Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/tUE8baZVU1NdKeMuH6kAeF6d40U.roa
File: tUE8baZVU1NdKeMuH6kAeF6d40U.roa (raw, json)
Hash identifier: oR4YGvS/x8NPWIpEMxxjQSUvcEGgnnG9XZinqPPpzBA=
Subject key identifier: B5:41:3C:6D:A6:55:53:53:5D:29:E3:2E:1F:A9:00:78:5E:9D:E3:45
Certificate issuer: /CN=bbdcc8c3772174e47bac8b932e5bec7b47b1d92b
Certificate serial: 01941FFA62D0A42A4EFBD209464FFA2F9235
Authority key identifier: BB:DC:C8:C3:77:21:74:E4:7B:AC:8B:93:2E:5B:EC:7B:47:B1:D9:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9zIw3chdOR7rIuTLlvse0ex2Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/tUE8baZVU1NdKeMuH6kAeF6d40U.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21269
IP address blocks: 92.118.240.0/22 maxlen: 24
195.95.132.0/24 maxlen: 24
2a09:b240::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:62:d0:a4:2a:4e:fb:d2:09:46:4f:fa:2f:92:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbdcc8c3772174e47bac8b932e5bec7b47b1d92b
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5413c6da65553535d29e32e1fa900785e9de345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:6a:f0:c0:2c:ac:cf:72:89:12:c8:b2:81:
58:9b:b2:9e:61:84:fe:fc:3c:a8:f6:3f:05:72:44:
50:0b:63:e4:00:f0:0d:4d:0a:44:76:07:93:61:32:
4c:98:b3:a1:01:96:c3:43:3d:58:64:09:dd:51:13:
6d:db:89:ee:6a:1e:1b:a0:39:25:ec:67:af:ce:79:
db:e7:19:b5:52:d8:c7:04:8d:23:31:f5:62:8b:de:
9f:a4:49:d4:7a:ac:63:2f:99:ed:80:59:ac:3f:02:
8f:84:92:a3:2f:ec:63:01:7f:80:74:e1:d7:f8:f5:
c4:be:a3:a8:fe:8b:27:ca:60:63:49:15:bb:c4:21:
41:9d:27:ec:02:64:b2:71:c1:45:43:36:fa:47:ba:
19:48:a3:ff:11:2a:5c:e4:89:6d:5b:2e:9d:31:2d:
a0:1c:cd:cd:a3:fa:2e:5d:fd:b4:25:d9:e9:2e:aa:
bd:20:3a:2e:8c:93:8f:e1:6b:61:c2:9e:8e:35:bc:
5b:56:5e:9f:db:de:75:0d:2d:d6:8f:4a:44:c6:c6:
c0:f6:2a:36:25:10:3d:67:5a:61:4b:fb:16:e1:c2:
ec:e3:f5:11:67:45:a2:3a:c8:23:01:97:8d:76:33:
18:dc:1f:03:c1:70:68:6e:7b:6b:a9:9b:67:20:ab:
69:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:41:3C:6D:A6:55:53:53:5D:29:E3:2E:1F:A9:00:78:5E:9D:E3:45
X509v3 Authority Key Identifier:
keyid:BB:DC:C8:C3:77:21:74:E4:7B:AC:8B:93:2E:5B:EC:7B:47:B1:D9:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9zIw3chdOR7rIuTLlvse0ex2Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/tUE8baZVU1NdKeMuH6kAeF6d40U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/u9zIw3chdOR7rIuTLlvse0ex2Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.240.0/22
195.95.132.0/24
IPv6:
2a09:b240::/29
Signature Algorithm: sha256WithRSAEncryption
10:4d:1a:66:a0:1a:d3:27:90:d5:9e:f6:23:24:a7:56:a7:48:
8e:6d:76:d3:fe:4e:08:e5:ed:2b:dd:f9:ac:cf:2f:71:f7:68:
07:cd:76:d6:a8:e3:3c:2f:7c:e4:ce:02:67:20:ea:f8:c4:98:
c9:97:db:92:7a:e0:fd:d4:e6:7f:b8:b3:ac:4d:8f:dc:f6:f6:
e0:a7:25:82:c7:28:20:3f:9a:75:9a:a3:47:ec:b5:80:c2:81:
8b:81:cd:dd:05:bb:2e:5a:1d:f1:99:8d:8a:e8:cf:0e:07:2c:
18:ee:c9:f2:47:51:28:e2:f6:6d:44:e9:37:e2:dc:7f:61:ee:
06:b3:87:34:ad:14:38:12:76:5e:b4:9f:c9:b3:04:3c:0f:4b:
81:16:a4:25:97:8a:3d:f1:e4:8c:58:4f:e4:59:23:e1:55:d9:
e1:66:c1:b2:71:02:fa:fe:ab:0e:25:93:9a:a7:2e:dc:86:f5:
fb:57:8c:47:b6:07:57:61:4c:72:b6:aa:ff:71:97:85:b9:93:
7b:76:e3:34:9a:91:18:d0:27:fd:61:8f:36:c2:3a:c2:37:b7:
4a:14:59:ca:fe:b5:dc:fa:d2:a8:24:cf:aa:98:1f:b7:95:1c:
1a:c3:9e:27:45:c5:89:2b:67:ab:ed:b8:66:01:94:4e:4e:01:
47:b6:54:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+mLQpCpO+9IJRk/6L5I1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZGNjOGMzNzcyMTc0ZTQ3YmFjOGI5MzJlNWJlYzdiNDdi
MWQ5MmIwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQxM2M2ZGE2NTU1MzUzNWQyOWUzMmUxZmE5MDA3ODVlOWRlMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugdq8MAsrM9yiRLIsoFYm7KeYYT+
/Dyo9j8FckRQC2PkAPANTQpEdgeTYTJMmLOhAZbDQz1YZAndURNt24nuah4boDkl
7Gevznnb5xm1UtjHBI0jMfVii96fpEnUeqxjL5ntgFmsPwKPhJKjL+xjAX+AdOHX
+PXEvqOo/osnymBjSRW7xCFBnSfsAmSyccFFQzb6R7oZSKP/ESpc5IltWy6dMS2g
HM3No/ouXf20JdnpLqq9IDoujJOP4Wthwp6ONbxbVl6f2951DS3Wj0pExsbA9io2
JRA9Z1phS/sW4cLs4/URZ0WiOsgjAZeNdjMY3B8DwXBobntrqZtnIKtpSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLVBPG2mVVNTXSnjLh+pAHheneNFMB8GA1UdIwQY
MBaAFLvcyMN3IXTke6yLky5b7HtHsdkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTl6SXczY2hkT1I3ckl1VExsdnNlMGV4MlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iNjJjMzMtY2M5Yy00YmFmLWEwZWUt
ZWQxNDJlNDY0MzM1LzEvdFVFOGJhWlZVMU5kS2VNdUg2a0FlRjZkNDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iNjJjMzMtY2M5Yy00YmFmLWEwZWUtZWQxNDJlNDY0MzM1
LzEvdTl6SXczY2hkT1I3ckl1VExsdnNlMGV4MlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXHbwAwQA
w1+EMA0EAgACMAcDBQMqCbJAMA0GCSqGSIb3DQEBCwUAA4IBAQAQTRpmoBrTJ5DV
nvYjJKdWp0iObXbT/k4I5e0r3fmszy9x92gHzXbWqOM8L3zkzgJnIOr4xJjJl9uS
euD91OZ/uLOsTY/c9vbgpyWCxyggP5p1mqNH7LWAwoGLgc3dBbsuWh3xmY2K6M8O
BywY7snyR1Eo4vZtROk34tx/Ye4Gs4c0rRQ4EnZetJ/JswQ8D0uBFqQll4o98eSM
WE/kWSPhVdnhZsGycQL6/qsOJZOapy7chvX7V4xHtgdXYUxytqr/cZeFuZN7duM0
mpEY0Cf9YY82wjrCN7dKFFnK/rXc+tKoJM+qmB+3lRwaw54nRcWJK2er7bhmAZRO
TgFHtlQI
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:57 2025 by rpki-client on console.sobornost.net