Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/e2qB4esbK6h3v26XFDC4VZBc5KY.roa
File: e2qB4esbK6h3v26XFDC4VZBc5KY.roa (raw, json)
Hash identifier: j1cRIZ5v+8OJ2fmGwhM51DYmzvrib+oAKJLnWq3m2pg=
Subject key identifier: 7B:6A:81:E1:EB:1B:2B:A8:77:BF:6E:97:14:30:B8:55:90:5C:E4:A6
Certificate issuer: /CN=6682890b7ed23347478d4d65db0948c3db23ebe7
Certificate serial: 0196103A7A033A8B76195471476C166FC2E9
Authority key identifier: 66:82:89:0B:7E:D2:33:47:47:8D:4D:65:DB:09:48:C3:DB:23:EB:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/e2qB4esbK6h3v26XFDC4VZBc5KY.roa
Signing time: Mon 07 Apr 2025 12:29:49 +0000
ROA not before: Mon 07 Apr 2025 12:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28747
IP address blocks: 86.39.128.0/17 maxlen: 24
94.198.160.0/21 maxlen: 24
193.34.88.0/22 maxlen: 24
193.43.88.0/24 maxlen: 24
217.22.48.0/20 maxlen: 24
2001:1598::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:10:3a:7a:03:3a:8b:76:19:54:71:47:6c:16:6f:c2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6682890b7ed23347478d4d65db0948c3db23ebe7
Validity
Not Before: Apr 7 12:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b6a81e1eb1b2ba877bf6e971430b855905ce4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:45:b7:2c:79:0a:5e:93:62:b8:e5:de:20:2e:
96:60:d8:8a:95:46:6d:fb:20:4e:c8:c9:3a:bb:ac:
5e:f9:fc:29:72:6c:0c:80:04:2a:c2:e4:72:1a:c5:
f9:b1:53:7b:7b:36:5a:e2:ef:e7:7c:85:2c:5b:a8:
4e:7e:01:98:de:61:5d:89:9c:70:d6:ba:10:e7:5f:
3c:dd:eb:ca:f6:69:13:28:40:fa:6c:6c:dc:06:90:
46:16:83:d5:48:d5:5f:cc:05:a3:da:5b:47:e3:3a:
31:5e:59:29:2a:68:9a:9d:4d:b9:6c:bd:c8:3c:8d:
b7:a9:59:b0:bb:d1:14:4f:67:be:19:06:58:2d:72:
8d:77:f6:61:89:e0:1f:45:f4:27:28:23:7b:e8:ff:
7d:c0:ee:83:b3:60:b9:61:c2:26:64:26:88:91:c7:
fc:d9:0f:db:5f:bc:15:5a:5e:9d:9c:47:84:39:85:
4b:ca:3f:93:0a:bf:59:58:c4:14:66:f3:19:01:45:
ce:4e:ff:62:28:c3:50:3c:a4:ef:e9:7e:93:8a:1a:
61:8a:dc:0e:29:1c:a5:16:78:55:20:1e:02:05:f6:
28:a8:18:72:01:dc:4a:34:df:19:32:49:d8:05:52:
b0:7b:16:f7:0f:e1:3c:7f:14:b4:44:f1:66:87:d5:
de:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6A:81:E1:EB:1B:2B:A8:77:BF:6E:97:14:30:B8:55:90:5C:E4:A6
X509v3 Authority Key Identifier:
keyid:66:82:89:0B:7E:D2:33:47:47:8D:4D:65:DB:09:48:C3:DB:23:EB:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/e2qB4esbK6h3v26XFDC4VZBc5KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/ZoKJC37SM0dHjU1l2wlIw9sj6-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.39.128.0/17
94.198.160.0/21
193.34.88.0/22
193.43.88.0/24
217.22.48.0/20
IPv6:
2001:1598::/32
Signature Algorithm: sha256WithRSAEncryption
3b:fd:46:ae:94:ab:30:5f:e4:0c:46:d4:e0:b7:16:f0:b0:bd:
44:5b:73:7c:7f:ab:1c:ac:a1:e7:e7:c2:f3:16:db:3c:b6:f4:
0e:9a:e8:da:87:37:20:00:dd:13:53:37:6a:24:da:02:7e:95:
5e:66:8b:20:3e:4d:76:97:fb:49:20:75:05:8c:5a:6d:d4:0a:
5a:d8:fd:59:35:f9:17:6c:5e:a6:98:88:98:9d:82:39:14:00:
8e:02:d8:ea:e8:54:2a:9a:3d:77:12:bc:3c:61:2f:73:b1:67:
03:33:f0:a2:fa:f4:59:0a:ec:87:bb:ff:07:99:d4:cf:5d:8d:
70:bc:10:13:b7:ec:5f:fc:92:47:80:65:57:c8:ef:26:1e:92:
60:4d:9a:1a:77:24:01:a8:40:b4:20:ed:de:0e:69:6d:f0:14:
72:2d:46:ab:3c:0c:62:67:af:15:bf:d6:25:e1:87:97:76:c7:
7c:ea:f9:5e:bf:b5:c4:03:f8:2c:30:d2:17:60:b6:2d:ec:73:
66:e7:d8:1a:df:89:12:a3:33:a0:b2:8d:37:cb:5f:8e:77:b0:
19:7c:9a:63:c9:6d:d2:7f:98:95:f7:4e:df:ef:47:50:e4:aa:
b1:8a:ce:56:47:f9:cd:5f:45:11:be:f4:21:f0:89:e1:9f:71:
5b:6c:99:37
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZYQOnoDOot2GVRxR2wWb8LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODI4OTBiN2VkMjMzNDc0NzhkNGQ2NWRiMDk0OGMzZGIy
M2ViZTcwHhcNMjUwNDA3MTIyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZhODFlMWViMWIyYmE4NzdiZjZlOTcxNDMwYjg1NTkwNWNlNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kW3LHkKXpNiuOXeIC6WYNiKlUZt
+yBOyMk6u6xe+fwpcmwMgAQqwuRyGsX5sVN7ezZa4u/nfIUsW6hOfgGY3mFdiZxw
1roQ51883evK9mkTKED6bGzcBpBGFoPVSNVfzAWj2ltH4zoxXlkpKmianU25bL3I
PI23qVmwu9EUT2e+GQZYLXKNd/ZhieAfRfQnKCN76P99wO6Ds2C5YcImZCaIkcf8
2Q/bX7wVWl6dnEeEOYVLyj+TCr9ZWMQUZvMZAUXOTv9iKMNQPKTv6X6TihphitwO
KRylFnhVIB4CBfYoqBhyAdxKNN8ZMknYBVKwexb3D+E8fxS0RPFmh9XevwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHtqgeHrGyuod79ulxQwuFWQXOSmMB8GA1UdIwQY
MBaAFGaCiQt+0jNHR41NZdsJSMPbI+vnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9LSkMzN1NNMGRIalUxbDJ3bEl3OXNqNi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTk4MWQtNjdmNS00ODRlLWJlMWIt
ZmY2NGE5YmE1OTdjLzEvZTJxQjRlc2JLNmgzdjI2WEZEQzRWWkJjNUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTk4MWQtNjdmNS00ODRlLWJlMWItZmY2NGE5YmE1OTdj
LzEvWm9LSkMzN1NNMGRIalUxbDJ3bEl3OXNqNi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQHVieAAwQD
XsagAwQCwSJYAwQAwStYAwQE2RYwMA0EAgACMAcDBQAgARWYMA0GCSqGSIb3DQEB
CwUAA4IBAQA7/UaulKswX+QMRtTgtxbwsL1EW3N8f6scrKHn58LzFts8tvQOmuja
hzcgAN0TUzdqJNoCfpVeZosgPk12l/tJIHUFjFpt1Apa2P1ZNfkXbF6mmIiYnYI5
FACOAtjq6FQqmj13Erw8YS9zsWcDM/Ci+vRZCuyHu/8HmdTPXY1wvBATt+xf/JJH
gGVXyO8mHpJgTZoadyQBqEC0IO3eDmlt8BRyLUarPAxiZ68Vv9Yl4YeXdsd86vle
v7XEA/gsMNIXYLYt7HNm59ga34kSozOgso03y1+Od7AZfJpjyW3Sf5iV907f70dQ
5Kqxis5WR/nNX0URvvQh8Inhn3FbbJk3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net