Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/pFH6DHW2s5KsXhoSMia6hZQZzt0.roa
File: pFH6DHW2s5KsXhoSMia6hZQZzt0.roa (raw, json)
Hash identifier: eNJrzW8rXB10B8GQwblM7wVFPW8bxQ19CVHU34yh2No=
Subject key identifier: A4:51:FA:0C:75:B6:B3:92:AC:5E:1A:12:32:26:BA:85:94:19:CE:DD
Certificate issuer: /CN=2e2f84f555a666aa0c04a8fbe7dc1910075f5658
Certificate serial: 0194228DC29FD1F1B92B12E9C6FD1D3A710A
Authority key identifier: 2E:2F:84:F5:55:A6:66:AA:0C:04:A8:FB:E7:DC:19:10:07:5F:56:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Li-E9VWmZqoMBKj759wZEAdfVlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/pFH6DHW2s5KsXhoSMia6hZQZzt0.roa
Signing time: Wed 01 Jan 2025 15:48:23 +0000
ROA not before: Wed 01 Jan 2025 15:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41090
IP address blocks: 93.95.232.0/21 maxlen: 21
185.14.0.0/22 maxlen: 22
195.189.64.0/22 maxlen: 22
2a00:c000::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c2:9f:d1:f1:b9:2b:12:e9:c6:fd:1d:3a:71:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e2f84f555a666aa0c04a8fbe7dc1910075f5658
Validity
Not Before: Jan 1 15:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a451fa0c75b6b392ac5e1a123226ba859419cedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:93:da:8d:b3:87:b5:c3:c4:62:ee:1e:10:d4:
68:73:36:c9:6c:b7:3f:7d:d7:8a:32:6d:af:3c:fc:
f5:82:3e:47:49:25:f9:40:9c:96:bb:0d:2a:eb:a1:
d5:52:94:cf:79:c6:9f:9f:46:96:4b:cd:21:e1:e7:
14:6c:ec:1e:09:d7:a3:16:08:5a:45:65:e0:88:24:
4e:4a:b1:b2:21:4e:41:6e:a1:65:db:43:da:09:26:
2b:d7:23:51:1d:f3:fc:b2:ad:0a:2b:82:e4:d4:e0:
ab:dc:27:57:20:62:71:85:93:b7:89:42:0d:0d:3a:
2c:fb:82:9d:9c:11:91:60:2b:fd:8e:a5:07:2f:f4:
98:1e:4e:05:60:0f:75:75:a7:e0:8f:c4:32:70:b4:
b1:c4:6b:73:e5:72:38:09:27:86:b2:61:2b:d9:60:
a3:fb:41:1f:54:9d:b4:73:aa:94:64:db:3b:04:db:
d5:7d:c6:b7:20:27:02:ec:10:50:4b:f7:5f:b1:85:
5b:92:1f:3a:1c:7e:4e:81:11:fb:90:87:02:24:6d:
40:4c:d8:a0:6b:55:b0:98:e2:27:2a:54:61:dd:07:
8c:1d:58:9e:44:d5:a4:b2:59:53:fa:c6:08:d7:02:
54:f8:87:c4:73:ac:a3:dd:9d:32:8a:f2:54:a8:7f:
a8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:51:FA:0C:75:B6:B3:92:AC:5E:1A:12:32:26:BA:85:94:19:CE:DD
X509v3 Authority Key Identifier:
keyid:2E:2F:84:F5:55:A6:66:AA:0C:04:A8:FB:E7:DC:19:10:07:5F:56:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Li-E9VWmZqoMBKj759wZEAdfVlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/pFH6DHW2s5KsXhoSMia6hZQZzt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/Li-E9VWmZqoMBKj759wZEAdfVlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.232.0/21
185.14.0.0/22
195.189.64.0/22
IPv6:
2a00:c000::/32
Signature Algorithm: sha256WithRSAEncryption
44:98:6a:56:ae:05:d4:72:70:0f:a1:d6:1a:ed:6b:c6:74:7a:
ba:a1:77:4f:02:1e:18:0b:cb:fc:b2:39:0c:c1:93:b4:4c:77:
c6:0e:47:4c:a2:29:d5:ca:fc:c0:f1:8c:9c:4f:65:f9:b2:a6:
3b:52:04:1e:57:9b:01:c6:1b:d3:1e:f6:7e:f7:50:91:9f:ab:
b1:45:64:40:29:a5:8e:e8:2d:03:2c:f1:28:1c:ba:03:1f:44:
c3:98:30:44:d6:0f:7d:1c:bb:b5:a9:a2:4a:76:4b:8c:d8:d9:
1c:7e:86:05:66:57:07:ec:5c:13:dd:99:5e:ad:aa:6f:f2:c6:
73:1f:5f:fd:2b:04:82:ec:1e:65:ff:df:d5:b0:f0:82:5c:c7:
b4:65:b3:63:f5:63:f8:ff:07:70:dd:ff:8e:9c:45:ce:bb:db:
70:8e:c7:fe:4f:38:be:9e:d7:a1:33:93:36:ac:fc:61:34:16:
46:85:ca:da:06:40:88:63:eb:bb:28:f5:5b:eb:bd:d0:81:9b:
91:e3:86:0f:5d:45:6f:f6:e2:51:a6:84:72:11:24:ad:3f:ed:
6a:30:6e:02:f2:81:fe:1b:4d:d3:46:91:18:4a:ae:fe:21:09:
4b:c7:8d:e1:46:06:f9:38:ff:b8:cc:23:e4:61:62:c1:98:35:
a3:e7:5d:fc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijcKf0fG5KxLpxv0dOnEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMmY4NGY1NTVhNjY2YWEwYzA0YThmYmU3ZGMxOTEwMDc1
ZjU2NTgwHhcNMjUwMTAxMTU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDUxZmEwYzc1YjZiMzkyYWM1ZTFhMTIzMjI2YmE4NTk0MTljZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZPajbOHtcPEYu4eENRoczbJbLc/
fdeKMm2vPPz1gj5HSSX5QJyWuw0q66HVUpTPecafn0aWS80h4ecUbOweCdejFgha
RWXgiCROSrGyIU5BbqFl20PaCSYr1yNRHfP8sq0KK4Lk1OCr3CdXIGJxhZO3iUIN
DTos+4KdnBGRYCv9jqUHL/SYHk4FYA91dafgj8QycLSxxGtz5XI4CSeGsmEr2WCj
+0EfVJ20c6qUZNs7BNvVfca3ICcC7BBQS/dfsYVbkh86HH5OgRH7kIcCJG1ATNig
a1WwmOInKlRh3QeMHVieRNWksllT+sYI1wJU+IfEc6yj3Z0yivJUqH+o8wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKRR+gx1trOSrF4aEjImuoWUGc7dMB8GA1UdIwQY
MBaAFC4vhPVVpmaqDASo++fcGRAHX1ZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGktRTlWV21acW9NQktqNzU5d1pFQWRmVmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yNDhlNmYtYjFmYi00ZGE3LTk3ZGQt
OTU0MzcyOTY1YzVlLzEvcEZINkRIVzJzNUtzWGhvU01pYTZoWlFaenQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yNDhlNmYtYjFmYi00ZGE3LTk3ZGQtOTU0MzcyOTY1YzVl
LzEvTGktRTlWV21acW9NQktqNzU5d1pFQWRmVmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV/oAwQC
uQ4AAwQCw71AMA0EAgACMAcDBQAqAMAAMA0GCSqGSIb3DQEBCwUAA4IBAQBEmGpW
rgXUcnAPodYa7WvGdHq6oXdPAh4YC8v8sjkMwZO0THfGDkdMoinVyvzA8YycT2X5
sqY7UgQeV5sBxhvTHvZ+91CRn6uxRWRAKaWO6C0DLPEoHLoDH0TDmDBE1g99HLu1
qaJKdkuM2NkcfoYFZlcH7FwT3Zlerapv8sZzH1/9KwSC7B5l/9/VsPCCXMe0ZbNj
9WP4/wdw3f+OnEXOu9twjsf+Tzi+ntehM5M2rPxhNBZGhcraBkCIY+u7KPVb673Q
gZuR44YPXUVv9uJRpoRyESStP+1qMG4C8oH+G03TRpEYSq7+IQlLx43hRgb5OP+4
zCPkYWLBmDWj5138
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net