Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/qLBwfOuFs3K7TRJtu9mhTqn2oCI.roa
File: qLBwfOuFs3K7TRJtu9mhTqn2oCI.roa (raw, json)
Hash identifier: t1+dGuENDhf8xhcNT9hdJi3ibea4hMiZnxDqhvWQ4xE=
Subject key identifier: A8:B0:70:7C:EB:85:B3:72:BB:4D:12:6D:BB:D9:A1:4E:A9:F6:A0:22
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 019464AFCFF343A0FDC1EDC62F807088BEDE
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/qLBwfOuFs3K7TRJtu9mhTqn2oCI.roa
Signing time: Tue 14 Jan 2025 12:00:31 +0000
ROA not before: Tue 14 Jan 2025 12:00:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44056
IP address blocks: 31.135.224.0/20 maxlen: 20
31.135.226.0/23 maxlen: 23
31.135.228.0/22 maxlen: 22
31.135.232.0/22 maxlen: 22
31.135.236.0/23 maxlen: 23
46.148.128.0/20 maxlen: 20
46.148.128.0/22 maxlen: 22
46.148.143.0/24 maxlen: 24
83.97.104.0/21 maxlen: 21
91.195.130.0/23 maxlen: 23
91.230.146.0/24 maxlen: 24
91.237.186.0/23 maxlen: 23
91.237.186.0/24 maxlen: 24
91.237.187.0/24 maxlen: 24
92.62.116.0/24 maxlen: 24
109.196.64.0/20 maxlen: 24
109.196.64.0/22 maxlen: 22
109.196.68.0/22 maxlen: 22
176.125.192.0/19 maxlen: 19
195.2.238.0/23 maxlen: 23
2a13:2940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:af:cf:f3:43:a0:fd:c1:ed:c6:2f:80:70:88:be:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: Jan 14 12:00:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8b0707ceb85b372bb4d126dbbd9a14ea9f6a022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c5:c7:75:b8:ff:a0:e7:1d:92:d0:c8:c4:81:
27:a0:93:c9:02:15:05:d9:31:f7:e4:de:c7:ba:6e:
20:77:78:56:eb:a4:23:40:e5:1e:59:fe:64:d5:be:
b2:70:ba:0e:68:b8:3d:77:77:11:41:9f:53:08:31:
5e:74:a3:1b:bb:bc:ba:78:ba:07:9b:23:6e:7f:2f:
95:cf:22:7b:2c:b3:b5:13:99:64:bb:85:f9:45:a5:
86:8e:9e:77:b0:75:9e:51:2c:96:71:9e:e7:05:2e:
f5:be:2a:c4:f2:b7:a8:ac:ce:42:83:33:a7:77:f9:
25:27:35:55:f7:48:cb:1c:a7:90:61:aa:93:77:3f:
c7:40:fb:35:e2:b5:b0:54:f6:72:20:d7:46:97:15:
98:9f:3d:5d:aa:fb:ea:b7:bf:78:21:c6:49:19:ea:
33:98:e9:96:5b:16:c8:be:eb:62:7d:fe:da:26:0b:
27:1d:69:55:7f:27:c4:0c:52:31:68:71:b7:e2:9b:
f9:9a:0c:87:82:17:39:6f:49:c1:13:3d:e3:71:97:
c1:cf:a3:c7:d3:8a:07:7f:25:e9:3e:d5:2d:a1:a8:
3c:f0:4b:6c:a0:ee:63:6b:ab:1c:d6:86:b3:eb:24:
db:00:bd:48:92:2f:86:67:f3:ae:ab:e0:d7:e4:fa:
e3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B0:70:7C:EB:85:B3:72:BB:4D:12:6D:BB:D9:A1:4E:A9:F6:A0:22
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/qLBwfOuFs3K7TRJtu9mhTqn2oCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
91.237.186.0/23
92.62.116.0/24
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
IPv6:
2a13:2940::/32
Signature Algorithm: sha256WithRSAEncryption
95:c9:dc:53:56:c1:4f:fa:c1:12:16:a1:ae:a7:51:73:19:44:
94:c7:e6:72:42:37:f6:aa:84:1e:4f:2a:c2:6a:33:5b:80:05:
3a:21:7d:35:89:f4:23:45:eb:ed:0a:da:17:97:67:5f:64:02:
09:3f:98:80:47:57:e9:a2:56:a0:33:fa:84:2f:9c:b6:35:ad:
22:d2:b7:6b:1d:d7:f2:15:37:1c:61:98:8f:2e:72:b8:86:6a:
7b:81:16:ae:4f:2c:6c:1c:69:fd:ea:9d:be:e1:e0:e5:25:42:
88:5d:e6:7f:1e:c6:c6:c5:50:89:0b:d4:ea:31:72:80:f1:bb:
58:cc:70:0f:4d:80:5c:36:4b:35:5d:e6:13:65:dc:71:a0:78:
01:5c:29:01:99:04:be:e0:84:0f:5b:2a:22:b1:bb:df:89:ed:
13:5e:96:cd:c9:db:d0:32:96:6f:3a:54:3c:54:de:27:3a:cb:
45:97:ba:5f:c6:65:13:47:ad:77:f5:0f:d2:21:f4:cd:16:74:
4b:ae:ff:a8:0c:97:4b:c4:20:8f:67:38:0b:7f:b3:77:48:88:
fc:d5:ac:b8:25:f8:ce:b6:93:da:03:fb:47:2e:de:2e:b9:b4:
5a:2b:a3:09:75:7d:8d:32:f6:de:bc:2e:7d:d9:4d:0f:2b:c2:
9c:f4:cd:63
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZRkr8/zQ6D9we3GL4BwiL7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjUwMTE0MTIwMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGIwNzA3Y2ViODViMzcyYmI0ZDEyNmRiYmQ5YTE0ZWE5ZjZhMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMXHdbj/oOcdktDIxIEnoJPJAhUF
2TH35N7Hum4gd3hW66QjQOUeWf5k1b6ycLoOaLg9d3cRQZ9TCDFedKMbu7y6eLoH
myNufy+VzyJ7LLO1E5lku4X5RaWGjp53sHWeUSyWcZ7nBS71virE8reorM5CgzOn
d/klJzVV90jLHKeQYaqTdz/HQPs14rWwVPZyINdGlxWYnz1dqvvqt794IcZJGeoz
mOmWWxbIvutiff7aJgsnHWlVfyfEDFIxaHG34pv5mgyHghc5b0nBEz3jcZfBz6PH
04oHfyXpPtUtoag88EtsoO5ja6sc1oaz6yTbAL1Iki+GZ/Ouq+DX5PrjcQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKiwcHzrhbNyu00SbbvZoU6p9qAiMB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEvcUxCd2ZPdUZzM0s3VFJKdHU5bWhUcW4yb0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQBW+26AwQAXD50AwQEbcRAAwQFsH3AAwQB
wwLuMA0EAgACMAcDBQAqEylAMA0GCSqGSIb3DQEBCwUAA4IBAQCVydxTVsFP+sES
FqGup1FzGUSUx+ZyQjf2qoQeTyrCajNbgAU6IX01ifQjRevtCtoXl2dfZAIJP5iA
R1fpolagM/qEL5y2Na0i0rdrHdfyFTccYZiPLnK4hmp7gRauTyxsHGn96p2+4eDl
JUKIXeZ/HsbGxVCJC9TqMXKA8btYzHAPTYBcNks1XeYTZdxxoHgBXCkBmQS+4IQP
Wyoisbvfie0TXpbNydvQMpZvOlQ8VN4nOstFl7pfxmUTR6139Q/SIfTNFnRLrv+o
DJdLxCCPZzgLf7N3SIj81ay4JfjOtpPaA/tHLt4uubRaK6MJdX2NMvbevC592U0P
K8Kc9M1j
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:59 2025 by rpki-client on console.sobornost.net