Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/uGLt9hGh4szGgjBLbl_ULXYRxjI.roa
File: uGLt9hGh4szGgjBLbl_ULXYRxjI.roa (raw, json)
Hash identifier: WEHghF5NVFRIrBkSAbOMCvIKt32/zSBJMSFPbhfZlrM=
Subject key identifier: B8:62:ED:F6:11:A1:E2:CC:C6:82:30:4B:6E:5F:D4:2D:76:11:C6:32
Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Certificate serial: 0194DBB25B071CBE1A29EDC2E36005D260CD
Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/uGLt9hGh4szGgjBLbl_ULXYRxjI.roa
Signing time: Thu 06 Feb 2025 14:38:06 +0000
ROA not before: Thu 06 Feb 2025 14:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34867
IP address blocks: 95.67.0.0/17 maxlen: 17
95.67.0.0/18 maxlen: 18
95.67.64.0/18 maxlen: 18
185.48.196.0/22 maxlen: 22
2a00:17a0::/29 maxlen: 29
2a00:17a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:b2:5b:07:1c:be:1a:29:ed:c2:e3:60:05:d2:60:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Validity
Not Before: Feb 6 14:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b862edf611a1e2ccc682304b6e5fd42d7611c632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7a:08:22:d0:f9:87:86:b7:d1:11:16:80:8c:
20:da:16:1b:d8:f1:e0:1f:e9:4d:9d:1a:5e:63:49:
c2:dd:0a:35:cb:07:c5:ab:ea:c2:33:dc:55:9a:3a:
67:a0:93:d9:a8:16:a6:88:0a:10:94:4c:1f:c8:b4:
73:07:a1:7e:77:e3:df:a0:ef:ef:d5:60:b4:14:96:
3d:30:1b:31:4b:2f:c5:f5:e1:cb:f1:44:f0:20:56:
84:2d:7a:bb:09:a3:39:8b:30:61:90:d4:a2:4d:b3:
fc:6b:74:31:92:1e:9d:43:7d:ac:97:0c:61:f4:6c:
c1:7c:56:c3:9d:0c:9f:c4:2b:3f:a9:9d:87:9c:46:
f7:bd:1e:1d:e4:77:bf:be:eb:e2:43:2d:17:f1:d1:
a5:26:d4:0c:f4:a0:c3:60:83:02:68:58:2e:5f:09:
5e:02:7a:b2:fb:b4:20:6a:49:8e:b7:3c:e6:ee:ba:
31:67:c0:ee:46:c2:40:1f:24:65:5f:7c:9b:e3:2a:
6b:f0:69:ef:de:b2:68:4b:49:c1:53:0f:21:2e:22:
1e:36:45:80:90:46:8d:6f:d3:72:c2:7c:0f:c7:94:
72:27:c3:0c:ad:c0:bb:1c:05:45:8f:ff:f1:07:74:
23:72:09:38:90:7b:b2:6f:c3:8e:97:89:45:6f:f9:
27:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:62:ED:F6:11:A1:E2:CC:C6:82:30:4B:6E:5F:D4:2D:76:11:C6:32
X509v3 Authority Key Identifier:
keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/uGLt9hGh4szGgjBLbl_ULXYRxjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.67.0.0/17
185.48.196.0/22
IPv6:
2a00:17a0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:58:1b:93:70:07:19:69:6c:4b:11:af:c8:bb:90:ce:62:9a:
9d:c4:4a:81:79:5d:e5:e0:a5:89:6a:0a:0e:c5:0d:6f:ae:e7:
5e:8c:d9:a2:8f:20:d7:f3:e7:19:1a:4c:3c:3f:d6:bc:b6:80:
05:aa:75:99:e0:2f:e1:c5:28:bc:e0:10:8b:13:b3:76:ed:81:
87:d6:aa:c2:cb:71:d2:02:28:bc:31:ce:5f:4b:fe:8a:ad:6e:
d6:3b:85:f2:74:7d:8a:8c:cf:63:ff:07:e1:58:59:7b:3c:23:
34:93:85:7e:b2:c7:80:07:e9:8e:6a:5f:4f:75:4a:d8:a2:a6:
94:fd:0d:de:fb:4e:5b:a1:55:5d:dd:4d:bb:ba:b7:e1:96:42:
8b:b9:64:9d:a0:55:68:81:a8:55:ef:30:e3:62:91:f8:01:0f:
83:a1:a3:0c:52:e5:76:62:9b:a4:0c:bb:b5:6f:c2:be:c7:5d:
d8:81:72:c4:2f:7f:dd:47:3b:bc:03:49:55:f0:5e:42:99:e8:
d6:39:b0:3c:fd:f5:20:83:d7:27:79:ce:05:82:89:b2:52:fa:
36:3c:c0:3d:8e:b8:2d:16:12:95:78:36:b1:00:e6:f8:35:cc:
a8:50:ca:06:32:c6:14:f2:7b:af:e8:a1:39:55:f5:fb:48:25:
44:b9:c4:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZTbslsHHL4aKe3C42AF0mDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTQ3NjgxZGEwZGI3ZmU3OTMxNWVjNmRiZGEyOGJmOGQ2
NjBmYzAwHhcNMjUwMjA2MTQzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYyZWRmNjExYTFlMmNjYzY4MjMwNGI2ZTVmZDQyZDc2MTFjNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HoIItD5h4a30REWgIwg2hYb2PHg
H+lNnRpeY0nC3Qo1ywfFq+rCM9xVmjpnoJPZqBamiAoQlEwfyLRzB6F+d+PfoO/v
1WC0FJY9MBsxSy/F9eHL8UTwIFaELXq7CaM5izBhkNSiTbP8a3Qxkh6dQ32slwxh
9GzBfFbDnQyfxCs/qZ2HnEb3vR4d5He/vuviQy0X8dGlJtQM9KDDYIMCaFguXwle
Anqy+7QgakmOtzzm7roxZ8DuRsJAHyRlX3yb4ypr8Gnv3rJoS0nBUw8hLiIeNkWA
kEaNb9NywnwPx5RyJ8MMrcC7HAVFj//xB3Qjcgk4kHuyb8OOl4lFb/knBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLhi7fYRoeLMxoIwS25f1C12EcYyMB8GA1UdIwQY
MBaAFKaUdoHaDbf+eTFextvaKL+NZg/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTct
MjNjM2RmODJjMjMwLzEvdUdMdDloR2g0c3pHZ2pCTGJsX1VMWFlSeGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTctMjNjM2RmODJjMjMw
LzEvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHX0MAAwQC
uTDEMA0EAgACMAcDBQMqABegMA0GCSqGSIb3DQEBCwUAA4IBAQCLWBuTcAcZaWxL
Ea/Iu5DOYpqdxEqBeV3l4KWJagoOxQ1vrudejNmijyDX8+cZGkw8P9a8toAFqnWZ
4C/hxSi84BCLE7N27YGH1qrCy3HSAii8Mc5fS/6KrW7WO4XydH2KjM9j/wfhWFl7
PCM0k4V+sseAB+mOal9PdUrYoqaU/Q3e+05boVVd3U27urfhlkKLuWSdoFVogahV
7zDjYpH4AQ+DoaMMUuV2YpukDLu1b8K+x13YgXLEL3/dRzu8A0lV8F5CmejWObA8
/fUgg9cnec4FgomyUvo2PMA9jrgtFhKVeDaxAOb4NcyoUMoGMsYU8nuv6KE5VfX7
SCVEucRK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:41 2025 by rpki-client on console.sobornost.net