Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/1-J6UwFiYRtEkOR3qUnEqr2ZZd14.roa
File: 1-J6UwFiYRtEkOR3qUnEqr2ZZd14.roa (raw, json)
Hash identifier: JMkHmXWriVyLGUrv+lAsUG75J6OGxIG6+vGxObSgeGs=
Subject key identifier: F8:9E:94:C0:58:98:46:D1:24:39:1D:EA:52:71:2A:AF:66:59:77:5E
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 0193BAE2708D0D47546B5B1A138B74496674
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/1-J6UwFiYRtEkOR3qUnEqr2ZZd14.roa
Signing time: Thu 12 Dec 2024 12:40:22 +0000
ROA not before: Thu 12 Dec 2024 12:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13285
IP address blocks: 2.96.0.0/13 maxlen: 24
62.3.192.0/18 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
81.6.192.0/18 maxlen: 24
82.133.0.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
91.146.112.0/21 maxlen: 24
92.10.0.0/15 maxlen: 24
92.12.0.0/14 maxlen: 24
92.16.0.0/12 maxlen: 24
185.112.212.0/22 maxlen: 24
185.173.116.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
195.112.0.0/18 maxlen: 24
195.149.0.0/18 maxlen: 24
212.139.24.0/24 maxlen: 24
212.139.133.0/24 maxlen: 24
212.139.148.0/22 maxlen: 22
213.208.64.0/18 maxlen: 24
217.8.0.0/19 maxlen: 24
217.68.128.0/20 maxlen: 24
2001:7e0::/32 maxlen: 32
2001:4a00::/27 maxlen: 27
2a00:4340::/32 maxlen: 32
2a0b:db00::/29 maxlen: 29
2a0b:e900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:e2:70:8d:0d:47:54:6b:5b:1a:13:8b:74:49:66:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Dec 12 12:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f89e94c0589846d124391dea52712aaf6659775e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:67:dc:b1:96:56:72:35:01:cf:4b:25:99:85:
75:dd:52:24:1f:94:43:f1:28:7e:25:ab:42:2d:09:
3a:63:71:4e:bf:a8:ad:4a:94:10:8f:d1:44:13:5e:
5b:27:dc:06:fb:7d:22:f8:34:61:b3:93:f4:9b:f4:
f0:e3:bd:4e:67:e7:bd:09:7e:c3:4d:1a:ea:3d:be:
99:3a:31:df:b8:5b:1d:d8:48:20:b1:dd:ad:c1:31:
53:d4:b9:0d:3f:ee:4a:a2:f3:32:8c:69:14:27:27:
c4:0d:90:d0:46:94:42:54:f0:63:49:d3:82:16:d1:
c6:ed:0a:ca:ee:6e:b8:bf:99:f4:ac:de:c7:62:94:
01:b7:c0:ea:bc:07:be:69:38:b4:b8:40:2b:04:d4:
2a:8b:51:a8:33:b5:5a:ea:81:34:0c:8d:f3:4a:dd:
97:57:10:8d:ef:4c:97:e2:a0:97:98:68:fd:79:b4:
ec:be:c4:7d:9a:11:36:86:61:c6:9c:62:5f:85:3e:
3c:a6:51:3f:91:ed:ba:6f:a5:e4:56:cb:38:4a:0d:
da:d9:4c:3a:7e:38:5f:4e:1d:99:60:84:21:2b:72:
4f:69:5b:c8:4e:07:3f:14:81:ab:0d:28:8e:f5:54:
ee:c7:f7:53:b3:ce:81:0d:f6:44:83:09:0d:7b:0d:
be:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9E:94:C0:58:98:46:D1:24:39:1D:EA:52:71:2A:AF:66:59:77:5E
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/1-J6UwFiYRtEkOR3qUnEqr2ZZd14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
81.6.192.0/18
82.133.0.0/17
89.240.0.0/14
91.146.112.0/21
92.10.0.0-92.31.255.255
185.112.212.0/22
185.173.116.0-185.173.123.255
185.175.144.0/22
193.218.99.0/24
195.112.0.0/18
195.149.0.0/18
212.139.24.0/24
212.139.133.0/24
212.139.148.0/22
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
IPv6:
2001:7e0::/32
2001:4a00::/27
2a00:4340::/32
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
1b:d6:e4:41:04:f0:fe:1a:32:e8:1e:c2:51:8c:ea:7d:df:dc:
99:f2:c3:a3:62:32:ca:83:a6:88:1e:35:13:fd:35:3f:53:19:
35:62:38:d1:50:3d:fa:f6:d0:4e:27:1b:80:49:e0:27:b2:d6:
27:61:de:1a:7e:c3:24:1d:8b:1f:b5:ea:4d:bd:e4:be:6f:cd:
99:4f:88:71:ee:b1:b0:83:52:4d:99:24:50:01:44:f7:16:bf:
6f:c1:57:5b:00:ab:ac:f3:54:10:82:36:1d:c4:d1:f0:23:38:
70:10:29:44:5d:e4:b5:94:62:17:52:37:ca:03:cd:8c:08:00:
fe:9d:de:2f:44:3d:0c:74:80:24:fd:0a:85:de:8e:d8:27:d3:
dc:1b:73:77:d1:9a:3a:4f:0d:6e:12:b5:0d:44:7b:98:8c:82:
9b:a0:0a:4d:97:b2:2b:9b:85:96:a0:20:44:bc:f4:b1:b3:f3:
9d:1f:17:8f:62:f6:3d:e1:12:20:67:9c:1a:00:41:f6:d9:e3:
a4:a2:a4:28:39:a5:e0:8f:c3:b7:46:54:49:06:55:89:3a:51:
c4:65:9f:06:70:c8:9d:62:df:ac:67:07:56:5a:b6:85:74:26:
0a:2d:f0:fa:79:13:14:6b:13:aa:5a:fa:6d:ea:7f:52:3a:b2:
20:33:44:9e
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZO64nCNDUdUa1saE4t0SWZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjQxMjEyMTI0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODllOTRjMDU4OTg0NmQxMjQzOTFkZWE1MjcxMmFhZjY2NTk3NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumfcsZZWcjUBz0slmYV13VIkH5RD
8Sh+JatCLQk6Y3FOv6itSpQQj9FEE15bJ9wG+30i+DRhs5P0m/Tw471OZ+e9CX7D
TRrqPb6ZOjHfuFsd2Eggsd2twTFT1LkNP+5KovMyjGkUJyfEDZDQRpRCVPBjSdOC
FtHG7QrK7m64v5n0rN7HYpQBt8DqvAe+aTi0uEArBNQqi1GoM7Va6oE0DI3zSt2X
VxCN70yX4qCXmGj9ebTsvsR9mhE2hmHGnGJfhT48plE/ke26b6XkVss4Sg3a2Uw6
fjhfTh2ZYIQhK3JPaVvITgc/FIGrDSiO9VTux/dTs86BDfZEgwkNew2+AQIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFPielMBYmEbRJDkd6lJxKq9mWXdeMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvMS1KNlV3RmlZUnRFa09SM3FVbkVxcjJaWmQxNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvY2E5ZGJlLTAwOTUtNDBmMy1iOTMyLTBkOGY3ZGQ4Y2Nl
Ni8xL3FZQl9iVkRaZlpjZHp5NHVVR1RwdVFldHMtdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB1wYIKwYBBQUHAQcBAf8EgccwgcQwgZYEAgABMIGPAwMD
AmADBAY+A8ADBAc+GIADBAU+8aADAwNOkAMEBlEGwAMEB1KFAAMDAlnwAwQDW5Jw
MAoDAwFcCgMDBVwAAwQCuXDUMAwDBAK5rXQDBAK5rXgDBAK5r5ADBADB2mMDBAbD
cAADBAbDlQADBADUixgDBADUi4UDBALUi5QDBAbV0EADBAXZCAADBATZRIAwKQQC
AAIwIwMFACABB+ADBQUgAUoAAwUAKgBDQAMFAyoL2wADBQMqC+kAMA0GCSqGSIb3
DQEBCwUAA4IBAQAb1uRBBPD+GjLoHsJRjOp939yZ8sOjYjLKg6aIHjUT/TU/Uxk1
YjjRUD369tBOJxuASeAnstYnYd4afsMkHYsftepNveS+b82ZT4hx7rGwg1JNmSRQ
AUT3Fr9vwVdbAKus81QQgjYdxNHwIzhwEClEXeS1lGIXUjfKA82MCAD+nd4vRD0M
dIAk/QqF3o7YJ9PcG3N30Zo6Tw1uErUNRHuYjIKboApNl7Irm4WWoCBEvPSxs/Od
HxePYvY94RIgZ5waAEH22eOkoqQoOaXgj8O3RlRJBlWJOlHEZZ8GcMidYt+sZwdW
WraFdCYKLfD6eRMUaxOqWvpt6n9SOrIgM0Se
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:59 2024 by rpki-client on console.sobornost.net