Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/bmuOfACYZiZOnCTz9ES9s06c_ac.roa
File: bmuOfACYZiZOnCTz9ES9s06c_ac.roa (raw, json)
Hash identifier: kxF+XBYjW7ExfLjJidwuYPma+i/t1erJy7+ooTz+eSY=
Subject key identifier: 6E:6B:8E:7C:00:98:66:26:4E:9C:24:F3:F4:44:BD:B3:4E:9C:FD:A7
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 0194221F420632F82937BA8D92354F497E35
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/bmuOfACYZiZOnCTz9ES9s06c_ac.roa
Signing time: Wed 01 Jan 2025 13:47:41 +0000
ROA not before: Wed 01 Jan 2025 13:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50606
IP address blocks: 109.232.28.0/22 maxlen: 22
185.56.172.0/22 maxlen: 22
185.215.72.0/23 maxlen: 23
193.42.154.0/24 maxlen: 24
194.126.233.0/24 maxlen: 24
194.126.245.0/24 maxlen: 24
194.126.251.0/24 maxlen: 24
194.127.97.0/24 maxlen: 24
213.92.128.0/19 maxlen: 32
213.156.100.0/22 maxlen: 22
2a02:54e0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:42:06:32:f8:29:37:ba:8d:92:35:4f:49:7e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 13:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6b8e7c009866264e9c24f3f444bdb34e9cfda7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:55:b0:08:f2:21:dd:c7:62:8c:de:ae:7a:
c8:87:f6:5d:8f:7d:36:f7:1c:1e:aa:fd:bf:b7:fa:
52:38:b1:7d:81:dd:31:9c:a3:01:2a:78:6c:fd:39:
49:46:e9:40:cd:5b:76:a5:21:0a:69:96:64:de:d7:
66:73:5c:07:eb:41:1c:2e:9d:7c:55:80:d3:5c:69:
c9:c2:af:02:6d:d9:ee:9c:f7:6b:54:6b:b2:4b:17:
10:10:33:90:56:ef:c7:5f:7e:28:39:5e:99:75:61:
71:62:11:1b:9c:31:48:0a:cf:0f:4c:5d:02:22:67:
66:85:f4:99:11:bd:6d:46:05:27:ce:75:a9:50:61:
0c:5c:76:b2:c3:38:34:78:01:c0:f1:5d:54:f1:68:
c9:d1:e8:58:af:9d:68:07:a1:2f:d8:5d:e6:3f:4a:
75:80:3b:67:0c:1e:d1:3e:79:8f:16:e0:7c:70:3c:
15:cd:15:92:14:0d:aa:50:34:1a:df:02:ce:2e:07:
53:51:4f:f2:f2:74:8a:45:e4:f0:d3:35:59:da:81:
a2:36:ac:18:8f:03:49:54:e6:d9:f3:1f:7a:1c:6c:
e8:89:bc:82:bb:45:e9:94:f5:a1:31:47:ed:14:fe:
36:25:46:5a:d3:a7:52:c7:d1:ee:00:47:f4:ee:8b:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6B:8E:7C:00:98:66:26:4E:9C:24:F3:F4:44:BD:B3:4E:9C:FD:A7
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/bmuOfACYZiZOnCTz9ES9s06c_ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.28.0/22
185.56.172.0/22
185.215.72.0/23
193.42.154.0/24
194.126.233.0/24
194.126.245.0/24
194.126.251.0/24
194.127.97.0/24
213.92.128.0/19
213.156.100.0/22
IPv6:
2a02:54e0::/29
Signature Algorithm: sha256WithRSAEncryption
96:ac:a9:78:f0:b9:7c:db:aa:bb:28:c4:d6:75:bd:68:28:80:
0d:23:fe:31:39:45:71:36:89:82:74:39:ce:a8:86:37:e4:77:
a7:56:7a:82:0d:7c:a7:90:d9:a5:3c:56:7f:2b:3a:20:43:09:
17:ed:96:ec:8a:8a:93:0d:db:86:38:8c:39:a1:d6:e5:f9:80:
ae:05:2b:22:a3:99:0e:51:a7:81:78:93:57:f7:f3:7d:10:a9:
a5:f9:10:c6:ac:b6:ab:08:5d:80:89:cf:68:68:f8:fc:4b:86:
77:1e:16:e6:6a:78:f3:1c:b5:68:80:1a:8a:76:ee:e2:80:1c:
6a:2c:d1:84:ed:9d:77:36:13:d9:35:61:e8:7e:4c:d2:68:70:
4e:5a:86:09:85:84:31:78:bf:a9:7c:50:61:51:57:d9:f6:33:
56:ba:79:81:55:73:fb:38:cd:9a:46:0f:e7:16:ba:7c:b8:f3:
5a:54:02:ad:16:2a:27:8b:ff:0a:08:7e:5b:07:de:8f:e2:62:
e0:44:00:65:7b:56:76:5b:4a:06:21:9d:1b:0b:01:16:1e:57:
b8:0b:d6:ec:d3:cb:52:f1:c9:9c:f9:d5:7c:6b:a5:af:96:db:
e5:4e:99:43:74:12:f3:eb:7b:a5:dd:50:82:6e:b1:7a:25:97:
b4:90:44:46
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQiH0IGMvgpN7qNkjVPSX41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjUwMTAxMTM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZiOGU3YzAwOTg2NjI2NGU5YzI0ZjNmNDQ0YmRiMzRlOWNmZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueZVsAjyId3HYozernrIh/Zdj302
9xweqv2/t/pSOLF9gd0xnKMBKnhs/TlJRulAzVt2pSEKaZZk3tdmc1wH60EcLp18
VYDTXGnJwq8CbdnunPdrVGuySxcQEDOQVu/HX34oOV6ZdWFxYhEbnDFICs8PTF0C
ImdmhfSZEb1tRgUnznWpUGEMXHaywzg0eAHA8V1U8WjJ0ehYr51oB6Ev2F3mP0p1
gDtnDB7RPnmPFuB8cDwVzRWSFA2qUDQa3wLOLgdTUU/y8nSKReTw0zVZ2oGiNqwY
jwNJVObZ8x96HGzoibyCu0XplPWhMUftFP42JUZa06dSx9HuAEf07otB6QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFG5rjnwAmGYmTpwk8/REvbNOnP2nMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvYm11T2ZBQ1laaVpPbkNUejlFUzlzMDZjX2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCbegcAwQC
uTisAwQBuddIAwQAwSqaAwQAwn7pAwQAwn71AwQAwn77AwQAwn9hAwQF1VyAAwQC
1ZxkMA0EAgACMAcDBQMqAlTgMA0GCSqGSIb3DQEBCwUAA4IBAQCWrKl48Ll826q7
KMTWdb1oKIANI/4xOUVxNomCdDnOqIY35HenVnqCDXynkNmlPFZ/KzogQwkX7Zbs
ioqTDduGOIw5odbl+YCuBSsio5kOUaeBeJNX9/N9EKml+RDGrLarCF2Aic9oaPj8
S4Z3HhbmanjzHLVogBqKdu7igBxqLNGE7Z13NhPZNWHofkzSaHBOWoYJhYQxeL+p
fFBhUVfZ9jNWunmBVXP7OM2aRg/nFrp8uPNaVAKtFioni/8KCH5bB96P4mLgRABl
e1Z2W0oGIZ0bCwEWHle4C9bs08tS8cmc+dV8a6WvltvlTplDdBLz63ul3VCCbrF6
JZe0kERG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:35 2025 by rpki-client on console.sobornost.net