Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/Q_hIcWDqn-PPQ56DLKDjeCBoXsw.roa
File: Q_hIcWDqn-PPQ56DLKDjeCBoXsw.roa (raw, json)
Hash identifier: MwFedjwgPwjvhrH7DUyYSiNCIyagEddbNZKwfOKaBy4=
Subject key identifier: 43:F8:48:71:60:EA:9F:E3:CF:43:9E:83:2C:A0:E3:78:20:68:5E:CC
Certificate issuer: /CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Certificate serial: 019422FC1A87BB62BA456508055B8AA23BB3
Authority key identifier: 8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/Q_hIcWDqn-PPQ56DLKDjeCBoXsw.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28859
IP address blocks: 212.94.32.0/20 maxlen: 20
212.94.56.0/21 maxlen: 21
2a02:368::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1a:87:bb:62:ba:45:65:08:05:5b:8a:a2:3b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43f8487160ea9fe3cf439e832ca0e37820685ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ac:1c:68:f0:80:63:18:fb:82:6f:32:7a:63:
c6:58:64:ad:41:85:98:df:f2:7b:02:36:99:d6:1c:
60:c7:f4:2a:6c:b3:59:bd:40:d8:d6:77:92:55:e3:
8d:76:d1:18:39:6f:bd:dc:a5:10:06:28:b4:e4:dc:
9a:4a:e0:d3:f8:86:23:fe:8b:5f:69:c8:28:20:48:
9b:9f:bd:18:cd:a7:ed:db:50:f5:1a:be:aa:ac:a0:
bf:6e:0e:30:f9:74:61:dc:d3:18:67:f4:12:bc:57:
46:c4:2b:4b:22:1d:a2:62:c0:c2:81:50:70:5d:ad:
ca:0b:e9:02:04:76:d2:f5:b3:9a:23:61:1c:c7:1d:
87:9f:18:46:8e:05:4e:45:63:88:93:f3:37:69:1d:
d5:8d:b6:a7:c8:68:b8:3b:e0:e1:ec:f9:4f:54:e5:
74:7f:41:0a:5b:73:4c:0a:43:32:f8:f7:6a:c3:01:
1b:28:eb:44:c7:3f:e8:82:67:27:90:9f:d8:81:5f:
35:88:f5:33:11:43:d3:47:7d:5f:8e:1f:01:2e:36:
2d:1f:72:70:72:fe:da:8a:9f:9e:79:fe:77:b0:be:
4b:7d:eb:fc:c1:6d:74:16:ae:80:ed:d9:ce:89:a7:
dc:28:64:94:fc:ea:1c:c5:e8:f7:9d:02:4e:cd:20:
82:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F8:48:71:60:EA:9F:E3:CF:43:9E:83:2C:A0:E3:78:20:68:5E:CC
X509v3 Authority Key Identifier:
keyid:8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/Q_hIcWDqn-PPQ56DLKDjeCBoXsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/i9rBinrVAbp-oTVnkJ8X5PcydBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.94.32.0/20
212.94.56.0/21
IPv6:
2a02:368::/32
Signature Algorithm: sha256WithRSAEncryption
05:c4:8f:09:01:b9:a0:8d:23:09:16:ad:a0:76:4d:18:64:e6:
93:70:0d:f7:71:12:c3:7a:cf:8c:b2:50:d3:e1:23:46:c1:26:
45:4b:86:7b:50:90:b2:6d:d4:41:76:c5:16:ef:24:df:e5:12:
17:60:d9:90:9c:32:de:c4:89:1e:44:50:09:f4:d8:66:ea:01:
be:64:af:e7:cd:54:57:a9:8f:9d:dc:58:70:f9:36:3e:83:dd:
a1:a7:dc:ef:39:ca:36:b1:11:46:17:f7:6b:45:2c:ad:55:be:
92:a8:82:a2:23:c7:e5:61:ce:ec:ed:7f:3f:56:1e:d7:fa:84:
b8:53:aa:a8:28:cc:f7:83:eb:2e:18:9f:4b:01:15:d0:79:54:
f0:63:a3:2e:13:09:34:dd:48:8c:e9:aa:28:3e:3e:61:b7:02:
30:46:2a:59:d3:77:16:4e:dc:11:6e:f1:7b:88:ca:a1:20:a6:
98:37:d8:2f:98:55:a1:6f:4c:03:22:4f:d4:ad:72:48:a3:87:
7a:51:ba:60:f8:1e:6a:cf:ed:7b:b1:08:73:01:ea:06:16:a1:
c9:4b:e9:7d:61:f1:e0:1f:d5:9a:e5:a4:92:a8:6a:ac:bf:ce:
ab:f0:ec:63:8c:af:43:9b:5b:f0:07:5f:82:ff:33:c7:19:b6:
b5:dd:63:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi/BqHu2K6RWUIBVuKojuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGFjMThhN2FkNTAxYmE3ZWExMzU2NzkwOWYxN2U0Zjcz
Mjc0MTMwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y4NDg3MTYwZWE5ZmUzY2Y0MzllODMyY2EwZTM3ODIwNjg1ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKwcaPCAYxj7gm8yemPGWGStQYWY
3/J7AjaZ1hxgx/QqbLNZvUDY1neSVeONdtEYOW+93KUQBii05NyaSuDT+IYj/otf
acgoIEibn70Yzaft21D1Gr6qrKC/bg4w+XRh3NMYZ/QSvFdGxCtLIh2iYsDCgVBw
Xa3KC+kCBHbS9bOaI2Ecxx2HnxhGjgVORWOIk/M3aR3VjbanyGi4O+Dh7PlPVOV0
f0EKW3NMCkMy+PdqwwEbKOtExz/ogmcnkJ/YgV81iPUzEUPTR31fjh8BLjYtH3Jw
cv7aip+eef53sL5Lfev8wW10Fq6A7dnOiafcKGSU/Oocxej3nQJOzSCCXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEP4SHFg6p/jz0Oegyyg43ggaF7MMB8GA1UdIwQY
MBaAFIvawYp61QG6fqE1Z5CfF+T3MnQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzkt
YzNjYzVkZTFlY2U5LzEvUV9oSWNXRHFuLVBQUTU2RExLRGplQ0JvWHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzktYzNjYzVkZTFlY2U5
LzEvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQE1F4gAwQD
1F44MA0EAgACMAcDBQAqAgNoMA0GCSqGSIb3DQEBCwUAA4IBAQAFxI8JAbmgjSMJ
Fq2gdk0YZOaTcA33cRLDes+MslDT4SNGwSZFS4Z7UJCybdRBdsUW7yTf5RIXYNmQ
nDLexIkeRFAJ9Nhm6gG+ZK/nzVRXqY+d3Fhw+TY+g92hp9zvOco2sRFGF/drRSyt
Vb6SqIKiI8flYc7s7X8/Vh7X+oS4U6qoKMz3g+suGJ9LARXQeVTwY6MuEwk03UiM
6aooPj5htwIwRipZ03cWTtwRbvF7iMqhIKaYN9gvmFWhb0wDIk/UrXJIo4d6Ubpg
+B5qz+17sQhzAeoGFqHJS+l9YfHgH9Wa5aSSqGqsv86r8OxjjK9Dm1vwB1+C/zPH
Gba13WM1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:47 2025 by rpki-client on console.sobornost.net