Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/u9xJm6a8iv-NU5QCZgFCUyU_CIQ.roa
File: u9xJm6a8iv-NU5QCZgFCUyU_CIQ.roa (raw, json)
Hash identifier: a1ccdr3daMuWhcGyGVwNFs2+CFRCY21VguoNG+TE+38=
Subject key identifier: BB:DC:49:9B:A6:BC:8A:FF:8D:53:94:02:66:01:42:53:25:3F:08:84
Certificate issuer: /CN=9a2ebbbcbe1bf6346ed476b83c7e13a784417acd
Certificate serial: 01942445011FFBCAE1852DD3E835B9AAD295
Authority key identifier: 9A:2E:BB:BC:BE:1B:F6:34:6E:D4:76:B8:3C:7E:13:A7:84:41:7A:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mi67vL4b9jRu1Ha4PH4Tp4RBes0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/u9xJm6a8iv-NU5QCZgFCUyU_CIQ.roa
Signing time: Wed 01 Jan 2025 23:48:09 +0000
ROA not before: Wed 01 Jan 2025 23:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60087
IP address blocks: 46.252.144.0/20 maxlen: 24
81.28.8.0/22 maxlen: 24
86.107.96.0/22 maxlen: 24
89.40.172.0/22 maxlen: 24
185.31.64.0/22 maxlen: 24
2a03:a500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:01:1f:fb:ca:e1:85:2d:d3:e8:35:b9:aa:d2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a2ebbbcbe1bf6346ed476b83c7e13a784417acd
Validity
Not Before: Jan 1 23:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbdc499ba6bc8aff8d53940266014253253f0884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d9:65:fa:08:f4:29:09:b8:4f:aa:09:d2:3d:
d3:5a:75:f9:a1:76:84:03:fb:25:9f:c7:a8:55:78:
d3:78:27:b3:30:6d:9d:a0:f0:7f:58:0b:9b:03:7e:
0c:92:b3:14:4b:2e:bb:7f:9b:21:21:34:f0:ad:91:
61:fd:90:e9:a6:05:2e:52:39:a7:5d:aa:81:91:69:
08:7c:69:c0:ba:1f:73:e5:02:5e:e0:78:ea:66:46:
5d:98:38:1b:e3:a3:96:7e:c1:e2:8b:47:3d:2f:4a:
1e:22:cb:8d:a7:90:84:c5:1f:3a:7e:1c:66:51:51:
40:00:01:56:aa:04:a3:01:87:af:f2:5f:72:42:13:
83:85:84:6f:b8:85:46:30:7a:13:7a:d2:07:79:79:
62:00:9c:bf:e5:58:fb:5b:88:c3:31:23:b0:8c:03:
4f:df:59:b6:5c:f3:ed:e5:09:6c:8f:4d:e0:8a:15:
20:7d:2c:01:3a:0f:c2:6c:fa:8d:9f:21:28:96:a9:
fb:62:99:f2:f7:d6:ab:8f:ba:f0:43:f7:cd:3d:7e:
24:a4:22:f0:71:ef:1a:f2:38:c4:5b:40:22:82:f6:
81:c1:11:54:17:ab:04:4e:8e:92:97:b9:70:6a:88:
c1:a3:6d:c8:0d:9e:2b:cf:cf:66:04:23:29:f1:ba:
8f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DC:49:9B:A6:BC:8A:FF:8D:53:94:02:66:01:42:53:25:3F:08:84
X509v3 Authority Key Identifier:
keyid:9A:2E:BB:BC:BE:1B:F6:34:6E:D4:76:B8:3C:7E:13:A7:84:41:7A:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mi67vL4b9jRu1Ha4PH4Tp4RBes0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/u9xJm6a8iv-NU5QCZgFCUyU_CIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/mi67vL4b9jRu1Ha4PH4Tp4RBes0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.144.0/20
81.28.8.0/22
86.107.96.0/22
89.40.172.0/22
185.31.64.0/22
IPv6:
2a03:a500::/32
Signature Algorithm: sha256WithRSAEncryption
8f:c4:5d:e8:26:e8:08:c1:13:36:ea:f0:fd:a3:b1:1f:10:38:
18:e9:33:d3:37:e9:fb:82:a6:3f:9e:f3:9d:06:3a:5f:ae:0e:
6c:96:9e:20:12:f6:60:12:b4:75:ad:da:fe:49:09:8f:40:c5:
4c:56:1f:8e:a7:d5:4b:1b:72:12:06:13:e6:ed:03:f7:b2:ec:
6e:64:47:92:38:70:4a:24:45:85:d0:e6:12:92:8c:32:7e:b7:
0e:dd:f6:e8:8b:ee:8b:93:da:21:f7:cc:44:1f:ff:e1:be:e4:
7c:b6:d4:51:14:b5:ed:a8:ba:20:8c:79:c6:ab:8c:b6:49:8c:
73:ed:ea:58:88:cf:2c:26:f3:44:ce:bf:f5:cf:f1:9c:9a:3f:
6d:f6:16:4e:55:61:91:ab:a6:52:fe:57:b9:8a:6b:1f:50:c1:
b8:0e:0f:ca:0b:97:f9:b1:90:f4:23:da:30:31:03:e1:1c:42:
c3:e1:6e:0b:de:33:13:91:45:87:b9:90:02:18:62:04:72:42:
23:ec:e1:e5:e0:f7:8a:f5:81:b1:2f:39:9d:9e:4e:b0:63:25:
b1:1a:66:16:7b:21:48:f1:34:13:44:eb:2a:9c:4b:fa:8f:33:
b1:cf:51:a8:68:49:f5:f0:d4:1d:d6:28:a3:22:56:e9:2f:8b:
56:af:6c:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQkRQEf+8rhhS3T6DW5qtKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMmViYmJjYmUxYmY2MzQ2ZWQ0NzZiODNjN2UxM2E3ODQ0
MTdhY2QwHhcNMjUwMTAxMjM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmRjNDk5YmE2YmM4YWZmOGQ1Mzk0MDI2NjAxNDI1MzI1M2YwODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtll+gj0KQm4T6oJ0j3TWnX5oXaE
A/sln8eoVXjTeCezMG2doPB/WAubA34MkrMUSy67f5shITTwrZFh/ZDppgUuUjmn
XaqBkWkIfGnAuh9z5QJe4HjqZkZdmDgb46OWfsHii0c9L0oeIsuNp5CExR86fhxm
UVFAAAFWqgSjAYev8l9yQhODhYRvuIVGMHoTetIHeXliAJy/5Vj7W4jDMSOwjANP
31m2XPPt5Qlsj03gihUgfSwBOg/CbPqNnyEolqn7Ypny99arj7rwQ/fNPX4kpCLw
ce8a8jjEW0AigvaBwRFUF6sETo6Sl7lwaojBo23IDZ4rz89mBCMp8bqPCwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLvcSZumvIr/jVOUAmYBQlMlPwiEMB8GA1UdIwQY
MBaAFJouu7y+G/Y0btR2uDx+E6eEQXrNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWk2N3ZMNGI5alJ1MUhhNFBINFRwNFJCZXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xYTFjYmUtMjE3ZC00MzRiLWFkYTEt
NDRlMjE5YTllOTZlLzEvdTl4Sm02YThpdi1OVTVRQ1pnRkNVeVVfQ0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xYTFjYmUtMjE3ZC00MzRiLWFkYTEtNDRlMjE5YTllOTZl
LzEvbWk2N3ZMNGI5alJ1MUhhNFBINFRwNFJCZXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELvyQAwQC
URwIAwQCVmtgAwQCWSisAwQCuR9AMA0EAgACMAcDBQAqA6UAMA0GCSqGSIb3DQEB
CwUAA4IBAQCPxF3oJugIwRM26vD9o7EfEDgY6TPTN+n7gqY/nvOdBjpfrg5slp4g
EvZgErR1rdr+SQmPQMVMVh+Op9VLG3ISBhPm7QP3suxuZEeSOHBKJEWF0OYSkowy
frcO3fboi+6Lk9oh98xEH//hvuR8ttRRFLXtqLogjHnGq4y2SYxz7epYiM8sJvNE
zr/1z/Gcmj9t9hZOVWGRq6ZS/le5imsfUMG4Dg/KC5f5sZD0I9owMQPhHELD4W4L
3jMTkUWHuZACGGIEckIj7OHl4PeK9YGxLzmdnk6wYyWxGmYWeyFI8TQTROsqnEv6
jzOxz1GoaEn18NQd1iijIlbpL4tWr2zj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:54 2025 by rpki-client on console.sobornost.net