Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/bMRktPBk3GJGItNskNyUqcrOWmw.roa
File: bMRktPBk3GJGItNskNyUqcrOWmw.roa (raw, json)
Hash identifier: oN+XpyM7329DMObxCObtViAvj7EaNMyaASixYhlQlxY=
Subject key identifier: 6C:C4:64:B4:F0:64:DC:62:46:22:D3:6C:90:DC:94:A9:CA:CE:5A:6C
Certificate issuer: /CN=27802685da734b157a2db9ccff76dd4e48911928
Certificate serial: 019425FD40C17752E865499D7AF1BCB53F26
Authority key identifier: 27:80:26:85:DA:73:4B:15:7A:2D:B9:CC:FF:76:DD:4E:48:91:19:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4AmhdpzSxV6LbnM_3bdTkiRGSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/bMRktPBk3GJGItNskNyUqcrOWmw.roa
Signing time: Thu 02 Jan 2025 07:49:01 +0000
ROA not before: Thu 02 Jan 2025 07:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51002
IP address blocks: 176.123.208.0/21 maxlen: 24
193.243.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:40:c1:77:52:e8:65:49:9d:7a:f1:bc:b5:3f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27802685da734b157a2db9ccff76dd4e48911928
Validity
Not Before: Jan 2 07:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cc464b4f064dc624622d36c90dc94a9cace5a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:37:90:d9:8f:95:28:7d:50:58:02:64:06:74:
c8:92:d9:09:e3:df:92:b7:69:04:21:c1:1c:76:13:
3b:98:ca:ca:7d:75:1b:8f:a7:7f:19:88:c6:03:f4:
bf:c7:fb:3f:31:61:b1:5d:ce:de:9e:45:f1:0e:b3:
5a:fe:ed:ba:81:e1:40:11:a7:08:98:40:9a:d9:a6:
dd:1a:d4:2a:2e:b4:9a:04:2c:57:96:83:4a:71:46:
f0:08:d1:6a:6c:51:47:2b:44:a1:fb:8c:4a:14:67:
d9:d9:bb:50:b8:4e:b9:99:6e:aa:20:e5:05:0f:c9:
48:b5:a3:7e:e5:a0:00:58:c2:4c:e5:14:26:e7:f9:
a3:d5:95:55:0b:02:c4:1c:c4:ef:b1:71:18:40:56:
de:93:94:7c:ac:f7:83:33:eb:0a:54:68:85:8c:0d:
86:f2:bd:62:ff:17:87:ea:ce:c0:a2:94:25:40:72:
a4:06:12:24:80:7e:11:36:51:d9:42:cd:cc:a6:fd:
8b:0b:e1:2a:73:14:34:f1:f0:bc:78:d3:c7:d7:42:
70:8f:a4:5f:38:40:d0:70:10:44:0a:24:aa:74:47:
f0:58:8e:4a:e6:b5:bc:05:2f:36:24:fe:02:00:99:
35:63:5d:78:ca:b2:b2:b8:0f:97:0e:ae:6d:a9:55:
37:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C4:64:B4:F0:64:DC:62:46:22:D3:6C:90:DC:94:A9:CA:CE:5A:6C
X509v3 Authority Key Identifier:
keyid:27:80:26:85:DA:73:4B:15:7A:2D:B9:CC:FF:76:DD:4E:48:91:19:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4AmhdpzSxV6LbnM_3bdTkiRGSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/bMRktPBk3GJGItNskNyUqcrOWmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8e5d65-5912-418e-9c01-123a86d94818/1/J4AmhdpzSxV6LbnM_3bdTkiRGSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.208.0/21
193.243.168.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:da:c8:82:91:c7:27:bf:e5:88:b0:a7:fe:95:f5:39:07:fd:
f5:2a:7c:6e:56:c8:97:f9:e3:20:21:69:63:79:8d:be:94:68:
59:78:87:15:a4:31:e2:17:fd:ee:49:d4:9f:8e:ed:b4:0d:0f:
3d:2b:1e:15:60:37:34:b7:73:e9:0c:a5:95:71:fc:06:9b:c0:
ef:31:04:c7:1b:4d:41:b4:06:53:2a:3b:28:b7:c1:ec:d5:c6:
68:a7:a0:21:1d:ea:e8:6e:f2:d8:13:41:47:59:be:a9:00:ad:
04:3c:62:fe:e4:6b:7b:f6:11:a0:ea:8c:99:32:16:bd:32:a9:
25:d4:e7:a6:83:47:97:85:32:7c:f8:3f:13:db:bb:ba:21:30:
64:e8:bc:4a:b9:79:83:11:2b:70:e3:46:38:9c:eb:92:48:a3:
69:39:e6:be:f2:d8:e4:1f:49:5b:3e:e6:bc:60:de:4b:0b:e4:
f2:b2:19:68:67:69:99:4a:d1:63:cd:40:f4:c4:61:db:b6:be:
2c:aa:f8:1e:a8:2e:24:11:78:e7:23:ab:1f:62:3e:c7:da:10:
e7:6a:6d:a1:9d:f5:9e:1d:03:7f:1a:ef:ad:a6:e1:ae:ab:b8:
c6:05:4f:2e:fd:fb:52:f2:b9:d2:68:cb:64:61:41:92:95:e8:
48:c7:60:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/UDBd1LoZUmdevG8tT8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODAyNjg1ZGE3MzRiMTU3YTJkYjljY2ZmNzZkZDRlNDg5
MTE5MjgwHhcNMjUwMTAyMDc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2M0NjRiNGYwNjRkYzYyNDYyMmQzNmM5MGRjOTRhOWNhY2U1YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zeQ2Y+VKH1QWAJkBnTIktkJ49+S
t2kEIcEcdhM7mMrKfXUbj6d/GYjGA/S/x/s/MWGxXc7enkXxDrNa/u26geFAEacI
mECa2abdGtQqLrSaBCxXloNKcUbwCNFqbFFHK0Sh+4xKFGfZ2btQuE65mW6qIOUF
D8lItaN+5aAAWMJM5RQm5/mj1ZVVCwLEHMTvsXEYQFbek5R8rPeDM+sKVGiFjA2G
8r1i/xeH6s7AopQlQHKkBhIkgH4RNlHZQs3Mpv2LC+EqcxQ08fC8eNPH10Jwj6Rf
OEDQcBBECiSqdEfwWI5K5rW8BS82JP4CAJk1Y114yrKyuA+XDq5tqVU37QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGzEZLTwZNxiRiLTbJDclKnKzlpsMB8GA1UdIwQY
MBaAFCeAJoXac0sVei25zP923U5IkRkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRBbWhkcHpTeFY2TGJuTV8zYmRUa2lSR1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZTVkNjUtNTkxMi00MThlLTljMDEt
MTIzYTg2ZDk0ODE4LzEvYk1Sa3RQQmszR0pHSXROc2tOeVVxY3JPV213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZTVkNjUtNTkxMi00MThlLTljMDEtMTIzYTg2ZDk0ODE4
LzEvSjRBbWhkcHpTeFY2TGJuTV8zYmRUa2lSR1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHvQAwQC
wfOoMA0GCSqGSIb3DQEBCwUAA4IBAQBf2siCkccnv+WIsKf+lfU5B/31KnxuVsiX
+eMgIWljeY2+lGhZeIcVpDHiF/3uSdSfju20DQ89Kx4VYDc0t3PpDKWVcfwGm8Dv
MQTHG01BtAZTKjsot8Hs1cZop6AhHerobvLYE0FHWb6pAK0EPGL+5Gt79hGg6oyZ
Mha9Mqkl1Oemg0eXhTJ8+D8T27u6ITBk6LxKuXmDEStw40Y4nOuSSKNpOea+8tjk
H0lbPua8YN5LC+TyshloZ2mZStFjzUD0xGHbtr4sqvgeqC4kEXjnI6sfYj7H2hDn
am2hnfWeHQN/Gu+tpuGuq7jGBU8u/ftS8rnSaMtkYUGSlehIx2D6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:10 2025 by rpki-client on console.sobornost.net