Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/4nbbIZPE7lMynVknJC-6stUmoYo.roa
File: 4nbbIZPE7lMynVknJC-6stUmoYo.roa (raw, json)
Hash identifier: j8BrMo86KajZwqeXtKcHjPQkuBi3fCjbsGPaJU48EAA=
Subject key identifier: E2:76:DB:21:93:C4:EE:53:32:9D:59:27:24:2F:BA:B2:D5:26:A1:8A
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 01942369A1BCC25BAC72A1090F675B2E27CD
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/4nbbIZPE7lMynVknJC-6stUmoYo.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200070
IP address blocks: 185.43.134.0/24 maxlen: 24
193.29.206.0/24 maxlen: 24
194.0.12.0/23 maxlen: 30
194.0.14.0/24 maxlen: 24
212.237.229.0/24 maxlen: 24
2001:678:1::/48 maxlen: 48
2001:678:f::/48 maxlen: 64
2001:678:10::/47 maxlen: 64
2001:148f:fffb::/48 maxlen: 48
2001:148f:fffd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a1:bc:c2:5b:ac:72:a1:09:0f:67:5b:2e:27:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e276db2193c4ee53329d5927242fbab2d526a18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:14:3f:25:8e:f8:28:63:0b:ba:12:6a:5d:93:
68:64:2c:9b:c6:8c:c1:69:08:69:09:2b:07:e7:bd:
95:76:10:35:27:0c:a4:ae:b7:97:98:fd:12:0a:1f:
b9:d6:dc:8c:45:15:a9:cc:36:95:3c:39:a3:09:4c:
7f:13:e5:77:55:b8:a7:e9:f2:c3:e8:5a:2c:01:08:
3c:10:cf:5f:79:a7:04:e9:24:29:c0:b9:ca:16:e0:
de:a0:7f:7e:4e:b4:45:f9:93:f7:ca:50:23:3c:ab:
52:23:14:8e:89:72:50:4c:c2:38:d0:c9:71:6c:45:
5f:e6:2c:74:b3:54:9d:e2:43:bf:04:79:f1:66:da:
a9:28:e3:d4:89:35:8b:af:47:b4:bc:2b:e6:eb:86:
c8:18:23:b7:c0:6b:ab:b7:13:5c:14:87:4d:89:dd:
51:16:43:c4:ea:bc:17:b1:a7:e7:00:7f:9a:67:2c:
98:01:01:39:e8:ef:eb:78:b0:14:67:4f:41:c5:5d:
e8:83:f1:82:34:53:68:b3:c9:04:9a:90:f3:88:3d:
22:62:15:1c:4e:26:f0:e2:32:78:9f:7f:1c:b0:10:
a9:13:08:28:7f:9f:1b:93:f2:e2:1e:20:2f:05:2e:
0d:b2:50:6f:6d:c3:13:91:6c:47:7a:60:92:c2:68:
55:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:76:DB:21:93:C4:EE:53:32:9D:59:27:24:2F:BA:B2:D5:26:A1:8A
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/4nbbIZPE7lMynVknJC-6stUmoYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.134.0/24
193.29.206.0/24
194.0.12.0-194.0.14.255
212.237.229.0/24
IPv6:
2001:678:1::/48
2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
2001:148f:fffb::/48
2001:148f:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
82:6c:da:d9:68:b7:c4:3d:45:0c:1c:f4:40:17:44:f0:aa:0a:
cc:50:2e:99:de:1d:a9:74:38:f4:fe:21:a1:eb:a6:61:94:f9:
73:f9:28:b8:9a:15:a1:d7:8e:35:ad:b1:8d:f2:2d:94:bf:1a:
10:6a:ef:84:e7:e6:04:30:5b:6d:e6:5f:06:cf:5e:4a:27:6b:
b6:25:36:e5:a4:56:a3:45:09:55:6c:c3:f1:78:27:c2:bc:6d:
f5:6c:86:4f:e5:16:23:62:e6:1d:ae:43:58:10:5f:05:fd:26:
38:b8:36:5e:4d:5b:31:af:a4:e3:a9:27:e9:17:7c:4e:85:67:
94:79:4a:fa:ed:bd:48:64:c7:00:be:d5:14:64:6d:29:22:02:
45:ce:5f:fd:8e:5b:8e:90:a5:9f:62:53:24:e5:af:24:ff:be:
71:d9:0a:3d:92:5c:97:60:cc:14:ce:37:e5:59:17:64:43:cf:
ae:6a:17:f3:68:75:80:b0:e9:fc:e3:39:0a:4f:02:fa:39:1f:
be:1b:8f:7d:c8:91:66:55:0d:75:1f:bf:9e:4d:e5:b2:ce:35:
0b:a6:b2:2a:71:87:55:20:aa:15:e2:bd:1b:14:95:7c:f8:5e:
52:a1:a5:72:f5:b5:e3:56:83:9f:43:81:9c:71:1c:2c:ab:b2:
5c:fc:b5:bd
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQjaaG8wluscqEJD2dbLifNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc2ZGIyMTkzYzRlZTUzMzI5ZDU5MjcyNDJmYmFiMmQ1MjZhMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBQ/JY74KGMLuhJqXZNoZCybxozB
aQhpCSsH572VdhA1JwykrreXmP0SCh+51tyMRRWpzDaVPDmjCUx/E+V3Vbin6fLD
6FosAQg8EM9feacE6SQpwLnKFuDeoH9+TrRF+ZP3ylAjPKtSIxSOiXJQTMI40Mlx
bEVf5ix0s1Sd4kO/BHnxZtqpKOPUiTWLr0e0vCvm64bIGCO3wGurtxNcFIdNid1R
FkPE6rwXsafnAH+aZyyYAQE56O/reLAUZ09BxV3og/GCNFNos8kEmpDziD0iYhUc
Tibw4jJ4n38csBCpEwgof58bk/LiHiAvBS4NslBvbcMTkWxHemCSwmhVEQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFOJ22yGTxO5TMp1ZJyQvurLVJqGKMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvNG5iYklaUEU3bE15blZrbkpDLTZzdFVtb1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAmBAIAATAgAwQAuSuGAwQA
wR3OMAwDBALCAAwDBADCAA4DBADU7eUwNQQCAAIwLwMHACABBngAATASAwcAIAEG
eAAPAwcBIAEGeAAQAwcAIAEUj//7AwcAIAEUj//9MA0GCSqGSIb3DQEBCwUAA4IB
AQCCbNrZaLfEPUUMHPRAF0TwqgrMUC6Z3h2pdDj0/iGh66ZhlPlz+Si4mhWh1441
rbGN8i2UvxoQau+E5+YEMFtt5l8Gz15KJ2u2JTblpFajRQlVbMPxeCfCvG31bIZP
5RYjYuYdrkNYEF8F/SY4uDZeTVsxr6TjqSfpF3xOhWeUeUr67b1IZMcAvtUUZG0p
IgJFzl/9jluOkKWfYlMk5a8k/75x2Qo9klyXYMwUzjflWRdkQ8+uahfzaHWAsOn8
4zkKTwL6OR++G499yJFmVQ11H7+eTeWyzjULprIqcYdVIKoV4r0bFJV8+F5SoaVy
9bXjVoOfQ4GccRwsq7Jc/LW9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net