Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/si754UrpKqsViXC-aHyx2LtipFA.roa
File: si754UrpKqsViXC-aHyx2LtipFA.roa (raw, json)
Hash identifier: VCYyh8ACSkDGJLu/cfRmB43QT8YqJ4jUUodjDefcg/Y=
Subject key identifier: B2:2E:F9:E1:4A:E9:2A:AB:15:89:70:BE:68:7C:B1:D8:BB:62:A4:50
Certificate issuer: /CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Certificate serial: 0195F686D8C2AB973BB880C174E5C16EB4E1
Authority key identifier: DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/si754UrpKqsViXC-aHyx2LtipFA.roa
Signing time: Wed 02 Apr 2025 12:43:07 +0000
ROA not before: Wed 02 Apr 2025 12:43:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60341
IP address blocks: 176.124.253.0/24 maxlen: 24
185.64.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:86:d8:c2:ab:97:3b:b8:80:c1:74:e5:c1:6e:b4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Validity
Not Before: Apr 2 12:43:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b22ef9e14ae92aab158970be687cb1d8bb62a450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:7d:61:52:d5:2b:9b:e0:be:ea:55:3e:6c:
5d:63:5f:05:9d:d3:b7:19:24:e6:be:bc:b2:b1:69:
e3:83:1e:c0:0b:03:fe:4b:fe:58:ba:55:fa:cc:0e:
ff:38:d7:8b:72:06:84:ac:d5:1d:3c:23:ab:ba:0f:
33:2c:7c:5f:86:ad:1b:53:7d:a7:7c:8b:9f:28:6d:
13:fb:18:c0:75:7b:60:d1:76:6d:19:df:cc:1b:36:
14:e4:28:12:96:99:54:f0:c3:f5:63:25:8f:86:8c:
83:e6:00:28:00:92:9a:0b:e7:e8:4f:88:00:61:53:
a9:54:f9:19:19:9b:bf:a2:5f:7c:eb:f3:aa:32:84:
d4:12:51:51:c9:ef:1f:bf:fd:94:08:b8:10:1f:e8:
27:41:86:16:7b:9a:00:58:7c:53:6f:d6:96:6d:c5:
75:09:e6:3c:0c:35:fa:5c:32:c4:89:16:94:6f:0b:
86:71:08:d1:95:ad:d8:67:fc:3c:1f:e4:ab:af:bf:
2f:33:5c:f7:4d:c3:74:13:57:61:2f:28:e6:ee:92:
ff:2f:32:de:62:ef:e2:e7:c8:a6:ec:0e:76:ad:f4:
b9:ec:41:b9:cf:9f:38:59:e1:4d:0f:cb:50:f4:a6:
ce:17:b7:b8:ea:21:c9:19:20:ea:20:77:8f:32:34:
bf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2E:F9:E1:4A:E9:2A:AB:15:89:70:BE:68:7C:B1:D8:BB:62:A4:50
X509v3 Authority Key Identifier:
keyid:DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/si754UrpKqsViXC-aHyx2LtipFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/29fJUTSL0uCcyvdvV7g4XxXfROQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.253.0/24
185.64.32.0/22
Signature Algorithm: sha256WithRSAEncryption
52:6b:2b:f1:7d:68:e4:7c:ae:99:28:a7:de:19:d7:d8:5d:bc:
e5:08:92:8c:c2:6f:e4:75:b4:80:2b:6f:64:fe:aa:b2:27:7f:
d6:3a:60:07:62:d3:84:08:3f:e1:0f:e1:50:51:93:6b:92:b2:
b1:0b:a4:e0:05:d6:62:0a:18:68:66:9d:e1:14:50:c3:6f:53:
88:23:4d:9d:f5:a8:d9:b3:a8:ba:45:fe:67:3d:a6:1e:2a:87:
94:d3:86:8d:d6:b9:d2:e5:cb:c8:8e:7b:dc:1e:f9:f5:8d:e3:
0a:b6:57:b1:07:5b:89:f8:3f:d1:16:90:f9:81:b8:fe:32:87:
37:67:05:c2:37:55:ff:b3:0a:6c:c7:d4:09:e2:94:08:7f:6c:
b3:ce:c5:8a:91:1c:ef:50:3d:8f:6d:33:75:03:d6:ee:b6:cc:
ea:01:99:b0:92:41:7f:80:59:ed:67:3c:76:40:d7:9e:c0:9a:
89:63:89:00:1a:cb:56:a8:e2:65:3c:c4:05:8d:5e:49:6b:8d:
84:f6:00:78:68:e3:eb:7c:1f:b0:58:50:ee:f6:cf:36:f8:cb:
64:1b:b3:14:de:05:99:50:d4:6c:dc:db:a9:5f:6f:79:53:9b:
fe:14:28:4c:82:70:73:32:ec:af:35:fb:29:70:e4:d6:56:bc:
9c:59:c7:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX2htjCq5c7uIDBdOXBbrThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdjOTUxMzQ4YmQyZTA5Y2NhZjc2ZjU3YjgzODVmMTVk
ZjQ0ZTQwHhcNMjUwNDAyMTI0MzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJlZjllMTRhZTkyYWFiMTU4OTcwYmU2ODdjYjFkOGJiNjJhNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOF9YVLVK5vgvupVPmxdY18FndO3
GSTmvryysWnjgx7ACwP+S/5YulX6zA7/ONeLcgaErNUdPCOrug8zLHxfhq0bU32n
fIufKG0T+xjAdXtg0XZtGd/MGzYU5CgSlplU8MP1YyWPhoyD5gAoAJKaC+foT4gA
YVOpVPkZGZu/ol986/OqMoTUElFRye8fv/2UCLgQH+gnQYYWe5oAWHxTb9aWbcV1
CeY8DDX6XDLEiRaUbwuGcQjRla3YZ/w8H+Srr78vM1z3TcN0E1dhLyjm7pL/LzLe
Yu/i58im7A52rfS57EG5z584WeFND8tQ9KbOF7e46iHJGSDqIHePMjS/1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLIu+eFK6SqrFYlwvmh8sdi7YqRQMB8GA1UdIwQY
MBaAFNvXyVE0i9LgnMr3b1e4OF8V30TkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEt
N2QwYWM1MjgxNWE2LzEvc2k3NTRVcnBLcXNWaVhDLWFIeXgyTHRpcEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEtN2QwYWM1MjgxNWE2
LzEvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHz9AwQC
uUAgMA0GCSqGSIb3DQEBCwUAA4IBAQBSayvxfWjkfK6ZKKfeGdfYXbzlCJKMwm/k
dbSAK29k/qqyJ3/WOmAHYtOECD/hD+FQUZNrkrKxC6TgBdZiChhoZp3hFFDDb1OI
I02d9ajZs6i6Rf5nPaYeKoeU04aN1rnS5cvIjnvcHvn1jeMKtlexB1uJ+D/RFpD5
gbj+Moc3ZwXCN1X/swpsx9QJ4pQIf2yzzsWKkRzvUD2PbTN1A9butszqAZmwkkF/
gFntZzx2QNeewJqJY4kAGstWqOJlPMQFjV5Ja42E9gB4aOPrfB+wWFDu9s82+Mtk
G7MU3gWZUNRs3NupX295U5v+FChMgnBzMuyvNfspcOTWVrycWcfX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net