Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/9DTEymXt_hSCqrhUML_EoRQVDeQ.roa
File: 9DTEymXt_hSCqrhUML_EoRQVDeQ.roa (raw, json)
Hash identifier: wgH8x5k7uu/aIlse3WA3g9SW6Lq3H4kZpIWxC/Bnq4M=
Subject key identifier: F4:34:C4:CA:65:ED:FE:14:82:AA:B8:54:30:BF:C4:A1:14:15:0D:E4
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01942445A044B9478C1C598BE8361D16BD34
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/9DTEymXt_hSCqrhUML_EoRQVDeQ.roa
Signing time: Wed 01 Jan 2025 23:48:50 +0000
ROA not before: Wed 01 Jan 2025 23:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13285
IP address blocks: 2.96.0.0/13 maxlen: 24
62.3.192.0/18 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
81.6.192.0/18 maxlen: 24
82.133.0.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
91.146.112.0/21 maxlen: 24
92.10.0.0/15 maxlen: 24
92.12.0.0/14 maxlen: 24
92.16.0.0/12 maxlen: 24
185.112.212.0/22 maxlen: 24
185.173.116.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
195.112.0.0/18 maxlen: 24
195.149.0.0/18 maxlen: 24
212.139.24.0/24 maxlen: 24
212.139.133.0/24 maxlen: 24
212.139.148.0/22 maxlen: 22
213.208.64.0/18 maxlen: 24
217.8.0.0/19 maxlen: 24
217.68.128.0/20 maxlen: 24
2001:7e0::/32 maxlen: 32
2001:4a00::/27 maxlen: 27
2a00:4340::/32 maxlen: 32
2a0b:db00::/29 maxlen: 29
2a0b:e900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a0:44:b9:47:8c:1c:59:8b:e8:36:1d:16:bd:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 1 23:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f434c4ca65edfe1482aab85430bfc4a114150de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:55:68:bd:00:41:b2:25:22:e6:7b:8c:2c:14:
0f:0f:cb:9d:9c:46:bd:49:41:d6:88:4a:de:be:3c:
33:cf:b8:34:d0:a9:04:42:d4:3f:7e:95:c1:82:ab:
d6:06:4a:79:5a:76:55:ec:e0:08:1d:81:13:a4:92:
e8:77:38:bb:fd:4f:e0:31:86:32:26:cf:8f:3b:44:
b6:49:12:6a:f7:ac:59:97:15:9d:ae:93:ce:3f:5f:
c1:e7:f1:96:5e:e2:3d:85:43:cf:6c:44:6b:29:14:
af:9e:15:7b:7e:43:5a:ca:f2:56:a5:75:9a:6e:84:
9a:55:e7:a6:6a:2b:77:17:f2:6d:3c:4c:2a:b7:be:
0b:d8:f9:94:0b:59:e6:56:30:80:56:22:67:8a:16:
6a:2a:a8:9d:a5:6c:11:b0:15:26:e6:cf:f0:ab:52:
2a:45:fb:bb:7a:a2:dc:c5:da:fa:ed:c5:27:16:fc:
78:dd:11:7d:c0:7c:21:c7:f2:78:16:69:3d:b9:63:
24:1b:10:a2:4c:37:26:68:49:48:93:7f:a5:af:15:
72:6a:c9:a1:2f:74:d3:4a:f9:d0:55:e5:8f:68:80:
06:99:8e:46:d6:8a:b2:f2:84:ef:35:d2:20:33:03:
01:ad:fe:36:fb:7c:62:99:67:dd:39:4f:ce:59:47:
6f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:34:C4:CA:65:ED:FE:14:82:AA:B8:54:30:BF:C4:A1:14:15:0D:E4
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/9DTEymXt_hSCqrhUML_EoRQVDeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
81.6.192.0/18
82.133.0.0/17
89.240.0.0/14
91.146.112.0/21
92.10.0.0-92.31.255.255
185.112.212.0/22
185.173.116.0-185.173.123.255
185.175.144.0/22
193.218.99.0/24
195.112.0.0/18
195.149.0.0/18
212.139.24.0/24
212.139.133.0/24
212.139.148.0/22
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
IPv6:
2001:7e0::/32
2001:4a00::/27
2a00:4340::/32
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
74:0c:ea:bf:c3:b8:81:29:df:41:3b:f7:e2:de:4a:8c:5d:95:
01:60:0d:7a:85:e3:bd:fb:fc:21:e0:5d:c9:b0:e6:63:2f:54:
01:26:5d:e0:ee:a7:b0:d2:b3:3d:06:f1:86:91:e3:f5:fa:ed:
df:9f:a4:5d:e4:47:d3:17:98:89:a1:ac:57:e4:95:28:dd:0c:
0c:f2:55:50:1a:b3:d8:f8:de:e0:1f:a9:9e:61:0e:13:d9:1a:
62:fb:c6:c8:ff:c7:c9:21:62:9b:38:53:43:49:cc:3e:65:68:
81:ca:30:1a:59:ef:f9:ac:b3:0d:62:e4:a8:23:1a:82:86:24:
cd:85:33:91:dd:1a:df:d8:e7:be:40:a7:05:7c:01:d5:02:bf:
03:8a:7b:e6:3d:60:cc:2b:91:40:45:b0:ef:0a:e2:8b:85:44:
cf:aa:26:ec:9b:f0:f4:fe:d4:c9:b9:68:6b:1a:d3:87:d0:8b:
e5:73:ca:ed:c7:d6:6a:7c:66:68:6f:ea:24:40:88:0f:db:52:
86:0a:c9:4b:77:aa:7d:26:b5:8b:50:2d:79:e0:e3:30:1f:44:
1f:dc:e6:a3:0f:d4:ce:a2:ad:1f:98:a4:5d:52:fd:50:17:4b:
58:58:6e:18:1d:b6:56:c1:cd:4b:f0:59:1e:d2:b7:2f:06:6c:
b9:38:90:aa
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZQkRaBEuUeMHFmL6DYdFr00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM0YzRjYTY1ZWRmZTE0ODJhYWI4NTQzMGJmYzRhMTE0MTUwZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVVovQBBsiUi5nuMLBQPD8udnEa9
SUHWiErevjwzz7g00KkEQtQ/fpXBgqvWBkp5WnZV7OAIHYETpJLodzi7/U/gMYYy
Js+PO0S2SRJq96xZlxWdrpPOP1/B5/GWXuI9hUPPbERrKRSvnhV7fkNayvJWpXWa
boSaVeemait3F/JtPEwqt74L2PmUC1nmVjCAViJnihZqKqidpWwRsBUm5s/wq1Iq
Rfu7eqLcxdr67cUnFvx43RF9wHwhx/J4Fmk9uWMkGxCiTDcmaElIk3+lrxVyasmh
L3TTSvnQVeWPaIAGmY5G1oqy8oTvNdIgMwMBrf42+3ximWfdOU/OWUdvmwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFPQ0xMpl7f4Ugqq4VDC/xKEUFQ3kMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvOURURXltWHRfaFNDcXJoVU1MX0VvUlFWRGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBlgQCAAEwgY8DAwMC
YAMEBj4DwAMEBz4YgAMEBT7xoAMDA06QAwQGUQbAAwQHUoUAAwMCWfADBANbknAw
CgMDAVwKAwMFXAADBAK5cNQwDAMEArmtdAMEArmteAMEArmvkAMEAMHaYwMEBsNw
AAMEBsOVAAMEANSLGAMEANSLhQMEAtSLlAMEBtXQQAMEBdkIAAMEBNlEgDApBAIA
AjAjAwUAIAEH4AMFBSABSgADBQAqAENAAwUDKgvbAAMFAyoL6QAwDQYJKoZIhvcN
AQELBQADggEBAHQM6r/DuIEp30E79+LeSoxdlQFgDXqF4737/CHgXcmw5mMvVAEm
XeDup7DSsz0G8YaR4/X67d+fpF3kR9MXmImhrFfklSjdDAzyVVAas9j43uAfqZ5h
DhPZGmL7xsj/x8khYps4U0NJzD5laIHKMBpZ7/mssw1i5KgjGoKGJM2FM5HdGt/Y
575ApwV8AdUCvwOKe+Y9YMwrkUBFsO8K4ouFRM+qJuyb8PT+1Mm5aGsa04fQi+Vz
yu3H1mp8Zmhv6iRAiA/bUoYKyUt3qn0mtYtQLXng4zAfRB/c5qMP1M6irR+YpF1S
/VAXS1hYbhgdtlbBzUvwWR7Sty8GbLk4kKo=
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:54:03 2025 by rpki-client on console.sobornost.net