Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/4J7Io1jEwgS2RhtnGjopliZ5_no.roa
File: 4J7Io1jEwgS2RhtnGjopliZ5_no.roa (raw, json)
Hash identifier: QO5aB2FmunA0lEdEAxyr6sEsO8466VD4EugW4s0Q6Rw=
Subject key identifier: E0:9E:C8:A3:58:C4:C2:04:B6:46:1B:67:1A:3A:29:96:26:79:FE:7A
Certificate issuer: /CN=4c897f1a3497ebbe27b9e2f0d6f3eae2bbe68b27
Certificate serial: 0194274790197BCF5E5174C1767C237B7B99
Authority key identifier: 4C:89:7F:1A:34:97:EB:BE:27:B9:E2:F0:D6:F3:EA:E2:BB:E6:8B:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/4J7Io1jEwgS2RhtnGjopliZ5_no.roa
Signing time: Thu 02 Jan 2025 13:49:48 +0000
ROA not before: Thu 02 Jan 2025 13:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210579
IP address blocks: 95.141.255.0/24 maxlen: 24
2a13:46c0::/32 maxlen: 48
2a13:46c1::/32 maxlen: 40
2a13:46c1:100::/48 maxlen: 48
2a13:46c1:200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:90:19:7b:cf:5e:51:74:c1:76:7c:23:7b:7b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c897f1a3497ebbe27b9e2f0d6f3eae2bbe68b27
Validity
Not Before: Jan 2 13:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e09ec8a358c4c204b6461b671a3a29962679fe7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:91:ee:53:91:ff:af:97:df:f0:6d:19:6a:
f1:9a:93:d6:f6:5e:81:eb:d9:51:5c:30:dc:39:2b:
90:7f:ee:41:96:5c:ef:41:2c:47:21:c4:3b:41:e7:
09:95:7b:c1:c8:49:b6:90:3c:d6:38:16:bf:28:c5:
31:68:9e:94:fc:08:cc:d3:57:e0:19:82:e1:9d:7a:
51:16:be:d5:ca:d0:42:89:dc:84:37:19:6d:d9:2f:
f0:f0:4f:d3:a2:f2:4b:b0:35:46:25:dd:e2:20:02:
36:25:aa:52:b9:84:dc:1d:ba:58:76:c3:79:fc:a0:
6b:e4:47:04:30:2e:b7:96:d7:9d:e3:83:15:8e:ab:
3f:6c:b7:93:90:56:d2:bf:6b:2d:f0:eb:5f:5a:9b:
b3:f8:85:18:98:40:68:01:c5:71:7f:b7:66:77:0d:
4f:d1:2f:d1:2e:63:73:01:5e:5c:39:e3:83:3f:d0:
c2:58:c8:64:81:c5:8b:34:f5:33:68:b2:24:f9:4a:
cf:49:9a:d7:2f:37:38:f1:d7:c8:66:6a:eb:67:9b:
97:26:4e:b8:ac:31:1d:65:be:5f:79:5c:59:65:3b:
bf:9d:5b:a4:c5:5a:d5:58:5b:6b:9e:e7:62:df:92:
40:b1:f3:db:28:d2:9f:2d:a8:c4:e0:dd:8d:05:af:
1f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:9E:C8:A3:58:C4:C2:04:B6:46:1B:67:1A:3A:29:96:26:79:FE:7A
X509v3 Authority Key Identifier:
keyid:4C:89:7F:1A:34:97:EB:BE:27:B9:E2:F0:D6:F3:EA:E2:BB:E6:8B:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIl_GjSX674nueLw1vPq4rvmiyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/4J7Io1jEwgS2RhtnGjopliZ5_no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38e975-1f4f-4114-bfa1-a79da1a85513/1/TIl_GjSX674nueLw1vPq4rvmiyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.255.0/24
IPv6:
2a13:46c0::/31
Signature Algorithm: sha256WithRSAEncryption
15:50:09:16:4c:d0:1d:39:31:94:7a:07:09:c2:87:62:41:b6:
20:5a:fc:6c:63:05:7e:14:e3:06:5d:39:61:c8:40:a7:ac:0d:
3d:cf:98:ff:91:2e:d1:d2:ee:19:ba:c5:f4:0b:d7:51:84:52:
f0:20:76:e1:60:89:3b:1d:27:1c:f9:55:e4:1c:eb:03:99:6c:
0d:29:46:59:13:fd:d4:ed:23:3b:81:dc:cd:7b:22:74:4c:0d:
e7:ae:0d:d1:c7:5c:81:1d:74:4c:79:c2:71:92:d7:a8:af:9f:
2e:60:88:6c:ab:94:b0:94:db:c0:f6:04:89:02:74:cc:4d:1e:
9e:08:dd:1b:8d:f7:c7:4f:70:62:43:58:a0:cb:69:33:e0:13:
30:46:66:02:7e:67:77:49:a6:05:23:ee:f3:87:74:be:23:92:
1d:b5:af:ed:34:f9:52:1a:20:b9:c0:3a:f6:e0:16:dd:fa:f1:
ec:e8:70:69:de:e5:fc:27:f7:76:d7:9e:9d:db:66:ce:39:53:
f9:5f:ca:51:14:d8:cc:d1:1c:b7:07:04:11:3a:c8:9c:ad:96:
41:7a:0e:0a:dc:0f:3f:66:a8:3c:a3:b2:dd:aa:c9:73:fe:b8:
8b:c9:65:ed:bf:bc:74:db:39:02:de:73:31:84:b0:ad:72:0f:
ea:c8:80:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR5AZe89eUXTBdnwje3uZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODk3ZjFhMzQ5N2ViYmUyN2I5ZTJmMGQ2ZjNlYWUyYmJl
NjhiMjcwHhcNMjUwMTAyMTM0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDllYzhhMzU4YzRjMjA0YjY0NjFiNjcxYTNhMjk5NjI2NzlmZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvReR7lOR/6+X3/BtGWrxmpPW9l6B
69lRXDDcOSuQf+5BllzvQSxHIcQ7QecJlXvByEm2kDzWOBa/KMUxaJ6U/AjM01fg
GYLhnXpRFr7VytBCidyENxlt2S/w8E/TovJLsDVGJd3iIAI2JapSuYTcHbpYdsN5
/KBr5EcEMC63lted44MVjqs/bLeTkFbSv2st8OtfWpuz+IUYmEBoAcVxf7dmdw1P
0S/RLmNzAV5cOeODP9DCWMhkgcWLNPUzaLIk+UrPSZrXLzc48dfIZmrrZ5uXJk64
rDEdZb5feVxZZTu/nVukxVrVWFtrnudi35JAsfPbKNKfLajE4N2NBa8f6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOCeyKNYxMIEtkYbZxo6KZYmef56MB8GA1UdIwQY
MBaAFEyJfxo0l+u+J7ni8Nbz6uK75osnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElsX0dqU1g2NzRudWVMdzF2UHE0cnZtaXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGU5NzUtMWY0Zi00MTE0LWJmYTEt
YTc5ZGExYTg1NTEzLzEvNEo3SW8xakV3Z1MyUmh0bkdqb3BsaVo1X25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGU5NzUtMWY0Zi00MTE0LWJmYTEtYTc5ZGExYTg1NTEz
LzEvVElsX0dqU1g2NzRudWVMdzF2UHE0cnZtaXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX43/MA0E
AgACMAcDBQEqE0bAMA0GCSqGSIb3DQEBCwUAA4IBAQAVUAkWTNAdOTGUegcJwodi
QbYgWvxsYwV+FOMGXTlhyECnrA09z5j/kS7R0u4ZusX0C9dRhFLwIHbhYIk7HScc
+VXkHOsDmWwNKUZZE/3U7SM7gdzNeyJ0TA3nrg3Rx1yBHXRMecJxkteor58uYIhs
q5SwlNvA9gSJAnTMTR6eCN0bjffHT3BiQ1igy2kz4BMwRmYCfmd3SaYFI+7zh3S+
I5Idta/tNPlSGiC5wDr24Bbd+vHs6HBp3uX8J/d2156d22bOOVP5X8pRFNjM0Ry3
BwQROsicrZZBeg4K3A8/Zqg8o7Ldqslz/riLyWXtv7x02zkC3nMxhLCtcg/qyIA1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:20 2025 by rpki-client on console.sobornost.net