Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/1-8PWi0SMDd437wmtrPXDU2L2y8.roa
File: 1-8PWi0SMDd437wmtrPXDU2L2y8.roa (raw, json)
Hash identifier: lqjj+2Pg6NE1AKwkB32aM31VK1YKbfIzkQX1Na8VNyo=
Subject key identifier: D7:EF:0F:5A:2D:12:30:37:78:DF:BC:26:B6:B3:D7:0D:4D:8B:DB:2F
Certificate issuer: /CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Certificate serial: 01961614029718512B600FFA61D0DBFD10F4
Authority key identifier: 4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/1-8PWi0SMDd437wmtrPXDU2L2y8.roa
Signing time: Tue 08 Apr 2025 15:45:32 +0000
ROA not before: Tue 08 Apr 2025 15:45:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202311
IP address blocks: 195.26.68.0/24 maxlen: 24
195.26.70.0/24 maxlen: 24
195.26.71.0/24 maxlen: 24
2a07:f680::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:14:02:97:18:51:2b:60:0f:fa:61:d0:db:fd:10:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Validity
Not Before: Apr 8 15:45:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7ef0f5a2d12303778dfbc26b6b3d70d4d8bdb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:97:e7:58:fc:11:08:f7:7a:bb:92:08:e6:
ef:e2:cf:e9:ca:30:87:b6:01:1f:66:05:25:f8:4a:
c7:f7:99:96:b7:ad:14:32:d4:60:dd:89:a0:f3:6d:
c9:df:14:25:3a:fd:52:63:5b:a6:6c:3c:f7:a9:a3:
d2:be:8b:8f:19:9b:c9:36:7d:ec:f4:22:87:ea:21:
3a:bd:51:18:4c:e0:64:e8:42:60:bc:cf:f6:55:a6:
84:8f:e9:7c:89:c2:67:c6:41:95:50:ad:57:7c:10:
26:63:c2:c3:1a:47:5e:ad:85:af:01:a8:5b:59:43:
34:b5:51:68:c9:3f:ca:5e:99:38:a9:10:a1:76:5e:
9b:07:f9:b2:0b:a6:77:ed:4f:dd:84:77:29:da:77:
42:4f:5a:30:de:ef:38:24:a2:54:01:63:1d:2d:dc:
8b:48:5a:ef:2a:53:dc:bf:fe:8d:79:22:3d:75:dd:
67:7a:18:f6:90:02:fc:55:89:1d:ae:c5:02:9e:96:
58:4a:b4:29:d0:31:a3:18:04:0f:c4:43:8f:d3:9f:
d0:46:95:d4:08:b4:aa:4f:ea:0e:40:00:76:9c:63:
b8:22:65:0d:26:4d:76:75:19:83:38:5b:b5:ad:8f:
5e:6a:1a:e4:00:7b:31:7b:8a:44:a7:98:00:b6:7b:
10:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EF:0F:5A:2D:12:30:37:78:DF:BC:26:B6:B3:D7:0D:4D:8B:DB:2F
X509v3 Authority Key Identifier:
keyid:4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/1-8PWi0SMDd437wmtrPXDU2L2y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.68.0/24
195.26.70.0/23
IPv6:
2a07:f680::/29
Signature Algorithm: sha256WithRSAEncryption
71:6e:bf:ea:3e:e4:3e:c5:dd:59:a5:7c:da:34:1d:20:1a:61:
9f:8c:7c:2b:fc:61:de:82:91:8a:87:90:14:61:70:95:2f:84:
82:bf:6c:07:16:03:95:db:56:01:7d:d4:f5:f2:04:df:a2:d4:
4d:16:03:d3:5c:fb:a0:02:e4:fa:c6:96:b4:a6:d9:68:66:66:
28:55:f9:93:3a:13:14:29:51:24:f0:53:c8:7c:42:c7:23:15:
de:e5:9f:44:8c:8b:df:b5:31:94:40:52:e9:60:81:1c:93:03:
4b:94:16:0b:65:65:65:e2:e5:95:46:fc:b4:19:9f:68:0f:33:
c5:ec:e0:10:23:32:07:cb:2b:03:66:4a:86:87:d2:99:6d:48:
5b:30:79:d2:3d:dc:06:a4:47:b2:87:54:d8:55:e6:c9:64:69:
30:e4:9a:a6:be:dd:46:10:cc:37:9a:ff:cc:af:45:7a:0f:fd:
db:a0:e0:37:74:20:15:da:c6:fe:2f:a0:b3:ba:53:a1:a6:43:
d6:ae:10:d6:bb:ca:13:c6:0b:48:ed:c9:8f:e1:8f:59:1b:b0:
a7:00:83:a8:72:a7:4d:11:7a:6c:d4:68:32:75:0d:32:2a:e2:
a1:5c:2a:27:65:b9:bc:d3:70:9d:fa:3a:fb:3c:45:03:06:f4:
3c:67:b8:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZYWFAKXGFErYA/6YdDb/RD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQ5Yjg0N2QzMTI5M2Y3MDFlMWNmOTlkZDhjYTBlYmJi
MGI1YmQwHhcNMjUwNDA4MTU0NTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VmMGY1YTJkMTIzMDM3NzhkZmJjMjZiNmIzZDcwZDRkOGJkYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYqX51j8EQj3eruSCObv4s/pyjCH
tgEfZgUl+ErH95mWt60UMtRg3Ymg823J3xQlOv1SY1umbDz3qaPSvouPGZvJNn3s
9CKH6iE6vVEYTOBk6EJgvM/2VaaEj+l8icJnxkGVUK1XfBAmY8LDGkderYWvAahb
WUM0tVFoyT/KXpk4qRChdl6bB/myC6Z37U/dhHcp2ndCT1ow3u84JKJUAWMdLdyL
SFrvKlPcv/6NeSI9dd1nehj2kAL8VYkdrsUCnpZYSrQp0DGjGAQPxEOP05/QRpXU
CLSqT+oOQAB2nGO4ImUNJk12dRmDOFu1rY9eahrkAHsxe4pEp5gAtnsQ+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNfvD1otEjA3eN+8Jraz1w1Ni9svMB8GA1UdIwQY
MBaAFE8Um4R9MSk/cB4c+Z3Yyg67sLW9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjIt
NDUyYmFkZmQ1YTZkLzEvMS04UFdpMFNNRGQ0Mzd3bXRyUFhEVTJMMnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjItNDUyYmFkZmQ1YTZk
LzEvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwxpEAwQB
wxpGMA0EAgACMAcDBQMqB/aAMA0GCSqGSIb3DQEBCwUAA4IBAQBxbr/qPuQ+xd1Z
pXzaNB0gGmGfjHwr/GHegpGKh5AUYXCVL4SCv2wHFgOV21YBfdT18gTfotRNFgPT
XPugAuT6xpa0ptloZmYoVfmTOhMUKVEk8FPIfELHIxXe5Z9EjIvftTGUQFLpYIEc
kwNLlBYLZWVl4uWVRvy0GZ9oDzPF7OAQIzIHyysDZkqGh9KZbUhbMHnSPdwGpEey
h1TYVebJZGkw5Jqmvt1GEMw3mv/Mr0V6D/3boOA3dCAV2sb+L6CzulOhpkPWrhDW
u8oTxgtI7cmP4Y9ZG7CnAIOocqdNEXps1GgydQ0yKuKhXConZbm803Cd+jr7PEUD
BvQ8Z7iC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:07 2025 by rpki-client on console.sobornost.net