Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/6OJY_cLGBp28NDNyp5KhfLaq0T4.roa
File: 6OJY_cLGBp28NDNyp5KhfLaq0T4.roa (raw, json)
Hash identifier: Q7dSDBkkqsY0c5wjzpyUd8BOdypnvTRmRZWsgkhxLKs=
Subject key identifier: E8:E2:58:FD:C2:C6:06:9D:BC:34:33:72:A7:92:A1:7C:B6:AA:D1:3E
Certificate issuer: /CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Certificate serial: 0194A6A3976AF180CEB08818E461E6DE2582
Authority key identifier: AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/6OJY_cLGBp28NDNyp5KhfLaq0T4.roa
Signing time: Mon 27 Jan 2025 07:22:06 +0000
ROA not before: Mon 27 Jan 2025 07:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12552
IP address blocks: 62.102.144.0/22 maxlen: 22
62.109.32.0/19 maxlen: 19
62.209.160.0/19 maxlen: 19
65.99.128.0/18 maxlen: 18
82.99.0.0/18 maxlen: 18
83.145.0.0/18 maxlen: 18
85.112.160.0/19 maxlen: 19
85.112.184.0/22 maxlen: 22
94.246.64.0/18 maxlen: 18
146.185.8.0/21 maxlen: 21
178.248.24.0/22 maxlen: 22
185.178.140.0/22 maxlen: 22
185.178.143.0/24 maxlen: 24
185.181.216.0/22 maxlen: 22
185.183.152.0/22 maxlen: 22
185.190.144.0/22 maxlen: 22
185.199.168.0/22 maxlen: 22
185.205.224.0/22 maxlen: 22
185.205.226.0/24 maxlen: 24
212.16.160.0/19 maxlen: 19
212.37.0.0/19 maxlen: 19
212.112.160.0/19 maxlen: 19
213.80.0.0/18 maxlen: 18
213.80.64.0/19 maxlen: 19
213.132.96.0/19 maxlen: 19
213.212.0.0/18 maxlen: 18
217.140.112.0/20 maxlen: 20
2a01:2b0::/29 maxlen: 29
2a0a:6380::/29 maxlen: 29
2a0a:a040::/29 maxlen: 29
2a0a:a040::/32 maxlen: 32
2a0a:a041::/32 maxlen: 32
2a0a:d381::/32 maxlen: 32
2a0a:d381:100::/40 maxlen: 40
2a0a:d381:200::/40 maxlen: 40
2a0a:d381:400::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a6:a3:97:6a:f1:80:ce:b0:88:18:e4:61:e6:de:25:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Validity
Not Before: Jan 27 07:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8e258fdc2c6069dbc343372a792a17cb6aad13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:47:c1:52:e4:1b:c0:a7:35:a6:fd:19:9c:ec:
7b:5f:24:c2:13:c0:ca:fd:1a:7c:13:6c:5c:15:cc:
6f:1a:1c:f2:f0:fd:e3:54:0c:f0:7d:d0:49:a6:0a:
c7:ed:31:b8:2c:7e:33:39:db:6b:00:86:f2:a5:c9:
14:5b:ed:ad:ea:83:7b:eb:ac:a4:0f:5c:b8:75:c9:
81:3f:d0:8e:b1:cf:e8:28:f0:d8:49:0a:ff:03:c9:
2c:ac:e0:ee:e3:8f:3e:4f:1e:21:77:5e:d6:e9:e1:
3f:0b:a8:44:b5:f7:88:70:ca:fa:bd:5d:be:f9:58:
10:66:a2:97:0a:a5:e5:49:92:9b:c3:8d:b9:2d:2f:
be:05:59:fd:9d:25:2b:a7:34:68:6a:51:30:ef:f8:
3a:41:8a:ec:9f:31:0f:38:cc:85:73:03:b7:6f:8c:
34:97:84:9d:98:0a:b2:da:62:75:dc:16:58:bc:1f:
5f:15:e4:30:2b:69:7c:c6:ef:a0:9a:e4:6f:37:84:
f6:b4:89:6b:95:80:d5:a9:36:79:ab:4d:43:67:2d:
e8:10:bd:55:a4:fa:8b:3b:a6:ac:5e:61:cc:d0:79:
bc:39:bc:fd:ff:5c:04:09:18:03:7e:11:37:2d:b8:
e2:31:7a:d1:95:fe:9d:ba:93:30:5d:74:af:ba:56:
bb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E2:58:FD:C2:C6:06:9D:BC:34:33:72:A7:92:A1:7C:B6:AA:D1:3E
X509v3 Authority Key Identifier:
keyid:AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/6OJY_cLGBp28NDNyp5KhfLaq0T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.102.144.0/22
62.109.32.0/19
62.209.160.0/19
65.99.128.0/18
82.99.0.0/18
83.145.0.0/18
85.112.160.0/19
94.246.64.0/18
146.185.8.0/21
178.248.24.0/22
185.178.140.0/22
185.181.216.0/22
185.183.152.0/22
185.190.144.0/22
185.199.168.0/22
185.205.224.0/22
212.16.160.0/19
212.37.0.0/19
212.112.160.0/19
213.80.0.0-213.80.95.255
213.132.96.0/19
213.212.0.0/18
217.140.112.0/20
IPv6:
2a01:2b0::/29
2a0a:6380::/29
2a0a:a040::/29
2a0a:d381::/32
Signature Algorithm: sha256WithRSAEncryption
75:cc:4f:c6:c8:a5:15:96:8b:60:ae:f7:3c:80:4d:0b:77:70:
9c:b5:68:ca:44:d2:92:26:ad:94:79:cc:95:74:41:83:e3:3c:
bd:ad:a6:53:ca:02:2d:e2:e7:a8:31:e1:e8:f4:b7:e2:e7:fc:
1a:2b:c3:ce:09:01:2b:53:c0:9b:f6:22:38:7c:9e:8f:fc:ed:
00:bc:25:66:21:77:93:43:d7:69:0c:7d:5d:fe:70:ff:e9:bf:
76:22:0d:73:fe:77:fb:de:4d:13:02:c8:0a:c2:f7:3b:f4:4b:
38:d5:a9:d7:17:2e:f7:ec:db:53:f8:29:31:c8:d6:02:ba:89:
38:dd:84:16:22:bd:ba:c1:67:c3:18:4b:ee:b9:9f:85:c1:51:
ed:52:0f:05:92:0f:4c:a9:85:30:8f:70:53:5e:80:f9:92:e3:
e7:d1:89:fe:33:08:8c:16:5c:a3:7a:36:43:91:48:ff:05:d3:
d7:55:c2:07:39:7d:b0:fc:20:26:d5:ab:93:cc:84:fc:06:fa:
ba:09:7b:7c:77:4b:c6:5a:7f:ca:3a:77:77:33:6a:a6:0f:f8:
fc:2f:58:cc:34:e0:d7:3a:a3:2e:85:09:f5:d6:c1:2f:bf:0f:
0e:a8:d1:7a:53:a3:bd:38:23:5b:be:60:27:e4:2b:51:92:91:
17:9f:0f:fa
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZSmo5dq8YDOsIgY5GHm3iWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM4NTAzZDcyOTMxNjI2ZGNiOGQxZTk0NmIyYWUwNmE3
M2QwMmUwHhcNMjUwMTI3MDcyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGUyNThmZGMyYzYwNjlkYmMzNDMzNzJhNzkyYTE3Y2I2YWFkMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkfBUuQbwKc1pv0ZnOx7XyTCE8DK
/Rp8E2xcFcxvGhzy8P3jVAzwfdBJpgrH7TG4LH4zOdtrAIbypckUW+2t6oN766yk
D1y4dcmBP9COsc/oKPDYSQr/A8ksrODu448+Tx4hd17W6eE/C6hEtfeIcMr6vV2+
+VgQZqKXCqXlSZKbw425LS++BVn9nSUrpzRoalEw7/g6QYrsnzEPOMyFcwO3b4w0
l4SdmAqy2mJ13BZYvB9fFeQwK2l8xu+gmuRvN4T2tIlrlYDVqTZ5q01DZy3oEL1V
pPqLO6asXmHM0Hm8Obz9/1wECRgDfhE3LbjiMXrRlf6dupMwXXSvula7ZQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFOjiWP3CxgadvDQzcqeSoXy2qtE+MB8GA1UdIwQY
MBaAFK+ThQPXKTFibcuNHpRrKuBqc9AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYt
M2I4YjBkMWE1OWE5LzEvNk9KWV9jTEdCcDI4TkROeXA1S2hmTGFxMFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYtM2I4YjBkMWE1OWE5
LzEvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBmAQCAAEwgZEDBAI+
ZpADBAU+bSADBAU+0aADBAZBY4ADBAZSYwADBAZTkQADBAVVcKADBAZe9kADBAOS
uQgDBAKy+BgDBAK5sowDBAK5tdgDBAK5t5gDBAK5vpADBAK5x6gDBAK5zeADBAXU
EKADBAXUJQADBAXUcKAwCwMDBNVQAwQF1VBAAwQF1YRgAwQG1dQAAwQE2YxwMCIE
AgACMBwDBQMqAQKwAwUDKgpjgAMFAyoKoEADBQAqCtOBMA0GCSqGSIb3DQEBCwUA
A4IBAQB1zE/GyKUVlotgrvc8gE0Ld3CctWjKRNKSJq2UecyVdEGD4zy9raZTygIt
4ueoMeHo9Lfi5/waK8POCQErU8Cb9iI4fJ6P/O0AvCVmIXeTQ9dpDH1d/nD/6b92
Ig1z/nf73k0TAsgKwvc79Es41anXFy737NtT+CkxyNYCuok43YQWIr26wWfDGEvu
uZ+FwVHtUg8Fkg9MqYUwj3BTXoD5kuPn0Yn+MwiMFlyjejZDkUj/BdPXVcIHOX2w
/CAm1auTzIT8Bvq6CXt8d0vGWn/KOnd3M2qmD/j8L1jMNODXOqMuhQn11sEvvw8O
qNF6U6O9OCNbvmAn5CtRkpEXnw/6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net