Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/IjvsoBUG9ktBfZ3shBFq4X7nJnE.roa
File: IjvsoBUG9ktBfZ3shBFq4X7nJnE.roa (raw, json)
Hash identifier: ZOvBCy3Gp00mtEZBuX+IHu80U1fpsi2/qrYNX8CCasY=
Subject key identifier: 22:3B:EC:A0:15:06:F6:4B:41:7D:9D:EC:84:11:6A:E1:7E:E7:26:71
Certificate issuer: /CN=d152b4c1f5d484eefc2b1597f455003ab654b055
Certificate serial: 019426D9D48C80934BDC9F6626F8ACA85525
Authority key identifier: D1:52:B4:C1:F5:D4:84:EE:FC:2B:15:97:F4:55:00:3A:B6:54:B0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0VK0wfXUhO78KxWX9FUAOrZUsFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/IjvsoBUG9ktBfZ3shBFq4X7nJnE.roa
Signing time: Thu 02 Jan 2025 11:49:57 +0000
ROA not before: Thu 02 Jan 2025 11:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209721
IP address blocks: 194.26.120.0/21 maxlen: 21
2001:67c:2e0c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d4:8c:80:93:4b:dc:9f:66:26:f8:ac:a8:55:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d152b4c1f5d484eefc2b1597f455003ab654b055
Validity
Not Before: Jan 2 11:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=223beca01506f64b417d9dec84116ae17ee72671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:73:19:84:30:f4:62:75:7f:cc:4b:ee:aa:5c:
28:ab:00:74:9f:45:10:63:bd:21:6d:4e:86:1a:f2:
d6:09:25:43:37:fe:64:23:3c:f9:cf:3f:5a:62:d0:
11:ec:7c:d3:c5:a2:2a:02:29:05:93:ff:ed:1e:92:
27:c4:e2:c2:be:f9:34:f9:5f:2b:e8:1a:9d:5a:b5:
b5:fe:d5:4b:a9:28:32:6a:e5:a1:ad:dc:a9:51:42:
07:b9:37:cf:a6:2f:7a:d5:a2:fd:63:3f:03:67:82:
4f:90:6a:3f:8f:a5:5a:25:43:c0:09:a5:2b:18:9c:
af:34:c2:97:59:cc:39:e2:4d:6b:b0:53:90:ef:e5:
89:90:71:ff:59:f1:82:7e:68:81:0a:9d:f8:e9:3b:
12:cf:53:48:82:68:2a:3d:a0:1b:49:98:7f:91:4e:
7c:50:1f:0e:fb:e0:ca:28:0d:63:e7:e9:3f:4d:43:
a1:5e:ed:50:3b:80:8c:a5:b6:17:fa:19:e5:29:92:
08:cd:cc:90:73:64:2d:0c:62:5c:a0:22:de:4d:18:
a2:e8:4e:81:51:ee:20:6c:a8:8c:d0:57:7c:c3:b8:
6a:a0:b3:4b:36:af:86:9f:72:b0:20:9f:99:34:e1:
5d:d6:77:75:bb:a3:54:45:4c:aa:b2:ac:56:dc:4c:
ea:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3B:EC:A0:15:06:F6:4B:41:7D:9D:EC:84:11:6A:E1:7E:E7:26:71
X509v3 Authority Key Identifier:
keyid:D1:52:B4:C1:F5:D4:84:EE:FC:2B:15:97:F4:55:00:3A:B6:54:B0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0VK0wfXUhO78KxWX9FUAOrZUsFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/IjvsoBUG9ktBfZ3shBFq4X7nJnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/379e32-02e0-4339-882b-2f75195216b9/1/0VK0wfXUhO78KxWX9FUAOrZUsFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.120.0/21
IPv6:
2001:67c:2e0c::/48
Signature Algorithm: sha256WithRSAEncryption
52:e9:1e:6f:cc:3b:56:b3:45:72:f0:9f:d0:1d:ba:a8:db:5d:
c6:6f:7e:b0:44:22:0b:dc:c5:5c:19:ff:99:a1:a2:b2:d0:a7:
a4:1b:ac:d6:54:62:3a:e8:18:87:e6:5c:41:f3:d6:f5:49:1f:
bc:af:cb:96:1b:a8:10:37:63:8f:d6:9c:46:6f:dc:6c:9a:ed:
a9:84:9a:fd:1a:8e:f2:f2:15:5d:d8:d6:1f:f3:d3:8a:7f:58:
10:8d:3e:7c:13:6e:0c:62:dc:af:a7:81:f2:5d:b0:1d:98:1e:
7f:fe:83:bd:1c:b3:05:52:dd:69:41:57:7a:ca:5c:dc:38:5e:
0f:ad:7b:ce:90:4e:68:1a:5b:3a:15:53:55:60:50:ee:48:a9:
85:af:28:80:a5:43:91:49:4e:54:07:8b:8a:10:30:60:38:ef:
99:3f:9e:08:7e:d7:3c:8c:b0:25:7c:99:b0:ae:c1:88:39:f3:
1f:3b:2b:1f:ec:c7:4b:9f:f1:0a:2f:6a:cd:87:ff:00:f5:82:
7e:20:8f:2d:2e:b2:60:1a:6f:f4:64:69:e7:93:17:35:fa:29:
6d:1f:cc:66:cf:35:8c:1a:d2:08:7b:4d:77:65:e1:9a:d0:da:
3b:64:d1:30:85:6f:a8:8b:bb:c2:23:94:a0:e2:36:cf:86:6a:
85:04:94:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2dSMgJNL3J9mJvisqFUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNTJiNGMxZjVkNDg0ZWVmYzJiMTU5N2Y0NTUwMDNhYjY1
NGIwNTUwHhcNMjUwMTAyMTE0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNiZWNhMDE1MDZmNjRiNDE3ZDlkZWM4NDExNmFlMTdlZTcyNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+HMZhDD0YnV/zEvuqlwoqwB0n0UQ
Y70hbU6GGvLWCSVDN/5kIzz5zz9aYtAR7HzTxaIqAikFk//tHpInxOLCvvk0+V8r
6BqdWrW1/tVLqSgyauWhrdypUUIHuTfPpi961aL9Yz8DZ4JPkGo/j6VaJUPACaUr
GJyvNMKXWcw54k1rsFOQ7+WJkHH/WfGCfmiBCp346TsSz1NIgmgqPaAbSZh/kU58
UB8O++DKKA1j5+k/TUOhXu1QO4CMpbYX+hnlKZIIzcyQc2QtDGJcoCLeTRii6E6B
Ue4gbKiM0Fd8w7hqoLNLNq+Gn3KwIJ+ZNOFd1nd1u6NURUyqsqxW3Ezq2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCI77KAVBvZLQX2d7IQRauF+5yZxMB8GA1UdIwQY
MBaAFNFStMH11ITu/CsVl/RVADq2VLBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFZLMHdmWFVoTzc4S3hXWDlGVUFPclpVc0ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zNzllMzItMDJlMC00MzM5LTg4MmIt
MmY3NTE5NTIxNmI5LzEvSWp2c29CVUc5a3RCZlozc2hCRnE0WDduSm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zNzllMzItMDJlMC00MzM5LTg4MmItMmY3NTE5NTIxNmI5
LzEvMFZLMHdmWFVoTzc4S3hXWDlGVUFPclpVc0ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwhp4MA8E
AgACMAkDBwAgAQZ8LgwwDQYJKoZIhvcNAQELBQADggEBAFLpHm/MO1azRXLwn9Ad
uqjbXcZvfrBEIgvcxVwZ/5mhorLQp6QbrNZUYjroGIfmXEHz1vVJH7yvy5YbqBA3
Y4/WnEZv3Gya7amEmv0ajvLyFV3Y1h/z04p/WBCNPnwTbgxi3K+ngfJdsB2YHn/+
g70cswVS3WlBV3rKXNw4Xg+te86QTmgaWzoVU1VgUO5IqYWvKIClQ5FJTlQHi4oQ
MGA475k/ngh+1zyMsCV8mbCuwYg58x87Kx/sx0uf8Qovas2H/wD1gn4gjy0usmAa
b/RkaeeTFzX6KW0fzGbPNYwa0gh7TXdl4ZrQ2jtk0TCFb6iLu8IjlKDiNs+GaoUE
lMQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net