Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/bAP-TBQ5pEJ6ltrNXIaTzwmPogo.roa
File: bAP-TBQ5pEJ6ltrNXIaTzwmPogo.roa (raw, json)
Hash identifier: nUUK6FuI8w+YNPfI7VAOpoMsSE7nA2QmJZlOaRIBwQw=
Subject key identifier: 6C:03:FE:4C:14:39:A4:42:7A:96:DA:CD:5C:86:93:CF:09:8F:A2:0A
Certificate issuer: /CN=ccd7947ec83136ef9446316235686a9102562c44
Certificate serial: 0194D99C9A98D298A4319FBE929716ECD5FF
Authority key identifier: CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/bAP-TBQ5pEJ6ltrNXIaTzwmPogo.roa
Signing time: Thu 06 Feb 2025 04:55:06 +0000
ROA not before: Thu 06 Feb 2025 04:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202617
IP address blocks: 84.247.18.0/24 maxlen: 24
93.113.103.0/24 maxlen: 24
93.113.109.0/24 maxlen: 24
185.159.0.0/22 maxlen: 22
185.159.0.0/24 maxlen: 24
185.159.1.0/24 maxlen: 24
185.159.2.0/24 maxlen: 24
185.216.12.0/24 maxlen: 24
185.254.65.0/24 maxlen: 24
2a07:b0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d9:9c:9a:98:d2:98:a4:31:9f:be:92:97:16:ec:d5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd7947ec83136ef9446316235686a9102562c44
Validity
Not Before: Feb 6 04:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c03fe4c1439a4427a96dacd5c8693cf098fa20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:ec:d5:b2:5d:2d:d8:5c:c6:3d:2e:12:13:
f9:eb:d7:70:5b:50:6d:ac:30:fa:8f:f7:44:4d:84:
33:8c:bd:c9:fa:58:ca:35:49:b3:3b:5d:a4:ad:ec:
5f:cc:b7:d8:8d:36:93:9e:b0:c1:d0:ee:36:66:19:
61:0c:ee:3f:04:fa:42:f8:52:49:1c:9c:f4:d6:05:
7b:b8:1e:a9:4d:19:7f:04:06:48:5f:fb:25:51:b6:
51:9e:44:2f:16:94:14:4c:26:af:6b:e3:66:8b:cd:
4f:74:4b:6a:e7:4f:78:04:ad:56:97:76:65:7e:6c:
ae:d4:64:b7:1b:8b:91:8a:5f:1a:95:4e:d8:30:51:
75:bf:ac:9f:05:1c:b7:22:da:d8:9d:d9:23:ed:9a:
e1:ac:b9:4c:fb:2a:32:42:45:14:af:9e:5d:12:3e:
62:67:51:59:df:32:96:99:6d:3d:d0:29:bf:9e:1c:
b4:e4:94:7b:dc:4a:c8:29:8e:77:b3:61:73:c9:be:
ba:88:57:83:5e:e0:1e:60:57:cd:f8:9a:88:f1:90:
c5:fb:18:12:a5:a3:67:56:61:0f:9c:1c:ca:43:ca:
32:39:c6:8f:25:4e:b6:12:17:da:60:aa:d3:3b:4b:
e6:5b:ac:4f:9f:cc:4f:7a:cc:28:fa:d8:63:66:d0:
aa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:03:FE:4C:14:39:A4:42:7A:96:DA:CD:5C:86:93:CF:09:8F:A2:0A
X509v3 Authority Key Identifier:
keyid:CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/bAP-TBQ5pEJ6ltrNXIaTzwmPogo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/zNeUfsgxNu-URjFiNWhqkQJWLEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.18.0/24
93.113.103.0/24
93.113.109.0/24
185.159.0.0/22
185.216.12.0/24
185.254.65.0/24
IPv6:
2a07:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:05:65:d1:91:1e:0f:2f:92:7c:6a:c7:d8:c8:4b:a3:7c:1b:
c1:df:35:be:b8:13:47:cf:74:1d:cb:a1:67:b0:cf:47:16:c4:
f2:4b:fe:4e:62:02:c9:07:1a:82:f6:ad:36:af:81:dc:50:f3:
13:34:56:73:6a:4d:79:fc:fc:1c:98:3e:6d:85:8b:7a:7c:bf:
cd:74:1a:07:09:e4:20:26:b9:fe:5a:09:d8:b7:c4:89:6a:0d:
bf:df:c3:6c:b0:76:d2:34:3a:c6:66:7e:c0:40:66:7e:f9:cb:
b6:09:ff:0e:13:25:b6:d1:9e:a9:5d:5d:7e:e8:78:15:4c:c2:
a1:51:6e:bd:82:4e:cf:55:72:fe:61:20:68:b8:73:9c:cc:3c:
c9:30:5a:29:17:d8:b1:c4:f3:4f:e2:29:c4:f4:28:ca:38:5c:
a6:1d:af:80:87:8d:2c:e3:dd:28:fe:cc:40:1e:ce:38:a1:6b:
a5:44:21:da:38:34:45:17:28:44:90:88:24:f2:c2:2a:d6:71:
0a:e8:e2:6e:b3:0b:e8:78:fc:55:77:e8:49:ae:a3:79:21:a3:
d0:ca:24:93:67:be:14:cb:84:f7:4f:38:16:fc:c7:7d:61:97:
69:84:b8:92:70:a7:b7:d6:0a:f7:ea:35:da:a8:c4:1d:bf:0b:
ed:23:96:3c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZTZnJqY0pikMZ++kpcW7NX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc5NDdlYzgzMTM2ZWY5NDQ2MzE2MjM1Njg2YTkxMDI1
NjJjNDQwHhcNMjUwMjA2MDQ1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzAzZmU0YzE0MzlhNDQyN2E5NmRhY2Q1Yzg2OTNjZjA5OGZhMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo73s1bJdLdhcxj0uEhP569dwW1Bt
rDD6j/dETYQzjL3J+ljKNUmzO12krexfzLfYjTaTnrDB0O42ZhlhDO4/BPpC+FJJ
HJz01gV7uB6pTRl/BAZIX/slUbZRnkQvFpQUTCava+Nmi81PdEtq5094BK1Wl3Zl
fmyu1GS3G4uRil8alU7YMFF1v6yfBRy3ItrYndkj7ZrhrLlM+yoyQkUUr55dEj5i
Z1FZ3zKWmW090Cm/nhy05JR73ErIKY53s2Fzyb66iFeDXuAeYFfN+JqI8ZDF+xgS
paNnVmEPnBzKQ8oyOcaPJU62EhfaYKrTO0vmW6xPn8xPeswo+thjZtCqeQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGwD/kwUOaRCepbazVyGk88Jj6IKMB8GA1UdIwQY
MBaAFMzXlH7IMTbvlEYxYjVoapECVixEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5lVWZzZ3hOdS1VUmpGaU5XaHFrUUpXTEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9lYWI3N2QtODMxYS00M2JjLThjYmUt
Mjg4NzY2MDYxZDk4LzEvYkFQLVRCUTVwRUo2bHRyTlhJYVR6d21Qb2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9lYWI3N2QtODMxYS00M2JjLThjYmUtMjg4NzY2MDYxZDk4
LzEvek5lVWZzZ3hOdS1VUmpGaU5XaHFrUUpXTEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAVPcSAwQA
XXFnAwQAXXFtAwQCuZ8AAwQAudgMAwQAuf5BMA0EAgACMAcDBQMqB7DAMA0GCSqG
SIb3DQEBCwUAA4IBAQB9BWXRkR4PL5J8asfYyEujfBvB3zW+uBNHz3Qdy6FnsM9H
FsTyS/5OYgLJBxqC9q02r4HcUPMTNFZzak15/PwcmD5thYt6fL/NdBoHCeQgJrn+
WgnYt8SJag2/38NssHbSNDrGZn7AQGZ++cu2Cf8OEyW20Z6pXV1+6HgVTMKhUW69
gk7PVXL+YSBouHOczDzJMFopF9ixxPNP4inE9CjKOFymHa+Ah40s490o/sxAHs44
oWulRCHaODRFFyhEkIgk8sIq1nEK6OJuswvoePxVd+hJrqN5IaPQyiSTZ74Uy4T3
TzgW/Md9YZdphLiScKe31gr36jXaqMQdvwvtI5Y8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net