Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/1-jRnyFGmEx1CVoLDNNDO26bccvY.roa
File: 1-jRnyFGmEx1CVoLDNNDO26bccvY.roa (raw, json)
Hash identifier: 23QvIcsUor9KhcMI2prwonWuUHDRgDZgiqunE4RPe6c=
Subject key identifier: FA:34:67:C8:51:A6:13:1D:42:56:82:C3:34:D0:CE:DB:A6:DC:72:F6
Certificate issuer: /CN=775b336c3e4897a52b39c3adaaeccec6bf70ce7d
Certificate serial: 019425FC4A2F43EB7B74F0A994662560FB8F
Authority key identifier: 77:5B:33:6C:3E:48:97:A5:2B:39:C3:AD:AA:EC:CE:C6:BF:70:CE:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d1szbD5Il6UrOcOtquzOxr9wzn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/1-jRnyFGmEx1CVoLDNNDO26bccvY.roa
Signing time: Thu 02 Jan 2025 07:47:58 +0000
ROA not before: Thu 02 Jan 2025 07:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28953
IP address blocks: 195.39.236.0/24 maxlen: 24
195.39.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:4a:2f:43:eb:7b:74:f0:a9:94:66:25:60:fb:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=775b336c3e4897a52b39c3adaaeccec6bf70ce7d
Validity
Not Before: Jan 2 07:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa3467c851a6131d425682c334d0cedba6dc72f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:38:fb:3e:20:e7:52:ac:20:87:73:2e:64:94:
ac:6a:72:c6:d7:45:d7:00:ff:ee:26:8f:f1:e8:c1:
bb:6a:d8:e4:62:e9:2c:35:3e:31:f9:2f:8a:e5:ec:
02:5e:e8:6a:5e:98:30:e1:f2:a3:38:76:7b:b2:91:
bd:47:ce:e2:a8:bd:76:6a:4a:c4:58:8f:ac:71:f6:
65:2b:7f:c8:fd:72:ab:55:0b:c0:48:95:ec:36:1f:
b8:59:f2:a0:7c:6d:6c:b7:1d:2a:a1:65:ea:ef:12:
57:51:6c:7d:24:c2:b1:c4:4c:0c:35:b8:a1:54:a3:
f9:63:b7:c8:07:10:1a:be:66:d1:f5:5a:44:62:4a:
70:8e:af:47:23:ef:56:d9:7a:9e:16:3c:9e:20:95:
20:c0:9c:a2:09:31:44:6e:81:8e:a1:14:82:54:5c:
71:6d:96:e9:af:a2:ed:d3:3a:30:7a:16:8e:22:7e:
52:75:61:d8:37:50:f0:5e:13:9e:ad:4d:32:87:88:
a3:e9:d7:bc:64:a0:13:11:b5:a6:3c:74:51:e7:64:
4c:48:b9:34:1d:87:94:6b:bc:44:3e:14:d3:77:dd:
ae:66:a9:5e:b7:59:c9:85:57:02:f7:b9:e8:d6:3d:
60:53:32:5c:d0:00:8a:c8:ab:2d:ae:1c:37:88:2c:
de:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:34:67:C8:51:A6:13:1D:42:56:82:C3:34:D0:CE:DB:A6:DC:72:F6
X509v3 Authority Key Identifier:
keyid:77:5B:33:6C:3E:48:97:A5:2B:39:C3:AD:AA:EC:CE:C6:BF:70:CE:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1szbD5Il6UrOcOtquzOxr9wzn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/1-jRnyFGmEx1CVoLDNNDO26bccvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.39.236.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:dc:b6:10:23:a8:93:a0:0a:e9:46:ba:4a:67:54:b4:01:7e:
cb:f9:5d:c7:25:1d:ea:6a:c8:c9:53:72:27:66:ca:8b:98:31:
c2:c9:46:f4:2e:2a:af:9b:b7:e3:b1:71:ae:95:1a:49:ee:7c:
00:8f:89:ea:5c:dc:1e:68:c2:d6:17:94:d4:cc:99:91:84:1d:
1a:a2:62:84:0d:10:b9:ef:14:29:f1:76:87:0a:78:b9:bc:e4:
ee:df:62:bb:36:75:7c:98:04:29:ec:59:94:2a:6f:55:09:50:
3b:c3:1a:f0:d4:37:cb:0d:50:62:1b:82:ba:23:06:8c:22:68:
3a:a9:39:db:f8:21:e9:ef:b1:ae:37:d0:16:20:cf:be:cb:42:
c8:8e:4d:2d:b9:b0:22:f0:b2:f4:d8:2b:3b:4c:6b:f5:0b:08:
7b:0a:15:b0:c1:e1:36:03:dc:9f:58:93:5b:ab:b8:26:94:ff:
ac:90:27:40:61:a6:43:d4:eb:54:6d:31:61:7b:5c:2b:52:54:
6b:85:f4:98:99:62:d3:5b:56:66:b6:f6:c6:e1:8d:9a:22:99:
27:9c:df:29:ad:21:6d:17:60:c3:39:a4:f0:d3:8f:3c:33:e4:
d5:2a:d4:0b:25:85:5b:c0:b7:28:be:56:46:34:57:46:c0:27:
fa:be:79:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/EovQ+t7dPCplGYlYPuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NWIzMzZjM2U0ODk3YTUyYjM5YzNhZGFhZWNjZWM2YmY3
MGNlN2QwHhcNMjUwMTAyMDc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTM0NjdjODUxYTYxMzFkNDI1NjgyYzMzNGQwY2VkYmE2ZGM3MmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+zj7PiDnUqwgh3MuZJSsanLG10XX
AP/uJo/x6MG7atjkYuksNT4x+S+K5ewCXuhqXpgw4fKjOHZ7spG9R87iqL12akrE
WI+scfZlK3/I/XKrVQvASJXsNh+4WfKgfG1stx0qoWXq7xJXUWx9JMKxxEwMNbih
VKP5Y7fIBxAavmbR9VpEYkpwjq9HI+9W2XqeFjyeIJUgwJyiCTFEboGOoRSCVFxx
bZbpr6Lt0zowehaOIn5SdWHYN1DwXhOerU0yh4ij6de8ZKATEbWmPHRR52RMSLk0
HYeUa7xEPhTTd92uZqlet1nJhVcC97no1j1gUzJc0ACKyKstrhw3iCzeoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPo0Z8hRphMdQlaCwzTQztum3HL2MB8GA1UdIwQY
MBaAFHdbM2w+SJelKznDrarszsa/cM59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDFzemJENUlsNlVyT2NPdHF1ek94cjl3em4wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMDQ3NmEtOGFjNy00NTZjLWI5M2Qt
M2RjMTQxNzBkNjJhLzEvMS1qUm55RkdtRXgxQ1ZvTEROTkRPMjZiY2N2WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvMDA0NzZhLThhYzctNDU2Yy1iOTNkLTNkYzE0MTcwZDYy
YS8xL2Qxc3piRDVJbDZVck9jT3RxdXpPeHI5d3puMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMn7DAN
BgkqhkiG9w0BAQsFAAOCAQEApNy2ECOok6AK6Ua6SmdUtAF+y/ldxyUd6mrIyVNy
J2bKi5gxwslG9C4qr5u347FxrpUaSe58AI+J6lzcHmjC1heU1MyZkYQdGqJihA0Q
ue8UKfF2hwp4ubzk7t9iuzZ1fJgEKexZlCpvVQlQO8Ma8NQ3yw1QYhuCuiMGjCJo
Oqk52/gh6e+xrjfQFiDPvstCyI5NLbmwIvCy9NgrO0xr9QsIewoVsMHhNgPcn1iT
W6u4JpT/rJAnQGGmQ9TrVG0xYXtcK1JUa4X0mJli01tWZrb2xuGNmiKZJ5zfKa0h
bRdgwzmk8NOPPDPk1SrUCyWFW8C3KL5WRjRXRsAn+r55rQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:45 2025 by rpki-client on console.sobornost.net