Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/N2Ywt1Zu6RFCKrRmoVRIvRbEpO4.roa
File: N2Ywt1Zu6RFCKrRmoVRIvRbEpO4.roa (raw, json)
Hash identifier: bw5N2rd2h314dIZ9lHxKODUelY5pEYLS7TkORPtv4iY=
Subject key identifier: 37:66:30:B7:56:6E:E9:11:42:2A:B4:66:A1:54:48:BD:16:C4:A4:EE
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 019422FBF323019B7F7F8F9C9BD2F5098078
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/N2Ywt1Zu6RFCKrRmoVRIvRbEpO4.roa
Signing time: Wed 01 Jan 2025 17:48:44 +0000
ROA not before: Wed 01 Jan 2025 17:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35263
IP address blocks: 86.109.64.0/19 maxlen: 19
2a00:1b90::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f3:23:01:9b:7f:7f:8f:9c:9b:d2:f5:09:80:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: Jan 1 17:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=376630b7566ee911422ab466a15448bd16c4a4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:ef:c0:c7:67:b4:71:5d:a5:80:4f:80:5b:
25:20:fa:9a:1b:68:dc:01:1c:12:ad:46:ae:c8:fa:
03:d6:23:6b:a2:47:bc:c0:22:1c:6b:77:1e:d3:3b:
c0:00:a7:6d:66:c8:20:1b:a3:f5:e8:75:1f:66:b9:
4b:ff:3f:93:2d:9e:4c:99:9f:5e:2a:23:3f:86:98:
95:a8:f4:02:d5:3d:3b:67:59:bd:f0:24:b0:dc:f5:
eb:a0:9f:4c:2d:6c:c4:46:c7:26:a1:d6:48:07:0c:
e0:bc:be:e5:86:ac:e3:f4:95:8e:f2:e2:7e:77:62:
3b:da:48:30:d4:8d:53:ff:31:5e:6a:b4:43:42:ea:
eb:ff:07:34:f3:c7:60:dd:f1:79:49:bd:65:24:30:
ef:f6:c4:31:cf:f5:f1:57:e3:7e:01:cc:a4:7a:3d:
61:9a:33:2d:e7:a7:2a:ca:57:6c:b9:8d:b3:61:37:
50:26:be:03:b1:93:93:f0:17:29:c5:ad:40:45:dd:
e6:40:8e:c6:f0:a3:37:48:11:21:0e:9e:5d:d6:4d:
47:3e:4b:d8:dd:dc:3c:89:99:54:0a:eb:96:bb:5c:
92:2e:4a:83:90:5d:95:6b:06:ef:c5:99:a6:1c:ad:
00:04:ef:55:55:d2:3e:6b:ea:70:82:e8:82:db:46:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:66:30:B7:56:6E:E9:11:42:2A:B4:66:A1:54:48:BD:16:C4:A4:EE
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/N2Ywt1Zu6RFCKrRmoVRIvRbEpO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.64.0/19
IPv6:
2a00:1b90::/32
Signature Algorithm: sha256WithRSAEncryption
00:33:53:1b:00:d9:da:ce:cf:a6:0b:1a:c7:6b:c5:65:b6:cd:
60:59:ca:5b:0b:a3:9c:66:dd:50:f1:ed:fa:bd:e1:66:5d:f3:
c2:d5:d2:31:7f:6b:65:22:8e:9e:1c:a3:f0:20:50:b2:57:dc:
af:7a:46:16:08:0f:ad:ea:53:cf:cd:ed:7e:a8:be:02:f0:16:
9b:3d:17:8c:99:c4:ab:b8:3d:2d:75:b5:e8:3e:82:f9:25:8f:
25:a2:b4:d9:a8:ed:00:c4:12:af:f5:d1:d0:ed:54:bf:1c:13:
65:f2:14:b6:be:0e:76:af:84:57:08:2f:f1:f9:7a:dd:50:a3:
2f:88:b4:69:1e:7e:cc:83:83:42:28:86:3f:65:b2:a3:e8:2d:
28:80:64:b3:67:e2:68:5e:68:ff:6c:c5:ae:97:80:35:0c:19:
2f:29:bf:ec:c9:d5:cd:6d:17:8e:b8:22:3b:a5:29:38:04:d9:
30:e9:fa:3c:3b:22:d9:ff:f1:e5:3a:9a:8e:aa:e9:41:5b:2b:
36:b6:13:dd:5e:d4:5e:5f:8e:f5:0c:32:1a:85:8b:23:91:8f:
b0:fa:72:00:fc:bc:34:78:59:89:41:93:84:08:fb:86:2d:35:
22:4e:3c:b5:9f:bd:ed:38:13:7a:e8:50:4e:f1:83:5e:81:c8:
88:cf:19:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+/MjAZt/f4+cm9L1CYB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjUwMTAxMTc0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY2MzBiNzU2NmVlOTExNDIyYWI0NjZhMTU0NDhiZDE2YzRhNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ/vwMdntHFdpYBPgFslIPqaG2jc
ARwSrUauyPoD1iNroke8wCIca3ce0zvAAKdtZsggG6P16HUfZrlL/z+TLZ5MmZ9e
KiM/hpiVqPQC1T07Z1m98CSw3PXroJ9MLWzERscmodZIBwzgvL7lhqzj9JWO8uJ+
d2I72kgw1I1T/zFearRDQurr/wc088dg3fF5Sb1lJDDv9sQxz/XxV+N+Acykej1h
mjMt56cqyldsuY2zYTdQJr4DsZOT8Bcpxa1ARd3mQI7G8KM3SBEhDp5d1k1HPkvY
3dw8iZlUCuuWu1ySLkqDkF2VawbvxZmmHK0ABO9VVdI+a+pwguiC20bPpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDdmMLdWbukRQiq0ZqFUSL0WxKTuMB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvTjJZd3QxWnU2UkZDS3JSbW9WUkl2UmJFcE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVm1AMA0E
AgACMAcDBQAqABuQMA0GCSqGSIb3DQEBCwUAA4IBAQAAM1MbANnazs+mCxrHa8Vl
ts1gWcpbC6OcZt1Q8e36veFmXfPC1dIxf2tlIo6eHKPwIFCyV9yvekYWCA+t6lPP
ze1+qL4C8BabPReMmcSruD0tdbXoPoL5JY8lorTZqO0AxBKv9dHQ7VS/HBNl8hS2
vg52r4RXCC/x+XrdUKMviLRpHn7Mg4NCKIY/ZbKj6C0ogGSzZ+JoXmj/bMWul4A1
DBkvKb/sydXNbReOuCI7pSk4BNkw6fo8OyLZ//HlOpqOqulBWys2thPdXtReX471
DDIahYsjkY+w+nIA/Lw0eFmJQZOECPuGLTUiTjy1n73tOBN66FBO8YNegciIzxnc
-----END CERTIFICATE-----
Generated at Wed Jan 22 17:26:25 2025 by rpki-client on console.sobornost.net