Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/GdpNbhRYxOd8aGRbdVnrsBhS_9s.roa
File: GdpNbhRYxOd8aGRbdVnrsBhS_9s.roa (raw, json)
Hash identifier: GISJuo4rSYb3LIrT2Jj8iCtLWGFi5eIs0FwlpUwhIWU=
Subject key identifier: 19:DA:4D:6E:14:58:C4:E7:7C:68:64:5B:75:59:EB:B0:18:52:FF:DB
Certificate issuer: /CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Certificate serial: 01942521C5D0E25BDC1A1DEE3F3FAAC24ABF
Authority key identifier: 80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/GdpNbhRYxOd8aGRbdVnrsBhS_9s.roa
Signing time: Thu 02 Jan 2025 03:49:17 +0000
ROA not before: Thu 02 Jan 2025 03:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199669
IP address blocks: 46.29.118.0/23 maxlen: 24
91.109.200.0/21 maxlen: 24
185.10.44.0/22 maxlen: 24
185.10.44.0/24 maxlen: 24
185.71.196.0/22 maxlen: 24
185.195.170.0/23 maxlen: 24
2a03:ec0::/48 maxlen: 64
2a03:ec0:1::/48 maxlen: 64
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c5:d0:e2:5b:dc:1a:1d:ee:3f:3f:aa:c2:4a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Validity
Not Before: Jan 2 03:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19da4d6e1458c4e77c68645b7559ebb01852ffdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:35:a1:ab:c2:b9:12:d1:c2:cf:0c:c1:d0:c9:
6b:7c:1a:9d:43:c9:9a:1b:31:ab:5d:8b:92:3b:ec:
e8:22:8f:c4:0a:39:a6:0e:4f:7b:af:39:54:66:75:
1d:26:90:70:16:59:1c:c5:a1:ca:49:04:e6:de:a1:
14:a7:08:8e:7f:27:2c:72:8f:da:4f:f9:8d:e9:47:
8f:fe:2d:f5:b6:68:58:21:96:60:b4:cb:a3:d9:fb:
54:53:7c:0b:38:b1:04:06:a1:98:85:82:c4:e1:25:
0f:10:80:cc:b3:18:8a:2b:9c:9d:7e:de:24:d5:91:
a8:ca:9d:ae:d0:f4:db:42:df:dc:77:61:be:0c:6c:
db:f7:b5:10:8f:fc:7c:ce:1b:78:78:8c:76:49:a4:
73:b9:8f:4d:14:1f:50:28:11:fb:2e:90:9e:ae:a6:
49:2d:08:70:78:51:44:8b:d9:e1:f5:e7:eb:3a:12:
a6:fe:42:0e:45:a2:45:22:53:48:f7:43:bd:9a:67:
5a:bd:2e:5e:32:b1:40:e8:99:9a:59:c9:71:5f:47:
52:97:63:aa:0a:0f:52:56:9c:ec:4e:ae:ec:aa:39:
1e:84:f2:da:21:f2:f7:b4:af:05:f3:2b:00:3a:c5:
9b:88:fa:55:82:ff:c3:e5:85:9d:f7:fc:3d:a4:1d:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DA:4D:6E:14:58:C4:E7:7C:68:64:5B:75:59:EB:B0:18:52:FF:DB
X509v3 Authority Key Identifier:
keyid:80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/GdpNbhRYxOd8aGRbdVnrsBhS_9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.118.0/23
91.109.200.0/21
185.10.44.0/22
185.71.196.0/22
185.195.170.0/23
IPv6:
2a03:ec0::/47
Signature Algorithm: sha256WithRSAEncryption
a9:df:01:11:41:bc:20:87:5e:31:3b:3f:a8:0d:87:cb:e5:ba:
2d:35:dd:aa:d8:21:c1:f7:f6:76:58:3b:4f:dc:75:ac:cb:d1:
13:56:ad:30:90:1b:c2:76:c4:e8:b6:ae:ca:7d:32:cf:69:8a:
66:37:57:8b:d3:59:70:79:d9:fd:04:2a:8a:67:4e:5d:aa:e2:
3e:2b:31:5e:f7:db:96:8c:8d:00:67:24:1c:a7:e3:ee:a1:99:
79:46:bc:1c:68:c3:37:2f:4a:1d:e9:37:d7:87:fc:f5:a0:8e:
c4:b3:56:64:a0:01:4a:28:4e:52:15:af:6c:58:40:bf:5f:44:
ba:b0:e7:69:e5:f3:32:43:de:08:41:e6:ed:46:3d:9b:bd:b1:
ce:d1:ca:6e:31:49:93:5c:ea:b6:27:db:e5:e7:a3:f5:b0:39:
a2:10:a6:e0:cd:c1:47:c3:45:a1:dd:1f:b5:a4:4f:40:91:30:
29:8e:43:82:31:c8:09:69:ed:7f:b5:4a:69:93:03:13:b2:af:
ee:12:40:0d:29:ac:32:5b:0c:34:fd:0b:91:c7:28:32:8e:13:
b1:22:ca:a8:30:59:95:75:f1:7a:7f:06:fd:2c:df:9f:f3:c3:
4f:5c:72:12:71:a0:93:5a:4f:38:df:17:d0:60:d2:cd:99:b2:
18:13:23:05
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQlIcXQ4lvcGh3uPz+qwkq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjE1MzE1ZGM3NTBjMDNlNjBmYzM2YTc1MGM1ZTNmZjY2
ZWFjOTQwHhcNMjUwMTAyMDM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWRhNGQ2ZTE0NThjNGU3N2M2ODY0NWI3NTU5ZWJiMDE4NTJmZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTWhq8K5EtHCzwzB0MlrfBqdQ8ma
GzGrXYuSO+zoIo/ECjmmDk97rzlUZnUdJpBwFlkcxaHKSQTm3qEUpwiOfycsco/a
T/mN6UeP/i31tmhYIZZgtMuj2ftUU3wLOLEEBqGYhYLE4SUPEIDMsxiKK5ydft4k
1ZGoyp2u0PTbQt/cd2G+DGzb97UQj/x8zht4eIx2SaRzuY9NFB9QKBH7LpCerqZJ
LQhweFFEi9nh9efrOhKm/kIORaJFIlNI90O9mmdavS5eMrFA6JmaWclxX0dSl2Oq
Cg9SVpzsTq7sqjkehPLaIfL3tK8F8ysAOsWbiPpVgv/D5YWd9/w9pB1ThQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBnaTW4UWMTnfGhkW3VZ67AYUv/bMB8GA1UdIwQY
MBaAFIBhUxXcdQwD5g/DanUMXj/2bqyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dGVEZkeDFEQVBtRDhOcWRReGVQX1p1ckpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kZTg0Y2UtZDcwNC00NzY2LWEzODgt
ZjhlNWIyZDg2ODBjLzEvR2RwTmJoUll4T2Q4YUdSYmRWbnJzQmhTXzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kZTg0Y2UtZDcwNC00NzY2LWEzODgtZjhlNWIyZDg2ODBj
LzEvZ0dGVEZkeDFEQVBtRDhOcWRReGVQX1p1ckpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBLh12AwQD
W23IAwQCuQosAwQCuUfEAwQBucOqMA8EAgACMAkDBwEqAw7AAAAwDQYJKoZIhvcN
AQELBQADggEBAKnfARFBvCCHXjE7P6gNh8vlui013arYIcH39nZYO0/cdazL0RNW
rTCQG8J2xOi2rsp9Ms9pimY3V4vTWXB52f0EKopnTl2q4j4rMV7325aMjQBnJByn
4+6hmXlGvBxowzcvSh3pN9eH/PWgjsSzVmSgAUooTlIVr2xYQL9fRLqw52nl8zJD
3ghB5u1GPZu9sc7Rym4xSZNc6rYn2+Xno/WwOaIQpuDNwUfDRaHdH7WkT0CRMCmO
Q4IxyAlp7X+1SmmTAxOyr+4SQA0prDJbDDT9C5HHKDKOE7EiyqgwWZV18Xp/Bv0s
35/zw09cchJxoJNaTzjfF9Bg0s2ZshgTIwU=
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:32:48 2025 by rpki-client on console.sobornost.net