Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/q9uMRJMivdNIUmR3cIXWE4hBpI0.roa
File: q9uMRJMivdNIUmR3cIXWE4hBpI0.roa (raw, json)
Hash identifier: k+Mam0ND2lwJk85PckjyzqHvxu7FYX4bMXDwNQs3Kx0=
Subject key identifier: AB:DB:8C:44:93:22:BD:D3:48:52:64:77:70:85:D6:13:88:41:A4:8D
Certificate issuer: /CN=a5b21061a3ead7410e0450dbbf2170fe0c938bb1
Certificate serial: 0194244485A145EA276D1E0AD00F38AADC6E
Authority key identifier: A5:B2:10:61:A3:EA:D7:41:0E:04:50:DB:BF:21:70:FE:0C:93:8B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbIQYaPq10EOBFDbvyFw_gyTi7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/q9uMRJMivdNIUmR3cIXWE4hBpI0.roa
Signing time: Wed 01 Jan 2025 23:47:37 +0000
ROA not before: Wed 01 Jan 2025 23:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34946
IP address blocks: 80.244.192.0/20 maxlen: 20
92.42.72.0/21 maxlen: 21
185.16.92.0/22 maxlen: 22
2a00:f600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:85:a1:45:ea:27:6d:1e:0a:d0:0f:38:aa:dc:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b21061a3ead7410e0450dbbf2170fe0c938bb1
Validity
Not Before: Jan 1 23:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abdb8c449322bdd3485264777085d6138841a48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ba:12:c5:c9:fc:6c:9d:78:09:d1:cf:a3:8c:
f0:20:29:0f:46:c7:f9:d7:5a:34:21:a7:37:91:10:
91:e6:a1:54:6f:a7:e6:92:f2:93:87:df:ce:0c:32:
e3:c8:75:29:55:d3:1f:09:09:a5:61:14:4d:34:7a:
25:ff:04:fa:2e:18:65:1b:88:fb:06:95:25:f3:ba:
93:a7:8a:af:e3:7f:11:69:4f:b6:b7:4c:bf:9c:0a:
85:f1:08:19:f8:f1:90:b0:ec:db:60:bf:bb:76:f8:
07:e5:92:71:22:7d:33:3e:d5:32:14:4b:83:fa:5a:
5a:15:12:14:0e:d0:89:fb:8b:ac:ca:c9:18:fa:1f:
85:6d:47:a1:62:ae:d6:f6:32:84:67:b5:8e:e3:3c:
29:00:bc:75:40:3c:f8:42:4c:a3:b6:f2:ac:89:a9:
ed:8c:3c:30:11:1f:4d:74:b4:0b:5f:cb:23:4e:10:
17:cc:53:d6:70:19:f7:d4:d5:fd:32:b9:ca:51:ae:
39:ba:4a:6a:62:91:96:b9:ff:f7:8c:3d:c4:e8:bf:
9e:4f:9e:7f:e9:fa:91:1d:25:5a:ab:3c:e8:61:af:
ae:2a:43:99:60:d8:2d:f5:87:e8:89:b3:c7:6a:88:
22:af:0c:eb:e4:96:7a:4e:8c:d5:2e:95:92:75:64:
64:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DB:8C:44:93:22:BD:D3:48:52:64:77:70:85:D6:13:88:41:A4:8D
X509v3 Authority Key Identifier:
keyid:A5:B2:10:61:A3:EA:D7:41:0E:04:50:DB:BF:21:70:FE:0C:93:8B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbIQYaPq10EOBFDbvyFw_gyTi7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/q9uMRJMivdNIUmR3cIXWE4hBpI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ffac4d-a272-4e6c-9431-a0883c0b095b/1/pbIQYaPq10EOBFDbvyFw_gyTi7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.192.0/20
92.42.72.0/21
185.16.92.0/22
IPv6:
2a00:f600::/32
Signature Algorithm: sha256WithRSAEncryption
6e:b2:62:31:08:1f:c3:de:18:23:ef:a4:80:7d:86:f5:83:02:
6e:9b:ea:74:76:be:d6:53:db:ae:4f:03:df:b4:2d:de:4e:f9:
f1:9a:ae:55:09:ef:76:e4:fa:13:70:97:d0:bb:c2:07:f0:64:
db:82:95:c7:2e:ac:8e:7f:b4:bf:71:e0:36:9e:01:b1:f3:36:
1a:f4:03:50:d4:ba:03:33:cc:2f:ac:22:49:b1:43:ba:5e:05:
e7:60:80:7f:0d:f6:a2:b5:da:f6:aa:66:9e:e7:b8:5d:ef:d7:
3a:32:7c:db:d3:56:e2:56:19:78:37:6f:3c:c1:b5:dd:45:5d:
e3:23:39:81:04:f1:23:04:a2:8a:c1:02:77:76:4b:c0:b9:d7:
0f:aa:70:19:b2:02:a6:de:db:a9:01:29:31:e6:fe:e3:3f:47:
14:34:5c:90:00:83:be:d7:43:9b:bf:2f:25:a8:f5:3c:06:ae:
80:aa:f0:8c:2c:bc:8d:6d:e7:4d:83:31:96:a2:fc:d0:39:0a:
9c:64:60:36:e6:8b:5e:90:cc:33:e6:ee:f9:18:4b:33:e7:54:
84:37:bb:53:5a:70:b5:85:df:57:87:7b:e0:c0:1c:e1:d9:c3:
ee:9b:ab:8f:8c:20:5e:33:22:cc:c3:6d:16:82:ef:a3:cf:57:
b2:9c:b8:47
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQkRIWhReonbR4K0A84qtxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjIxMDYxYTNlYWQ3NDEwZTA0NTBkYmJmMjE3MGZlMGM5
MzhiYjEwHhcNMjUwMTAxMjM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRiOGM0NDkzMjJiZGQzNDg1MjY0Nzc3MDg1ZDYxMzg4NDFhNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLoSxcn8bJ14CdHPo4zwICkPRsf5
11o0Iac3kRCR5qFUb6fmkvKTh9/ODDLjyHUpVdMfCQmlYRRNNHol/wT6LhhlG4j7
BpUl87qTp4qv438RaU+2t0y/nAqF8QgZ+PGQsOzbYL+7dvgH5ZJxIn0zPtUyFEuD
+lpaFRIUDtCJ+4usyskY+h+FbUehYq7W9jKEZ7WO4zwpALx1QDz4QkyjtvKsiant
jDwwER9NdLQLX8sjThAXzFPWcBn31NX9MrnKUa45ukpqYpGWuf/3jD3E6L+eT55/
6fqRHSVaqzzoYa+uKkOZYNgt9YfoibPHaogirwzr5JZ6TozVLpWSdWRkPQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKvbjESTIr3TSFJkd3CF1hOIQaSNMB8GA1UdIwQY
MBaAFKWyEGGj6tdBDgRQ278hcP4Mk4uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJJUVlhUHExMEVPQkZEYnZ5RndfZ3lUaTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9mZmFjNGQtYTI3Mi00ZTZjLTk0MzEt
YTA4ODNjMGIwOTViLzEvcTl1TVJKTWl2ZE5JVW1SM2NJWFdFNGhCcEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9mZmFjNGQtYTI3Mi00ZTZjLTk0MzEtYTA4ODNjMGIwOTVi
LzEvcGJJUVlhUHExMEVPQkZEYnZ5RndfZ3lUaTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPTAAwQD
XCpIAwQCuRBcMA0EAgACMAcDBQAqAPYAMA0GCSqGSIb3DQEBCwUAA4IBAQBusmIx
CB/D3hgj76SAfYb1gwJum+p0dr7WU9uuTwPftC3eTvnxmq5VCe925PoTcJfQu8IH
8GTbgpXHLqyOf7S/ceA2ngGx8zYa9ANQ1LoDM8wvrCJJsUO6XgXnYIB/Dfaitdr2
qmae57hd79c6Mnzb01biVhl4N288wbXdRV3jIzmBBPEjBKKKwQJ3dkvAudcPqnAZ
sgKm3tupASkx5v7jP0cUNFyQAIO+10Obvy8lqPU8Bq6AqvCMLLyNbedNgzGWovzQ
OQqcZGA25otekMwz5u75GEsz51SEN7tTWnC1hd9Xh3vgwBzh2cPum6uPjCBeMyLM
w20Wgu+jz1eynLhH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:27 2025 by rpki-client on console.sobornost.net