Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/3gQqwuDknMD1by1_10QyLFjqTSQ.roa
File: 3gQqwuDknMD1by1_10QyLFjqTSQ.roa (raw, json)
Hash identifier: 7rS6ATpFIQATm/1nB63KRTZ9v2IEBgVrsScfZWZHuYo=
Subject key identifier: DE:04:2A:C2:E0:E4:9C:C0:F5:6F:2D:7F:D7:44:32:2C:58:EA:4D:24
Certificate issuer: /CN=f6a1722e8baddc358a15874265b466743e703656
Certificate serial: 019420D5BB3ED0B689307ACEA9FDE376B5FF
Authority key identifier: F6:A1:72:2E:8B:AD:DC:35:8A:15:87:42:65:B4:66:74:3E:70:36:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/3gQqwuDknMD1by1_10QyLFjqTSQ.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206217
IP address blocks: 146.66.128.0/24 maxlen: 24
185.110.228.0/22 maxlen: 22
185.110.228.0/23 maxlen: 23
185.110.228.0/24 maxlen: 24
185.110.230.0/23 maxlen: 23
185.110.230.0/24 maxlen: 24
185.110.231.0/24 maxlen: 24
2a0f:cbc0::/29 maxlen: 29
2a0f:cbc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bb:3e:d0:b6:89:30:7a:ce:a9:fd:e3:76:b5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6a1722e8baddc358a15874265b466743e703656
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de042ac2e0e49cc0f56f2d7fd744322c58ea4d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:bc:31:3e:c2:59:8c:9d:44:38:79:53:a9:
f6:54:10:8e:f8:2f:aa:f6:46:a1:01:fa:23:f0:98:
a1:44:9b:bd:13:d8:e4:1c:19:f6:e7:91:61:e4:56:
9f:44:31:c5:76:05:23:67:95:c4:26:57:16:7d:5e:
24:a6:d8:fa:75:87:35:53:b7:87:74:44:a9:63:23:
71:a1:ae:b2:1c:50:76:26:20:1c:13:6f:36:e6:21:
e1:bc:a4:d0:b4:aa:9d:f5:d3:3a:06:b3:ba:a2:8d:
c3:a9:fd:93:c1:54:f2:61:39:18:9c:d3:97:85:11:
d7:9a:a8:30:ab:a4:aa:26:f7:b2:bc:11:9a:b9:f1:
ca:df:b1:85:a6:0d:94:0b:47:60:8d:0a:24:5c:68:
10:49:45:53:c3:c0:77:9d:a6:36:e0:0f:b0:dc:4c:
6e:29:88:3f:91:b5:79:22:d2:17:34:c3:e4:fa:da:
90:1e:0a:1a:57:13:2f:e2:6c:1d:18:57:0d:78:e8:
05:07:12:65:f1:44:a5:5c:d4:22:73:22:d5:f1:e9:
58:a4:c2:cb:6a:8f:b6:da:a6:f8:f5:2f:4a:b2:2e:
06:3e:7c:bb:98:0b:03:a3:8b:7a:91:31:f7:e2:d1:
a6:82:73:e2:ce:4b:51:83:4b:8e:3c:e4:71:e8:bf:
13:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:04:2A:C2:E0:E4:9C:C0:F5:6F:2D:7F:D7:44:32:2C:58:EA:4D:24
X509v3 Authority Key Identifier:
keyid:F6:A1:72:2E:8B:AD:DC:35:8A:15:87:42:65:B4:66:74:3E:70:36:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/3gQqwuDknMD1by1_10QyLFjqTSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/9qFyLout3DWKFYdCZbRmdD5wNlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.128.0/24
185.110.228.0/22
IPv6:
2a0f:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
89:36:16:09:2d:5c:53:37:07:9b:f4:f6:5b:3f:83:78:0c:d5:
0a:9c:5f:30:86:e2:89:b5:33:dc:3a:ed:9e:6f:6b:10:85:78:
96:67:9d:f9:bc:97:a7:28:66:b5:0b:76:99:6d:60:e0:3e:a6:
d6:c4:86:e2:42:5a:bb:a2:86:ab:8d:ef:04:86:8a:33:a0:54:
45:72:d2:33:88:47:d9:f8:f8:e8:fd:19:79:36:48:e1:2e:d3:
9e:54:31:3a:20:86:ec:c1:53:70:d9:bf:55:90:ae:9b:48:27:
b9:97:34:ad:c6:3c:d8:73:d2:17:78:20:03:eb:d4:a3:14:1e:
28:96:29:a5:f1:78:4c:33:b2:41:a2:a3:71:89:bc:c4:be:d6:
38:89:2c:9b:02:2f:cd:e2:47:6c:f5:26:5a:59:e3:25:91:54:
43:02:4d:37:03:67:4f:da:a0:0a:29:bc:ce:6f:bd:f4:5f:e1:
72:0e:ba:d4:57:2e:ef:40:73:c2:9d:75:f3:92:5b:96:dd:eb:
71:84:a4:2a:bb:90:95:01:47:09:8e:34:10:92:a3:af:5a:0b:
68:87:9a:58:38:5e:a4:fc:2b:85:93:9a:96:f7:44:e4:b4:c9:
6f:36:33:31:5b:a5:0a:15:df:ee:cb:30:e6:3a:68:ff:63:ca:
75:85:64:fd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1bs+0LaJMHrOqf3jdrX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YTE3MjJlOGJhZGRjMzU4YTE1ODc0MjY1YjQ2Njc0M2U3
MDM2NTYwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA0MmFjMmUwZTQ5Y2MwZjU2ZjJkN2ZkNzQ0MzIyYzU4ZWE0ZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6+8MT7CWYydRDh5U6n2VBCO+C+q
9kahAfoj8JihRJu9E9jkHBn255Fh5FafRDHFdgUjZ5XEJlcWfV4kptj6dYc1U7eH
dESpYyNxoa6yHFB2JiAcE2825iHhvKTQtKqd9dM6BrO6oo3Dqf2TwVTyYTkYnNOX
hRHXmqgwq6SqJveyvBGaufHK37GFpg2UC0dgjQokXGgQSUVTw8B3naY24A+w3Exu
KYg/kbV5ItIXNMPk+tqQHgoaVxMv4mwdGFcNeOgFBxJl8USlXNQicyLV8elYpMLL
ao+22qb49S9Ksi4GPny7mAsDo4t6kTH34tGmgnPizktRg0uOPORx6L8T+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN4EKsLg5JzA9W8tf9dEMixY6k0kMB8GA1UdIwQY
MBaAFPahci6Lrdw1ihWHQmW0ZnQ+cDZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXFGeUxvdXQzRFdLRllkQ1piUm1kRDV3TmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy85Y2NmNzItZjJkZi00NWI2LTkzN2It
NmUwNzkwNjliNjViLzEvM2dRcXd1RGtuTUQxYnkxXzEwUXlMRmpxVFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy85Y2NmNzItZjJkZi00NWI2LTkzN2ItNmUwNzkwNjliNjVi
LzEvOXFGeUxvdXQzRFdLRllkQ1piUm1kRDV3TmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAkkKAAwQC
uW7kMA0EAgACMAcDBQMqD8vAMA0GCSqGSIb3DQEBCwUAA4IBAQCJNhYJLVxTNweb
9PZbP4N4DNUKnF8whuKJtTPcOu2eb2sQhXiWZ535vJenKGa1C3aZbWDgPqbWxIbi
Qlq7ooarje8EhoozoFRFctIziEfZ+Pjo/Rl5NkjhLtOeVDE6IIbswVNw2b9VkK6b
SCe5lzStxjzYc9IXeCAD69SjFB4oliml8XhMM7JBoqNxibzEvtY4iSybAi/N4kds
9SZaWeMlkVRDAk03A2dP2qAKKbzOb730X+FyDrrUVy7vQHPCnXXzkluW3etxhKQq
u5CVAUcJjjQQkqOvWgtoh5pYOF6k/CuFk5qW90TktMlvNjMxW6UKFd/uyzDmOmj/
Y8p1hWT9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:06 2025 by rpki-client on console.sobornost.net