Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/0j1hJ7fS9pKsp0mhc3Z4R_-U-Zs.roa
File: 0j1hJ7fS9pKsp0mhc3Z4R_-U-Zs.roa (raw, json)
Hash identifier: FEK144MzuqW9qvKlNPQamC/fG2v3y8bfbUTIC1iqdbY=
Subject key identifier: D2:3D:61:27:B7:D2:F6:92:AC:A7:49:A1:73:76:78:47:FF:94:F9:9B
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 01942823DC6AE448807474254181A124663A
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/0j1hJ7fS9pKsp0mhc3Z4R_-U-Zs.roa
Signing time: Thu 02 Jan 2025 17:50:26 +0000
ROA not before: Thu 02 Jan 2025 17:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 46.34.160.0/22 maxlen: 24
89.42.197.0/24 maxlen: 24
89.42.198.0/24 maxlen: 24
89.42.199.0/24 maxlen: 24
89.47.196.0/24 maxlen: 24
89.47.199.0/24 maxlen: 24
89.47.203.0/24 maxlen: 24
92.114.48.0/23 maxlen: 24
92.114.48.0/24 maxlen: 24
92.114.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:dc:6a:e4:48:80:74:74:25:41:81:a1:24:66:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Jan 2 17:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d23d6127b7d2f692aca749a173767847ff94f99b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7c:a8:d4:21:b9:1c:47:e9:c7:83:1e:a3:2a:
eb:bc:c2:6c:59:1c:f8:56:82:62:b8:f7:f0:6f:8b:
d5:86:fd:a7:48:16:d0:87:31:5f:7a:9a:75:16:84:
84:a4:26:a4:ce:05:df:bc:b2:3e:41:9e:46:c2:ca:
1f:58:8c:fb:33:e9:38:f1:a6:b3:48:3d:94:a1:05:
9f:ea:fb:7d:04:98:b0:78:0f:3b:1f:00:94:96:5d:
72:b9:de:d5:a8:2a:dc:64:1b:8b:ab:a9:df:97:0c:
bf:58:a6:96:68:6b:1d:76:23:66:1c:ea:2c:ec:22:
6b:1e:bf:89:26:c3:45:60:56:6f:64:05:c1:30:e5:
a8:b8:af:fe:7f:55:16:70:c5:54:57:4c:65:76:18:
38:ac:0d:71:b7:32:80:aa:ec:49:c3:af:86:40:34:
28:af:fe:51:23:46:04:d5:1f:3d:4d:b7:3d:9d:6b:
a3:5f:4b:b0:d3:d3:fa:1f:5a:85:7b:e0:08:fa:cb:
2f:9e:cb:e2:d9:49:0c:63:54:f0:81:d9:2e:25:ef:
58:b1:bb:82:a4:18:53:c5:1b:4c:4c:76:48:64:6d:
c9:90:d2:f8:dd:de:35:ea:3c:88:c6:bb:fe:85:99:
2f:aa:04:8c:08:ee:79:e2:67:4a:68:ad:0e:08:f5:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3D:61:27:B7:D2:F6:92:AC:A7:49:A1:73:76:78:47:FF:94:F9:9B
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/0j1hJ7fS9pKsp0mhc3Z4R_-U-Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.160.0/22
89.42.197.0-89.42.199.255
89.47.196.0/24
89.47.199.0/24
89.47.203.0/24
92.114.48.0/23
Signature Algorithm: sha256WithRSAEncryption
01:ca:74:86:10:03:8f:5f:0f:18:8c:6f:90:ab:e3:53:cf:5e:
b6:72:71:31:8b:c0:65:cc:b1:1f:f5:d6:69:8f:e1:30:1e:05:
5f:3d:40:a9:01:89:cd:d7:87:71:7a:70:5b:85:48:f5:aa:cd:
1b:95:f9:ea:01:93:e3:89:89:69:32:b3:5e:fc:15:84:12:31:
c1:85:5e:38:4a:a8:1e:a0:6f:50:9f:c7:dc:a0:ec:24:0f:a9:
c1:ac:be:fe:86:a5:06:1c:e5:3e:c7:8f:86:f0:73:18:b7:c7:
7c:c2:50:1a:36:c6:74:ed:f0:3a:b4:eb:ab:68:20:e4:19:ac:
cd:74:1d:98:b6:22:26:2f:4c:d9:ac:ad:2d:6b:39:cc:88:22:
3c:2e:a5:74:40:40:28:ca:31:56:58:17:ad:11:4c:27:45:7b:
2a:73:65:1a:7f:fe:df:9c:9c:62:92:dd:d3:be:e0:73:b9:89:
8d:b4:d8:ff:85:cb:7a:fc:e8:67:89:56:e9:19:fb:61:80:0e:
96:c0:d4:e6:39:67:4b:b6:09:49:bf:54:10:bd:c0:ff:2b:cf:
4a:61:9a:e8:b5:16:22:3d:35:3e:86:71:11:c6:9e:3c:2d:82:
fb:d2:72:49:58:31:9f:bc:c4:7f:58:04:ec:2c:80:21:c6:ce:
21:a9:42:a2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQoI9xq5EiAdHQlQYGhJGY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjUwMTAyMTc1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjNkNjEyN2I3ZDJmNjkyYWNhNzQ5YTE3Mzc2Nzg0N2ZmOTRmOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnyo1CG5HEfpx4MeoyrrvMJsWRz4
VoJiuPfwb4vVhv2nSBbQhzFfepp1FoSEpCakzgXfvLI+QZ5GwsofWIz7M+k48aaz
SD2UoQWf6vt9BJiweA87HwCUll1yud7VqCrcZBuLq6nflwy/WKaWaGsddiNmHOos
7CJrHr+JJsNFYFZvZAXBMOWouK/+f1UWcMVUV0xldhg4rA1xtzKAquxJw6+GQDQo
r/5RI0YE1R89Tbc9nWujX0uw09P6H1qFe+AI+ssvnsvi2UkMY1TwgdkuJe9YsbuC
pBhTxRtMTHZIZG3JkNL43d416jyIxrv+hZkvqgSMCO554mdKaK0OCPVCPwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNI9YSe30vaSrKdJoXN2eEf/lPmbMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvMGoxaEo3ZlM5cEtzcDBtaGMzWjRSXy1VLVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLiKgMAwD
BABZKsUDBANZKsADBABZL8QDBABZL8cDBABZL8sDBAFccjAwDQYJKoZIhvcNAQEL
BQADggEBAAHKdIYQA49fDxiMb5Cr41PPXrZycTGLwGXMsR/11mmP4TAeBV89QKkB
ic3Xh3F6cFuFSPWqzRuV+eoBk+OJiWkys178FYQSMcGFXjhKqB6gb1Cfx9yg7CQP
qcGsvv6GpQYc5T7Hj4bwcxi3x3zCUBo2xnTt8Dq066toIOQZrM10HZi2IiYvTNms
rS1rOcyIIjwupXRAQCjKMVZYF60RTCdFeypzZRp//t+cnGKS3dO+4HO5iY202P+F
y3r86GeJVukZ+2GADpbA1OY5Z0u2CUm/VBC9wP8rz0phmui1FiI9NT6GcRHGnjwt
gvvScklYMZ+8xH9YBOwsgCHGziGpQqI=
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:46:51 2025 by rpki-client on console.sobornost.net