Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/bvvZErx8yb4YddobsQuNGqwzPUw.roa
File: bvvZErx8yb4YddobsQuNGqwzPUw.roa (raw, json)
Hash identifier: qLe1f2hJ1WmPgxP8UHTFIQszxs7kYJ5N6PdJJshRMio=
Subject key identifier: 6E:FB:D9:12:BC:7C:C9:BE:18:75:DA:1B:B1:0B:8D:1A:AC:33:3D:4C
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 019421B1DEE38F35A4073C9CAE91216B4D82
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/bvvZErx8yb4YddobsQuNGqwzPUw.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34863
IP address blocks: 46.226.128.0/21 maxlen: 24
81.23.32.0/20 maxlen: 24
81.23.33.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
85.204.20.0/23 maxlen: 24
85.204.21.0/24 maxlen: 24
85.204.24.0/23 maxlen: 24
85.204.25.0/24 maxlen: 24
89.35.96.0/20 maxlen: 24
185.2.252.0/22 maxlen: 24
185.63.48.0/22 maxlen: 24
185.252.195.0/24 maxlen: 24
188.94.200.0/21 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.201.0/24 maxlen: 24
188.94.202.0/23 maxlen: 23
188.94.204.0/22 maxlen: 22
188.94.206.0/24 maxlen: 24
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:de:e3:8f:35:a4:07:3c:9c:ae:91:21:6b:4d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6efbd912bc7cc9be1875da1bb10b8d1aac333d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a6:d8:d4:bf:34:49:f6:98:75:e9:cb:a0:64:
f7:3b:20:fb:76:d4:c0:c8:4b:7e:51:29:56:be:94:
57:c9:3e:83:2f:8a:ed:2b:00:e3:90:a1:21:c9:25:
15:fd:04:44:d8:6f:6a:88:2e:dd:40:cd:e1:73:7e:
cc:c6:29:ed:5d:ff:4f:f1:aa:29:8a:9c:dd:a9:56:
10:9f:6f:ec:b3:e6:76:b8:d4:b8:11:1e:5c:ce:1d:
ab:15:9b:bf:05:d8:de:b5:c3:40:19:77:73:9c:df:
6a:05:1a:5b:f7:14:b8:8b:e4:c4:78:73:64:e6:c0:
15:db:1a:cf:9c:04:5d:14:35:60:9e:14:0b:c0:69:
1e:6a:14:47:15:b5:40:ba:5a:94:b3:79:96:91:5d:
d6:41:2d:04:04:7a:9f:01:b9:13:a9:a1:13:f0:ba:
75:ce:00:74:5d:d2:c0:47:49:f9:6d:7a:5e:da:b7:
3d:32:20:50:23:6b:b8:12:8b:cd:7f:42:91:18:3c:
26:4f:4b:16:5e:27:d4:7c:0a:70:45:00:12:6e:e8:
bb:59:55:57:71:83:15:9e:a6:d3:a3:b3:46:d7:f7:
aa:57:e8:d7:50:fe:9d:e3:18:de:db:72:ad:81:28:
9d:eb:8a:53:8a:1d:2e:62:ab:6b:e3:b1:a1:23:12:
13:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FB:D9:12:BC:7C:C9:BE:18:75:DA:1B:B1:0B:8D:1A:AC:33:3D:4C
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/bvvZErx8yb4YddobsQuNGqwzPUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
3e:11:41:a6:47:6e:75:cb:f3:20:d8:2b:87:bd:c3:eb:31:da:
c6:60:2f:99:a3:28:6b:3f:1c:36:5e:2e:65:93:22:4c:20:82:
3c:f9:2b:bc:d5:1a:7d:60:56:9a:7f:f6:2a:0a:fd:3e:8f:5a:
88:01:63:12:5b:92:a6:78:2d:a6:8a:7a:60:fc:80:7d:81:b2:
1a:14:33:7b:37:17:72:2b:e0:e6:28:1c:e7:ab:3e:a6:a7:24:
3f:b8:ae:fc:01:61:c8:e8:7b:1d:32:b3:23:b9:00:4e:e6:47:
20:96:d2:f0:a0:76:74:7b:fe:4e:df:9f:4c:c3:4f:e7:af:31:
32:b0:18:ac:39:08:4d:95:89:40:f8:ed:3d:95:43:6c:4a:94:
32:05:cb:90:ed:c4:25:2b:a5:7b:3e:a8:ef:e6:6c:9a:7e:5b:
fd:41:7a:93:0a:f6:f8:4d:0b:a9:e6:8a:2e:e4:c5:fa:ff:8a:
3f:64:f4:c1:7e:90:45:2d:85:91:f0:34:bd:30:e3:8f:70:97:
1d:95:28:e7:35:8a:4f:c8:f1:50:e6:39:56:54:f0:8f:d8:72:
9b:df:24:d8:79:1f:be:07:dd:fc:98:89:62:be:ea:5b:c2:ed:
8f:9a:a1:78:f5:59:7b:58:19:58:bf:83:2a:cf:a2:e0:a2:ff:
dd:9e:d3:7c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQhsd7jjzWkBzycrpEha02CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWZiZDkxMmJjN2NjOWJlMTg3NWRhMWJiMTBiOGQxYWFjMzMzZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKbY1L80SfaYdenLoGT3OyD7dtTA
yEt+USlWvpRXyT6DL4rtKwDjkKEhySUV/QRE2G9qiC7dQM3hc37MxintXf9P8aop
ipzdqVYQn2/ss+Z2uNS4ER5czh2rFZu/BdjetcNAGXdznN9qBRpb9xS4i+TEeHNk
5sAV2xrPnARdFDVgnhQLwGkeahRHFbVAulqUs3mWkV3WQS0EBHqfAbkTqaET8Lp1
zgB0XdLAR0n5bXpe2rc9MiBQI2u4EovNf0KRGDwmT0sWXifUfApwRQASbui7WVVX
cYMVnqbTo7NG1/eqV+jXUP6d4xje23KtgSid64pTih0uYqtr47GhIxITvQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG772RK8fMm+GHXaG7ELjRqsMz1MMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvYnZ2WkVyeDh5YjRZZGRvYnNRdU5HcXd6UFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLuKAAwQE
URcgAwQBVcwUAwQBVcwYAwQEWSNgAwQCuQL8AwQCuT8wAwQAufzDAwQDvF7IMBQE
AgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0BAQsFAAOCAQEAPhFBpkdudcvz
INgrh73D6zHaxmAvmaMoaz8cNl4uZZMiTCCCPPkrvNUafWBWmn/2Kgr9Po9aiAFj
EluSpngtpop6YPyAfYGyGhQzezcXcivg5igc56s+pqckP7iu/AFhyOh7HTKzI7kA
TuZHIJbS8KB2dHv+Tt+fTMNP568xMrAYrDkITZWJQPjtPZVDbEqUMgXLkO3EJSul
ez6o7+Zsmn5b/UF6kwr2+E0LqeaKLuTF+v+KP2T0wX6QRS2FkfA0vTDjj3CXHZUo
5zWKT8jxUOY5VlTwj9hym98k2Hkfvgfd/JiJYr7qW8Ltj5qhePVZe1gZWL+DKs+i
4KL/3Z7TfA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net