Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/PtAXY24lYtkFRHade4pTjXormLM.roa
File: PtAXY24lYtkFRHade4pTjXormLM.roa (raw, json)
Hash identifier: 1elZ7b8fLDvNPO81SeVzVwIAYPfLoIwWb4acP64QkQU=
Subject key identifier: 3E:D0:17:63:6E:25:62:D9:05:44:76:9D:7B:8A:53:8D:7A:2B:98:B3
Certificate issuer: /CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Certificate serial: 01941FFAA783FBA928B520588B04A54DFB06
Authority key identifier: BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/PtAXY24lYtkFRHade4pTjXormLM.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34119
IP address blocks: 31.22.0.0/21 maxlen: 21
31.22.4.0/24 maxlen: 24
31.22.7.0/24 maxlen: 24
77.95.32.0/21 maxlen: 21
185.2.168.0/22 maxlen: 22
185.103.228.0/22 maxlen: 22
185.211.176.0/22 maxlen: 22
2a02:5300::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a7:83:fb:a9:28:b5:20:58:8b:04:a5:4d:fb:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ed017636e2562d90544769d7b8a538d7a2b98b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:63:69:e1:71:dc:5c:dc:0d:02:d0:cc:db:bb:
7c:00:ec:9c:30:b2:3b:f9:37:45:64:fc:99:4f:4a:
de:d0:4a:d2:f7:8e:eb:14:40:8a:3c:6e:fc:07:1e:
14:e1:39:07:e3:66:1f:d7:74:bb:1c:32:ea:db:c6:
31:56:15:7b:ea:59:b5:43:18:a2:e6:16:f3:8f:09:
5d:36:e9:f7:40:c6:e4:b6:44:ac:27:b6:12:ee:65:
67:fd:fc:7c:13:fb:07:83:b6:c0:7c:ae:71:a2:ff:
7d:76:e6:76:cd:99:8e:6e:38:9b:af:80:95:10:07:
07:0b:1b:d8:9f:4f:a6:15:bc:b7:75:c4:29:1e:d8:
a5:3c:e4:ff:9b:98:65:f6:74:d4:12:4d:e4:f0:fe:
ab:71:51:9e:33:1b:67:42:6a:9f:dc:21:63:49:46:
bd:0e:ad:0e:38:06:59:47:08:8e:59:5f:d5:36:e3:
d5:e7:9c:69:44:f2:1f:1b:41:c3:b3:95:74:82:55:
77:3c:76:c1:4c:0c:49:9a:02:32:a7:5b:74:ee:b3:
ce:16:76:de:de:f6:b6:21:4a:bd:8b:c8:e4:bf:90:
bf:d7:9f:22:31:b0:84:fc:3e:c5:05:da:70:0f:52:
dc:a1:1f:88:1a:5c:e0:97:3a:08:71:75:ad:3b:93:
a3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D0:17:63:6E:25:62:D9:05:44:76:9D:7B:8A:53:8D:7A:2B:98:B3
X509v3 Authority Key Identifier:
keyid:BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/PtAXY24lYtkFRHade4pTjXormLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.0.0/21
77.95.32.0/21
185.2.168.0/22
185.103.228.0/22
185.211.176.0/22
IPv6:
2a02:5300::/32
Signature Algorithm: sha256WithRSAEncryption
8c:29:b2:16:f3:b1:14:61:d5:9d:95:1b:45:a2:09:25:9b:82:
82:aa:bb:31:c0:28:95:10:b8:42:4b:9a:f1:35:a0:f5:ff:78:
cc:f9:8a:ab:0e:47:35:dd:33:5c:64:09:f4:ce:42:c4:46:26:
1d:31:dc:48:c9:9c:e0:67:ba:e0:db:bb:a9:af:61:bf:c1:3d:
cd:6e:57:24:23:10:37:ed:db:9d:53:aa:26:32:9f:70:7c:7b:
09:65:d4:60:42:8f:1a:ba:eb:f3:91:08:57:36:24:47:27:f7:
56:39:40:52:25:d8:07:e9:94:0b:66:81:ed:37:dc:2b:83:64:
e0:41:3f:ac:4a:9c:0a:b6:0b:9d:56:19:b6:fe:0c:62:2a:60:
16:0b:bc:a0:73:d9:0e:00:c0:d7:bc:39:c2:e3:ff:8f:b8:31:
36:f9:4c:1b:18:73:82:01:30:f1:24:76:6e:37:c9:1c:3a:c2:
a0:d6:ce:c6:f1:75:26:b5:01:9b:82:69:4b:04:37:93:78:18:
13:dc:f2:ce:65:50:3e:60:ee:f9:27:ab:0c:ef:58:fe:d4:b1:
92:25:50:cd:0e:e2:e9:b5:d6:28:cf:df:87:51:81:eb:4c:09:
2b:eb:93:75:50:2c:37:5b:24:4a:8a:96:32:76:ff:9c:4b:f0:
a7:14:44:d9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+qeD+6kotSBYiwSlTfsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWQ3YzQyZTkxNzg0NGNiYzJkZTRhOTFjNmMxNzAxZGU1
OTcxYjUwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQwMTc2MzZlMjU2MmQ5MDU0NDc2OWQ3YjhhNTM4ZDdhMmI5OGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2Np4XHcXNwNAtDM27t8AOycMLI7
+TdFZPyZT0re0ErS947rFECKPG78Bx4U4TkH42Yf13S7HDLq28YxVhV76lm1Qxii
5hbzjwldNun3QMbktkSsJ7YS7mVn/fx8E/sHg7bAfK5xov99duZ2zZmObjibr4CV
EAcHCxvYn0+mFby3dcQpHtilPOT/m5hl9nTUEk3k8P6rcVGeMxtnQmqf3CFjSUa9
Dq0OOAZZRwiOWV/VNuPV55xpRPIfG0HDs5V0glV3PHbBTAxJmgIyp1t07rPOFnbe
3va2IUq9i8jkv5C/158iMbCE/D7FBdpwD1LcoR+IGlzglzoIcXWtO5OjCwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD7QF2NuJWLZBUR2nXuKU416K5izMB8GA1UdIwQY
MBaAFLydfELpF4RMvC3kqRxsFwHeWXG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQt
MDNmYjU0MTg3ZWUyLzEvUHRBWFkyNGxZdGtGUkhhZGU0cFRqWG9ybUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQtMDNmYjU0MTg3ZWUy
LzEvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxYAAwQD
TV8gAwQCuQKoAwQCuWfkAwQCudOwMA0EAgACMAcDBQAqAlMAMA0GCSqGSIb3DQEB
CwUAA4IBAQCMKbIW87EUYdWdlRtFogklm4KCqrsxwCiVELhCS5rxNaD1/3jM+Yqr
Dkc13TNcZAn0zkLERiYdMdxIyZzgZ7rg27upr2G/wT3NblckIxA37dudU6omMp9w
fHsJZdRgQo8auuvzkQhXNiRHJ/dWOUBSJdgH6ZQLZoHtN9wrg2TgQT+sSpwKtgud
Vhm2/gxiKmAWC7ygc9kOAMDXvDnC4/+PuDE2+UwbGHOCATDxJHZuN8kcOsKg1s7G
8XUmtQGbgmlLBDeTeBgT3PLOZVA+YO75J6sM71j+1LGSJVDNDuLptdYoz9+HUYHr
TAkr65N1UCw3WyRKipYydv+cS/CnFETZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net