Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/bqoiPzwRe4PUMqiK_-uqiOSrT8g.roa
File: bqoiPzwRe4PUMqiK_-uqiOSrT8g.roa (raw, json)
Hash identifier: zxBqKx04g5nB2wdjrM/3iI8Vlwm/BGdUl98rn328O3U=
Subject key identifier: 6E:AA:22:3F:3C:11:7B:83:D4:32:A8:8A:FF:EB:AA:88:E4:AB:4F:C8
Certificate issuer: /CN=78b04fbafaa36b71fcd36eca50b5fe0e88dd3551
Certificate serial: 019420D6306D8F5EAC8841BC43D7264D679F
Authority key identifier: 78:B0:4F:BA:FA:A3:6B:71:FC:D3:6E:CA:50:B5:FE:0E:88:DD:35:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eLBPuvqja3H8027KULX-DojdNVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/bqoiPzwRe4PUMqiK_-uqiOSrT8g.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50242
IP address blocks: 109.236.112.0/20 maxlen: 24
2a02:6ca3::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:30:6d:8f:5e:ac:88:41:bc:43:d7:26:4d:67:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78b04fbafaa36b71fcd36eca50b5fe0e88dd3551
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eaa223f3c117b83d432a88affebaa88e4ab4fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:86:2e:22:f7:64:dc:da:ce:d7:18:21:e5:71:
f1:49:18:8b:d1:fe:ac:8f:9f:ea:f8:88:b8:4c:34:
56:7f:e7:e6:a1:2f:19:ff:99:e0:59:96:39:00:ad:
35:59:7d:f2:c7:e1:e8:0e:e3:88:a6:11:21:12:64:
16:31:d9:85:f6:2e:0c:ba:28:18:7f:20:1c:4c:f6:
06:ca:2e:b3:3c:97:03:5c:ab:54:98:3b:86:ef:34:
ef:1c:41:6a:59:7e:d8:a2:a8:3e:bf:d4:97:f1:3f:
8c:ae:48:d0:dd:ea:ea:89:e1:8c:5c:ca:23:82:d3:
15:86:72:a4:a9:91:ae:90:23:b2:86:6e:82:e7:0c:
00:40:ca:f8:80:79:0b:c3:23:a2:5a:8d:83:0e:f4:
fd:00:82:c3:a8:ad:80:a7:06:01:bb:ef:b2:16:46:
89:7b:14:5e:ef:c9:ab:24:d9:c0:80:60:67:8a:2d:
0e:0f:f5:b1:51:d9:e1:a3:93:48:f4:22:14:9e:4d:
79:79:fa:18:75:85:e6:54:34:a7:ed:6c:8c:17:6e:
ed:0a:d5:e7:a7:97:de:6a:92:b6:a5:74:13:63:a8:
ba:17:61:26:b4:d2:18:f6:70:7b:ef:b2:4a:b5:3f:
7d:a2:72:e2:d9:c4:39:c0:4b:35:5e:46:3b:d6:71:
d8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AA:22:3F:3C:11:7B:83:D4:32:A8:8A:FF:EB:AA:88:E4:AB:4F:C8
X509v3 Authority Key Identifier:
keyid:78:B0:4F:BA:FA:A3:6B:71:FC:D3:6E:CA:50:B5:FE:0E:88:DD:35:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eLBPuvqja3H8027KULX-DojdNVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/bqoiPzwRe4PUMqiK_-uqiOSrT8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c41c74-0b82-40e7-a0bf-0aae1ccd874b/1/eLBPuvqja3H8027KULX-DojdNVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.112.0/20
IPv6:
2a02:6ca3::/32
Signature Algorithm: sha256WithRSAEncryption
64:b6:50:77:8b:5e:41:d8:d3:49:1c:44:02:a6:3e:3b:a6:a6:
fd:58:9d:ed:99:df:f2:c7:79:79:25:3a:5f:ea:f9:69:da:63:
5a:3c:1b:49:49:94:b6:62:7e:3a:a1:a9:d5:58:18:16:bb:bf:
b7:59:cc:45:48:98:09:07:74:4c:e7:5f:e1:7b:91:70:3e:79:
58:46:20:fc:b3:88:36:0f:45:5b:d5:44:92:56:93:37:2d:89:
b9:8b:37:5e:67:29:f6:2c:af:c8:67:8a:51:72:b4:20:ff:d5:
49:c3:12:43:d4:ba:08:96:66:f2:6c:de:8d:6d:d4:14:21:77:
64:f4:77:12:a3:93:8f:52:e5:e3:cd:c6:9e:1c:e4:bf:56:59:
bc:6d:99:43:e3:1d:f5:f1:02:54:32:0c:78:e4:87:42:16:c7:
fe:a9:60:88:13:b5:22:4b:22:18:cd:30:b0:6c:1c:67:8a:f3:
50:14:e0:4e:d9:9e:3b:9a:9b:ac:3b:5d:8b:bb:57:d0:14:d4:
38:0c:ec:1c:14:83:86:83:8c:fc:c2:a1:7a:61:43:14:7c:e0:
0c:57:9d:20:59:a7:a1:55:a3:bb:0f:2d:79:8c:8b:7d:0f:ce:
39:c9:57:bd:c3:ad:b2:9e:41:c2:a8:1d:0a:5e:7c:d4:bd:ef:
2d:ee:2b:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1jBtj16siEG8Q9cmTWefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YjA0ZmJhZmFhMzZiNzFmY2QzNmVjYTUwYjVmZTBlODhk
ZDM1NTEwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFhMjIzZjNjMTE3YjgzZDQzMmE4OGFmZmViYWE4OGU0YWI0ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YYuIvdk3NrO1xgh5XHxSRiL0f6s
j5/q+Ii4TDRWf+fmoS8Z/5ngWZY5AK01WX3yx+HoDuOIphEhEmQWMdmF9i4MuigY
fyAcTPYGyi6zPJcDXKtUmDuG7zTvHEFqWX7Yoqg+v9SX8T+MrkjQ3erqieGMXMoj
gtMVhnKkqZGukCOyhm6C5wwAQMr4gHkLwyOiWo2DDvT9AILDqK2ApwYBu++yFkaJ
exRe78mrJNnAgGBnii0OD/WxUdnho5NI9CIUnk15efoYdYXmVDSn7WyMF27tCtXn
p5feapK2pXQTY6i6F2EmtNIY9nB777JKtT99onLi2cQ5wEs1XkY71nHYAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6qIj88EXuD1DKoiv/rqojkq0/IMB8GA1UdIwQY
MBaAFHiwT7r6o2tx/NNuylC1/g6I3TVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUxCUHV2cWphM0g4MDI3S1VMWC1Eb2pkTlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jNDFjNzQtMGI4Mi00MGU3LWEwYmYt
MGFhZTFjY2Q4NzRiLzEvYnFvaVB6d1JlNFBVTXFpS18tdXFpT1NyVDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jNDFjNzQtMGI4Mi00MGU3LWEwYmYtMGFhZTFjY2Q4NzRi
LzEvZUxCUHV2cWphM0g4MDI3S1VMWC1Eb2pkTlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEbexwMA0E
AgACMAcDBQAqAmyjMA0GCSqGSIb3DQEBCwUAA4IBAQBktlB3i15B2NNJHEQCpj47
pqb9WJ3tmd/yx3l5JTpf6vlp2mNaPBtJSZS2Yn46oanVWBgWu7+3WcxFSJgJB3RM
51/he5FwPnlYRiD8s4g2D0Vb1USSVpM3LYm5izdeZyn2LK/IZ4pRcrQg/9VJwxJD
1LoIlmbybN6NbdQUIXdk9HcSo5OPUuXjzcaeHOS/Vlm8bZlD4x318QJUMgx45IdC
Fsf+qWCIE7UiSyIYzTCwbBxnivNQFOBO2Z47mpusO12Lu1fQFNQ4DOwcFIOGg4z8
wqF6YUMUfOAMV50gWaehVaO7Dy15jIt9D845yVe9w62ynkHCqB0KXnzUve8t7iv0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:58 2025 by rpki-client on console.sobornost.net