Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/ac8L69Mgzdm-JCgAisE2hqqLMAM.roa
File: ac8L69Mgzdm-JCgAisE2hqqLMAM.roa (raw, json)
Hash identifier: goLyZKrbkkPiXq18UlJpJOSHAyvWnH0OJ6TXmvMDYrw=
Subject key identifier: 69:CF:0B:EB:D3:20:CD:D9:BE:24:28:00:8A:C1:36:86:AA:8B:30:03
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0194228DCCC27D85E362A85771B3EF3D3860
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/ac8L69Mgzdm-JCgAisE2hqqLMAM.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215066
IP address blocks: 31.222.220.0/24 maxlen: 24
31.222.221.0/24 maxlen: 24
31.222.222.0/24 maxlen: 24
31.222.223.0/24 maxlen: 24
188.64.36.0/22 maxlen: 24
194.164.226.0/24 maxlen: 24
194.164.227.0/24 maxlen: 24
194.164.228.0/24 maxlen: 24
194.164.229.0/24 maxlen: 24
195.144.8.0/24 maxlen: 24
2a07:244::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cc:c2:7d:85:e3:62:a8:57:71:b3:ef:3d:38:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69cf0bebd320cdd9be2428008ac13686aa8b3003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:56:a6:93:5d:92:4a:ed:3f:8b:90:c1:06:
6c:ef:c8:71:11:9d:39:39:24:da:e1:6f:ee:3d:fa:
b7:18:8d:a9:e3:fa:fc:47:23:7d:89:50:fe:17:50:
58:69:8c:b1:62:15:59:5b:fa:a0:0a:d5:2c:db:5d:
82:40:c7:27:ca:c4:55:90:e3:7e:88:ba:ce:84:03:
bf:88:03:0c:5b:54:8e:89:18:61:d9:67:1b:b9:4d:
7a:66:85:10:99:25:75:45:3f:61:2d:66:24:6d:6c:
6c:48:95:92:e1:b3:ef:c3:7f:eb:cd:77:5c:49:62:
24:2c:7a:24:67:ba:82:37:4a:bc:39:c9:66:41:81:
8b:66:16:4b:48:5a:cd:f0:bf:72:ea:10:8f:79:c4:
58:01:6d:57:6d:4a:f6:9f:79:03:2b:5b:0c:5d:22:
2a:b4:32:ca:b2:5e:7c:31:73:5a:90:b5:e0:7e:2f:
04:a3:56:a2:69:eb:24:3a:e7:7b:8d:e6:3a:eb:69:
08:68:d8:27:32:76:0d:6e:96:8d:bc:d5:46:27:55:
24:0d:80:bc:95:d9:a3:eb:fe:f5:b1:0b:35:71:f5:
46:62:78:77:c6:55:45:9d:c9:2e:74:6c:1e:1c:b4:
79:08:65:93:0b:75:5b:f9:fc:74:f1:cc:54:71:e6:
7d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CF:0B:EB:D3:20:CD:D9:BE:24:28:00:8A:C1:36:86:AA:8B:30:03
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/ac8L69Mgzdm-JCgAisE2hqqLMAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.220.0/22
188.64.36.0/22
194.164.226.0-194.164.229.255
195.144.8.0/24
IPv6:
2a07:244::/32
Signature Algorithm: sha256WithRSAEncryption
23:f7:c2:19:11:8e:05:74:70:de:55:da:e8:d7:21:70:89:14:
c9:fe:5c:a0:77:c6:72:71:98:6c:d9:e0:31:20:f4:db:3d:5e:
75:ef:f3:b5:91:fc:61:09:ec:30:51:22:0e:35:f0:eb:3a:88:
16:41:37:b3:3f:64:ae:6e:cc:c9:35:46:a1:2a:92:fb:68:25:
1a:98:e2:9c:29:a1:53:e6:66:d9:1e:48:ad:cf:ed:96:12:92:
f4:18:7f:c9:11:67:a1:2d:8e:e8:8d:0c:31:01:3d:d9:ea:a9:
1b:9a:c0:c5:0e:fa:e1:2b:ef:0c:11:0c:05:f6:db:f3:66:0b:
4e:17:ab:f4:e1:f0:9f:6b:b5:f0:03:a3:8d:31:cd:dc:10:25:
c3:cf:f3:98:c1:73:64:48:38:64:27:cd:a3:b0:19:93:d7:34:
d8:8f:ba:8b:3e:9e:ee:d0:b5:cd:2c:2a:b9:41:b1:92:a8:7e:
4e:8a:d8:a5:e4:6b:b8:92:27:c2:5a:ff:e7:25:d0:2b:3f:f0:
2b:a4:7d:3a:26:e3:44:e7:06:05:b1:17:6c:fa:40:83:04:8e:
cf:0f:c4:d8:2f:5c:d1:a6:30:fa:5c:7c:23:ad:1f:9a:92:22:
fd:90:3e:81:e5:36:23:aa:4e:ae:1e:e5:25:7e:16:c1:6a:09:
7a:2b:ff:3f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQijczCfYXjYqhXcbPvPThgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNmMGJlYmQzMjBjZGQ5YmUyNDI4MDA4YWMxMzY4NmFhOGIzMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4JWppNdkkrtP4uQwQZs78hxEZ05
OSTa4W/uPfq3GI2p4/r8RyN9iVD+F1BYaYyxYhVZW/qgCtUs212CQMcnysRVkON+
iLrOhAO/iAMMW1SOiRhh2WcbuU16ZoUQmSV1RT9hLWYkbWxsSJWS4bPvw3/rzXdc
SWIkLHokZ7qCN0q8OclmQYGLZhZLSFrN8L9y6hCPecRYAW1XbUr2n3kDK1sMXSIq
tDLKsl58MXNakLXgfi8Eo1aiaeskOud7jeY662kIaNgnMnYNbpaNvNVGJ1UkDYC8
ldmj6/71sQs1cfVGYnh3xlVFnckudGweHLR5CGWTC3Vb+fx08cxUceZ9vQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGnPC+vTIM3ZviQoAIrBNoaqizADMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvYWM4TDY5TWd6ZG0tSkNnQWlzRTJocXFMTUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCH97cAwQC
vEAkMAwDBAHCpOIDBAHCpOQDBADDkAgwDQQCAAIwBwMFACoHAkQwDQYJKoZIhvcN
AQELBQADggEBACP3whkRjgV0cN5V2ujXIXCJFMn+XKB3xnJxmGzZ4DEg9Ns9XnXv
87WR/GEJ7DBRIg418Os6iBZBN7M/ZK5uzMk1RqEqkvtoJRqY4pwpoVPmZtkeSK3P
7ZYSkvQYf8kRZ6EtjuiNDDEBPdnqqRuawMUO+uEr7wwRDAX22/NmC04Xq/Th8J9r
tfADo40xzdwQJcPP85jBc2RIOGQnzaOwGZPXNNiPuos+nu7Qtc0sKrlBsZKofk6K
2KXka7iSJ8Ja/+cl0Cs/8CukfTom40TnBgWxF2z6QIMEjs8PxNgvXNGmMPpcfCOt
H5qSIv2QPoHlNiOqTq4e5SV+FsFqCXor/z8=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:40 2025 by rpki-client on console.sobornost.net