Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/Gm_cS8iJj-tFJXP1V0-jwGNEWbI.roa
File: Gm_cS8iJj-tFJXP1V0-jwGNEWbI.roa (raw, json)
Hash identifier: Mek1+m4iEtpLgT/StSNohRI7JnRBASyUnmLHmN4630g=
Subject key identifier: 1A:6F:DC:4B:C8:89:8F:EB:45:25:73:F5:57:4F:A3:C0:63:44:59:B2
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 019423D770FC412DD464FEE03726096DC8E1
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/Gm_cS8iJj-tFJXP1V0-jwGNEWbI.roa
Signing time: Wed 01 Jan 2025 21:48:29 +0000
ROA not before: Wed 01 Jan 2025 21:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48422
IP address blocks: 46.172.67.0/24 maxlen: 24
46.172.68.0/24 maxlen: 24
46.172.72.0/24 maxlen: 24
46.172.73.0/24 maxlen: 24
46.172.75.0/24 maxlen: 24
46.172.77.0/24 maxlen: 24
46.172.79.0/24 maxlen: 24
46.172.81.0/24 maxlen: 24
46.172.82.0/24 maxlen: 24
46.172.83.0/24 maxlen: 24
46.172.84.0/24 maxlen: 24
46.172.85.0/24 maxlen: 24
46.172.88.0/24 maxlen: 24
46.172.89.0/24 maxlen: 24
46.172.91.0/24 maxlen: 24
2a04:5e40:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:70:fc:41:2d:d4:64:fe:e0:37:26:09:6d:c8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 1 21:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a6fdc4bc8898feb452573f5574fa3c0634459b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:19:8d:35:d8:ca:46:f1:22:54:a8:6b:fa:e7:
c4:09:b7:79:07:56:93:d1:76:2c:31:c0:b5:e5:8b:
64:36:73:cf:af:b5:40:31:85:57:70:85:b9:17:60:
ce:42:72:5c:6d:5b:b3:ed:cc:cc:18:bd:79:6d:5a:
c9:b3:65:36:c4:d3:ee:fb:63:3c:dc:67:f3:c4:7f:
10:34:ad:84:f3:b6:54:6c:80:81:1d:76:1a:b0:76:
a3:f4:4c:b8:66:c3:ce:91:96:3d:81:b2:e5:6a:34:
48:b9:84:70:fc:e4:72:73:54:ea:5e:e5:dc:e5:2a:
03:1b:fa:68:7d:66:99:68:79:55:31:ef:23:e0:d9:
33:d8:cf:f4:e6:7b:83:f5:21:83:f4:9a:68:73:18:
ec:23:e9:93:90:29:69:f7:ee:db:56:29:00:8e:87:
c7:b0:44:70:dc:c1:f9:f9:68:2b:ee:32:c6:5b:22:
d1:e6:d7:4e:d1:59:32:a3:86:e6:ad:95:61:a2:6a:
8a:d4:c7:1f:99:91:a5:65:55:20:c4:19:02:a5:da:
47:0f:7e:00:33:c3:ad:cc:2c:e8:23:db:c1:c6:13:
1f:fd:27:54:63:e0:0d:df:34:bb:5f:ee:70:53:7d:
76:cb:46:02:c8:51:58:a3:72:ba:e4:d5:a9:43:25:
55:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6F:DC:4B:C8:89:8F:EB:45:25:73:F5:57:4F:A3:C0:63:44:59:B2
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/Gm_cS8iJj-tFJXP1V0-jwGNEWbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.67.0-46.172.68.255
46.172.72.0/23
46.172.75.0/24
46.172.77.0/24
46.172.79.0/24
46.172.81.0-46.172.85.255
46.172.88.0/23
46.172.91.0/24
IPv6:
2a04:5e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
06:67:39:02:d7:66:2f:b2:ce:7b:a4:c0:81:c4:e4:13:4f:05:
32:d7:de:7c:03:cd:e3:53:26:b1:fd:81:48:f8:f0:21:ba:f4:
50:53:51:7e:55:f9:d5:88:69:b1:b7:c4:b3:e6:76:22:3e:3b:
c2:14:d7:4c:95:2c:7a:10:58:c0:be:87:93:ce:e5:c7:bd:46:
40:61:14:16:df:39:17:46:d1:12:13:6a:4e:d5:4c:96:ca:3f:
4b:0f:bc:f9:a0:b3:b2:81:a9:01:85:13:06:e9:fe:1d:4c:77:
61:77:99:1a:3f:3d:5f:34:a2:2c:25:92:2b:a9:b2:7d:64:18:
04:55:04:4c:35:85:ea:9b:2f:87:7d:de:47:ed:0a:e1:31:05:
c5:f5:24:c7:3d:a1:c3:b9:2c:40:cf:b9:bb:c2:0d:d8:4c:1e:
5d:1d:c2:e6:19:b1:94:43:25:0a:f3:fd:ca:06:c6:55:18:eb:
c0:eb:c6:6e:dd:9a:6e:2e:8e:37:ec:8b:01:1f:a1:08:15:1a:
9d:ef:81:27:76:76:0b:54:e2:da:ef:ae:87:16:a8:11:25:98:
98:31:8e:18:87:f5:7e:9f:ce:5d:40:b4:01:23:1e:d5:3d:64:
fc:76:71:f1:5c:5c:a9:74:92:3b:5f:a6:20:69:e0:8c:13:1a:
48:2a:0d:15
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQj13D8QS3UZP7gNyYJbcjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjUwMTAxMjE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTZmZGM0YmM4ODk4ZmViNDUyNTczZjU1NzRmYTNjMDYzNDQ1OWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxmNNdjKRvEiVKhr+ufECbd5B1aT
0XYsMcC15YtkNnPPr7VAMYVXcIW5F2DOQnJcbVuz7czMGL15bVrJs2U2xNPu+2M8
3GfzxH8QNK2E87ZUbICBHXYasHaj9Ey4ZsPOkZY9gbLlajRIuYRw/ORyc1TqXuXc
5SoDG/pofWaZaHlVMe8j4Nkz2M/05nuD9SGD9JpocxjsI+mTkClp9+7bVikAjofH
sERw3MH5+Wgr7jLGWyLR5tdO0Vkyo4bmrZVhomqK1McfmZGlZVUgxBkCpdpHD34A
M8OtzCzoI9vBxhMf/SdUY+AN3zS7X+5wU312y0YCyFFYo3K65NWpQyVVRwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFBpv3EvIiY/rRSVz9VdPo8BjRFmyMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvR21fY1M4aUpqLXRGSlhQMVYwLWp3R05FV2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBGBAIAATBAMAwDBAAurEMD
BAAurEQDBAEurEgDBAAurEsDBAAurE0DBAAurE8wDAMEAC6sUQMEAS6sVAMEAS6s
WAMEAC6sWzAPBAIAAjAJAwcAKgReQAABMA0GCSqGSIb3DQEBCwUAA4IBAQAGZzkC
12Yvss57pMCBxOQTTwUy1958A83jUyax/YFI+PAhuvRQU1F+VfnViGmxt8Sz5nYi
PjvCFNdMlSx6EFjAvoeTzuXHvUZAYRQW3zkXRtESE2pO1UyWyj9LD7z5oLOygakB
hRMG6f4dTHdhd5kaPz1fNKIsJZIrqbJ9ZBgEVQRMNYXqmy+Hfd5H7QrhMQXF9STH
PaHDuSxAz7m7wg3YTB5dHcLmGbGUQyUK8/3KBsZVGOvA68Zu3ZpuLo437IsBH6EI
FRqd74EndnYLVOLa766HFqgRJZiYMY4Yh/V+n85dQLQBIx7VPWT8dnHxXFypdJI7
X6YgaeCMExpIKg0V
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net