Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/DoFnzPYrFkKwPcWtMecYmGPR5SE.roa
File: DoFnzPYrFkKwPcWtMecYmGPR5SE.roa (raw, json)
Hash identifier: sVqWVJM0hwJYwJBHJWDQ1dI8hJOdgFwtQfN2PBXWvIk=
Subject key identifier: 0E:81:67:CC:F6:2B:16:42:B0:3D:C5:AD:31:E7:18:98:63:D1:E5:21
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01942143B6479BB297ABE3892DFDC52109AE
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/DoFnzPYrFkKwPcWtMecYmGPR5SE.roa
Signing time: Wed 01 Jan 2025 09:47:53 +0000
ROA not before: Wed 01 Jan 2025 09:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59832
IP address blocks: 193.59.104.0/22 maxlen: 24
193.59.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b6:47:9b:b2:97:ab:e3:89:2d:fd:c5:21:09:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 09:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e8167ccf62b1642b03dc5ad31e7189863d1e521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:8e:81:19:0b:a0:e8:0f:53:61:1d:c8:5f:
72:c4:34:d7:b9:36:97:93:84:87:3c:e4:33:59:44:
7d:90:71:1a:66:d4:c2:da:0e:f8:03:96:68:e4:8d:
fe:30:a4:da:e0:69:98:5f:b8:88:be:60:9b:61:db:
71:68:35:47:cb:65:a5:72:b8:d6:2e:49:c6:8f:44:
db:b0:10:b6:7b:24:ef:1c:0c:c0:df:dc:21:64:bc:
04:f6:aa:f1:0e:97:06:3e:4e:be:7b:e4:07:20:3a:
62:26:da:88:ea:35:29:a6:20:f3:7e:bd:45:b1:97:
18:4f:32:80:f4:84:7b:20:70:e4:6b:6f:dd:b6:93:
9e:18:b0:bb:5b:f1:cb:3a:7d:79:bf:34:49:79:30:
3c:c3:0c:1b:86:33:a7:03:7e:fa:ab:3d:25:8a:5a:
31:28:5a:12:74:c5:06:bf:c8:5d:d8:ab:31:7f:2a:
3b:46:1b:03:ce:69:14:36:0c:28:9b:0a:d5:7e:55:
f6:46:d1:9c:a8:ca:ed:24:a6:a5:4f:1a:71:d7:d2:
b6:a2:ab:3b:75:06:36:aa:bc:b1:4f:5a:99:19:93:
0b:c2:86:fb:a5:d8:e3:05:24:d8:33:41:a9:6d:4f:
28:3e:e5:7b:61:b7:7b:b7:18:94:b8:16:aa:8f:1e:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:81:67:CC:F6:2B:16:42:B0:3D:C5:AD:31:E7:18:98:63:D1:E5:21
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/DoFnzPYrFkKwPcWtMecYmGPR5SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.104.0/22
193.59.111.0/24
Signature Algorithm: sha256WithRSAEncryption
76:b4:78:4b:f9:4a:6e:ef:38:45:d2:e5:45:3a:f6:84:a7:95:
15:8a:65:64:04:c9:44:30:43:7e:f0:c6:b7:3b:f6:09:a7:47:
cd:2f:1c:df:8c:dc:44:9c:54:82:aa:c2:41:bb:bb:2b:81:a6:
35:74:31:63:18:86:a1:ea:4e:2b:20:3d:8c:72:db:d5:cc:bf:
67:f8:f8:b8:ec:9f:6f:e5:2a:ca:03:36:93:98:80:5e:d9:d2:
96:c5:d7:50:e5:84:c1:80:ab:e0:81:9d:2c:d4:e3:56:5f:00:
56:35:0e:a8:87:52:9e:d2:a3:33:b7:f1:ab:31:99:e8:09:5c:
38:ae:84:1c:2b:d6:0c:91:33:68:04:e6:45:80:b8:ca:9c:ee:
db:b8:3b:03:67:c3:fd:1b:b2:86:ce:34:c8:fa:48:55:9a:86:
4f:12:46:3e:82:e5:34:de:f6:4a:17:3f:c9:65:38:d6:73:fc:
51:c6:26:25:fb:bd:7f:fa:af:ce:6c:62:89:77:d9:4e:1f:3b:
5d:c3:fc:c2:43:14:4c:b0:db:07:ee:2e:e4:25:06:9a:ab:17:
79:b4:b4:14:a4:b9:c6:b5:90:71:ed:73:65:91:9d:1f:9e:f5:
b1:92:eb:02:8f:54:2f:55:ae:22:d8:45:39:0d:4e:6a:44:92:
c8:64:6b:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ7ZHm7KXq+OJLf3FIQmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTAxMDk0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTgxNjdjY2Y2MmIxNjQyYjAzZGM1YWQzMWU3MTg5ODYzZDFlNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukOOgRkLoOgPU2EdyF9yxDTXuTaX
k4SHPOQzWUR9kHEaZtTC2g74A5Zo5I3+MKTa4GmYX7iIvmCbYdtxaDVHy2WlcrjW
LknGj0TbsBC2eyTvHAzA39whZLwE9qrxDpcGPk6+e+QHIDpiJtqI6jUppiDzfr1F
sZcYTzKA9IR7IHDka2/dtpOeGLC7W/HLOn15vzRJeTA8wwwbhjOnA376qz0lilox
KFoSdMUGv8hd2Ksxfyo7RhsDzmkUNgwomwrVflX2RtGcqMrtJKalTxpx19K2oqs7
dQY2qryxT1qZGZMLwob7pdjjBSTYM0GpbU8oPuV7Ybd7txiUuBaqjx52MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA6BZ8z2KxZCsD3FrTHnGJhj0eUhMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvRG9GbnpQWXJGa0t3UGNXdE1lY1ltR1BSNVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwTtoAwQA
wTtvMA0GCSqGSIb3DQEBCwUAA4IBAQB2tHhL+Upu7zhF0uVFOvaEp5UVimVkBMlE
MEN+8Ma3O/YJp0fNLxzfjNxEnFSCqsJBu7srgaY1dDFjGIah6k4rID2MctvVzL9n
+Pi47J9v5SrKAzaTmIBe2dKWxddQ5YTBgKvggZ0s1ONWXwBWNQ6oh1Ke0qMzt/Gr
MZnoCVw4roQcK9YMkTNoBOZFgLjKnO7buDsDZ8P9G7KGzjTI+khVmoZPEkY+guU0
3vZKFz/JZTjWc/xRxiYl+71/+q/ObGKJd9lOHztdw/zCQxRMsNsH7i7kJQaaqxd5
tLQUpLnGtZBx7XNlkZ0fnvWxkusCj1QvVa4i2EU5DU5qRJLIZGur
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:18 2025 by rpki-client on console.sobornost.net