Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/6xn-nrHQSXs05ccTEOlrbgL9Q4E.roa
File: 6xn-nrHQSXs05ccTEOlrbgL9Q4E.roa (raw, json)
Hash identifier: lUga55GbETOAcYAC/fkbUuqJ6uvOhI9s/yOAAQaczw4=
Subject key identifier: EB:19:FE:9E:B1:D0:49:7B:34:E5:C7:13:10:E9:6B:6E:02:FD:43:81
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0195EC111F94CA1F219FB4A6DC426009B7C7
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/6xn-nrHQSXs05ccTEOlrbgL9Q4E.roa
Signing time: Mon 31 Mar 2025 11:58:19 +0000
ROA not before: Mon 31 Mar 2025 11:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
31.44.46.0/23 maxlen: 23
45.143.158.0/23 maxlen: 24
46.21.29.0/24 maxlen: 24
193.221.216.0/23 maxlen: 23
193.222.104.0/23 maxlen: 24
193.222.105.0/24 maxlen: 24
2a0f:e880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:11:1f:94:ca:1f:21:9f:b4:a6:dc:42:60:09:b7:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Mar 31 11:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb19fe9eb1d0497b34e5c71310e96b6e02fd4381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:14:89:49:a9:6f:b1:33:2e:ed:52:28:6d:98:
9e:fc:30:39:bf:eb:17:cd:97:71:6c:c3:bd:60:58:
7f:ee:21:35:3e:d3:46:f9:d2:fb:3e:29:de:e2:df:
41:c8:fc:7a:f0:d1:25:10:f7:72:85:7e:28:d8:2e:
4a:e8:97:5a:21:21:3b:26:05:60:7a:8a:b8:b5:09:
01:2c:a5:6a:0d:c6:f2:5a:5b:c5:e3:d3:c0:fe:99:
ad:b3:d3:e6:b7:01:dd:da:90:02:6f:9e:88:8d:e8:
5f:20:d4:70:2d:f9:19:fe:93:d7:ab:26:d7:39:23:
6f:14:5c:63:3a:2d:cc:81:1e:4e:d8:68:b2:44:e8:
a1:c3:fd:61:e3:51:7a:a5:bb:3a:e5:14:cb:05:57:
b0:20:19:f6:4c:57:1e:86:9c:1f:02:e1:5c:6f:95:
3f:e1:7d:0d:aa:bf:39:8d:bf:d4:cb:69:41:cb:f0:
10:72:b5:37:19:5d:f2:62:e6:8d:eb:c2:94:72:26:
9f:68:7c:20:dc:38:dd:25:ef:ef:24:e2:d7:9b:10:
fc:42:9a:b6:7a:8f:2a:da:77:3f:3e:e6:d5:f3:b5:
87:48:d1:59:ec:4e:73:0d:be:ed:e7:d4:8e:c5:27:
53:fd:ec:da:b9:fd:f6:d0:68:ce:e1:2c:01:fc:3c:
57:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:19:FE:9E:B1:D0:49:7B:34:E5:C7:13:10:E9:6B:6E:02:FD:43:81
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/6xn-nrHQSXs05ccTEOlrbgL9Q4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
45.143.158.0/23
46.21.29.0/24
193.221.216.0/23
193.222.104.0/23
IPv6:
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
16:5a:08:71:62:7d:b4:4d:40:2d:b9:eb:38:93:82:c7:e3:a9:
f0:7e:17:15:a7:41:f7:40:d6:05:1e:ef:2a:4b:a9:04:d2:ca:
cf:e2:a2:b4:f3:68:98:a6:20:2c:f5:95:5f:24:50:31:fd:1c:
50:6e:eb:fd:22:9c:b0:96:22:a0:88:47:dd:0e:85:37:b9:2c:
9b:9b:70:c3:9d:b7:75:e6:e0:79:24:35:bd:fe:22:19:a4:1a:
07:89:9b:40:4e:39:d1:fe:c6:57:2a:da:2d:d0:80:b0:6e:e0:
65:94:44:ab:16:ec:17:12:c2:cd:8e:87:8d:9a:d6:aa:97:f6:
fa:6c:d6:eb:62:10:47:02:9e:c2:30:af:bc:fb:c7:3a:65:17:
5a:29:82:96:c3:33:93:a5:7c:bb:d7:42:47:6d:5a:52:23:3b:
0a:d1:4a:40:c1:91:cf:a4:85:58:d2:ea:e8:31:e1:df:d8:53:
2b:4e:99:e2:e2:04:44:aa:2c:6e:95:7a:88:a9:3e:9d:ee:df:
97:82:07:bc:86:03:70:56:43:c9:d4:c4:44:a9:a6:cb:d1:50:
a4:2d:30:bd:bd:75:9c:27:d6:f6:44:82:41:b0:24:f3:45:10:
76:1e:cb:36:84:e3:21:7d:76:45:d8:07:ff:2d:60:3c:5e:74:
33:ae:75:26
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZXsER+Uyh8hn7Sm3EJgCbfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUwMzMxMTE1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjE5ZmU5ZWIxZDA0OTdiMzRlNWM3MTMxMGU5NmI2ZTAyZmQ0MzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBSJSalvsTMu7VIobZie/DA5v+sX
zZdxbMO9YFh/7iE1PtNG+dL7Pine4t9ByPx68NElEPdyhX4o2C5K6JdaISE7JgVg
eoq4tQkBLKVqDcbyWlvF49PA/pmts9PmtwHd2pACb56IjehfINRwLfkZ/pPXqybX
OSNvFFxjOi3MgR5O2GiyROihw/1h41F6pbs65RTLBVewIBn2TFcehpwfAuFcb5U/
4X0Nqr85jb/Uy2lBy/AQcrU3GV3yYuaN68KUciafaHwg3DjdJe/vJOLXmxD8Qpq2
eo8q2nc/PubV87WHSNFZ7E5zDb7t59SOxSdT/ezauf320GjO4SwB/DxXGwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOsZ/p6x0El7NOXHExDpa24C/UOBMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvNnhuLW5ySFFTWHMwNWNjVEVPbHJiZ0w5UTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEHywgAwQB
LY+eAwQALhUdAwQBwd3YAwQBwd5oMA0EAgACMAcDBQMqD+iAMA0GCSqGSIb3DQEB
CwUAA4IBAQAWWghxYn20TUAtues4k4LH46nwfhcVp0H3QNYFHu8qS6kE0srP4qK0
82iYpiAs9ZVfJFAx/RxQbuv9IpywliKgiEfdDoU3uSybm3DDnbd15uB5JDW9/iIZ
pBoHiZtATjnR/sZXKtot0ICwbuBllESrFuwXEsLNjoeNmtaql/b6bNbrYhBHAp7C
MK+8+8c6ZRdaKYKWwzOTpXy710JHbVpSIzsK0UpAwZHPpIVY0uroMeHf2FMrTpni
4gREqixulXqIqT6d7t+Xgge8hgNwVkPJ1MREqabL0VCkLTC9vXWcJ9b2RIJBsCTz
RRB2Hss2hOMhfXZF2Af/LWA8XnQzrnUm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net