Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/Nq1isTWXGFgDMfQsWjLkSFAz9YU.roa
File: Nq1isTWXGFgDMfQsWjLkSFAz9YU.roa (raw, json)
Hash identifier: cOanxi0n0S0i8MlV6jtoZzMtSVudeCiiZSom6UuFfg0=
Subject key identifier: 36:AD:62:B1:35:97:18:58:03:31:F4:2C:5A:32:E4:48:50:33:F5:85
Certificate issuer: /CN=bd063d944bb81fc31cba11499dd006eb4ece9624
Certificate serial: 019421B1C92A00E809B8919B3C7962D23968
Authority key identifier: BD:06:3D:94:4B:B8:1F:C3:1C:BA:11:49:9D:D0:06:EB:4E:CE:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/Nq1isTWXGFgDMfQsWjLkSFAz9YU.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48971
IP address blocks: 94.231.80.0/20 maxlen: 20
94.231.80.0/21 maxlen: 21
94.231.80.0/24 maxlen: 24
94.231.88.0/21 maxlen: 21
94.231.93.0/24 maxlen: 24
94.231.94.0/24 maxlen: 24
185.19.84.0/22 maxlen: 22
195.2.228.0/23 maxlen: 23
2a00:41c0::/29 maxlen: 29
2a00:41c0::/32 maxlen: 32
2a00:41c0:7::/48 maxlen: 48
2a00:41c0:8::/48 maxlen: 48
2a00:41c0:9::/48 maxlen: 48
2a00:41c0:10::/48 maxlen: 48
2a00:41c0:11::/48 maxlen: 48
2a00:41c0:14::/48 maxlen: 48
2a00:41c0:16::/48 maxlen: 48
2a00:41c0:19::/48 maxlen: 48
2a00:41c0:20::/48 maxlen: 48
2a00:41c0:21::/48 maxlen: 48
2a00:41c0:81::/48 maxlen: 48
2a00:41c0:a8::/47 maxlen: 47
2a00:41c0:185::/48 maxlen: 48
2a00:41c0:194::/48 maxlen: 48
2a00:41c0:a11::/48 maxlen: 48
2a00:41c0:a21::/48 maxlen: 48
2a00:41c0:a94::/48 maxlen: 48
2a00:41c0:b94::/48 maxlen: 48
2a00:41c0:e94::/48 maxlen: 48
2a00:41c0:1185::/48 maxlen: 48
2a00:41c0:a121::/48 maxlen: 48
2a00:41c0:a123::/48 maxlen: 48
2a00:41c0:a185::/48 maxlen: 48
2a00:41c0:a186::/48 maxlen: 48
2a00:41c0:d185::/48 maxlen: 48
2a00:41c0:f185::/48 maxlen: 48
2a00:41c0:f231::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c9:2a:00:e8:09:b8:91:9b:3c:79:62:d2:39:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd063d944bb81fc31cba11499dd006eb4ece9624
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36ad62b1359718580331f42c5a32e4485033f585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:94:3f:c1:21:34:1c:ca:c0:0b:f9:2f:f4:
36:5c:a0:75:b8:33:f8:23:79:9d:a9:e7:40:2f:f3:
ad:a2:bd:ed:9d:0d:77:95:40:03:e2:9f:ed:e1:bf:
5c:3b:58:1e:58:f7:9b:7b:f5:22:d9:d7:af:5c:68:
b6:5e:8a:e1:35:63:c8:53:21:c8:eb:d3:1e:09:82:
fc:f7:f3:c9:ff:b5:4d:65:9d:8a:e6:50:18:a6:26:
db:b0:c9:58:44:99:6d:37:56:ed:7f:2f:29:cb:36:
99:f7:eb:17:6c:f7:26:b4:4a:f3:e4:0e:18:e5:0e:
ba:59:20:c0:95:d3:b3:e7:4b:78:d0:57:93:ce:7b:
df:ef:b5:e4:f3:3f:3c:85:55:96:31:ad:b0:e4:47:
8f:1f:d9:d2:64:de:ab:49:56:bd:ae:90:cb:f4:6d:
d7:b3:dd:d9:d1:cc:52:a0:44:61:66:3f:ea:8d:11:
5b:fb:7b:1f:8c:55:c9:0e:e9:68:0f:79:68:3f:86:
14:da:ae:cd:17:d6:c3:4c:f5:15:71:41:6b:e5:7a:
6e:ac:06:81:4e:45:b8:77:67:5c:cd:d9:d4:05:1e:
99:93:a8:4e:02:3c:a7:87:aa:a2:ac:ad:46:11:aa:
12:26:9c:b4:2b:16:5b:1f:34:7f:56:dd:69:04:ac:
58:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AD:62:B1:35:97:18:58:03:31:F4:2C:5A:32:E4:48:50:33:F5:85
X509v3 Authority Key Identifier:
keyid:BD:06:3D:94:4B:B8:1F:C3:1C:BA:11:49:9D:D0:06:EB:4E:CE:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/Nq1isTWXGFgDMfQsWjLkSFAz9YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.80.0/20
185.19.84.0/22
195.2.228.0/23
IPv6:
2a00:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
c6:1b:4c:b3:1e:e7:b5:bd:ec:09:9e:b0:69:f5:50:2f:21:f9:
59:da:de:1d:dd:c6:cf:a5:8f:11:fb:f7:a5:48:4f:b9:02:07:
1a:a1:2e:13:ef:7b:e6:84:dd:06:f1:05:35:76:9a:ce:ec:27:
6e:be:fa:d7:c1:ad:f8:44:d3:90:33:06:29:c4:36:cf:33:d5:
17:7e:21:56:7d:e8:8c:88:47:af:3d:d8:48:14:06:6e:58:1d:
6c:97:e7:e6:de:3b:b9:3b:ff:eb:a9:ea:96:f9:7d:96:ca:c1:
46:7c:92:ef:a9:21:80:8c:3c:bc:5e:d1:b6:cb:e1:2f:3f:e2:
c4:49:4a:6d:65:d3:37:ed:4e:6a:5d:0a:b6:e6:dd:7e:a1:fd:
fb:11:80:af:08:de:c3:f6:b0:62:ac:f6:f2:e9:cb:a8:28:52:
24:18:37:cd:3b:2d:f1:b3:9a:47:3e:2f:46:a3:a9:fb:3b:22:
ca:da:34:a8:23:69:18:f3:8a:cd:42:11:1e:9e:42:aa:f0:3c:
56:70:50:5a:57:be:ba:c1:f1:5e:b7:e6:42:37:a3:a1:b8:da:
1b:21:58:9d:e0:7c:25:c1:4d:13:f1:be:3c:51:57:d3:6a:6c:
52:be:4c:24:b2:7f:28:d5:ea:4d:b2:b4:b9:4c:71:38:d3:00:
aa:c7:08:88
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhsckqAOgJuJGbPHli0jloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDYzZDk0NGJiODFmYzMxY2JhMTE0OTlkZDAwNmViNGVj
ZTk2MjQwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFkNjJiMTM1OTcxODU4MDMzMWY0MmM1YTMyZTQ0ODUwMzNmNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCyUP8EhNBzKwAv5L/Q2XKB1uDP4
I3mdqedAL/Otor3tnQ13lUAD4p/t4b9cO1geWPebe/Ui2devXGi2XorhNWPIUyHI
69MeCYL89/PJ/7VNZZ2K5lAYpibbsMlYRJltN1btfy8pyzaZ9+sXbPcmtErz5A4Y
5Q66WSDAldOz50t40FeTznvf77Xk8z88hVWWMa2w5EePH9nSZN6rSVa9rpDL9G3X
s93Z0cxSoERhZj/qjRFb+3sfjFXJDuloD3loP4YU2q7NF9bDTPUVcUFr5XpurAaB
TkW4d2dczdnUBR6Zk6hOAjynh6qirK1GEaoSJpy0KxZbHzR/Vt1pBKxYnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDatYrE1lxhYAzH0LFoy5EhQM/WFMB8GA1UdIwQY
MBaAFL0GPZRLuB/DHLoRSZ3QButOzpYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFZOWxFdTRIOE1jdWhGSm5kQUc2MDdPbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lYmZjM2QtNTRmYy00NjQzLWJlNTYt
ZWE3MGEyOWM3NmYwLzEvTnExaXNUV1hHRmdETWZRc1dqTGtTRkF6OVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9lYmZjM2QtNTRmYy00NjQzLWJlNTYtZWE3MGEyOWM3NmYw
LzEvdlFZOWxFdTRIOE1jdWhGSm5kQUc2MDdPbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEXudQAwQC
uRNUAwQBwwLkMA0EAgACMAcDBQMqAEHAMA0GCSqGSIb3DQEBCwUAA4IBAQDGG0yz
Hue1vewJnrBp9VAvIflZ2t4d3cbPpY8R+/elSE+5AgcaoS4T73vmhN0G8QU1dprO
7CduvvrXwa34RNOQMwYpxDbPM9UXfiFWfeiMiEevPdhIFAZuWB1sl+fm3ju5O//r
qeqW+X2WysFGfJLvqSGAjDy8XtG2y+EvP+LESUptZdM37U5qXQq25t1+of37EYCv
CN7D9rBirPby6cuoKFIkGDfNOy3xs5pHPi9Go6n7OyLK2jSoI2kY84rNQhEenkKq
8DxWcFBaV766wfFet+ZCN6OhuNobIVid4HwlwU0T8b48UVfTamxSvkwksn8o1epN
srS5THE40wCqxwiI
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net