Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5f13a5-a8db-4c37-b7a7-c5378581b0e1/1/gbYZs5g8-tzRIgFZupm0nJKzwkw.roa
File: gbYZs5g8-tzRIgFZupm0nJKzwkw.roa (raw, json)
Hash identifier: 71Q7AYKf4HSZ+MQCf6bmElagIFGNwEfBKHJD2B+78+4=
Subject key identifier: 81:B6:19:B3:98:3C:FA:DC:D1:22:01:59:BA:99:B4:9C:92:B3:C2:4C
Certificate issuer: /CN=a1a6fc7262ba782dd5f643085982b5d36703dbfb
Certificate serial: 019422FB636246CAF32A28FFB0579833CAAA
Authority key identifier: A1:A6:FC:72:62:BA:78:2D:D5:F6:43:08:59:82:B5:D3:67:03:DB:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oab8cmK6eC3V9kMIWYK102cD2_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5f13a5-a8db-4c37-b7a7-c5378581b0e1/1/gbYZs5g8-tzRIgFZupm0nJKzwkw.roa
Signing time: Wed 01 Jan 2025 17:48:07 +0000
ROA not before: Wed 01 Jan 2025 17:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15925
IP address blocks: 193.41.124.0/23 maxlen: 23
195.110.26.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:63:62:46:ca:f3:2a:28:ff:b0:57:98:33:ca:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a6fc7262ba782dd5f643085982b5d36703dbfb
Validity
Not Before: Jan 1 17:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81b619b3983cfadcd1220159ba99b49c92b3c24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5d:fe:b1:3b:97:9a:d4:07:15:e4:85:fc:d3:
a5:5d:fe:c0:b0:b9:37:8d:5c:9f:70:aa:8b:3b:95:
36:65:61:7e:be:4b:2c:c7:0b:5f:0d:8e:82:c2:10:
ac:85:39:54:4e:3b:40:1f:33:a7:56:1c:d0:00:9d:
34:f9:6a:bd:26:ba:ab:a3:55:fc:1a:a2:3e:db:67:
f8:6b:dc:e7:c7:ba:46:d8:ce:c8:cc:2e:9b:bf:25:
1d:08:e3:f0:e9:a9:3f:f0:5c:ba:02:c6:65:0b:a9:
ba:0d:ae:e7:9d:fe:78:fb:28:c6:18:64:86:2e:ef:
ee:7f:dd:e0:58:3f:bd:9b:c3:f2:8e:78:7e:32:5a:
bc:64:9c:bc:c0:85:3a:fd:f6:1a:8f:3e:d8:0c:04:
3c:97:03:f3:a4:34:6f:b5:a0:b4:7d:b6:b2:39:cb:
2e:f5:f4:0a:91:81:86:50:cf:b3:2a:af:bb:39:6a:
12:83:b6:fc:ef:77:14:9d:45:5c:17:e2:4c:28:16:
c2:e3:b6:de:c4:37:20:59:4a:2f:f3:b1:98:3b:6f:
44:61:90:34:d5:30:ad:a2:0b:e7:57:0a:99:d7:f3:
2b:39:9c:ee:2d:96:db:36:81:cc:32:be:8d:a2:83:
e4:3a:e2:09:04:29:3b:5e:64:48:08:29:ed:ab:7a:
f0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B6:19:B3:98:3C:FA:DC:D1:22:01:59:BA:99:B4:9C:92:B3:C2:4C
X509v3 Authority Key Identifier:
keyid:A1:A6:FC:72:62:BA:78:2D:D5:F6:43:08:59:82:B5:D3:67:03:DB:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oab8cmK6eC3V9kMIWYK102cD2_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5f13a5-a8db-4c37-b7a7-c5378581b0e1/1/gbYZs5g8-tzRIgFZupm0nJKzwkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5f13a5-a8db-4c37-b7a7-c5378581b0e1/1/oab8cmK6eC3V9kMIWYK102cD2_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.124.0/23
195.110.26.0/23
Signature Algorithm: sha256WithRSAEncryption
17:29:cd:02:92:a9:7e:e5:d4:99:1e:56:75:36:7a:e1:50:9a:
53:ca:d0:96:2e:80:87:7b:49:7b:bd:36:17:6f:be:18:2f:cd:
ae:cb:62:86:78:44:fb:f0:95:c6:51:e0:7c:a9:4c:58:77:e8:
8b:68:a4:63:22:af:9c:5d:b4:7e:20:5f:df:91:75:8b:c6:62:
a3:6f:97:d4:7f:d4:11:e9:05:10:3b:bb:db:66:c8:58:de:3b:
fc:65:d1:4c:53:5b:37:b5:e4:de:f8:b6:9f:61:8a:45:78:03:
f4:bc:46:f9:c9:9f:84:6f:9a:10:5b:bb:29:c8:96:1c:c7:99:
84:2e:42:41:61:63:1e:8b:10:bc:6c:56:c7:32:80:f3:c2:67:
8b:4c:23:c1:93:e7:22:18:b7:40:1b:f4:1b:91:33:8b:c8:e8:
8e:93:70:44:ec:0e:7a:23:39:99:2e:b5:ee:b0:97:39:c7:0e:
9f:a1:32:1d:d6:59:55:a8:ed:71:44:f6:45:a3:c9:60:34:bc:
b7:07:7f:46:61:a0:36:a8:81:95:c4:8a:1f:1a:d5:9f:38:32:
3f:96:c4:95:11:7d:dc:9e:a1:b1:91:64:29:44:7e:7b:5c:1c:
aa:88:51:40:a8:07:f5:0e:29:67:01:ca:51:d4:0f:ea:e3:0f:
eb:31:cb:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+2NiRsrzKij/sFeYM8qqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTZmYzcyNjJiYTc4MmRkNWY2NDMwODU5ODJiNWQzNjcw
M2RiZmIwHhcNMjUwMTAxMTc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI2MTliMzk4M2NmYWRjZDEyMjAxNTliYTk5YjQ5YzkyYjNjMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5F3+sTuXmtQHFeSF/NOlXf7AsLk3
jVyfcKqLO5U2ZWF+vkssxwtfDY6CwhCshTlUTjtAHzOnVhzQAJ00+Wq9Jrqro1X8
GqI+22f4a9znx7pG2M7IzC6bvyUdCOPw6ak/8Fy6AsZlC6m6Da7nnf54+yjGGGSG
Lu/uf93gWD+9m8Pyjnh+Mlq8ZJy8wIU6/fYajz7YDAQ8lwPzpDRvtaC0fbayOcsu
9fQKkYGGUM+zKq+7OWoSg7b873cUnUVcF+JMKBbC47bexDcgWUov87GYO29EYZA0
1TCtogvnVwqZ1/MrOZzuLZbbNoHMMr6NooPkOuIJBCk7XmRICCntq3rw9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIG2GbOYPPrc0SIBWbqZtJySs8JMMB8GA1UdIwQY
MBaAFKGm/HJiungt1fZDCFmCtdNnA9v7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FiOGNtSzZlQzNWOWtNSVdZSzEwMmNEMl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZjEzYTUtYThkYi00YzM3LWI3YTct
YzUzNzg1ODFiMGUxLzEvZ2JZWnM1ZzgtdHpSSWdGWnVwbTBuSkt6d2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZjEzYTUtYThkYi00YzM3LWI3YTctYzUzNzg1ODFiMGUx
LzEvb2FiOGNtSzZlQzNWOWtNSVdZSzEwMmNEMl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwSl8AwQB
w24aMA0GCSqGSIb3DQEBCwUAA4IBAQAXKc0Ckql+5dSZHlZ1NnrhUJpTytCWLoCH
e0l7vTYXb74YL82uy2KGeET78JXGUeB8qUxYd+iLaKRjIq+cXbR+IF/fkXWLxmKj
b5fUf9QR6QUQO7vbZshY3jv8ZdFMU1s3teTe+LafYYpFeAP0vEb5yZ+Eb5oQW7sp
yJYcx5mELkJBYWMeixC8bFbHMoDzwmeLTCPBk+ciGLdAG/QbkTOLyOiOk3BE7A56
IzmZLrXusJc5xw6foTId1llVqO1xRPZFo8lgNLy3B39GYaA2qIGVxIofGtWfODI/
lsSVEX3cnqGxkWQpRH57XByqiFFAqAf1DilnAcpR1A/q4w/rMcsG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net