Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/2bYs7PVS9vbk3gmceQdPuYzDug4.roa
File: 2bYs7PVS9vbk3gmceQdPuYzDug4.roa (raw, json)
Hash identifier: k3dZthvfWyQzvC+U6rmGwHQgT8fOHfEAZV2Jm+IhW1U=
Subject key identifier: D9:B6:2C:EC:F5:52:F6:F6:E4:DE:09:9C:79:07:4F:B9:8C:C3:BA:0E
Certificate issuer: /CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Certificate serial: 019421B1E58E655B19C016EE64B0843CCB8F
Authority key identifier: 46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/2bYs7PVS9vbk3gmceQdPuYzDug4.roa
Signing time: Wed 01 Jan 2025 11:48:14 +0000
ROA not before: Wed 01 Jan 2025 11:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29695
IP address blocks: 5.152.136.0/21 maxlen: 21
5.172.182.0/24 maxlen: 24
45.14.52.0/22 maxlen: 22
79.160.0.0/15 maxlen: 24
80.203.0.0/17 maxlen: 17
81.166.0.0/15 maxlen: 24
84.234.128.0/17 maxlen: 24
89.11.128.0/17 maxlen: 17
92.220.0.0/15 maxlen: 21
109.247.0.0/16 maxlen: 21
141.0.64.0/18 maxlen: 18
213.167.96.0/19 maxlen: 19
2a01:798::/29 maxlen: 32
2a11:5100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e5:8e:65:5b:19:c0:16:ee:64:b0:84:3c:cb:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Validity
Not Before: Jan 1 11:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b62cecf552f6f6e4de099c79074fb98cc3ba0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:c8:10:58:f7:fe:59:5f:1a:c0:30:13:c0:ae:
13:8b:0e:e7:3f:fa:68:bf:4a:41:eb:36:64:82:82:
6c:cf:10:47:d6:e9:a5:10:e8:e7:73:cb:3f:87:0f:
f3:71:e2:39:5c:43:7c:82:8b:e3:62:16:e6:5c:17:
2c:07:04:28:67:99:16:98:87:24:bd:b9:3a:bd:f3:
2b:e3:13:e5:ef:c4:40:de:cf:62:26:8e:b8:1d:a7:
b5:1d:b4:37:42:34:25:b1:81:82:80:4c:fe:16:f7:
bc:71:0c:1a:c1:64:f5:9d:d3:ce:52:d7:0b:2b:51:
3b:bb:19:1e:b5:2d:ed:cf:e7:2f:fc:5d:f6:62:c7:
54:c7:1d:43:39:32:9b:26:d0:6b:c8:14:70:73:b5:
fd:14:85:84:c6:03:c5:9b:87:c1:7c:79:40:6b:46:
5f:ab:23:fb:d8:88:cc:cf:b9:1c:62:a7:41:34:3d:
6b:34:27:c8:8e:8f:ec:2f:6a:d9:db:34:9c:df:84:
a7:fd:d6:d7:d8:42:ed:a8:62:d9:77:dc:91:70:3f:
f8:03:22:77:25:ec:e4:ec:c1:b9:7d:7d:1f:76:11:
72:94:45:90:d2:94:58:f9:a4:16:16:63:35:e9:21:
9d:09:23:58:07:2f:bb:04:17:b6:4b:08:17:32:0a:
c7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B6:2C:EC:F5:52:F6:F6:E4:DE:09:9C:79:07:4F:B9:8C:C3:BA:0E
X509v3 Authority Key Identifier:
keyid:46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/2bYs7PVS9vbk3gmceQdPuYzDug4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.136.0/21
5.172.182.0/24
45.14.52.0/22
79.160.0.0/15
80.203.0.0/17
81.166.0.0/15
84.234.128.0/17
89.11.128.0/17
92.220.0.0/15
109.247.0.0/16
141.0.64.0/18
213.167.96.0/19
IPv6:
2a01:798::/29
2a11:5100::/29
Signature Algorithm: sha256WithRSAEncryption
c9:ab:00:88:e8:08:33:fe:ad:d6:ef:6d:9f:63:07:29:56:b2:
2b:84:8b:61:a6:95:af:15:e9:6a:21:88:4c:69:71:1f:ef:0d:
7f:c9:b5:09:e8:dd:9f:f7:fd:76:87:fa:95:00:7c:5b:79:7e:
fc:d5:ef:4e:51:42:3e:ed:3f:b4:32:1d:ee:25:b6:b3:e7:eb:
84:88:d1:73:92:38:3d:31:52:ff:05:4f:0e:13:92:25:a4:ce:
19:ad:b5:8f:05:ee:a7:a7:a1:11:e1:4e:cc:3c:4f:63:00:40:
7a:b7:b2:48:56:26:e0:b6:7f:ed:98:e9:2e:68:be:3a:38:d1:
cb:e5:15:6f:5a:09:87:ef:65:65:d9:84:6e:bb:b4:49:ab:b2:
ee:54:50:86:c3:48:60:e0:88:fc:bd:be:54:a8:57:be:a1:7b:
d0:04:dc:14:04:b1:25:28:89:85:a1:ab:32:86:f5:2e:46:da:
7c:7b:dc:df:6f:14:0d:04:e0:f9:97:5f:26:d4:f8:a3:e4:30:
f8:d9:b6:93:04:07:e7:76:d3:3f:cc:ac:5c:aa:31:b7:5c:91:
83:fb:14:c3:e1:50:6e:4f:f2:5e:fa:99:b8:37:35:32:4b:4c:
ea:5b:69:67:38:97:56:60:e4:9f:42:34:5e:6a:ec:f3:19:4f:
94:16:c0:e3
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQhseWOZVsZwBbuZLCEPMuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmI4MjE1YjIyNjZkYTNjMGY2Y2E1NWNjN2JhODAwZTlh
ZGUyYTIwHhcNMjUwMTAxMTE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWI2MmNlY2Y1NTJmNmY2ZTRkZTA5OWM3OTA3NGZiOThjYzNiYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+cgQWPf+WV8awDATwK4Tiw7nP/po
v0pB6zZkgoJszxBH1umlEOjnc8s/hw/zceI5XEN8govjYhbmXBcsBwQoZ5kWmIck
vbk6vfMr4xPl78RA3s9iJo64Hae1HbQ3QjQlsYGCgEz+Fve8cQwawWT1ndPOUtcL
K1E7uxketS3tz+cv/F32YsdUxx1DOTKbJtBryBRwc7X9FIWExgPFm4fBfHlAa0Zf
qyP72IjMz7kcYqdBND1rNCfIjo/sL2rZ2zSc34Sn/dbX2ELtqGLZd9yRcD/4AyJ3
Jezk7MG5fX0fdhFylEWQ0pRY+aQWFmM16SGdCSNYBy+7BBe2SwgXMgrH3wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNm2LOz1Uvb25N4JnHkHT7mMw7oOMB8GA1UdIwQY
MBaAFEa7ghWyJm2jwPbKVcx7qADpreKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMt
N2E1NGRiNTllYzJkLzEvMmJZczdQVlM5dmJrM2dtY2VRZFB1WXpEdWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMtN2E1NGRiNTllYzJk
LzEvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQDBZiIAwQA
Bay2AwQCLQ40AwMBT6ADBAdQywADAwFRpgMEB1TqgAMEB1kLgAMDAVzcAwMAbfcD
BAaNAEADBAXVp2AwFAQCAAIwDgMFAyoBB5gDBQMqEVEAMA0GCSqGSIb3DQEBCwUA
A4IBAQDJqwCI6Agz/q3W722fYwcpVrIrhIthppWvFelqIYhMaXEf7w1/ybUJ6N2f
9/12h/qVAHxbeX781e9OUUI+7T+0Mh3uJbaz5+uEiNFzkjg9MVL/BU8OE5IlpM4Z
rbWPBe6np6ER4U7MPE9jAEB6t7JIVibgtn/tmOkuaL46ONHL5RVvWgmH72Vl2YRu
u7RJq7LuVFCGw0hg4Ij8vb5UqFe+oXvQBNwUBLElKImFoasyhvUuRtp8e9zfbxQN
BOD5l18m1Pij5DD42baTBAfndtM/zKxcqjG3XJGD+xTD4VBuT/Je+pm4NzUyS0zq
W2lnOJdWYOSfQjReauzzGU+UFsDj
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:04 2025 by rpki-client on console.sobornost.net