Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/nBPAeD-HkUuE_ZRaR-1XRv4f_rk.roa
File: nBPAeD-HkUuE_ZRaR-1XRv4f_rk.roa (raw, json)
Hash identifier: WOmEN3c5juTBj6y1v+aIT3UT7fjHi7/bTZXku3aNpFw=
Subject key identifier: 9C:13:C0:78:3F:87:91:4B:84:FD:94:5A:47:ED:57:46:FE:1F:FE:B9
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 01962028E07DB86A21F59B89295728FE3033
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/nBPAeD-HkUuE_ZRaR-1XRv4f_rk.roa
Signing time: Thu 10 Apr 2025 14:44:31 +0000
ROA not before: Thu 10 Apr 2025 14:44:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34343
IP address blocks: 85.12.56.0/24 maxlen: 24
91.148.192.0/24 maxlen: 24
91.148.224.0/22 maxlen: 24
91.148.228.0/22 maxlen: 24
91.148.232.0/22 maxlen: 24
91.148.236.0/22 maxlen: 24
91.148.239.0/24 maxlen: 24
91.148.240.0/22 maxlen: 24
91.148.244.0/22 maxlen: 24
91.148.248.0/24 maxlen: 24
91.148.249.0/24 maxlen: 24
176.124.71.0/24 maxlen: 24
185.91.29.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:28:e0:7d:b8:6a:21:f5:9b:89:29:57:28:fe:30:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Apr 10 14:44:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c13c0783f87914b84fd945a47ed5746fe1ffeb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:20:5f:47:a0:c7:74:8a:e6:29:9f:04:cd:78:
8c:1e:2e:64:94:78:d9:e8:79:bf:2f:4a:65:50:a8:
2a:f8:1a:54:b2:5c:f1:c2:cd:d1:e5:b9:ba:83:69:
0c:0c:6b:3d:bc:c2:43:31:36:cb:f3:5c:c4:87:26:
46:ab:1a:aa:fb:11:b3:4e:e6:be:07:37:27:61:be:
4a:cc:1c:07:6f:da:8a:50:0c:64:37:c2:11:47:7b:
6d:1b:1d:f6:09:0f:1e:48:4f:0e:ae:79:c8:2f:10:
4c:31:84:e8:7c:19:35:63:90:49:23:58:bf:34:0e:
01:c1:6d:24:62:18:9a:da:86:39:23:7a:8b:f6:88:
e9:5b:44:80:d4:47:a1:7f:30:e9:da:52:a4:61:ac:
2a:19:82:b3:2a:fe:fc:47:b1:1d:9f:e0:50:18:03:
bd:ae:f7:2d:26:df:93:27:94:3c:59:3b:dd:d9:da:
31:b1:7c:e2:ac:a2:6b:84:ec:6c:04:b4:0c:72:63:
be:d0:6d:96:c1:77:a0:7a:46:45:0f:39:af:21:c2:
12:17:e7:e3:56:98:4c:56:e3:45:d0:80:ad:1d:f7:
89:de:f3:2e:15:e9:a9:5d:4f:c6:45:11:b9:9c:66:
a7:5e:75:20:07:fd:33:00:e9:ad:47:c4:45:55:25:
18:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:13:C0:78:3F:87:91:4B:84:FD:94:5A:47:ED:57:46:FE:1F:FE:B9
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/nBPAeD-HkUuE_ZRaR-1XRv4f_rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.56.0/24
91.148.192.0/24
91.148.224.0-91.148.249.255
176.124.71.0/24
185.91.29.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bf:5b:4b:b7:d7:df:a4:55:74:3d:5e:0c:49:71:44:d0:fb:8f:
50:8e:4a:9f:b0:47:12:cf:12:82:c8:c0:69:7d:e1:e4:12:6c:
c5:e3:f0:7e:74:99:7c:ab:5c:32:22:1e:d0:5a:18:e4:38:9e:
57:40:9d:81:08:36:a9:b4:bd:a4:9f:78:03:f6:b5:52:32:ce:
2e:17:4e:4c:b2:6e:59:b8:ef:f6:71:43:ad:fe:13:b0:d3:23:
7c:4e:71:1b:07:a0:61:a1:7b:45:e8:ae:75:b8:9f:4e:02:2e:
f8:69:9a:ac:b6:2c:d7:ee:99:1e:d2:58:be:be:48:66:74:bc:
27:30:ba:33:1a:ed:83:b4:d2:41:93:7f:bf:ee:11:0f:40:40:
88:e5:3a:ac:99:f4:ca:51:ee:48:91:e3:22:db:88:2c:02:46:
53:b1:a2:82:7f:45:71:7d:0f:59:54:14:3c:98:01:ec:9e:de:
73:37:96:f8:05:36:9e:8b:50:62:38:47:7f:57:9e:9d:4c:18:
d5:1a:14:f1:66:9b:f2:b0:74:de:25:b8:b4:3e:d9:46:c7:af:
0a:77:b2:2f:28:78:11:ce:1e:0b:34:92:23:cd:ad:04:b7:d4:
c2:b1:27:96:a0:5e:f3:e8:42:2f:54:5d:7d:10:fa:a3:15:d7:
c0:e3:f5:53
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZYgKOB9uGoh9ZuJKVco/jAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjUwNDEwMTQ0NDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzEzYzA3ODNmODc5MTRiODRmZDk0NWE0N2VkNTc0NmZlMWZmZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCBfR6DHdIrmKZ8EzXiMHi5klHjZ
6Hm/L0plUKgq+BpUslzxws3R5bm6g2kMDGs9vMJDMTbL81zEhyZGqxqq+xGzTua+
BzcnYb5KzBwHb9qKUAxkN8IRR3ttGx32CQ8eSE8OrnnILxBMMYTofBk1Y5BJI1i/
NA4BwW0kYhia2oY5I3qL9ojpW0SA1EehfzDp2lKkYawqGYKzKv78R7Edn+BQGAO9
rvctJt+TJ5Q8WTvd2doxsXzirKJrhOxsBLQMcmO+0G2WwXegekZFDzmvIcISF+fj
VphMVuNF0ICtHfeJ3vMuFempXU/GRRG5nGanXnUgB/0zAOmtR8RFVSUYXwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJwTwHg/h5FLhP2UWkftV0b+H/65MB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvbkJQQWVELUhrVXVFX1pSYVItMVhSdjRmX3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA4BAIAATAyAwQAVQw4AwQA
W5TAMAwDBAVblOADBAFblPgDBACwfEcDBAC5Wx0DBADBitwDBAHDyFQwGgQCAAIw
FDASAwcBKgEHiKqqAwcAKgEHiKqsMA0GCSqGSIb3DQEBCwUAA4IBAQC/W0u319+k
VXQ9XgxJcUTQ+49QjkqfsEcSzxKCyMBpfeHkEmzF4/B+dJl8q1wyIh7QWhjkOJ5X
QJ2BCDaptL2kn3gD9rVSMs4uF05Msm5ZuO/2cUOt/hOw0yN8TnEbB6BhoXtF6K51
uJ9OAi74aZqstizX7pke0li+vkhmdLwnMLozGu2DtNJBk3+/7hEPQECI5TqsmfTK
Ue5IkeMi24gsAkZTsaKCf0VxfQ9ZVBQ8mAHsnt5zN5b4BTaei1BiOEd/V56dTBjV
GhTxZpvysHTeJbi0PtlGx68Kd7IvKHgRzh4LNJIjza0Et9TCsSeWoF7z6EIvVF19
EPqjFdfA4/VT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net