Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/0JNfBNzU72OAoNIfj1jhygVeYQU.roa
File: 0JNfBNzU72OAoNIfj1jhygVeYQU.roa (raw, json)
Hash identifier: oGcfqT/JJ8LL0qB7k2QsQSpg+/RTt2AO65zLWXlHWAA=
Subject key identifier: D0:93:5F:04:DC:D4:EF:63:80:A0:D2:1F:8F:58:E1:CA:05:5E:61:05
Certificate issuer: /CN=b9f769d4433b7704df703d1645b7fea8efbf926e
Certificate serial: 01942444CC8F07C49DBC8CBA3DF884C95E49
Authority key identifier: B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/0JNfBNzU72OAoNIfj1jhygVeYQU.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210250
IP address blocks: 194.1.147.0/24 maxlen: 24
2001:67c:51c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:cc:8f:07:c4:9d:bc:8c:ba:3d:f8:84:c9:5e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f769d4433b7704df703d1645b7fea8efbf926e
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0935f04dcd4ef6380a0d21f8f58e1ca055e6105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f3:24:71:46:b7:da:21:1c:7f:e1:83:36:ce:
43:33:66:f3:bc:3b:08:fe:88:dc:37:ba:06:13:fd:
ec:ff:61:fc:13:be:cb:7b:e3:13:82:e1:98:59:6d:
45:a2:0d:0f:5b:98:20:50:85:d5:02:e4:66:0b:74:
d5:9d:a0:44:f1:1d:ee:84:a3:91:68:b8:ab:c1:f6:
2b:4c:e4:5a:9d:d6:3f:df:b7:63:43:f0:54:84:41:
79:73:d1:37:ae:22:22:68:71:9c:e2:6a:c8:c7:5e:
0e:e2:58:d2:a5:dd:cc:87:e0:65:ca:8d:87:fa:f8:
f0:1a:1b:5e:66:eb:81:80:ca:3b:c9:70:2e:b9:02:
0c:49:e4:9c:9d:b3:d5:14:72:c4:61:0f:1b:3e:1d:
a4:da:74:3a:ad:74:71:a0:bf:eb:a7:4d:6a:93:79:
eb:51:e0:dd:7d:f4:a3:d1:ba:13:81:ed:96:77:77:
5a:d1:a3:01:fa:39:83:a4:a3:7f:21:7a:d7:18:34:
87:8d:ce:34:eb:36:81:ee:52:93:63:99:2f:5d:19:
a8:e5:22:d2:a4:aa:ad:7f:55:a0:9c:b1:a7:ea:10:
c3:c6:b4:41:b9:ab:9a:fd:bf:46:cb:3a:9e:df:b3:
2c:49:6b:db:92:9d:18:c9:c6:eb:39:21:fa:a2:20:
a8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:93:5F:04:DC:D4:EF:63:80:A0:D2:1F:8F:58:E1:CA:05:5E:61:05
X509v3 Authority Key Identifier:
keyid:B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/0JNfBNzU72OAoNIfj1jhygVeYQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.147.0/24
IPv6:
2001:67c:51c::/48
Signature Algorithm: sha256WithRSAEncryption
03:ca:69:70:58:37:6e:e9:3e:33:57:cf:88:83:67:81:94:96:
a4:81:1b:21:48:33:83:ae:9a:db:8a:21:0a:b2:bd:ab:0a:11:
f0:45:98:14:6f:93:6f:62:f7:1e:1b:f8:db:00:85:90:c8:9c:
37:fd:e5:c9:66:67:c8:40:7f:fc:51:c7:59:3c:78:1e:45:30:
89:47:8a:d0:e9:c5:24:88:a7:d5:a4:ab:7c:98:c3:f3:8b:dd:
98:eb:de:92:17:95:d8:29:9e:45:71:f8:cd:e3:ce:60:03:be:
0c:1c:aa:9e:38:cb:56:9b:e6:97:7e:d2:01:44:b9:6f:c2:bc:
06:6d:80:a5:54:d8:8a:40:d7:20:58:45:42:a0:91:d8:9a:77:
67:32:d7:b8:07:18:bf:18:d2:7f:37:42:85:72:60:da:2d:f1:
d7:66:a0:8f:87:11:23:80:a5:c2:1a:f3:5e:9f:4a:7a:54:e4:
67:a5:0d:08:03:88:f8:6e:75:e6:ad:96:b7:e3:cc:d5:74:4b:
d6:83:06:be:e9:0f:8c:b1:0a:ab:c4:60:af:d0:1f:48:92:75:
2f:df:9f:14:07:33:c1:e9:36:f0:4e:5b:d9:c6:56:f6:d2:2d:
81:ad:73:53:a9:98:82:88:66:64:15:8f:76:f2:8b:06:c0:f0:
85:b9:f9:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRMyPB8SdvIy6PfiEyV5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc2OWQ0NDMzYjc3MDRkZjcwM2QxNjQ1YjdmZWE4ZWZi
ZjkyNmUwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkzNWYwNGRjZDRlZjYzODBhMGQyMWY4ZjU4ZTFjYTA1NWU2MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfMkcUa32iEcf+GDNs5DM2bzvDsI
/ojcN7oGE/3s/2H8E77Le+MTguGYWW1Fog0PW5ggUIXVAuRmC3TVnaBE8R3uhKOR
aLirwfYrTORandY/37djQ/BUhEF5c9E3riIiaHGc4mrIx14O4ljSpd3Mh+Blyo2H
+vjwGhteZuuBgMo7yXAuuQIMSeScnbPVFHLEYQ8bPh2k2nQ6rXRxoL/rp01qk3nr
UeDdffSj0boTge2Wd3da0aMB+jmDpKN/IXrXGDSHjc406zaB7lKTY5kvXRmo5SLS
pKqtf1WgnLGn6hDDxrRBuaua/b9Gyzqe37MsSWvbkp0YycbrOSH6oiCoIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNCTXwTc1O9jgKDSH49Y4coFXmEFMB8GA1UdIwQY
MBaAFLn3adRDO3cE33A9FkW3/qjvv5JuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQt
M2FlYjdjZGUwMzZjLzEvMEpOZkJOelU3Mk9Bb05JZmoxamh5Z1ZlWVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQtM2FlYjdjZGUwMzZj
LzEvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgGTMA8E
AgACMAkDBwAgAQZ8BRwwDQYJKoZIhvcNAQELBQADggEBAAPKaXBYN27pPjNXz4iD
Z4GUlqSBGyFIM4OumtuKIQqyvasKEfBFmBRvk29i9x4b+NsAhZDInDf95clmZ8hA
f/xRx1k8eB5FMIlHitDpxSSIp9Wkq3yYw/OL3Zjr3pIXldgpnkVx+M3jzmADvgwc
qp44y1ab5pd+0gFEuW/CvAZtgKVU2IpA1yBYRUKgkdiad2cy17gHGL8Y0n83QoVy
YNot8ddmoI+HESOApcIa816fSnpU5GelDQgDiPhudeatlrfjzNV0S9aDBr7pD4yx
CqvEYK/QH0iSdS/fnxQHM8HpNvBOW9nGVvbSLYGtc1OpmIKIZmQVj3byiwbA8IW5
+dA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:23 2025 by rpki-client on console.sobornost.net