Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/tHCbVYNtXVasJFwcwAVRKNWN-3Q.roa
File: tHCbVYNtXVasJFwcwAVRKNWN-3Q.roa (raw, json)
Hash identifier: Ww9of/U+//ROw//qlU2ic3DOqjTFR4h9CkZcVWZJb4E=
Subject key identifier: B4:70:9B:55:83:6D:5D:56:AC:24:5C:1C:C0:05:51:28:D5:8D:FB:74
Certificate issuer: /CN=02df81268829301f3d69eb96f8ac617fa25256a1
Certificate serial: 019424449290FA9FB7905679F8B038CA744C
Authority key identifier: 02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/tHCbVYNtXVasJFwcwAVRKNWN-3Q.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47638
IP address blocks: 23.90.64.0/22 maxlen: 24
91.229.174.0/23 maxlen: 24
91.237.197.0/24 maxlen: 24
185.59.204.0/22 maxlen: 24
2001:67c:248c::/48 maxlen: 48
2a02:6da0::/29 maxlen: 32
2a02:6da0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:92:90:fa:9f:b7:90:56:79:f8:b0:38:ca:74:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02df81268829301f3d69eb96f8ac617fa25256a1
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4709b55836d5d56ac245c1cc0055128d58dfb74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:59:27:97:98:e7:6c:b1:75:d9:bd:9c:bc:f0:
67:d1:f8:68:a5:4b:b9:e1:6b:00:9f:7e:5f:a6:07:
cf:94:6e:74:21:64:31:8d:5f:88:f9:22:83:22:3d:
f5:18:a8:1e:35:9b:ca:cf:eb:26:ba:8f:bb:cd:d7:
04:5e:c4:48:70:5f:96:19:13:4e:bb:3d:49:36:18:
dc:f4:6f:3c:48:e7:6c:1a:aa:97:d0:d9:a7:18:d7:
b3:00:70:bb:0b:44:73:d8:6c:16:0a:55:af:ce:c5:
57:06:b1:67:b7:7c:90:fa:72:8c:bb:f0:17:a7:82:
f3:21:db:60:45:45:26:05:4f:02:cf:fd:13:15:7e:
99:42:97:af:0c:62:e5:49:db:86:aa:cf:a6:46:f0:
92:26:91:7a:6d:50:73:c7:64:e7:74:fb:9c:89:d8:
78:97:6c:ae:ff:9c:4a:5f:a4:84:ba:17:86:ee:15:
11:42:f1:7e:d1:13:a4:af:6f:c1:5e:7e:1b:f2:70:
ec:01:b1:fa:3c:d4:37:dc:c2:3b:39:1e:12:8a:fc:
3e:7f:d2:ec:b2:e6:5d:7c:d8:f4:41:5a:6d:3e:19:
67:00:1d:12:31:7d:ce:30:ab:a8:e1:85:6a:13:1f:
42:82:d1:ef:0c:c6:e8:2a:9f:72:c1:7c:06:bc:30:
17:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:70:9B:55:83:6D:5D:56:AC:24:5C:1C:C0:05:51:28:D5:8D:FB:74
X509v3 Authority Key Identifier:
keyid:02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/tHCbVYNtXVasJFwcwAVRKNWN-3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/At-BJogpMB89aeuW-Kxhf6JSVqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.64.0/22
91.229.174.0/23
91.237.197.0/24
185.59.204.0/22
IPv6:
2001:67c:248c::/48
2a02:6da0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:5c:fb:d5:8d:ce:38:af:ad:12:99:69:3f:f9:2b:e9:33:e9:
f9:1d:ae:29:41:60:a0:f2:a4:c5:6f:28:16:bc:4b:2a:11:fa:
6f:a1:27:8c:cf:fa:e6:31:fc:dd:3d:9b:10:3e:42:bc:96:7c:
0a:fc:a0:c1:48:c0:1f:4b:da:6f:16:b4:b2:0b:cb:37:db:90:
db:18:80:3a:be:03:81:49:c4:5d:7e:bd:aa:90:ec:2f:91:79:
a4:3a:68:76:ec:ac:b4:d1:3a:51:6b:29:d9:3b:9f:45:61:8f:
31:bc:7c:25:52:a5:93:7a:f6:ce:2f:b1:76:68:ba:0b:86:1f:
e4:3d:e6:41:2a:a4:cd:ad:c5:7f:4f:94:68:99:e6:6d:2b:bc:
35:66:3e:60:10:54:de:3a:98:47:31:71:49:99:6f:0f:2b:1a:
4b:39:6b:04:86:56:24:59:ab:2f:5f:42:da:0b:21:21:27:69:
1b:87:34:76:60:a2:b2:1a:fb:df:3b:f7:75:91:8b:b9:fb:11:
e7:c3:f3:2b:a7:e1:30:7b:8a:8d:0d:11:77:67:a0:5a:5c:82:
68:67:fe:da:2d:0c:aa:98:bf:7c:b5:2b:cf:a7:da:40:c0:89:
db:56:ff:f1:3d:39:3d:d1:ff:34:d6:00:6b:f2:10:55:0c:ff:
72:52:a6:dd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQkRJKQ+p+3kFZ5+LA4ynRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZGY4MTI2ODgyOTMwMWYzZDY5ZWI5NmY4YWM2MTdmYTI1
MjU2YTEwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcwOWI1NTgzNmQ1ZDU2YWMyNDVjMWNjMDA1NTEyOGQ1OGRmYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVknl5jnbLF12b2cvPBn0fhopUu5
4WsAn35fpgfPlG50IWQxjV+I+SKDIj31GKgeNZvKz+smuo+7zdcEXsRIcF+WGRNO
uz1JNhjc9G88SOdsGqqX0NmnGNezAHC7C0Rz2GwWClWvzsVXBrFnt3yQ+nKMu/AX
p4LzIdtgRUUmBU8Cz/0TFX6ZQpevDGLlSduGqs+mRvCSJpF6bVBzx2TndPucidh4
l2yu/5xKX6SEuheG7hURQvF+0ROkr2/BXn4b8nDsAbH6PNQ33MI7OR4Sivw+f9Ls
suZdfNj0QVptPhlnAB0SMX3OMKuo4YVqEx9CgtHvDMboKp9ywXwGvDAX8wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLRwm1WDbV1WrCRcHMAFUSjVjft0MB8GA1UdIwQY
MBaAFALfgSaIKTAfPWnrlvisYX+iUlahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXQtQkpvZ3BNQjg5YWV1Vy1LeGhmNkpTVnFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wNjE3MTYtMDljNi00ODM4LWIxY2It
M2U4NmQyYzI5OTY5LzEvdEhDYlZZTnRYVmFzSkZ3Y3dBVlJLTldOLTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wNjE3MTYtMDljNi00ODM4LWIxY2ItM2U4NmQyYzI5OTY5
LzEvQXQtQkpvZ3BNQjg5YWV1Vy1LeGhmNkpTVnFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCF1pAAwQB
W+WuAwQAW+3FAwQCuTvMMBYEAgACMBADBwAgAQZ8JIwDBQMqAm2gMA0GCSqGSIb3
DQEBCwUAA4IBAQBvXPvVjc44r60SmWk/+SvpM+n5Ha4pQWCg8qTFbygWvEsqEfpv
oSeMz/rmMfzdPZsQPkK8lnwK/KDBSMAfS9pvFrSyC8s325DbGIA6vgOBScRdfr2q
kOwvkXmkOmh27Ky00TpRaynZO59FYY8xvHwlUqWTevbOL7F2aLoLhh/kPeZBKqTN
rcV/T5RomeZtK7w1Zj5gEFTeOphHMXFJmW8PKxpLOWsEhlYkWasvX0LaCyEhJ2kb
hzR2YKKyGvvfO/d1kYu5+xHnw/Mrp+Ewe4qNDRF3Z6BaXIJoZ/7aLQyqmL98tSvP
p9pAwInbVv/xPTk90f801gBr8hBVDP9yUqbd
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net