Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/K2uuH_N48kKDciCwYZZbSGxL28M.roa
File: K2uuH_N48kKDciCwYZZbSGxL28M.roa (raw, json)
Hash identifier: NsG2a8yGOGdFAhdHDu05B3aeAtofcTDzN6smpf4V84k=
Subject key identifier: 2B:6B:AE:1F:F3:78:F2:42:83:72:20:B0:61:96:5B:48:6C:4B:DB:C3
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 0195FE3AA001DAA843D1516F11E87506BF32
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/K2uuH_N48kKDciCwYZZbSGxL28M.roa
Signing time: Fri 04 Apr 2025 00:36:49 +0000
ROA not before: Fri 04 Apr 2025 00:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
31.172.142.0/24 maxlen: 32
31.223.224.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
91.226.1.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.16.228.0/22 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
185.45.244.0/22 maxlen: 32
185.45.244.0/24 maxlen: 32
185.45.247.0/24 maxlen: 32
185.170.192.0/22 maxlen: 32
193.16.47.0/24 maxlen: 32
193.104.182.0/24 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
195.66.93.0/24 maxlen: 32
195.177.72.0/22 maxlen: 32
212.110.129.0/24 maxlen: 32
212.110.130.0/23 maxlen: 32
212.110.132.0/23 maxlen: 32
212.110.134.0/23 maxlen: 32
212.110.136.0/22 maxlen: 32
212.110.140.0/23 maxlen: 32
212.110.142.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
212.110.154.0/23 maxlen: 32
217.20.160.0/19 maxlen: 32
217.20.160.0/20 maxlen: 32
217.20.164.0/22 maxlen: 32
217.20.176.0/20 maxlen: 32
217.20.184.0/22 maxlen: 32
2a01:6b0::/32 maxlen: 128
2a13:8800::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fe:3a:a0:01:da:a8:43:d1:51:6f:11:e8:75:06:bf:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Apr 4 00:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b6bae1ff378f242837220b061965b486c4bdbc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a4:9c:bb:fa:f9:18:25:d3:c0:2e:09:a9:55:
56:e1:64:45:43:33:b5:49:b8:fb:1f:76:39:73:09:
4e:22:f9:81:98:a2:f8:37:7c:56:3f:1f:43:42:47:
64:98:6d:79:e8:3c:43:c3:05:7a:2c:c7:f3:75:0c:
d0:ee:78:cf:8b:dd:a5:89:06:da:53:da:19:1f:76:
e4:0c:7d:2d:2a:31:f0:b0:39:1d:c4:e2:1c:8d:e7:
ef:68:f4:f3:d6:1a:08:33:16:dc:dd:27:3b:a4:8c:
94:a9:f6:2a:4e:fc:4e:b8:7d:20:52:3b:87:04:85:
ce:a5:23:4c:42:11:56:a7:be:13:c7:44:68:2e:c8:
e0:9f:ab:98:ac:fa:5f:0f:9c:69:3f:1f:ec:af:b5:
26:27:d5:99:a0:84:f2:a2:bb:66:e0:65:03:84:d6:
c6:8e:bd:bc:da:74:db:af:74:41:ae:7b:75:79:28:
5b:7b:61:12:58:fe:e3:84:05:75:e3:6b:71:02:2f:
b7:42:67:51:98:37:3b:1d:e2:a5:08:49:9c:27:32:
57:d2:24:7d:40:9e:3e:9d:d3:82:43:9d:3a:05:a9:
5b:90:a4:df:a0:27:80:0a:b3:65:ca:d0:b4:f4:75:
32:ef:4b:9d:18:ee:3b:f7:a8:2a:a4:52:ab:e9:65:
e1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6B:AE:1F:F3:78:F2:42:83:72:20:B0:61:96:5B:48:6C:4B:DB:C3
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/K2uuH_N48kKDciCwYZZbSGxL28M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
31.223.224.0/21
80.92.224.0/20
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
91.226.1.0/24
91.231.127.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.16.228.0/22
185.38.208.0/23
185.39.196.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.104.182.0/24
193.111.0.0/23
193.111.48.0/22
195.66.93.0/24
195.177.72.0/22
212.110.129.0-212.110.143.255
212.110.152.0/22
217.20.160.0/19
IPv6:
2a01:6b0::/32
2a13:8800::/29
Signature Algorithm: sha256WithRSAEncryption
80:47:dc:77:b8:5d:d5:88:9b:d1:0a:86:96:04:cf:23:47:f5:
0f:af:b4:ac:b5:8c:f8:c8:2e:e2:68:48:6c:40:43:aa:3d:44:
72:43:c7:21:89:7a:e4:dc:ba:ca:5f:5e:89:8f:74:a6:5c:67:
b0:cd:e6:aa:b7:f2:48:ec:c7:57:4a:91:f2:fb:6e:18:9e:2a:
78:10:0a:24:71:5b:df:df:96:fb:ea:6c:1b:33:4a:d9:47:e3:
66:78:73:6e:7d:cf:4f:76:d0:d8:2b:57:03:9e:c4:1c:ec:5d:
30:58:0c:8d:52:e2:e4:9a:b0:78:8d:20:b0:b1:96:da:aa:71:
a6:c1:0b:73:c4:f0:a0:48:32:e6:4e:c0:a3:7b:6a:18:c3:bb:
1c:1c:66:e2:e0:26:e1:11:96:2f:fc:dc:4c:82:a3:b0:10:88:
0a:55:ce:f4:2d:6c:03:6b:8a:fe:10:7e:9f:59:a1:9f:14:71:
84:60:3a:1a:2c:60:87:04:0a:31:aa:80:11:20:63:6d:0f:cd:
16:9c:c3:e8:07:00:55:24:16:bd:9d:12:43:a8:53:c3:7c:fc:
d1:8e:e6:c7:7f:0d:d2:a4:75:d4:cb:d8:14:eb:f4:7a:f9:12:
ba:d0:00:10:b6:21:4e:c8:26:5b:09:e8:cf:29:0c:8f:44:98:
d7:94:09:5e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZX+OqAB2qhD0VFvEeh1Br8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjUwNDA0MDAzNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZiYWUxZmYzNzhmMjQyODM3MjIwYjA2MTk2NWI0ODZjNGJkYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaScu/r5GCXTwC4JqVVW4WRFQzO1
Sbj7H3Y5cwlOIvmBmKL4N3xWPx9DQkdkmG156DxDwwV6LMfzdQzQ7njPi92liQba
U9oZH3bkDH0tKjHwsDkdxOIcjefvaPTz1hoIMxbc3Sc7pIyUqfYqTvxOuH0gUjuH
BIXOpSNMQhFWp74Tx0RoLsjgn6uYrPpfD5xpPx/sr7UmJ9WZoITyortm4GUDhNbG
jr282nTbr3RBrnt1eShbe2ESWP7jhAV142txAi+3QmdRmDc7HeKlCEmcJzJX0iR9
QJ4+ndOCQ506BalbkKTfoCeACrNlytC09HUy70udGO4796gqpFKr6WXhqQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFCtrrh/zePJCg3IgsGGWW0hsS9vDMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvSzJ1dUhfTjQ4a0tEY2lDd1laWmJTR3hMMjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4DBAMf
rIgDBAMf3+ADBARQXOADBABSdfQDBABVWtMDBABVWt8DBABb4gEDBABb538DBARc
PLADBAJcd9wDBAOAAKgDBAK5EOQDBAG5JtADBAK5J8QDBAK5LfQDBAK5qsADBADB
EC8DBADBaLYDBAHBbwADBALBbzADBADDQl0DBALDsUgwDAMEANRugQMEBNRugAME
AtRumAMEBdkUoDAUBAIAAjAOAwUAKgEGsAMFAyoTiAAwDQYJKoZIhvcNAQELBQAD
ggEBAIBH3He4XdWIm9EKhpYEzyNH9Q+vtKy1jPjILuJoSGxAQ6o9RHJDxyGJeuTc
uspfXomPdKZcZ7DN5qq38kjsx1dKkfL7bhieKngQCiRxW9/flvvqbBszStlH42Z4
c259z0920NgrVwOexBzsXTBYDI1S4uSasHiNILCxltqqcabBC3PE8KBIMuZOwKN7
ahjDuxwcZuLgJuERli/83EyCo7AQiApVzvQtbANriv4Qfp9ZoZ8UcYRgOhosYIcE
CjGqgBEgY20PzRacw+gHAFUkFr2dEkOoU8N8/NGO5sd/DdKkddTL2BTr9Hr5ErrQ
ABC2IU7IJlsJ6M8pDI9EmNeUCV4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:32 2025 by rpki-client on console.sobornost.net