Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/r8sCfMXHKwVQTxd3-LpH3e90iB4.roa
File: r8sCfMXHKwVQTxd3-LpH3e90iB4.roa (raw, json)
Hash identifier: XN8RmLcnoxt/WPGgSHiY8kH+52ulObJNdo26UAX9pkc=
Subject key identifier: AF:CB:02:7C:C5:C7:2B:05:50:4F:17:77:F8:BA:47:DD:EF:74:88:1E
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01942143C41D13131482C5D4A5194578F6AC
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/r8sCfMXHKwVQTxd3-LpH3e90iB4.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212422
IP address blocks: 193.59.94.0/24 maxlen: 24
193.59.95.0/24 maxlen: 24
193.59.98.0/24 maxlen: 24
193.59.102.0/24 maxlen: 24
193.59.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c4:1d:13:13:14:82:c5:d4:a5:19:45:78:f6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afcb027cc5c72b05504f1777f8ba47ddef74881e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:30:96:e6:28:86:56:59:41:cb:78:74:49:ad:
a9:cf:ae:91:40:b3:41:8f:c8:b5:28:6a:9d:6c:8d:
ef:84:b0:0b:87:7b:96:f1:df:1a:02:16:fd:d5:28:
1f:55:f9:c8:54:85:57:79:0f:d3:8f:ed:a0:e2:33:
27:cb:62:43:5c:06:d7:77:6f:e0:a6:f0:c3:aa:80:
63:6f:92:f8:6d:93:22:87:d9:60:ff:53:af:24:be:
fa:14:50:af:95:a8:3d:b9:3c:84:a6:f1:3d:e7:99:
13:a5:26:b3:58:f3:0d:5c:4b:c9:3c:a2:ff:18:78:
e7:64:be:d9:37:32:f9:a3:9d:bc:c6:5f:f6:82:1e:
63:22:3c:8a:68:6d:19:ad:a9:5f:9c:1e:b4:a5:d8:
10:67:79:09:fe:09:e0:42:a7:cf:2f:d2:2e:89:01:
a3:c0:a7:8a:eb:98:15:55:4b:0a:eb:44:c9:a0:20:
e6:71:22:00:c2:34:25:66:dc:51:c6:8c:be:d9:b5:
60:fb:5f:19:12:89:8a:75:88:11:a9:a3:6f:d3:7c:
dd:8a:3d:78:21:04:10:26:d9:16:15:35:fd:87:47:
2a:8d:d1:9c:d8:5a:07:60:42:72:c1:03:4f:35:75:
a3:c2:b7:ef:c4:08:c7:21:43:03:30:d9:0f:6e:34:
06:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CB:02:7C:C5:C7:2B:05:50:4F:17:77:F8:BA:47:DD:EF:74:88:1E
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/r8sCfMXHKwVQTxd3-LpH3e90iB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.94.0/23
193.59.98.0/24
193.59.102.0/23
Signature Algorithm: sha256WithRSAEncryption
78:70:4a:6d:34:ae:5c:07:37:26:26:e0:5e:c4:8d:e0:08:89:
da:5c:fa:f9:88:9e:aa:29:21:50:9f:bf:d4:a7:70:7c:fc:fa:
41:ab:9a:d0:2b:bc:89:72:04:af:97:9f:25:20:92:fa:c0:a3:
09:64:64:d3:58:c3:92:91:bc:88:a1:18:96:b6:f6:04:a7:31:
29:7a:b7:5e:c5:16:36:f3:25:6c:9f:4c:4e:11:96:88:49:3a:
29:ee:b7:ae:6a:69:d4:f4:51:57:40:6a:cb:b7:fd:08:6b:ce:
e3:5d:28:ed:2e:29:22:c7:0a:bc:36:92:9a:ac:fe:2f:0a:0b:
1d:fe:1b:6f:6e:e6:65:52:62:05:02:61:e3:b5:30:80:a0:ae:
8d:86:94:74:44:12:38:27:78:ae:ec:06:1c:24:ee:bf:0e:d6:
4a:8e:5f:6c:92:47:91:0a:6e:29:64:c7:0e:e8:5e:c2:ef:f3:
5b:c1:2d:c2:a0:5f:92:5c:2d:27:3b:a3:c0:ed:db:d9:01:b2:
68:bb:3a:ff:cd:76:70:c9:f9:5a:a9:21:8b:78:ec:06:4b:6d:
a7:d3:59:03:8c:89:cf:19:59:53:6b:90:34:99:aa:75:32:dd:
a4:85:93:50:ca:4c:d2:f0:03:0c:1b:aa:ce:e1:0e:9c:5a:68:
bb:89:f8:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ8QdExMUgsXUpRlFePasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmNiMDI3Y2M1YzcyYjA1NTA0ZjE3NzdmOGJhNDdkZGVmNzQ4ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDCW5iiGVllBy3h0Sa2pz66RQLNB
j8i1KGqdbI3vhLALh3uW8d8aAhb91SgfVfnIVIVXeQ/Tj+2g4jMny2JDXAbXd2/g
pvDDqoBjb5L4bZMih9lg/1OvJL76FFCvlag9uTyEpvE955kTpSazWPMNXEvJPKL/
GHjnZL7ZNzL5o528xl/2gh5jIjyKaG0ZralfnB60pdgQZ3kJ/gngQqfPL9IuiQGj
wKeK65gVVUsK60TJoCDmcSIAwjQlZtxRxoy+2bVg+18ZEomKdYgRqaNv03zdij14
IQQQJtkWFTX9h0cqjdGc2FoHYEJywQNPNXWjwrfvxAjHIUMDMNkPbjQGPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK/LAnzFxysFUE8Xd/i6R93vdIgeMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvcjhzQ2ZNWEhLd1ZRVHhkMy1McEgzZTkwaUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwTteAwQA
wTtiAwQBwTtmMA0GCSqGSIb3DQEBCwUAA4IBAQB4cEptNK5cBzcmJuBexI3gCIna
XPr5iJ6qKSFQn7/Up3B8/PpBq5rQK7yJcgSvl58lIJL6wKMJZGTTWMOSkbyIoRiW
tvYEpzEperdexRY28yVsn0xOEZaISTop7reuamnU9FFXQGrLt/0Ia87jXSjtLiki
xwq8NpKarP4vCgsd/htvbuZlUmIFAmHjtTCAoK6NhpR0RBI4J3iu7AYcJO6/DtZK
jl9skkeRCm4pZMcO6F7C7/NbwS3CoF+SXC0nO6PA7dvZAbJouzr/zXZwyflaqSGL
eOwGS22n01kDjInPGVlTa5A0map1Mt2khZNQykzS8AMMG6rO4Q6cWmi7ifhg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:02 2025 by rpki-client on console.sobornost.net