Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/sf13oGu2DAluNtQ_y1zSmgQAeHE.roa
File: sf13oGu2DAluNtQ_y1zSmgQAeHE.roa (raw, json)
Hash identifier: gqTUmbOHfz421/G+vBG6eJTQ7lB+mn9m4coW+T9SV2g=
Subject key identifier: B1:FD:77:A0:6B:B6:0C:09:6E:36:D4:3F:CB:5C:D2:9A:04:00:78:71
Certificate issuer: /CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Certificate serial: 019423D73A2DC9D9043CE26B1C770D1D0343
Authority key identifier: 42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/sf13oGu2DAluNtQ_y1zSmgQAeHE.roa
Signing time: Wed 01 Jan 2025 21:48:15 +0000
ROA not before: Wed 01 Jan 2025 21:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203968
IP address blocks: 109.109.192.0/21 maxlen: 24
185.114.212.0/22 maxlen: 24
2a06:71c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3a:2d:c9:d9:04:3c:e2:6b:1c:77:0d:1d:03:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Validity
Not Before: Jan 1 21:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1fd77a06bb60c096e36d43fcb5cd29a04007871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:46:3a:6f:3a:e4:e1:52:43:94:7f:dc:f1:2d:
e1:c6:d8:04:c2:a7:ad:3c:a0:19:17:c5:6c:72:d2:
a8:fd:b0:b7:c4:7f:5a:7c:65:fc:27:fd:5a:ea:a2:
d1:64:a2:f7:ea:27:20:7c:dc:86:08:2f:42:f5:5f:
69:b9:18:49:2e:18:68:9e:b5:79:b2:c0:0a:90:79:
47:02:a3:7a:3c:bf:1c:a7:de:c3:70:de:bf:d9:da:
85:a9:6f:4d:30:94:f3:90:15:94:77:d0:fd:8a:82:
e0:dc:78:9c:c6:35:a6:32:f6:8e:c1:27:68:4e:00:
cd:d4:e7:fb:ad:ba:f3:b4:09:b4:79:00:dc:77:73:
46:59:d4:de:5e:01:1b:1b:f0:65:11:4a:d7:ce:f5:
e6:15:be:71:85:ac:d9:52:34:8e:99:dc:87:0f:89:
97:65:f1:bb:27:79:05:7d:b8:27:8f:84:5d:b1:61:
22:79:90:d6:24:bd:ed:50:04:4f:5d:c0:a4:3a:88:
cf:45:d8:e9:b8:98:dc:52:c2:fb:20:b0:0a:fb:39:
85:ba:74:16:89:05:ca:e0:ae:27:c5:7e:b4:a7:cd:
1a:d5:be:1a:f1:c4:d5:53:b2:fa:ee:52:b6:67:b5:
f9:a0:ff:6d:bb:c2:78:f2:33:32:9f:d5:58:37:80:
89:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:FD:77:A0:6B:B6:0C:09:6E:36:D4:3F:CB:5C:D2:9A:04:00:78:71
X509v3 Authority Key Identifier:
keyid:42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/sf13oGu2DAluNtQ_y1zSmgQAeHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.109.192.0/21
185.114.212.0/22
IPv6:
2a06:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:4a:e6:a7:16:3c:9c:fb:04:8b:51:f0:cc:3f:0d:3a:5f:45:
8c:74:e0:d3:8c:ce:5f:5b:96:d2:90:f3:ec:7e:9d:2d:55:17:
7e:06:6a:b3:ac:a8:2f:71:4c:0a:13:a1:e7:82:dd:c8:b9:d0:
11:65:7c:79:d3:6b:ed:22:ab:97:de:cd:6b:f8:b0:d5:2e:55:
cd:e2:ec:b8:56:dc:a6:a5:aa:f8:53:04:6c:4d:2f:cc:9c:7d:
0b:ef:08:c9:88:f2:ee:45:b0:ce:50:c2:56:3e:81:ce:d4:bd:
53:0a:0e:d3:19:c8:bd:6f:5f:d3:1e:d1:84:e3:b5:2e:7c:67:
23:4c:6b:0c:a9:71:6a:b5:5a:7e:b7:88:ea:62:09:be:5d:f0:
92:01:01:50:99:08:e7:19:a1:93:fb:bc:a0:61:05:96:03:83:
08:63:ed:ec:53:f2:0a:00:5c:93:ce:d4:42:f2:0f:e5:7c:01:
a5:6f:78:d6:fc:3b:75:02:92:06:81:b4:60:79:04:2d:90:30:
ab:0b:70:d1:9b:5e:20:53:9d:49:18:6a:ba:20:3d:f3:c8:c8:
a5:83:5a:33:5f:e5:ff:10:25:c7:19:ca:ef:d7:ac:34:bd:6f:
47:6b:b4:e3:53:2b:b4:5b:06:3d:e2:59:14:cd:bc:57:5e:fa:
d9:96:5c:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj1zotydkEPOJrHHcNHQNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNTEyNTYxZmM0ZWU1NGI3OTljNWFmNDI4ZmZmYmNiYWZk
NDU0ZWYwHhcNMjUwMTAxMjE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWZkNzdhMDZiYjYwYzA5NmUzNmQ0M2ZjYjVjZDI5YTA0MDA3ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUY6bzrk4VJDlH/c8S3hxtgEwqet
PKAZF8VsctKo/bC3xH9afGX8J/1a6qLRZKL36icgfNyGCC9C9V9puRhJLhhonrV5
ssAKkHlHAqN6PL8cp97DcN6/2dqFqW9NMJTzkBWUd9D9ioLg3HicxjWmMvaOwSdo
TgDN1Of7rbrztAm0eQDcd3NGWdTeXgEbG/BlEUrXzvXmFb5xhazZUjSOmdyHD4mX
ZfG7J3kFfbgnj4RdsWEieZDWJL3tUARPXcCkOojPRdjpuJjcUsL7ILAK+zmFunQW
iQXK4K4nxX60p80a1b4a8cTVU7L67lK2Z7X5oP9tu8J48jMyn9VYN4CJ7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLH9d6BrtgwJbjbUP8tc0poEAHhxMB8GA1UdIwQY
MBaAFEJRJWH8TuVLeZxa9Cj/+8uv1FTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUt
N2E3MmUyNmM4OTE4LzEvc2YxM29HdTJEQWx1TnRRX3kxelNtZ1FBZUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUtN2E3MmUyNmM4OTE4
LzEvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbW3AAwQC
uXLUMA0EAgACMAcDBQMqBnHAMA0GCSqGSIb3DQEBCwUAA4IBAQBBSuanFjyc+wSL
UfDMPw06X0WMdODTjM5fW5bSkPPsfp0tVRd+BmqzrKgvcUwKE6Hngt3IudARZXx5
02vtIquX3s1r+LDVLlXN4uy4Vtympar4UwRsTS/MnH0L7wjJiPLuRbDOUMJWPoHO
1L1TCg7TGci9b1/THtGE47UufGcjTGsMqXFqtVp+t4jqYgm+XfCSAQFQmQjnGaGT
+7ygYQWWA4MIY+3sU/IKAFyTztRC8g/lfAGlb3jW/Dt1ApIGgbRgeQQtkDCrC3DR
m14gU51JGGq6ID3zyMilg1ozX+X/ECXHGcrv16w0vW9Ha7TjUyu0WwY94lkUzbxX
XvrZllyn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:09 2025 by rpki-client on console.sobornost.net