Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/6Zhe4pOz-rb9TWMRRFPsmtYyKog.roa
File: 6Zhe4pOz-rb9TWMRRFPsmtYyKog.roa (raw, json)
Hash identifier: kI1Y/0VuhQsjj4DLuvZCMsfABY7cci9OBnCvkDAkun8=
Subject key identifier: E9:98:5E:E2:93:B3:FA:B6:FD:4D:63:11:44:53:EC:9A:D6:32:2A:88
Certificate issuer: /CN=e7b33e9e3c932f7a542eb021056ce94b1e8b8f0b
Certificate serial: 019422FB7D0238DAB98E83FB493A70F11849
Authority key identifier: E7:B3:3E:9E:3C:93:2F:7A:54:2E:B0:21:05:6C:E9:4B:1E:8B:8F:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/57M-njyTL3pULrAhBWzpSx6Ljws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/6Zhe4pOz-rb9TWMRRFPsmtYyKog.roa
Signing time: Wed 01 Jan 2025 17:48:14 +0000
ROA not before: Wed 01 Jan 2025 17:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50606
IP address blocks: 109.196.32.0/20 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7d:02:38:da:b9:8e:83:fb:49:3a:70:f1:18:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7b33e9e3c932f7a542eb021056ce94b1e8b8f0b
Validity
Not Before: Jan 1 17:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9985ee293b3fab6fd4d63114453ec9ad6322a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:6f:a8:06:77:e1:02:0a:7d:87:62:3b:a6:
bc:cb:aa:4a:88:cb:ac:01:dc:6c:9f:19:a6:78:e6:
bb:3f:24:bc:de:cc:a8:22:07:5e:ef:e5:38:9e:1d:
1d:3a:0f:26:0f:e2:dc:09:1f:0e:c7:67:fc:3c:53:
b0:1e:89:f3:81:a9:2a:d4:aa:7d:6a:25:ef:17:2e:
cb:90:69:e0:17:c7:f0:3e:6c:3f:86:14:58:04:2e:
3f:7c:dd:3b:fd:0b:88:48:99:ae:ca:61:84:91:22:
f1:a4:10:19:a4:fd:94:07:4d:36:f0:7f:06:98:6f:
20:02:6d:f2:66:cd:83:0f:20:09:8d:11:03:eb:fb:
37:12:bf:99:12:b0:af:9b:50:02:f4:24:59:f4:09:
7e:36:dc:7e:35:37:7c:99:99:7e:fb:e5:15:c8:8b:
59:8c:78:ea:8d:8d:f4:3a:73:77:73:ac:46:9f:dc:
7c:c8:21:cf:6d:48:73:46:50:c7:05:35:0c:34:38:
b3:02:67:19:28:bb:af:a0:54:25:88:6b:29:6b:bb:
51:d7:c8:a3:b6:c1:04:3e:a4:10:b9:7b:87:92:77:
8e:9c:15:a0:65:10:a0:ef:ad:ee:50:0c:5c:59:27:
3c:a7:a1:26:32:68:92:69:77:87:a3:db:b5:a4:48:
11:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:98:5E:E2:93:B3:FA:B6:FD:4D:63:11:44:53:EC:9A:D6:32:2A:88
X509v3 Authority Key Identifier:
keyid:E7:B3:3E:9E:3C:93:2F:7A:54:2E:B0:21:05:6C:E9:4B:1E:8B:8F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/57M-njyTL3pULrAhBWzpSx6Ljws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/6Zhe4pOz-rb9TWMRRFPsmtYyKog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/57M-njyTL3pULrAhBWzpSx6Ljws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:22:8a:53:e0:e8:9d:a3:d6:02:3f:f7:47:e9:98:b2:45:8a:
42:09:7c:fc:cc:fb:56:ff:ad:ba:2d:a3:f0:46:d2:29:7a:d8:
7e:43:44:e4:cb:52:16:d0:d1:7e:bd:8e:c7:b5:e5:d5:45:80:
53:c3:84:8a:8a:72:87:14:f0:55:0c:fb:c0:a1:56:26:1b:f8:
2c:27:9c:26:55:d1:c2:dc:98:f4:1f:a1:a3:50:b5:54:04:87:
4a:9d:30:e7:33:80:14:53:92:b2:29:77:a8:cc:53:0e:37:c8:
e3:00:90:15:3d:ff:27:22:35:bb:61:41:04:6e:ed:3f:06:00:
6c:75:79:88:aa:32:df:b0:9e:b5:4f:52:f0:00:81:d6:09:84:
d0:8b:43:3b:c6:45:59:30:d6:6b:16:ab:d5:9a:33:f9:b1:c2:
36:60:a6:07:69:c5:b1:2b:a8:8f:49:95:23:14:ac:53:e9:48:
b2:62:07:2e:cb:0f:c0:b6:c2:4e:9b:06:04:ab:db:5f:95:1c:
71:a8:de:1f:e5:ef:f7:f1:4c:ca:bc:9f:e4:2c:ad:6e:22:e1:
2f:44:c5:f6:11:b3:fe:b7:95:50:41:98:5a:d6:c7:9f:28:da:
cc:73:97:fa:a5:f0:2d:f3:29:65:25:70:47:00:a9:ac:08:24:
89:cf:55:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+30CONq5joP7STpw8RhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YjMzZTllM2M5MzJmN2E1NDJlYjAyMTA1NmNlOTRiMWU4
YjhmMGIwHhcNMjUwMTAxMTc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTk4NWVlMjkzYjNmYWI2ZmQ0ZDYzMTE0NDUzZWM5YWQ2MzIyYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZRvqAZ34QIKfYdiO6a8y6pKiMus
AdxsnxmmeOa7PyS83syoIgde7+U4nh0dOg8mD+LcCR8Ox2f8PFOwHonzgakq1Kp9
aiXvFy7LkGngF8fwPmw/hhRYBC4/fN07/QuISJmuymGEkSLxpBAZpP2UB0028H8G
mG8gAm3yZs2DDyAJjRED6/s3Er+ZErCvm1AC9CRZ9Al+Ntx+NTd8mZl+++UVyItZ
jHjqjY30OnN3c6xGn9x8yCHPbUhzRlDHBTUMNDizAmcZKLuvoFQliGspa7tR18ij
tsEEPqQQuXuHkneOnBWgZRCg763uUAxcWSc8p6EmMmiSaXeHo9u1pEgR+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmYXuKTs/q2/U1jEURT7JrWMiqIMB8GA1UdIwQY
MBaAFOezPp48ky96VC6wIQVs6Usei48LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTdNLW5qeVRMM3BVTHJBaEJXenBTeDZMandzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hNWExNzUtODA5Mi00YzYzLWIwMzgt
MmM0NDA2YjQ4OTQxLzEvNlpoZTRwT3otcmI5VFdNUlJGUHNtdFl5S29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hNWExNzUtODA5Mi00YzYzLWIwMzgtMmM0NDA2YjQ4OTQx
LzEvNTdNLW5qeVRMM3BVTHJBaEJXenBTeDZMandzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbcQgMA0G
CSqGSIb3DQEBCwUAA4IBAQChIopT4Oido9YCP/dH6ZiyRYpCCXz8zPtW/626LaPw
RtIpeth+Q0Tky1IW0NF+vY7HteXVRYBTw4SKinKHFPBVDPvAoVYmG/gsJ5wmVdHC
3Jj0H6GjULVUBIdKnTDnM4AUU5KyKXeozFMON8jjAJAVPf8nIjW7YUEEbu0/BgBs
dXmIqjLfsJ61T1LwAIHWCYTQi0M7xkVZMNZrFqvVmjP5scI2YKYHacWxK6iPSZUj
FKxT6UiyYgcuyw/AtsJOmwYEq9tflRxxqN4f5e/38UzKvJ/kLK1uIuEvRMX2EbP+
t5VQQZha1sefKNrMc5f6pfAt8yllJXBHAKmsCCSJz1Vq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:10 2025 by rpki-client on console.sobornost.net