Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/6LBUl1mrXwyt1CrPR52PQcXLt0Y.roa
File: 6LBUl1mrXwyt1CrPR52PQcXLt0Y.roa (raw, json)
Hash identifier: v9AAlS12Mo5Td4ItXLOOYxQSAwTrPZ2x7GGAZNYtZl4=
Subject key identifier: E8:B0:54:97:59:AB:5F:0C:AD:D4:2A:CF:47:9D:8F:41:C5:CB:B7:46
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 019425FDB1B373B70A6E40F6961AADD4BEA0
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/6LBUl1mrXwyt1CrPR52PQcXLt0Y.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21069
IP address blocks: 46.231.200.0/21 maxlen: 24
80.74.128.0/20 maxlen: 24
80.74.144.0/20 maxlen: 24
81.173.82.0/23 maxlen: 24
81.173.84.0/22 maxlen: 24
81.173.88.0/21 maxlen: 24
94.126.16.0/21 maxlen: 24
185.46.56.0/22 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b1:b3:73:b7:0a:6e:40:f6:96:1a:ad:d4:be:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8b0549759ab5f0cadd42acf479d8f41c5cbb746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ab:56:0d:c5:51:a9:32:fe:27:51:b3:ff:53:
53:2a:ec:d2:dc:87:5d:37:fd:c9:b0:3d:e6:cc:8e:
6e:f4:00:a8:e3:82:0f:9d:e5:1f:74:96:42:6a:ab:
78:b5:f7:f7:f9:1a:e6:77:f0:02:f2:20:a3:f7:5c:
22:e8:13:95:59:40:b6:b2:3e:0f:65:93:1f:c0:7e:
4b:81:53:99:56:4e:67:67:be:11:38:39:76:86:00:
ff:30:54:07:e9:42:af:ca:12:40:8d:0c:e8:0a:cf:
99:3b:e6:6a:57:c6:42:13:aa:18:aa:3a:97:47:18:
60:fe:94:33:8e:a8:cd:cf:df:8c:2c:5e:5f:96:ff:
07:88:a1:49:b7:e3:1f:38:30:65:2b:94:9e:85:64:
09:5f:f5:dd:8d:36:e5:37:7e:79:7f:6d:5e:3b:f5:
59:e8:5d:6c:93:22:0d:41:68:15:7f:bb:c4:a2:52:
6f:e2:c8:ab:17:fc:47:01:31:2b:ee:d9:b1:07:b4:
87:66:5c:ba:d7:d8:7f:4f:d1:2e:bd:ef:e5:62:4e:
e5:5e:dc:08:ff:fe:68:be:ee:79:ec:58:44:a2:47:
3b:63:e4:08:06:a9:0c:bb:32:5a:e1:35:5a:04:19:
10:ec:85:4d:9c:fd:a7:a7:0e:d8:bd:42:16:10:de:
6a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B0:54:97:59:AB:5F:0C:AD:D4:2A:CF:47:9D:8F:41:C5:CB:B7:46
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/6LBUl1mrXwyt1CrPR52PQcXLt0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.200.0/21
80.74.128.0/19
81.173.82.0-81.173.95.255
94.126.16.0/21
185.46.56.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
67:e2:53:88:d0:ec:b0:d0:f9:5e:cc:ef:4c:7f:00:26:dc:b3:
0a:d1:cd:e2:ab:cc:84:0a:56:9f:4d:ed:d3:37:ea:03:a2:c8:
22:9e:d7:b9:ef:d2:18:64:67:55:37:5b:3d:d9:b0:48:20:72:
bd:8d:85:8e:63:05:73:f3:94:9c:f6:92:75:ce:6c:8c:75:8a:
1a:65:6c:29:f3:b3:ad:1d:7f:f9:de:1f:5d:0a:e6:52:20:62:
14:64:0d:32:d3:db:7d:94:3c:a3:71:c4:8f:b8:c7:67:a1:c0:
35:a7:60:a3:2d:33:11:1f:ad:a8:09:a5:43:4d:1f:47:3b:87:
79:5a:c6:9c:30:ea:59:35:7f:79:c0:39:2e:1a:fa:cb:ac:8f:
6c:ca:b1:ca:1f:d3:da:31:8b:e5:40:cf:a1:34:19:28:45:aa:
18:fa:b8:17:27:ab:7d:55:08:5f:3e:60:bb:11:84:e9:98:82:
8f:d2:1d:19:2a:d9:5d:94:1b:ea:9f:61:a2:02:bb:db:e1:fc:
80:21:10:2a:2f:5a:bb:67:df:42:17:e3:b5:c8:3e:34:6e:5f:
e7:7d:6f:23:d7:98:8f:50:68:8e:1f:02:ec:b4:2a:e5:8e:b4:
82:8a:25:81:64:c7:59:1c:5f:29:29:b2:b5:aa:63:c7:20:56:
aa:2f:84:e8
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQl/bGzc7cKbkD2lhqt1L6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGIwNTQ5NzU5YWI1ZjBjYWRkNDJhY2Y0NzlkOGY0MWM1Y2JiNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxatWDcVRqTL+J1Gz/1NTKuzS3Idd
N/3JsD3mzI5u9ACo44IPneUfdJZCaqt4tff3+Rrmd/AC8iCj91wi6BOVWUC2sj4P
ZZMfwH5LgVOZVk5nZ74RODl2hgD/MFQH6UKvyhJAjQzoCs+ZO+ZqV8ZCE6oYqjqX
Rxhg/pQzjqjNz9+MLF5flv8HiKFJt+MfODBlK5SehWQJX/XdjTblN355f21eO/VZ
6F1skyINQWgVf7vEolJv4sirF/xHATEr7tmxB7SHZly619h/T9Euve/lYk7lXtwI
//5ovu557FhEokc7Y+QIBqkMuzJa4TVaBBkQ7IVNnP2npw7YvUIWEN5q9QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOiwVJdZq18MrdQqz0edj0HFy7dGMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvNkxCVWwxbXJYd3l0MUNyUFI1MlBRY1hMdDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDLufIAwQF
UEqAMAwDBAFRrVIDBAVRrUADBANefhADBAK5LjgwDQQCAAIwBwMFACoAESgwDQYJ
KoZIhvcNAQELBQADggEBAGfiU4jQ7LDQ+V7M70x/ACbcswrRzeKrzIQKVp9N7dM3
6gOiyCKe17nv0hhkZ1U3Wz3ZsEggcr2NhY5jBXPzlJz2knXObIx1ihplbCnzs60d
f/neH10K5lIgYhRkDTLT232UPKNxxI+4x2ehwDWnYKMtMxEfragJpUNNH0c7h3la
xpww6lk1f3nAOS4a+susj2zKscof09oxi+VAz6E0GShFqhj6uBcnq31VCF8+YLsR
hOmYgo/SHRkq2V2UG+qfYaICu9vh/IAhECovWrtn30IX47XIPjRuX+d9byPXmI9Q
aI4fAuy0KuWOtIKKJYFkx1kcXykpsrWqY8cgVqovhOg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net