Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/16VwzWVgNRyLCtAXch9PWfSWgeM.roa
File: 16VwzWVgNRyLCtAXch9PWfSWgeM.roa (raw, json)
Hash identifier: C203Vfz7VUs5MzzkDe6+jJ/0Hm3QJ8YvUWmNLcGjW6Q=
Subject key identifier: D7:A5:70:CD:65:60:35:1C:8B:0A:D0:17:72:1F:4F:59:F4:96:81:E3
Certificate issuer: /CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Certificate serial: 019424B3911E1261E0D028C5A0DDE82CF336
Authority key identifier: DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/16VwzWVgNRyLCtAXch9PWfSWgeM.roa
Signing time: Thu 02 Jan 2025 01:48:55 +0000
ROA not before: Thu 02 Jan 2025 01:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201766
IP address blocks: 176.124.253.0/24 maxlen: 24
185.64.32.0/22 maxlen: 24
2a04:f7c0::/32 maxlen: 32
2a04:f7c1::/32 maxlen: 32
2a04:f7c2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:91:1e:12:61:e0:d0:28:c5:a0:dd:e8:2c:f3:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Validity
Not Before: Jan 2 01:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7a570cd6560351c8b0ad017721f4f59f49681e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:28:45:cb:26:14:92:51:64:8e:29:45:78:f0:
60:6c:2f:de:87:58:07:84:17:08:2d:b1:f0:fa:0d:
40:b1:52:61:c3:a3:91:d9:dd:ef:3d:99:a0:eb:6c:
8d:e6:be:90:f1:86:a6:09:69:ef:e5:93:48:4f:6f:
d7:a6:5b:f6:ca:69:e1:36:f6:6e:ec:81:21:00:60:
f7:f6:a9:90:69:72:58:3c:5c:f1:28:af:56:a1:29:
32:4b:1e:34:50:fe:37:12:27:48:fe:03:78:00:d9:
d7:74:db:d8:23:1e:36:2e:b3:df:40:7b:58:a2:f7:
c3:e0:19:43:c4:68:78:f4:b8:f6:e0:00:e7:b6:e9:
74:8c:b2:9e:be:4f:7b:cd:22:aa:35:16:93:92:b4:
3a:45:90:d0:82:70:ab:bc:30:21:cb:e0:f4:6e:f8:
ba:13:46:c9:aa:df:08:71:dc:da:3d:59:77:12:7d:
9f:cc:6d:5a:4a:ab:85:cb:7f:2f:30:04:ea:c8:58:
00:0a:39:49:e8:15:19:3d:a6:f2:2c:fd:7e:1f:f1:
21:a3:15:49:56:9d:d7:ca:2b:0c:b6:1d:66:59:b1:
0d:54:df:73:f9:03:e7:e3:09:5b:94:87:68:8a:b7:
ea:9c:0c:93:71:5d:d3:97:b3:65:62:ae:a0:ee:72:
90:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A5:70:CD:65:60:35:1C:8B:0A:D0:17:72:1F:4F:59:F4:96:81:E3
X509v3 Authority Key Identifier:
keyid:DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/16VwzWVgNRyLCtAXch9PWfSWgeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/29fJUTSL0uCcyvdvV7g4XxXfROQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.253.0/24
185.64.32.0/22
IPv6:
2a04:f7c0::-2a04:f7c2:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:8b:5a:97:ef:31:de:a9:6b:61:6b:06:fb:2f:7e:03:7a:92:
10:11:f8:c0:c5:b9:19:3a:87:1f:a5:0b:4b:4a:99:f4:95:53:
1d:fa:09:d5:dc:6b:c4:8f:c9:31:31:6d:0c:14:88:67:4b:c0:
ab:55:14:84:15:cb:9d:e3:42:ed:45:1c:db:85:29:97:19:6d:
21:fe:59:8b:d1:62:00:86:87:9c:eb:87:1a:7a:88:1c:92:84:
f3:2d:df:9e:09:0d:b9:9e:9a:08:4f:1a:f0:26:f7:fe:7a:ad:
b4:33:4d:1f:d4:ce:c6:50:db:8b:aa:2f:93:7c:17:60:e2:fd:
de:67:1f:45:76:a1:4d:9e:1f:6b:fa:da:6e:b0:ea:3a:45:80:
2d:78:c2:a9:56:ff:46:16:bd:38:68:41:75:1c:be:f1:83:45:
07:16:51:2f:e3:37:82:cd:9c:10:e6:ca:3d:3d:d0:cd:53:31:
98:b9:8e:28:ca:d3:0c:b0:9f:51:c7:2f:d0:f5:be:29:ca:73:
e2:b1:66:f1:60:41:8d:52:1a:cb:ef:eb:fc:7c:55:4f:0f:fa:
37:47:fa:fb:87:49:bc:e4:d1:44:07:1c:e8:3c:42:8e:5c:cb:
64:c2:53:ea:1d:88:9f:b8:d6:9e:3d:d8:39:4f:23:40:e5:90:
72:cb:40:d3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQks5EeEmHg0CjFoN3oLPM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdjOTUxMzQ4YmQyZTA5Y2NhZjc2ZjU3YjgzODVmMTVk
ZjQ0ZTQwHhcNMjUwMTAyMDE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E1NzBjZDY1NjAzNTFjOGIwYWQwMTc3MjFmNGY1OWY0OTY4MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApShFyyYUklFkjilFePBgbC/eh1gH
hBcILbHw+g1AsVJhw6OR2d3vPZmg62yN5r6Q8YamCWnv5ZNIT2/Xplv2ymnhNvZu
7IEhAGD39qmQaXJYPFzxKK9WoSkySx40UP43EidI/gN4ANnXdNvYIx42LrPfQHtY
ovfD4BlDxGh49Lj24ADntul0jLKevk97zSKqNRaTkrQ6RZDQgnCrvDAhy+D0bvi6
E0bJqt8IcdzaPVl3En2fzG1aSquFy38vMATqyFgACjlJ6BUZPabyLP1+H/EhoxVJ
Vp3XyisMth1mWbENVN9z+QPn4wlblIdoirfqnAyTcV3Tl7NlYq6g7nKQGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNelcM1lYDUciwrQF3IfT1n0loHjMB8GA1UdIwQY
MBaAFNvXyVE0i9LgnMr3b1e4OF8V30TkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEt
N2QwYWM1MjgxNWE2LzEvMTZWd3pXVmdOUnlMQ3RBWGNoOVBXZlNXZ2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEtN2QwYWM1MjgxNWE2
LzEvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAsHz9AwQC
uUAgMBgEAgACMBIwEAMFBioE98ADBwAqBPfCAAAwDQYJKoZIhvcNAQELBQADggEB
AEKLWpfvMd6pa2FrBvsvfgN6khAR+MDFuRk6hx+lC0tKmfSVUx36CdXca8SPyTEx
bQwUiGdLwKtVFIQVy53jQu1FHNuFKZcZbSH+WYvRYgCGh5zrhxp6iByShPMt354J
DbmemghPGvAm9/56rbQzTR/UzsZQ24uqL5N8F2Di/d5nH0V2oU2eH2v62m6w6jpF
gC14wqlW/0YWvThoQXUcvvGDRQcWUS/jN4LNnBDmyj090M1TMZi5jijK0wywn1HH
L9D1vinKc+KxZvFgQY1SGsvv6/x8VU8P+jdH+vuHSbzk0UQHHOg8Qo5cy2TCU+od
iJ+41p492DlPI0DlkHLLQNM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net