Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/bq4QrMng5D-R6b_wpUMxfHQJSpc.roa
File: bq4QrMng5D-R6b_wpUMxfHQJSpc.roa (raw, json)
Hash identifier: misJApzr/+miUSLldUfVkJa7dLjRsQ1KaqB75GDsmmE=
Subject key identifier: 6E:AE:10:AC:C9:E0:E4:3F:91:E9:BF:F0:A5:43:31:7C:74:09:4A:97
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019422FC07CB83D28A69A79E3CB3AE2691AC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/bq4QrMng5D-R6b_wpUMxfHQJSpc.roa
Signing time: Wed 01 Jan 2025 17:48:49 +0000
ROA not before: Wed 01 Jan 2025 17:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:07:cb:83:d2:8a:69:a7:9e:3c:b3:ae:26:91:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 17:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eae10acc9e0e43f91e9bff0a543317c74094a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9f:4c:c4:60:ba:7e:59:fa:f6:58:17:8e:c0:
85:40:96:10:d8:63:34:46:68:bc:93:30:16:fc:c8:
c1:39:33:e3:58:c3:4d:9a:63:6e:8b:80:73:7a:91:
bc:62:eb:a1:b4:ae:8a:15:21:eb:b4:dd:7a:c7:40:
81:27:29:fd:c7:9f:53:99:c3:31:9f:43:57:41:10:
0a:43:06:37:f1:ab:39:96:e9:0e:f5:f1:5c:3d:a0:
67:d6:16:f3:01:91:30:4e:12:7d:c9:ca:69:97:96:
fe:4d:d0:96:2c:f4:81:ef:ac:be:a8:54:1a:a2:68:
8c:35:2d:a9:22:06:89:48:e1:e6:03:0d:0a:9c:0a:
e5:19:82:69:5d:9e:62:68:d7:09:d8:9f:41:56:d6:
75:ad:52:ec:6c:02:af:07:57:b5:f5:9c:b9:bc:64:
51:0a:15:f4:9b:90:f6:27:50:2e:7e:2d:58:5e:c5:
5b:d4:4c:04:56:82:50:aa:a6:c0:cf:db:be:cc:b1:
5d:28:31:5b:a0:e5:f3:64:e1:d7:11:94:7c:03:f1:
aa:1b:d8:c2:04:8c:ce:11:1d:c8:a0:dd:19:ae:a8:
ec:c7:83:0c:71:b7:ae:78:8a:5b:bf:9d:b3:4b:1c:
f5:1d:3a:c8:40:e8:ac:da:bb:d5:c4:79:01:25:67:
fb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AE:10:AC:C9:E0:E4:3F:91:E9:BF:F0:A5:43:31:7C:74:09:4A:97
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/bq4QrMng5D-R6b_wpUMxfHQJSpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
31:8d:08:16:e0:8f:ab:cb:25:5c:07:13:ec:ec:c1:44:d4:83:
f3:f3:73:f2:eb:9a:3f:5f:bf:54:ff:90:9e:b0:f8:2f:23:c4:
8d:2b:b1:34:7e:ca:e9:56:d9:1a:1b:f2:26:f1:94:6d:b1:0d:
8c:d2:ad:ca:7e:1e:e2:9f:f7:51:66:98:6f:84:c1:1a:02:a0:
d9:5c:60:9e:85:95:76:56:e2:6f:f5:d4:65:b6:37:12:d5:94:
0e:65:68:47:2b:c4:c6:52:b7:89:99:0f:2e:5e:98:2d:a6:6b:
78:a1:3b:4f:df:56:ae:f2:1e:90:5e:4d:82:ec:73:37:16:37:
3e:6c:86:a1:46:a3:ed:d9:3d:db:06:a0:42:6d:1b:c5:32:33:
4d:c1:e9:c3:ab:20:f3:72:29:65:35:ca:b7:24:20:de:50:e5:
a9:93:9c:be:51:d7:c1:ea:84:bd:03:a4:ac:b5:13:be:45:ac:
09:7f:f5:10:07:16:55:ec:b5:e1:ec:bb:a7:88:2e:56:9e:d8:
c3:bb:46:d0:f3:0c:43:84:d2:a8:b1:a5:d9:e0:65:37:db:ab:
23:21:52:e7:ca:8c:3a:b1:9a:c8:bf:e5:d5:95:ff:a1:0a:cd:
f0:ae:b5:e8:23:e4:7f:59:eb:2b:e0:be:76:e3:24:b1:77:65:
d7:ec:23:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/AfLg9KKaaeePLOuJpGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwMTAxMTc0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFlMTBhY2M5ZTBlNDNmOTFlOWJmZjBhNTQzMzE3Yzc0MDk0YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ9MxGC6fln69lgXjsCFQJYQ2GM0
Rmi8kzAW/MjBOTPjWMNNmmNui4BzepG8YuuhtK6KFSHrtN16x0CBJyn9x59TmcMx
n0NXQRAKQwY38as5lukO9fFcPaBn1hbzAZEwThJ9ycppl5b+TdCWLPSB76y+qFQa
omiMNS2pIgaJSOHmAw0KnArlGYJpXZ5iaNcJ2J9BVtZ1rVLsbAKvB1e19Zy5vGRR
ChX0m5D2J1Aufi1YXsVb1EwEVoJQqqbAz9u+zLFdKDFboOXzZOHXEZR8A/GqG9jC
BIzOER3IoN0Zrqjsx4MMcbeueIpbv52zSxz1HTrIQOis2rvVxHkBJWf7SwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG6uEKzJ4OQ/kem/8KVDMXx0CUqXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvYnE0UXJNbmc1RC1SNmJfd3BVTXhmSFFKU3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAxjQgW4I+ryyVcBxPs7MFE1IPz
83Py65o/X79U/5CesPgvI8SNK7E0fsrpVtkaG/Im8ZRtsQ2M0q3Kfh7in/dRZphv
hMEaAqDZXGCehZV2VuJv9dRltjcS1ZQOZWhHK8TGUreJmQ8uXpgtpmt4oTtP31au
8h6QXk2C7HM3Fjc+bIahRqPt2T3bBqBCbRvFMjNNwenDqyDzcillNcq3JCDeUOWp
k5y+UdfB6oS9A6SstRO+RawJf/UQBxZV7LXh7LuniC5WntjDu0bQ8wxDhNKosaXZ
4GU326sjIVLnyow6sZrIv+XVlf+hCs3wrrXoI+R/Wesr4L524ySxd2XX7CNK
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:33 2025 by rpki-client on console.sobornost.net