Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/N0y36t6dXe1RO1hip8JpAq57q0g.roa
File: N0y36t6dXe1RO1hip8JpAq57q0g.roa (raw, json)
Hash identifier: 3frob55hiTgf6BEWsSuXn/4Nydt0EWxja14KnUFQp9k=
Subject key identifier: 37:4C:B7:EA:DE:9D:5D:ED:51:3B:58:62:A7:C2:69:02:AE:7B:AB:48
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019445561ED340FEB091A3C24C7CF9A989B0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/N0y36t6dXe1RO1hip8JpAq57q0g.roa
Signing time: Wed 08 Jan 2025 09:54:19 +0000
ROA not before: Wed 08 Jan 2025 09:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:56:1e:d3:40:fe:b0:91:a3:c2:4c:7c:f9:a9:89:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 8 09:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=374cb7eade9d5ded513b5862a7c26902ae7bab48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:63:58:e2:30:09:11:39:ac:7b:bb:0f:09:4f:
56:79:cf:29:9c:5f:b0:4f:fa:d1:dd:28:47:05:f7:
6f:b4:e2:b4:f3:7b:47:e7:2e:c9:23:eb:c1:42:79:
f4:a8:02:36:48:c2:57:c8:af:bc:ff:e4:52:1c:d2:
e9:e9:bf:3a:80:19:fc:93:b9:a7:97:79:ef:e8:43:
8c:0b:40:f4:30:79:ab:d5:0e:8f:08:c4:37:4d:82:
09:6c:db:95:87:d7:fd:64:e3:0b:01:46:22:d4:3e:
2a:51:26:60:0d:e0:14:46:d0:a7:25:79:65:b4:a5:
87:22:f0:70:8b:56:59:8a:8d:5e:13:aa:cb:56:62:
29:a8:1c:c0:6c:44:64:8b:75:ce:c7:45:f3:92:9b:
43:02:e4:58:72:67:91:60:3c:6a:01:9c:dd:a5:80:
77:3a:45:3a:4a:fc:29:14:cd:f1:92:bc:ae:57:fe:
7c:34:2b:e0:83:71:bc:80:6a:b1:b9:47:9f:b3:d4:
2a:f4:64:ca:6e:ac:b5:cc:e8:5d:f3:26:5e:69:f7:
1f:96:bc:1c:a0:5a:0e:23:09:ca:d8:cb:c9:db:12:
c6:53:73:cf:c7:26:c5:d1:49:13:fd:06:a6:98:86:
39:89:dd:1b:d3:13:35:f3:2d:9d:e9:5f:94:6e:33:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:4C:B7:EA:DE:9D:5D:ED:51:3B:58:62:A7:C2:69:02:AE:7B:AB:48
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/N0y36t6dXe1RO1hip8JpAq57q0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b4:89:18:4f:b9:14:84:9a:1e:98:b8:bf:2d:0d:4b:33:18:
ab:0b:8c:10:82:f7:e6:53:c4:56:f1:b6:88:f5:a9:1b:d2:49:
ab:62:3a:76:87:15:e3:94:2d:43:09:41:af:fb:7b:ec:2a:ce:
d6:ab:da:99:c4:6c:77:03:75:5d:b2:4f:1c:a5:5c:59:af:d3:
d0:52:2c:35:24:c9:04:1d:6e:68:fc:a0:71:98:a9:99:53:33:
7b:8a:21:78:df:c5:48:8c:2a:15:25:3e:84:54:eb:7f:d5:b9:
51:4c:27:6c:6c:26:0c:0f:64:9f:65:b0:96:f3:ec:97:64:9b:
e7:d2:06:08:60:01:ae:70:4f:6a:80:d8:8e:34:b0:ed:f3:95:
d1:77:f4:b2:d9:bd:3c:59:32:e0:3f:ff:01:04:9e:18:a8:e1:
9d:9e:4f:0f:58:2a:52:1e:c3:99:b2:6f:48:b4:9e:d0:85:94:
38:7e:0b:36:ae:f3:68:51:35:52:ba:7b:be:7f:e1:80:f7:15:
9a:e0:c5:a2:a3:be:76:26:b5:5b:10:2b:af:b8:34:dd:09:c8:
30:24:a7:f6:35:15:93:29:ed:8a:d6:03:84:c3:a4:1c:f3:86:
80:b4:1f:66:d3:9e:61:c4:96:bb:1b:b0:5a:d6:a7:9e:2f:ec:
fd:62:95:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRFVh7TQP6wkaPCTHz5qYmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTA4MDk1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzRjYjdlYWRlOWQ1ZGVkNTEzYjU4NjJhN2MyNjkwMmFlN2JhYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWNY4jAJETmse7sPCU9Wec8pnF+w
T/rR3ShHBfdvtOK083tH5y7JI+vBQnn0qAI2SMJXyK+8/+RSHNLp6b86gBn8k7mn
l3nv6EOMC0D0MHmr1Q6PCMQ3TYIJbNuVh9f9ZOMLAUYi1D4qUSZgDeAURtCnJXll
tKWHIvBwi1ZZio1eE6rLVmIpqBzAbERki3XOx0XzkptDAuRYcmeRYDxqAZzdpYB3
OkU6SvwpFM3xkryuV/58NCvgg3G8gGqxuUefs9Qq9GTKbqy1zOhd8yZeafcflrwc
oFoOIwnK2MvJ2xLGU3PPxybF0UkT/QammIY5id0b0xM18y2d6V+UbjPQEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdMt+renV3tUTtYYqfCaQKue6tIMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTjB5MzZ0NmRYZTFSTzFoaXA4SnBBcTU3cTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQBatIkYT7kUhJoemLi/LQ1LMxirC4wQgvfmU8RW8baI
9akb0kmrYjp2hxXjlC1DCUGv+3vsKs7Wq9qZxGx3A3Vdsk8cpVxZr9PQUiw1JMkE
HW5o/KBxmKmZUzN7iiF438VIjCoVJT6EVOt/1blRTCdsbCYMD2SfZbCW8+yXZJvn
0gYIYAGucE9qgNiONLDt85XRd/Sy2b08WTLgP/8BBJ4YqOGdnk8PWCpSHsOZsm9I
tJ7QhZQ4fgs2rvNoUTVSunu+f+GA9xWa4MWio752JrVbECuvuDTdCcgwJKf2NRWT
Ke2K1gOEw6Qc84aAtB9m055hxJa7G7Ba1qeeL+z9YpXx
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:32 2025 by rpki-client on console.sobornost.net