Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/2Utz6EvNmTYHORm-GQMKm69p8WI.roa
File: 2Utz6EvNmTYHORm-GQMKm69p8WI.roa (raw, json)
Hash identifier: j7FVQ06WFgxEJj//G5Co8Dizh+fdctkzSaSmR5/2mVM=
Subject key identifier: D9:4B:73:E8:4B:CD:99:36:07:39:19:BE:19:03:0A:9B:AF:69:F1:62
Certificate issuer: /CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
Certificate serial: 01942143ED3C2C832C4E0BB9DB5119C550A2
Authority key identifier: F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/2Utz6EvNmTYHORm-GQMKm69p8WI.roa
Signing time: Wed 01 Jan 2025 09:48:07 +0000
ROA not before: Wed 01 Jan 2025 09:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60486
IP address blocks: 83.143.72.0/24 maxlen: 24
85.184.244.0/24 maxlen: 24
85.184.245.0/24 maxlen: 24
85.184.246.0/24 maxlen: 24
85.184.247.0/24 maxlen: 24
185.29.152.0/22 maxlen: 22
185.29.152.0/23 maxlen: 23
185.29.154.0/24 maxlen: 24
2a00:a920::/32 maxlen: 32
2a00:a920::/40 maxlen: 40
2a00:a920:100::/40 maxlen: 40
2a00:a920:200::/40 maxlen: 40
2a00:a920:300::/40 maxlen: 40
2a00:a920:400::/40 maxlen: 40
2a00:a920:700::/40 maxlen: 40
2a00:a920:800::/40 maxlen: 40
2a00:a920:900::/40 maxlen: 40
2a00:a920:c00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ed:3c:2c:83:2c:4e:0b:b9:db:51:19:c5:50:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
Validity
Not Before: Jan 1 09:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d94b73e84bcd9936073919be19030a9baf69f162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4c:53:19:04:fa:aa:a8:04:9b:de:ef:47:01:
fe:9d:67:0c:2c:30:15:85:1e:c9:20:4b:d1:1d:8b:
ec:d3:ab:f5:3b:45:88:b5:c0:3f:e7:ea:9b:80:4e:
b6:9a:e6:51:e1:e9:7a:e5:d1:6c:53:c5:68:9e:15:
db:ea:59:9c:16:7e:8a:6c:3f:60:6c:19:85:2c:3a:
02:fc:28:17:aa:bc:3f:18:8b:d9:45:44:94:aa:4b:
d6:09:ef:f0:35:a1:26:5b:72:d8:59:68:89:f7:a5:
62:7e:26:b1:f6:a5:93:3c:84:6c:03:67:44:c4:e7:
4a:fe:80:16:55:bb:22:78:21:0a:d7:69:1c:5d:c7:
7c:f3:ae:cf:29:cb:96:91:76:b1:46:1d:4b:bd:3e:
a1:83:0e:9d:81:b8:6d:1a:97:68:df:5f:61:3a:12:
2d:3f:d5:81:08:66:b3:d4:70:1c:ff:86:f8:ca:92:
93:24:e8:14:32:1a:27:6b:a2:4d:07:40:cf:df:e5:
31:2d:b6:0f:c4:45:d1:40:4d:75:a9:d4:91:94:f8:
6d:a2:74:3c:2e:9c:89:6a:13:d1:37:4a:f2:45:5e:
be:55:de:02:eb:eb:3a:c0:ea:87:40:bb:7e:e5:18:
6b:be:97:4a:00:73:35:fc:ae:8d:bf:0c:4c:b8:99:
ab:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4B:73:E8:4B:CD:99:36:07:39:19:BE:19:03:0A:9B:AF:69:F1:62
X509v3 Authority Key Identifier:
keyid:F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/2Utz6EvNmTYHORm-GQMKm69p8WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.72.0/24
85.184.244.0/22
185.29.152.0/22
IPv6:
2a00:a920::/32
Signature Algorithm: sha256WithRSAEncryption
5d:1a:73:dc:8c:92:f7:6d:01:32:bf:19:62:74:81:26:cc:78:
d9:6b:a6:3b:b8:8a:cd:ff:75:f1:f6:4f:97:86:85:88:f5:db:
e1:85:89:52:db:6b:a7:c5:ab:06:74:e6:2f:38:d0:8e:d1:04:
51:74:c9:40:8e:e5:08:17:0b:d6:28:1c:cc:68:d0:60:01:03:
f2:e5:19:83:64:74:bc:73:8f:f4:38:3d:88:2f:a4:dc:74:ba:
e3:43:3f:ad:93:7e:7a:9b:46:16:c2:a3:e2:43:e6:bd:55:7b:
6e:ad:6e:ea:be:e3:d2:8a:22:84:85:66:a8:95:9e:74:e9:ea:
1b:de:89:68:28:43:b1:d5:72:90:af:ca:29:d6:d3:ce:72:15:
50:20:6e:7a:eb:30:b1:38:2a:93:aa:54:3d:3a:09:c9:a8:bc:
24:2c:03:49:36:05:73:3f:d0:28:e1:16:26:c4:08:12:07:89:
4e:65:14:0a:00:ef:99:93:f4:53:e6:6a:b0:0b:bc:7d:e5:91:
6b:2e:bd:81:71:d1:6c:c9:54:90:71:aa:f2:2d:94:d7:bb:9b:
93:01:6e:a9:f0:93:54:fb:2d:6a:62:74:19:b9:e2:9f:d6:f2:
e4:3b:54:37:ed:b9:8e:a6:d7:92:24:90:96:dc:15:20:c5:ab:
6b:ab:fe:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhQ+08LIMsTgu521EZxVCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZGE2NzEzNWI3MzdjYTlkMmRmZDdiOTdmZTU5NzhiOGYz
MDBkNmIwHhcNMjUwMTAxMDk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRiNzNlODRiY2Q5OTM2MDczOTE5YmUxOTAzMGE5YmFmNjlmMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuExTGQT6qqgEm97vRwH+nWcMLDAV
hR7JIEvRHYvs06v1O0WItcA/5+qbgE62muZR4el65dFsU8VonhXb6lmcFn6KbD9g
bBmFLDoC/CgXqrw/GIvZRUSUqkvWCe/wNaEmW3LYWWiJ96Vifiax9qWTPIRsA2dE
xOdK/oAWVbsieCEK12kcXcd8867PKcuWkXaxRh1LvT6hgw6dgbhtGpdo319hOhIt
P9WBCGaz1HAc/4b4ypKTJOgUMhona6JNB0DP3+UxLbYPxEXRQE11qdSRlPhtonQ8
LpyJahPRN0ryRV6+Vd4C6+s6wOqHQLt+5RhrvpdKAHM1/K6NvwxMuJmr7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNlLc+hLzZk2BzkZvhkDCpuvafFiMB8GA1UdIwQY
MBaAFPHaZxNbc3yp0t/XuX/ll4uPMA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRwbkUxdHpmS25TMzllNWYtV1hpNDh3RFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hMmNjYjEtYTcyOC00ZjA0LTk2NDEt
ZmMxMTJhZTYzZWE0LzEvMlV0ejZFdk5tVFlIT1JtLUdRTUttNjlwOFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hMmNjYjEtYTcyOC00ZjA0LTk2NDEtZmMxMTJhZTYzZWE0
LzEvOGRwbkUxdHpmS25TMzllNWYtV1hpNDh3RFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAU49IAwQC
Vbj0AwQCuR2YMA0EAgACMAcDBQAqAKkgMA0GCSqGSIb3DQEBCwUAA4IBAQBdGnPc
jJL3bQEyvxlidIEmzHjZa6Y7uIrN/3Xx9k+XhoWI9dvhhYlS22unxasGdOYvONCO
0QRRdMlAjuUIFwvWKBzMaNBgAQPy5RmDZHS8c4/0OD2IL6TcdLrjQz+tk356m0YW
wqPiQ+a9VXturW7qvuPSiiKEhWaolZ506eob3oloKEOx1XKQr8op1tPOchVQIG56
6zCxOCqTqlQ9OgnJqLwkLANJNgVzP9Ao4RYmxAgSB4lOZRQKAO+Zk/RT5mqwC7x9
5ZFrLr2BcdFsyVSQcaryLZTXu5uTAW6p8JNU+y1qYnQZueKf1vLkO1Q37bmOpteS
JJCW3BUgxatrq/4W
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net