Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/CUN2QJdxGy1RyQ3cqC6-5RKDARw.roa
File: CUN2QJdxGy1RyQ3cqC6-5RKDARw.roa (raw, json)
Hash identifier: ncovNGQaLHKQa5Qw1DTBEfiFoXhvZoZUOC9nJqL7mdE=
Subject key identifier: 09:43:76:40:97:71:1B:2D:51:C9:0D:DC:A8:2E:BE:E5:12:83:01:1C
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 01942144521838C6DFC3C9151351FFFE76BC
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/CUN2QJdxGy1RyQ3cqC6-5RKDARw.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57128
IP address blocks: 46.191.224.0/22 maxlen: 22
46.191.224.0/23 maxlen: 23
46.191.224.0/24 maxlen: 24
46.191.225.0/24 maxlen: 24
46.191.226.0/23 maxlen: 23
46.191.226.0/24 maxlen: 24
46.191.227.0/24 maxlen: 24
84.39.244.0/22 maxlen: 22
84.39.244.0/23 maxlen: 23
84.39.244.0/24 maxlen: 24
84.39.245.0/24 maxlen: 24
84.39.246.0/23 maxlen: 23
84.39.246.0/24 maxlen: 24
84.39.247.0/24 maxlen: 24
93.157.248.0/22 maxlen: 22
93.157.248.0/23 maxlen: 23
93.157.248.0/24 maxlen: 24
93.157.249.0/24 maxlen: 24
93.157.250.0/23 maxlen: 23
93.157.250.0/24 maxlen: 24
93.157.251.0/24 maxlen: 24
95.105.64.0/20 maxlen: 20
95.105.64.0/22 maxlen: 22
95.105.64.0/23 maxlen: 23
95.105.64.0/24 maxlen: 24
95.105.65.0/24 maxlen: 24
95.105.66.0/23 maxlen: 23
95.105.66.0/24 maxlen: 24
95.105.67.0/24 maxlen: 24
95.105.68.0/22 maxlen: 22
95.105.68.0/23 maxlen: 23
95.105.68.0/24 maxlen: 24
95.105.69.0/24 maxlen: 24
95.105.70.0/23 maxlen: 23
95.105.70.0/24 maxlen: 24
95.105.71.0/24 maxlen: 24
95.105.72.0/22 maxlen: 22
95.105.72.0/23 maxlen: 23
95.105.72.0/24 maxlen: 24
95.105.73.0/24 maxlen: 24
95.105.74.0/23 maxlen: 23
95.105.74.0/24 maxlen: 24
95.105.75.0/24 maxlen: 24
95.105.76.0/22 maxlen: 22
95.105.76.0/23 maxlen: 23
95.105.76.0/24 maxlen: 24
95.105.77.0/24 maxlen: 24
95.105.78.0/23 maxlen: 23
95.105.78.0/24 maxlen: 24
95.105.79.0/24 maxlen: 24
2a02:1c8:9::/48 maxlen: 48
2a02:1c8:30::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:52:18:38:c6:df:c3:c9:15:13:51:ff:fe:76:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0943764097711b2d51c90ddca82ebee51283011c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5f:fa:11:2f:c3:02:74:99:0a:ed:bf:0c:6f:
80:53:fa:19:6a:72:39:9b:1b:29:30:04:a8:dd:cf:
b7:c1:b7:24:a6:ae:5e:d1:9d:45:97:84:11:90:28:
cc:ee:c8:f1:50:62:3f:7f:99:00:7e:13:0e:b9:f1:
f1:52:88:d3:ca:84:26:c3:e1:45:fd:81:c4:71:55:
4f:69:ec:a5:8c:cd:0e:64:7e:55:1d:60:59:8a:56:
16:c6:74:98:c2:94:00:26:d0:e6:a5:69:d8:54:0c:
af:e4:6c:43:ce:d7:bf:2a:3a:8a:bd:5c:33:03:ce:
7e:31:ad:43:b5:91:e4:10:5a:f9:cf:36:de:f7:a6:
ba:0b:9d:a4:a9:63:24:3a:b4:57:6f:33:7d:8b:9d:
45:25:a0:81:dd:bf:ad:91:e3:eb:c2:66:b1:01:98:
d5:f5:16:ab:de:8a:a0:f7:bb:0e:54:0f:5b:fb:42:
98:ea:ee:d3:e6:bc:30:b0:98:0c:bf:9b:fd:6d:a3:
c8:9a:cb:7d:56:86:bc:27:71:99:f3:7c:98:17:d2:
20:fb:39:d6:20:27:00:46:79:98:51:a7:a5:44:de:
16:1a:3a:ef:10:b1:c1:49:67:1c:c3:ff:71:53:bf:
8b:fd:16:e7:ce:ad:af:4a:02:fe:00:b4:ec:77:21:
5c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:43:76:40:97:71:1B:2D:51:C9:0D:DC:A8:2E:BE:E5:12:83:01:1C
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/CUN2QJdxGy1RyQ3cqC6-5RKDARw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.224.0/22
84.39.244.0/22
93.157.248.0/22
95.105.64.0/20
IPv6:
2a02:1c8:9::/48
2a02:1c8:30::/44
Signature Algorithm: sha256WithRSAEncryption
3d:39:2e:23:ce:ce:b3:12:16:3a:bb:52:8b:05:ef:04:c2:da:
d7:5f:54:ac:e2:6f:fc:c4:08:c7:78:4c:8f:2d:c3:62:fc:7c:
a0:16:43:5b:8c:29:92:58:48:24:47:44:c5:17:49:a2:42:90:
9a:11:da:a9:c9:1f:c1:21:2b:21:01:bf:6d:1f:17:09:a9:a9:
2f:43:b4:32:bb:8f:46:b5:c0:c7:0a:d1:17:b8:8d:5e:42:5a:
1f:7d:ca:26:cf:c4:81:9f:b6:06:79:2b:d9:6d:4b:4a:45:51:
a2:d2:a8:26:be:21:41:7e:09:5f:f3:20:1c:51:9c:bf:d7:19:
f4:4e:52:30:c9:32:4f:c1:c6:9e:46:f2:e7:e8:30:30:66:28:
c2:b3:47:bc:2e:08:77:a5:80:92:e8:8f:03:e9:91:ee:14:34:
b8:73:9f:d7:f7:0c:36:6a:69:1d:cb:35:ff:3b:c6:f1:9c:65:
33:6f:ce:31:4e:98:64:fa:f5:a9:24:33:29:80:f5:aa:e4:2e:
19:58:d5:40:65:e1:80:ef:61:b9:1c:44:58:f7:6b:42:b9:cc:
54:3a:7a:72:ed:14:54:cf:03:a7:85:09:01:c6:06:e4:79:74:
99:9f:00:a7:8d:6a:4b:99:05:b2:34:8f:c3:7f:53:0c:ca:fb:
45:54:71:fc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQhRFIYOMbfw8kVE1H//na8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQzNzY0MDk3NzExYjJkNTFjOTBkZGNhODJlYmVlNTEyODMwMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl/6ES/DAnSZCu2/DG+AU/oZanI5
mxspMASo3c+3wbckpq5e0Z1Fl4QRkCjM7sjxUGI/f5kAfhMOufHxUojTyoQmw+FF
/YHEcVVPaeyljM0OZH5VHWBZilYWxnSYwpQAJtDmpWnYVAyv5GxDzte/KjqKvVwz
A85+Ma1DtZHkEFr5zzbe96a6C52kqWMkOrRXbzN9i51FJaCB3b+tkePrwmaxAZjV
9Rar3oqg97sOVA9b+0KY6u7T5rwwsJgMv5v9baPImst9Voa8J3GZ83yYF9Ig+znW
ICcARnmYUaelRN4WGjrvELHBSWccw/9xU7+L/Rbnzq2vSgL+ALTsdyFcYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAlDdkCXcRstUckN3KguvuUSgwEcMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvQ1VOMlFKZHhHeTFSeVEzY3FDNi01UktEQVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCLr/gAwQC
VCf0AwQCXZ34AwQEX2lAMBgEAgACMBIDBwAqAgHIAAkDBwQqAgHIADAwDQYJKoZI
hvcNAQELBQADggEBAD05LiPOzrMSFjq7UosF7wTC2tdfVKzib/zECMd4TI8tw2L8
fKAWQ1uMKZJYSCRHRMUXSaJCkJoR2qnJH8EhKyEBv20fFwmpqS9DtDK7j0a1wMcK
0Re4jV5CWh99yibPxIGftgZ5K9ltS0pFUaLSqCa+IUF+CV/zIBxRnL/XGfROUjDJ
Mk/Bxp5G8ufoMDBmKMKzR7wuCHelgJLojwPpke4UNLhzn9f3DDZqaR3LNf87xvGc
ZTNvzjFOmGT69akkMymA9arkLhlY1UBl4YDvYbkcRFj3a0K5zFQ6enLtFFTPA6eF
CQHGBuR5dJmfAKeNakuZBbI0j8N/UwzK+0VUcfw=
-----END CERTIFICATE-----
Generated at Tue Jan 21 15:04:36 2025 by rpki-client on console.sobornost.net