Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/9ef66d-2d5f-49d8-904c-7a13a5efaf5e/1/qWxHxzkwFGcxa5jSluitx-sE42Y.roa
File: qWxHxzkwFGcxa5jSluitx-sE42Y.roa (raw, json)
Hash identifier: 3aDiNAN4onF/Cdaq+yTsD+jmRJ2OmMmFOaHRV5Fmhp8=
Subject key identifier: A9:6C:47:C7:39:30:14:67:31:6B:98:D2:96:E8:AD:C7:EB:04:E3:66
Certificate issuer: /CN=346cab594bbda9b440fda7d3974cbd441c98e5c9
Certificate serial: 0194282747044754F3BCBC071024BC823668
Authority key identifier: 34:6C:AB:59:4B:BD:A9:B4:40:FD:A7:D3:97:4C:BD:44:1C:98:E5:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NGyrWUu9qbRA_afTl0y9RByY5ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/9ef66d-2d5f-49d8-904c-7a13a5efaf5e/1/qWxHxzkwFGcxa5jSluitx-sE42Y.roa
Signing time: Thu 02 Jan 2025 17:54:10 +0000
ROA not before: Thu 02 Jan 2025 17:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47217
IP address blocks: 5.11.32.0/21 maxlen: 24
46.21.176.0/20 maxlen: 24
77.244.176.0/20 maxlen: 24
80.244.112.0/20 maxlen: 24
91.212.241.0/24 maxlen: 24
94.102.128.0/20 maxlen: 24
94.185.72.0/21 maxlen: 24
109.233.216.0/21 maxlen: 24
178.251.72.0/21 maxlen: 24
185.4.140.0/22 maxlen: 24
185.200.88.0/22 maxlen: 24
193.41.235.0/24 maxlen: 24
193.169.56.0/23 maxlen: 24
194.69.192.0/24 maxlen: 24
194.69.193.0/24 maxlen: 24
2a02:670::/32 maxlen: 56
2a0a:27c0::/32 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:47:04:47:54:f3:bc:bc:07:10:24:bc:82:36:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=346cab594bbda9b440fda7d3974cbd441c98e5c9
Validity
Not Before: Jan 2 17:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a96c47c739301467316b98d296e8adc7eb04e366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:d8:05:46:ac:33:25:c3:c2:f7:06:f9:d8:
36:9e:67:d4:b5:a8:0f:0d:2c:04:17:b7:df:46:ed:
4e:2f:ae:bf:00:f2:28:0f:53:fb:e1:ee:11:a4:fa:
a8:e1:55:53:0b:80:38:0d:aa:55:59:02:85:1e:e7:
6d:6e:19:cb:ac:a4:ff:ef:2f:de:f8:7f:88:0d:2b:
53:e1:1a:1a:0f:1e:f2:ef:f5:04:97:98:5b:0a:0d:
ed:4a:ce:56:41:0e:33:a0:55:cd:cc:d3:36:00:50:
ef:49:5f:56:c5:c3:c1:01:c8:9d:8c:9e:0d:7d:05:
72:19:52:55:09:9a:cc:75:72:c8:80:71:1e:64:63:
02:85:f3:27:3f:1c:a7:3d:af:f4:b9:64:48:ef:e8:
6f:80:02:44:0d:60:c3:30:22:f5:56:b9:9f:b6:2f:
f3:86:ba:2d:e6:93:d7:a0:a0:a9:23:00:3f:1d:26:
83:d9:a3:20:d6:14:35:c6:d2:d6:a7:ab:02:07:0a:
82:03:c9:58:20:d2:2e:75:f3:23:29:a5:0a:ee:30:
81:b6:17:45:29:11:ae:dc:c8:97:2c:a8:29:90:3a:
3b:f0:12:37:15:99:0b:92:bc:d1:c0:17:3e:fc:17:
16:eb:ee:e3:b4:9e:a6:71:e9:b8:b8:43:39:15:df:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:6C:47:C7:39:30:14:67:31:6B:98:D2:96:E8:AD:C7:EB:04:E3:66
X509v3 Authority Key Identifier:
keyid:34:6C:AB:59:4B:BD:A9:B4:40:FD:A7:D3:97:4C:BD:44:1C:98:E5:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGyrWUu9qbRA_afTl0y9RByY5ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ef66d-2d5f-49d8-904c-7a13a5efaf5e/1/qWxHxzkwFGcxa5jSluitx-sE42Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ef66d-2d5f-49d8-904c-7a13a5efaf5e/1/NGyrWUu9qbRA_afTl0y9RByY5ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.32.0/21
46.21.176.0/20
77.244.176.0/20
80.244.112.0/20
91.212.241.0/24
94.102.128.0/20
94.185.72.0/21
109.233.216.0/21
178.251.72.0/21
185.4.140.0/22
185.200.88.0/22
193.41.235.0/24
193.169.56.0/23
194.69.192.0/23
IPv6:
2a02:670::/32
2a0a:27c0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:32:7d:41:3d:0c:b1:46:0d:99:cc:44:7c:0b:bd:59:a1:c8:
ce:c0:cf:4a:de:ed:62:1c:e8:6f:c6:51:2a:9e:75:00:5a:2c:
79:54:8f:df:de:8c:9c:f4:ac:48:ab:bf:2d:d4:43:6d:65:fa:
37:70:b3:cb:17:1e:ff:0e:02:82:7a:0d:de:ee:37:c7:8c:55:
12:a7:45:88:92:a3:b1:8b:9e:ae:d4:cc:db:57:75:33:a4:42:
1d:c6:e7:a8:e9:e8:3a:a6:bc:9c:a0:ef:90:b3:9f:99:9a:4d:
84:51:38:c4:38:18:d1:92:b8:66:5a:58:c2:ab:1d:0d:ca:d3:
9b:3e:86:13:38:f1:28:62:53:b1:c9:48:55:8d:c7:1e:92:77:
6a:b9:a2:2c:a8:36:40:b8:ea:71:fe:b0:36:6f:65:2b:a9:ae:
4f:e7:c7:fb:a4:36:24:55:75:75:b8:fe:14:0d:75:b4:d7:b7:
f2:0d:a2:b9:a9:7b:ff:73:2e:db:bf:64:cc:13:d0:fd:cb:63:
f8:46:9b:74:ce:d0:e7:a4:4a:1f:c3:dd:0e:b9:0a:ca:8d:62:
de:af:00:3d:31:8f:1c:d9:ad:f7:cd:f6:65:7b:8b:e1:74:52:
84:dd:2f:92:9e:3e:32:30:8b:01:d9:ac:70:90:0e:1b:43:50:
fb:a7:f6:70
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZQoJ0cER1TzvLwHECS8gjZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NmNhYjU5NGJiZGE5YjQ0MGZkYTdkMzk3NGNiZDQ0MWM5
OGU1YzkwHhcNMjUwMTAyMTc1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTZjNDdjNzM5MzAxNDY3MzE2Yjk4ZDI5NmU4YWRjN2ViMDRlMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGrYBUasMyXDwvcG+dg2nmfUtagP
DSwEF7ffRu1OL66/APIoD1P74e4RpPqo4VVTC4A4DapVWQKFHudtbhnLrKT/7y/e
+H+IDStT4RoaDx7y7/UEl5hbCg3tSs5WQQ4zoFXNzNM2AFDvSV9WxcPBAcidjJ4N
fQVyGVJVCZrMdXLIgHEeZGMChfMnPxynPa/0uWRI7+hvgAJEDWDDMCL1Vrmfti/z
hrot5pPXoKCpIwA/HSaD2aMg1hQ1xtLWp6sCBwqCA8lYINIudfMjKaUK7jCBthdF
KRGu3MiXLKgpkDo78BI3FZkLkrzRwBc+/BcW6+7jtJ6mcem4uEM5Fd/n/QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFKlsR8c5MBRnMWuY0pborcfrBONmMB8GA1UdIwQY
MBaAFDRsq1lLvam0QP2n05dMvUQcmOXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkd5cldVdTlxYlJBX2FmVGwweTlSQnlZNWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy85ZWY2NmQtMmQ1Zi00OWQ4LTkwNGMt
N2ExM2E1ZWZhZjVlLzEvcVd4SHh6a3dGR2N4YTVqU2x1aXR4LXNFNDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy85ZWY2NmQtMmQ1Zi00OWQ4LTkwNGMtN2ExM2E1ZWZhZjVl
LzEvTkd5cldVdTlxYlJBX2FmVGwweTlSQnlZNWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAwULIAME
BC4VsAMEBE30sAMEBFD0cAMEAFvU8QMEBF5mgAMEA165SAMEA23p2AMEA7L7SAME
ArkEjAMEArnIWAMEAMEp6wMEAcGpOAMEAcJFwDAUBAIAAjAOAwUAKgIGcAMFACoK
J8AwDQYJKoZIhvcNAQELBQADggEBAJsyfUE9DLFGDZnMRHwLvVmhyM7Az0re7WIc
6G/GUSqedQBaLHlUj9/ejJz0rEirvy3UQ21l+jdws8sXHv8OAoJ6Dd7uN8eMVRKn
RYiSo7GLnq7UzNtXdTOkQh3G56jp6DqmvJyg75Czn5maTYRROMQ4GNGSuGZaWMKr
HQ3K05s+hhM48ShiU7HJSFWNxx6Sd2q5oiyoNkC46nH+sDZvZSuprk/nx/ukNiRV
dXW4/hQNdbTXt/INormpe/9zLtu/ZMwT0P3LY/hGm3TO0OekSh/D3Q65CsqNYt6v
AD0xjxzZrffN9mV7i+F0UoTdL5KePjIwiwHZrHCQDhtDUPun9nA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:05 2025 by rpki-client on console.sobornost.net