Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9KjqbMoowr4zIwC0vIDCLJx3OPk.roa
File: 9KjqbMoowr4zIwC0vIDCLJx3OPk.roa (raw, json)
Hash identifier: P/sEcAl8BwOGFXxtB8+HWMsFUjWpgx7ANde/4kLha4c=
Subject key identifier: F4:A8:EA:6C:CA:28:C2:BE:33:23:00:B4:BC:80:C2:2C:9C:77:38:F9
Certificate issuer: /CN=f4b9dd9e34fe66d75138903708f8ce1fbd342d64
Certificate serial: 01941F8C37793302CC1EBDA0D4E35BFF6EAD
Authority key identifier: F4:B9:DD:9E:34:FE:66:D7:51:38:90:37:08:F8:CE:1F:BD:34:2D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9KjqbMoowr4zIwC0vIDCLJx3OPk.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35008
IP address blocks: 194.246.109.0/24 maxlen: 24
2001:67c:760::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:37:79:33:02:cc:1e:bd:a0:d4:e3:5b:ff:6e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9dd9e34fe66d75138903708f8ce1fbd342d64
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4a8ea6cca28c2be332300b4bc80c22c9c7738f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dc:13:e2:2d:69:96:11:d5:47:bf:c8:8b:53:
01:ef:3d:ad:4a:d6:32:b9:a0:5b:e1:8f:5c:12:77:
75:c3:ef:66:e3:d8:83:bd:78:f5:63:2a:7d:11:bb:
29:06:38:41:44:77:25:3f:20:c5:59:53:e4:a3:5f:
c0:2e:f5:57:d0:76:39:6a:06:4e:bf:34:3f:18:3d:
b5:6a:91:5c:01:24:e8:1a:3d:6e:08:40:82:7e:f1:
dc:53:d0:a7:ea:06:d9:d3:0f:3a:bc:10:ae:b7:0d:
1e:e0:2a:e2:3b:89:c1:c0:4b:5f:6d:9f:12:2e:53:
b5:56:6f:8c:96:6a:52:9d:59:f9:46:a6:0f:6c:2f:
42:28:15:66:0d:cc:ba:02:4d:e4:54:e0:fe:f0:8e:
4c:97:d2:3c:4d:b3:31:3b:51:46:fe:bb:b2:e2:50:
db:ad:e3:69:20:5c:3e:a2:3a:5d:61:53:41:ea:78:
10:b9:6e:df:fa:a4:98:8d:d0:57:4d:10:d1:ee:04:
fb:5d:ed:ea:45:21:6c:e1:a8:00:1a:d7:1b:6d:b8:
64:dc:03:a7:04:8a:72:45:29:ee:15:ef:20:ea:f4:
86:fb:25:4a:bc:dd:43:66:4e:95:c2:06:cd:f8:5f:
49:00:ad:60:db:a2:75:8a:41:1e:75:0f:f2:2f:3b:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A8:EA:6C:CA:28:C2:BE:33:23:00:B4:BC:80:C2:2C:9C:77:38:F9
X509v3 Authority Key Identifier:
keyid:F4:B9:DD:9E:34:FE:66:D7:51:38:90:37:08:F8:CE:1F:BD:34:2D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9KjqbMoowr4zIwC0vIDCLJx3OPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9LndnjT-ZtdROJA3CPjOH700LWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.109.0/24
IPv6:
2001:67c:760::/48
Signature Algorithm: sha256WithRSAEncryption
c0:67:48:7f:80:09:26:40:68:bb:82:ce:95:0f:f2:2b:09:d8:
a3:85:1e:b4:13:6c:e7:25:77:05:6c:1a:40:c7:8c:60:36:ad:
22:b8:70:85:88:0e:0b:c9:43:4f:4b:ec:a8:74:b6:a4:bf:dd:
12:0a:4c:8e:f3:90:28:2e:ae:6d:37:b9:b0:a8:4e:82:b8:94:
51:d3:e3:80:df:76:d7:58:33:03:00:00:5a:79:48:a6:75:7b:
d0:17:9d:1a:8d:3f:f0:35:a7:67:20:0c:22:f9:b1:c3:45:0d:
72:f7:71:af:f0:70:d0:8c:34:fc:26:6d:06:09:64:ca:46:4e:
75:e4:29:75:cc:4f:61:70:6f:de:0d:37:ec:ce:15:52:f6:34:
ed:3a:24:39:1b:30:07:8f:9c:95:57:27:37:ad:63:bd:ed:5a:
92:a2:df:85:5c:1f:fb:81:e0:41:53:be:cc:c9:0b:96:05:1f:
fe:79:86:12:bd:57:44:64:b2:36:ba:9a:31:a4:c5:f7:a3:43:
c9:a3:32:ae:48:32:97:4b:86:8d:67:37:65:17:71:64:8e:40:
61:5e:74:4c:6d:5d:a0:99:1c:cb:a1:27:e2:28:3d:53:d6:a5:
4a:1b:d4:17:f3:47:32:4e:e0:9d:af:9c:32:07:c9:52:4e:c6:
8d:b2:4d:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjDd5MwLMHr2g1ONb/26tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjlkZDllMzRmZTY2ZDc1MTM4OTAzNzA4ZjhjZTFmYmQz
NDJkNjQwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE4ZWE2Y2NhMjhjMmJlMzMyMzAwYjRiYzgwYzIyYzljNzczOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdwT4i1plhHVR7/Ii1MB7z2tStYy
uaBb4Y9cEnd1w+9m49iDvXj1Yyp9EbspBjhBRHclPyDFWVPko1/ALvVX0HY5agZO
vzQ/GD21apFcASToGj1uCECCfvHcU9Cn6gbZ0w86vBCutw0e4CriO4nBwEtfbZ8S
LlO1Vm+MlmpSnVn5RqYPbC9CKBVmDcy6Ak3kVOD+8I5Ml9I8TbMxO1FG/ruy4lDb
reNpIFw+ojpdYVNB6ngQuW7f+qSYjdBXTRDR7gT7Xe3qRSFs4agAGtcbbbhk3AOn
BIpyRSnuFe8g6vSG+yVKvN1DZk6VwgbN+F9JAK1g26J1ikEedQ/yLzutkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSo6mzKKMK+MyMAtLyAwiycdzj5MB8GA1UdIwQY
MBaAFPS53Z40/mbXUTiQNwj4zh+9NC1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxuZG5qVC1adGRST0pBM0NQak9INzAwTFdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lY2FmNDQtMDhjYy00MWJiLTgxZDMt
MjYyYmVjNzE3YjE3LzEvOUtqcWJNb293cjR6SXdDMHZJRENMSngzT1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lY2FmNDQtMDhjYy00MWJiLTgxZDMtMjYyYmVjNzE3YjE3
LzEvOUxuZG5qVC1adGRST0pBM0NQak9INzAwTFdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwvZtMA8E
AgACMAkDBwAgAQZ8B2AwDQYJKoZIhvcNAQELBQADggEBAMBnSH+ACSZAaLuCzpUP
8isJ2KOFHrQTbOcldwVsGkDHjGA2rSK4cIWIDgvJQ09L7Kh0tqS/3RIKTI7zkCgu
rm03ubCoToK4lFHT44DfdtdYMwMAAFp5SKZ1e9AXnRqNP/A1p2cgDCL5scNFDXL3
ca/wcNCMNPwmbQYJZMpGTnXkKXXMT2Fwb94NN+zOFVL2NO06JDkbMAePnJVXJzet
Y73tWpKi34VcH/uB4EFTvszJC5YFH/55hhK9V0Rksja6mjGkxfejQ8mjMq5IMpdL
ho1nN2UXcWSOQGFedExtXaCZHMuhJ+IoPVPWpUob1BfzRzJO4J2vnDIHyVJOxo2y
Tc8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net