
9a:59:e9:5f:15:69:dc:15:0b:cd:bd:c1:43:39:af:1f:7d:98:
dd:2d:10:0f:98:b5:44:59:53:bf:c7:b3:86:74:b5:20:0b:3e:
44:9f:e4:72:32:9b:56:9c:1b:6e:50:99:71:63:db:4b:21:71:
cd:3b:77:c3:fc:3b:5e:dd:c6:7d:33:69:54:3b:9a:a8:14:50:
33:2b:96:30:21:8f:aa:f8:39:7f:6d:bd:fe:20:cf:91:9a:5d:
ff:74:e7:3d:07:ff:2d:2b:fe:32:82:60:52:3b:bb:21:38:c0:
87:8e:e0:b9:9e:e9:7a:dc:5a:24:a6:3a:09:e5:8c:68:e8:ef:
95:72:8d:b8:39:01:c4:67:41:33:97:c2:09:68:a7:3b:b9:73:
66:aa:ce:46:15:84:02:0b:46:60:7b:3e:f5:4e:ec:86:fa:60:
31:de:38:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRh45GuXbfw+Idc0uXvsQPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjUwMTEzMjI1ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY5ZGY0YzdhZmNlNmMyZjkwYWViYTZiNzkwZTdjNzRhOGJlNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7sFTmkAYxHF5nzFtvBtC/0Go3qg
Ek4b5cVXfN0FASE+Gzgd6PpMcDmmZFfG1nMCOGd1qsRjd+Pve0ec9AF0u65xMeCV
Vnx8GLtoLORg/fNlC50VrdS5LtiDfa+lBqh+aHmOrGXM29ErXyCWOQF/C2kksa5u
Fdy3UICKnMGEbBEYbzcDTOpSv1D/NJFjRJR/sRa+/vwwGiM+KJ6pR5l7Z/64sFJd
dW498S8UosQdhvGhU4t6N+RXMFEInnnkfN+pwbLT3JXHGFZznwXKszJc5U3kHsel
QOcN/+B7Y5wJ4NC0TGgwpo1Sf5aWGJsKYo1zDI6hDSGq1tbRtX+VgICh6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJBp30x6/ObC+QrrpreQ58dKi+TFMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEva0duZlRIcjg1c0w1Q3V1bXQ1RG54MHFMNU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiRjAwQA
LiRpMA0GCSqGSIb3DQEBCwUAA4IBAQCo3/U0XhXmlrPDyqORFoSFjQtQzSQaa2p1
ZzINvQ01kmD/kKNPNKC5zfBK30ZUah483xEa7Qdq6flI802qwAOzC71posrHdicC
as8JfK0oKlCcss+Gvp35tFCaWelfFWncFQvNvcFDOa8ffZjdLRAPmLVEWVO/x7OG
dLUgCz5En+RyMptWnBtuUJlxY9tLIXHNO3fD/Dte3cZ9M2lUO5qoFFAzK5YwIY+q
+Dl/bb3+IM+Rml3/dOc9B/8tK/4ygmBSO7shOMCHjuC5nul63FokpjoJ5Yxo6O+V
co24OQHEZ0Ezl8IJaKc7uXNmqs5GFYQCC0Zgez71TuyG+mAx3jjW
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:47:39 2025 by rpki-client on console.sobornost.net