Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/Im-QceSwk2rydy4UnBzai_RFayI.roa
File: Im-QceSwk2rydy4UnBzai_RFayI.roa (raw, json)
Hash identifier: 7cmPd6tOwgpnXHTZZ7ExgoosfdS4LnMMgIaEbvg4EPQ=
Subject key identifier: 22:6F:90:71:E4:B0:93:6A:F2:77:2E:14:9C:1C:DA:8B:F4:45:6B:22
Certificate issuer: /CN=4151d6b441d3f57762c032f8fad217608a22f7a1
Certificate serial: 019424B3D43C942744BBFD1B0A8BEE38E002
Authority key identifier: 41:51:D6:B4:41:D3:F5:77:62:C0:32:F8:FA:D2:17:60:8A:22:F7:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QVHWtEHT9XdiwDL4-tIXYIoi96E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/Im-QceSwk2rydy4UnBzai_RFayI.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49560
IP address blocks: 84.234.48.0/20 maxlen: 20
91.238.12.0/22 maxlen: 22
92.51.56.0/21 maxlen: 21
94.103.0.0/22 maxlen: 22
185.50.4.0/22 maxlen: 22
213.5.20.0/22 maxlen: 22
2a01:a320::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d4:3c:94:27:44:bb:fd:1b:0a:8b:ee:38:e0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4151d6b441d3f57762c032f8fad217608a22f7a1
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=226f9071e4b0936af2772e149c1cda8bf4456b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c8:c4:54:3a:9a:a1:34:12:b2:57:c5:3b:19:
84:8c:19:d2:31:91:e4:c8:be:0e:fd:fe:9d:53:f6:
74:1f:1a:e9:9a:9f:70:18:be:ba:38:f3:d3:46:fe:
9b:e1:3c:78:83:00:3c:38:0c:40:5b:42:bb:2f:56:
5a:79:ad:70:5a:07:7b:99:5a:ec:bc:3b:0f:68:e9:
2d:7f:55:55:c7:8f:ab:6c:7b:9e:61:7b:9f:95:40:
25:2f:e4:8e:f8:88:fd:93:a6:69:85:c2:cf:be:8d:
8e:37:81:fb:ec:9d:4a:78:fe:a2:0f:79:58:94:c8:
57:af:01:1b:a4:2d:91:e2:36:c5:71:49:cc:8e:39:
e3:82:9d:8f:7c:1f:39:35:95:9e:c7:20:3f:d3:fd:
34:c3:a9:f2:3d:bd:eb:cd:52:c1:5d:e2:6d:13:de:
6f:d1:da:3c:77:25:49:85:68:61:3b:c8:eb:cc:10:
a5:ff:17:94:a7:26:7e:50:f4:c5:58:31:85:52:d7:
ef:08:1d:bc:5e:21:bb:86:2b:d7:b5:f0:94:9e:e2:
8b:fd:d3:1c:70:b0:06:e8:9d:91:e5:40:0d:09:9f:
f4:42:69:49:6d:29:48:31:00:ba:29:00:2d:f5:48:
da:b7:81:2c:35:be:d5:27:52:5d:17:2e:a0:a4:1e:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6F:90:71:E4:B0:93:6A:F2:77:2E:14:9C:1C:DA:8B:F4:45:6B:22
X509v3 Authority Key Identifier:
keyid:41:51:D6:B4:41:D3:F5:77:62:C0:32:F8:FA:D2:17:60:8A:22:F7:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVHWtEHT9XdiwDL4-tIXYIoi96E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/Im-QceSwk2rydy4UnBzai_RFayI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/QVHWtEHT9XdiwDL4-tIXYIoi96E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.48.0/20
91.238.12.0/22
92.51.56.0/21
94.103.0.0/22
185.50.4.0/22
213.5.20.0/22
IPv6:
2a01:a320::/32
Signature Algorithm: sha256WithRSAEncryption
1b:16:b4:80:59:7e:6b:9f:6d:7c:42:4b:0b:66:21:8f:9a:72:
09:0a:7b:35:57:46:13:6e:10:bc:80:b6:df:27:20:f4:f9:78:
9d:c8:62:d5:b3:91:91:54:f5:60:94:03:e4:f4:29:c7:35:4f:
2b:23:33:00:9f:61:e0:6b:c7:8f:bb:bc:54:d9:00:e1:21:f4:
1e:d5:57:a8:a9:f6:d5:5f:cf:7c:f6:35:f5:e8:88:06:6b:a9:
fb:a8:d9:fb:c0:42:a4:a1:a5:f1:71:7b:57:a1:3c:3c:aa:4c:
53:33:14:10:a0:58:72:af:85:af:fc:97:a0:9c:05:18:57:a0:
83:3d:ae:c5:a7:12:bc:8b:65:67:8e:28:38:2a:ad:e3:2a:87:
d9:77:de:9b:cd:40:7b:64:fd:fb:61:c0:ad:48:c5:3d:f4:d8:
2f:41:95:2c:c7:e8:51:11:3a:1a:7a:af:8d:ed:c4:82:d3:bd:
1f:6d:1f:0c:55:32:ed:87:52:e3:2e:1b:16:f6:04:7a:4a:82:
b1:34:4d:c4:63:56:7f:8c:59:47:55:41:f9:24:88:1c:2e:f9:
d7:a2:5c:98:fd:71:00:5d:4c:a1:a3:fa:67:19:2c:3b:1a:69:
01:92:77:14:5d:d5:3e:af:53:cf:9f:fb:ac:1b:40:88:93:da:
cb:c4:79:86
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQks9Q8lCdEu/0bCovuOOACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNTFkNmI0NDFkM2Y1Nzc2MmMwMzJmOGZhZDIxNzYwOGEy
MmY3YTEwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZmOTA3MWU0YjA5MzZhZjI3NzJlMTQ5YzFjZGE4YmY0NDU2YjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusjEVDqaoTQSslfFOxmEjBnSMZHk
yL4O/f6dU/Z0Hxrpmp9wGL66OPPTRv6b4Tx4gwA8OAxAW0K7L1Zaea1wWgd7mVrs
vDsPaOktf1VVx4+rbHueYXuflUAlL+SO+Ij9k6ZphcLPvo2ON4H77J1KeP6iD3lY
lMhXrwEbpC2R4jbFcUnMjjnjgp2PfB85NZWexyA/0/00w6nyPb3rzVLBXeJtE95v
0do8dyVJhWhhO8jrzBCl/xeUpyZ+UPTFWDGFUtfvCB28XiG7hivXtfCUnuKL/dMc
cLAG6J2R5UANCZ/0QmlJbSlIMQC6KQAt9Ujat4EsNb7VJ1JdFy6gpB6dfwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCJvkHHksJNq8ncuFJwc2ov0RWsiMB8GA1UdIwQY
MBaAFEFR1rRB0/V3YsAy+PrSF2CKIvehMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVZIV3RFSFQ5WGRpd0RMNC10SVhZSW9pOTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jZGRiNjMtOTMwOC00M2M5LTk0NzMt
ZWFlNDE4MTU4YTUyLzEvSW0tUWNlU3drMnJ5ZHk0VW5CemFpX1JGYXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jZGRiNjMtOTMwOC00M2M5LTk0NzMtZWFlNDE4MTU4YTUy
LzEvUVZIV3RFSFQ5WGRpd0RMNC10SVhZSW9pOTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEVOowAwQC
W+4MAwQDXDM4AwQCXmcAAwQCuTIEAwQC1QUUMA0EAgACMAcDBQAqAaMgMA0GCSqG
SIb3DQEBCwUAA4IBAQAbFrSAWX5rn218QksLZiGPmnIJCns1V0YTbhC8gLbfJyD0
+XidyGLVs5GRVPVglAPk9CnHNU8rIzMAn2Hga8ePu7xU2QDhIfQe1VeoqfbVX898
9jX16IgGa6n7qNn7wEKkoaXxcXtXoTw8qkxTMxQQoFhyr4Wv/JegnAUYV6CDPa7F
pxK8i2Vnjig4Kq3jKofZd96bzUB7ZP37YcCtSMU99NgvQZUsx+hREToaeq+N7cSC
070fbR8MVTLth1LjLhsW9gR6SoKxNE3EY1Z/jFlHVUH5JIgcLvnXolyY/XEAXUyh
o/pnGSw7GmkBkncUXdU+r1PPn/usG0CIk9rLxHmG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net