Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/aHkiBdyDgksjPTve6ijI7EpizCc.roa
File: aHkiBdyDgksjPTve6ijI7EpizCc.roa (raw, json)
Hash identifier: NQknuIOWctzhCd+JdINj8cg9TjzpycFVkYWDzHbdSKY=
Subject key identifier: 68:79:22:05:DC:83:82:4B:23:3D:3B:DE:EA:28:C8:EC:4A:62:CC:27
Certificate issuer: /CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Certificate serial: 01942827D4264D8F4471479860809DB47A41
Authority key identifier: B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/aHkiBdyDgksjPTve6ijI7EpizCc.roa
Signing time: Thu 02 Jan 2025 17:54:46 +0000
ROA not before: Thu 02 Jan 2025 17:54:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204560
IP address blocks: 185.246.140.0/22 maxlen: 22
193.194.102.0/23 maxlen: 23
193.194.104.0/24 maxlen: 24
2a0d:8380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:d4:26:4d:8f:44:71:47:98:60:80:9d:b4:7a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Validity
Not Before: Jan 2 17:54:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68792205dc83824b233d3bdeea28c8ec4a62cc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:59:8f:6f:33:f2:e8:60:c5:c2:08:09:02:5f:
7b:86:8c:42:d0:a7:84:f9:75:8c:61:26:48:be:c9:
9b:fb:3d:d9:1c:c3:90:b7:34:33:38:60:a1:87:6f:
99:14:ac:8c:26:cb:92:a9:09:2f:63:90:bd:38:16:
17:1a:e6:50:29:06:0b:06:01:b2:cf:4d:2f:3c:5f:
aa:e5:ef:b5:43:e6:0c:e3:0d:72:c1:6b:9d:9a:fa:
0f:90:9b:a0:60:d4:74:dc:00:40:0a:59:7e:2c:2d:
ae:9b:6e:e7:01:3b:b1:e7:4e:1c:3b:bd:6a:14:e6:
7f:ad:48:1e:0b:56:38:69:55:fd:48:a8:a3:e7:80:
69:4f:5f:62:a8:9b:56:b7:f7:d0:87:07:3e:7e:d6:
0f:ee:3c:e7:d3:79:87:9a:29:50:a0:b1:c8:fc:0b:
11:f4:85:0a:0d:33:7a:26:b7:5f:0c:bb:2d:6f:0b:
16:c1:c2:ed:4d:37:ec:51:4b:97:ec:f5:00:fe:b6:
f6:75:ad:4d:37:45:7e:99:2c:d2:96:84:cc:0c:17:
f4:93:9c:7e:d5:14:b7:89:7f:47:27:01:f8:73:7c:
f6:4b:f9:61:20:c0:e3:8c:9e:b0:31:ad:14:62:ce:
2d:27:04:5c:e3:f0:20:3c:8a:87:56:0d:89:0a:e5:
86:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:79:22:05:DC:83:82:4B:23:3D:3B:DE:EA:28:C8:EC:4A:62:CC:27
X509v3 Authority Key Identifier:
keyid:B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/aHkiBdyDgksjPTve6ijI7EpizCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/uTYoo2ME473CH4U7s_rUPkhhpcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.140.0/22
193.194.102.0-193.194.104.255
IPv6:
2a0d:8380::/29
Signature Algorithm: sha256WithRSAEncryption
74:4f:d3:2e:e3:c0:19:9b:c4:d0:d8:9a:a4:b6:7f:bb:8a:65:
03:73:d2:b1:a6:77:09:89:a4:cb:88:c5:8d:1c:dc:59:11:62:
80:83:05:37:5b:0f:49:b4:aa:3a:30:34:6f:d2:25:b1:40:7a:
c3:5c:11:4c:71:d2:31:bc:84:a5:b7:12:6a:75:86:60:68:81:
ac:ef:03:dc:bb:17:68:fa:82:45:bb:06:30:65:25:e0:4b:9d:
b2:ec:06:97:f8:34:12:a4:f5:a2:11:f4:c1:71:53:bc:9f:cb:
cd:6b:79:3f:6e:bf:cd:fc:b4:39:11:16:f7:d6:a2:5f:d2:56:
25:9a:36:42:85:02:8c:a8:d8:76:0a:ee:c4:c1:ab:cc:79:da:
5e:44:62:8c:e1:4a:82:e6:31:dd:f6:35:2e:56:01:9a:92:1d:
58:d6:50:fa:56:b0:de:97:2a:4e:dc:1a:43:b7:e7:3a:05:32:
84:ec:f8:72:07:0a:50:e9:88:79:a8:66:f6:c3:27:4e:56:51:
0f:8c:6b:79:77:5e:95:b5:6e:37:be:17:01:85:36:0b:62:2a:
cd:cf:8b:77:a5:dd:f2:e1:7e:3a:38:4b:df:b1:a9:7b:89:43:
df:13:0e:10:45:5d:cf:32:63:cf:06:e6:d3:4b:21:3c:5a:d0:
ca:98:54:b5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQoJ9QmTY9EcUeYYICdtHpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MzYyOGEzNjMwNGUzYmRjMjFmODUzYmIzZmFkNDNlNDg2
MWE1YzUwHhcNMjUwMTAyMTc1NDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc5MjIwNWRjODM4MjRiMjMzZDNiZGVlYTI4YzhlYzRhNjJjYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VmPbzPy6GDFwggJAl97hoxC0KeE
+XWMYSZIvsmb+z3ZHMOQtzQzOGChh2+ZFKyMJsuSqQkvY5C9OBYXGuZQKQYLBgGy
z00vPF+q5e+1Q+YM4w1ywWudmvoPkJugYNR03ABACll+LC2um27nATux504cO71q
FOZ/rUgeC1Y4aVX9SKij54BpT19iqJtWt/fQhwc+ftYP7jzn03mHmilQoLHI/AsR
9IUKDTN6JrdfDLstbwsWwcLtTTfsUUuX7PUA/rb2da1NN0V+mSzSloTMDBf0k5x+
1RS3iX9HJwH4c3z2S/lhIMDjjJ6wMa0UYs4tJwRc4/AgPIqHVg2JCuWGNQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGh5IgXcg4JLIz073uooyOxKYswnMB8GA1UdIwQY
MBaAFLk2KKNjBOO9wh+FO7P61D5IYaXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmIt
ODdkM2VjN2YwNDEwLzEvYUhraUJkeURna3NqUFR2ZTZpakk3RXBpekNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmItODdkM2VjN2YwNDEw
LzEvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCufaMMAwD
BAHBwmYDBADBwmgwDQQCAAIwBwMFAyoNg4AwDQYJKoZIhvcNAQELBQADggEBAHRP
0y7jwBmbxNDYmqS2f7uKZQNz0rGmdwmJpMuIxY0c3FkRYoCDBTdbD0m0qjowNG/S
JbFAesNcEUxx0jG8hKW3Emp1hmBogazvA9y7F2j6gkW7BjBlJeBLnbLsBpf4NBKk
9aIR9MFxU7yfy81reT9uv838tDkRFvfWol/SViWaNkKFAoyo2HYK7sTBq8x52l5E
YozhSoLmMd32NS5WAZqSHVjWUPpWsN6XKk7cGkO35zoFMoTs+HIHClDpiHmoZvbD
J05WUQ+Ma3l3XpW1bje+FwGFNgtiKs3Pi3el3fLhfjo4S9+xqXuJQ98TDhBFXc8y
Y88G5tNLITxa0MqYVLU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net