Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/rGN5FpejCaCXrji9K4EU_f-qOkg.roa
File: rGN5FpejCaCXrji9K4EU_f-qOkg.roa (raw, json)
Hash identifier: zewz0wOmjNVsVP/39QRKrm53zmEHBC9jLcGj8oTz4IA=
Subject key identifier: AC:63:79:16:97:A3:09:A0:97:AE:38:BD:2B:81:14:FD:FF:AA:3A:48
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 019472EA51687264107CA2E7E5467E005F04
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/rGN5FpejCaCXrji9K4EU_f-qOkg.roa
Signing time: Fri 17 Jan 2025 06:19:06 +0000
ROA not before: Fri 17 Jan 2025 06:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 94.103.56.0/21 maxlen: 21
176.103.192.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:72:ea:51:68:72:64:10:7c:a2:e7:e5:46:7e:00:5f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 17 06:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac63791697a309a097ae38bd2b8114fdffaa3a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:13:8a:0b:ad:bf:e2:9f:88:57:9f:00:35:08:
7e:4a:ef:5a:25:6b:48:cd:36:8f:1c:a4:ff:f0:f4:
4c:00:2a:59:1e:fb:cb:a7:7e:16:33:a7:ed:cf:68:
67:54:b9:32:48:cd:68:89:4f:51:18:7b:05:e2:32:
ba:a6:db:3f:c0:8d:ff:d2:2e:b9:25:f9:29:3f:63:
72:6c:6e:5f:73:14:cf:f3:ba:84:a9:0f:f1:7e:4e:
7b:0c:24:19:db:eb:cf:54:b3:f5:04:90:5a:2d:c7:
20:17:ac:f6:68:c0:52:0b:7b:14:1c:10:66:ca:11:
bc:81:2f:46:39:f9:17:52:37:60:16:0c:b1:44:4d:
e5:63:f0:9a:2f:ab:ac:ca:7c:4b:43:fc:22:e1:6e:
03:38:f0:cb:87:6e:62:69:6a:49:8a:33:aa:49:4a:
d0:e2:f1:a6:ec:aa:9f:f1:ac:1c:da:0e:c4:e5:95:
df:36:78:74:c0:8e:4a:d2:99:18:c0:aa:41:4e:c7:
c8:10:2d:be:e8:40:73:e2:72:ff:e5:e9:0c:00:dd:
98:57:dc:87:5f:e9:a4:29:13:12:45:cd:5e:71:17:
76:a3:ff:83:9f:e1:22:72:b7:4e:69:8d:6b:c9:da:
a6:8f:41:f4:52:51:12:d1:6b:9b:54:7f:82:5e:ca:
2f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:63:79:16:97:A3:09:A0:97:AE:38:BD:2B:81:14:FD:FF:AA:3A:48
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/rGN5FpejCaCXrji9K4EU_f-qOkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.56.0/21
176.103.192.0/21
Signature Algorithm: sha256WithRSAEncryption
53:e1:94:a4:2a:09:33:78:b4:b8:41:77:62:9f:d3:14:11:82:
d7:0a:cd:ed:d9:53:fb:c0:6b:d4:10:f3:60:59:56:89:2d:82:
b1:6c:da:33:e4:24:d6:c2:dd:3e:d5:fe:17:13:43:d3:5f:fc:
f2:56:77:fe:ee:92:d3:db:6a:7a:a6:d0:85:da:da:f0:ce:5a:
25:c9:db:5d:5b:17:da:23:98:c1:25:05:d3:bd:5f:50:6a:7f:
72:2d:fe:d0:43:43:52:62:2a:ba:77:51:42:94:37:29:6c:49:
29:2c:fb:15:ee:01:88:d8:7c:58:df:cf:39:e9:20:f0:a6:e2:
ee:ab:21:ca:7f:a1:61:cd:84:b5:30:b7:00:c1:41:16:cd:ff:
66:c6:56:65:20:b8:1e:a8:51:d6:19:6c:b7:ba:cc:b5:42:9c:
e7:d4:66:ee:d2:64:46:56:ea:b2:51:64:80:9b:41:7b:f9:3d:
c7:9a:fa:b0:fc:13:c4:4d:33:17:d4:4f:28:3e:e5:a7:45:2c:
d6:61:22:bc:ee:af:10:48:5a:dc:6d:d3:04:68:73:c9:12:ab:
d9:75:e2:ad:a0:f9:47:5a:ea:a1:3c:53:ca:45:77:aa:bc:7a:
0e:65:0b:a4:d4:07:07:db:3d:8c:e4:d2:ce:03:db:dd:c2:62:
f0:e7:0d:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRy6lFocmQQfKLn5UZ+AF8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMTE3MDYxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzYzNzkxNjk3YTMwOWEwOTdhZTM4YmQyYjgxMTRmZGZmYWEzYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxOKC62/4p+IV58ANQh+Su9aJWtI
zTaPHKT/8PRMACpZHvvLp34WM6ftz2hnVLkySM1oiU9RGHsF4jK6pts/wI3/0i65
JfkpP2NybG5fcxTP87qEqQ/xfk57DCQZ2+vPVLP1BJBaLccgF6z2aMBSC3sUHBBm
yhG8gS9GOfkXUjdgFgyxRE3lY/CaL6usynxLQ/wi4W4DOPDLh25iaWpJijOqSUrQ
4vGm7Kqf8awc2g7E5ZXfNnh0wI5K0pkYwKpBTsfIEC2+6EBz4nL/5ekMAN2YV9yH
X+mkKRMSRc1ecRd2o/+Dn+EicrdOaY1rydqmj0H0UlES0WubVH+CXsovCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKxjeRaXowmgl644vSuBFP3/qjpIMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvckdONUZwZWpDYUNYcmppOUs0RVVfZi1xT2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXmc4AwQD
sGfAMA0GCSqGSIb3DQEBCwUAA4IBAQBT4ZSkKgkzeLS4QXdin9MUEYLXCs3t2VP7
wGvUEPNgWVaJLYKxbNoz5CTWwt0+1f4XE0PTX/zyVnf+7pLT22p6ptCF2trwzlol
ydtdWxfaI5jBJQXTvV9Qan9yLf7QQ0NSYiq6d1FClDcpbEkpLPsV7gGI2HxY3885
6SDwpuLuqyHKf6FhzYS1MLcAwUEWzf9mxlZlILgeqFHWGWy3usy1Qpzn1Gbu0mRG
VuqyUWSAm0F7+T3Hmvqw/BPETTMX1E8oPuWnRSzWYSK87q8QSFrcbdMEaHPJEqvZ
deKtoPlHWuqhPFPKRXeqvHoOZQuk1AcH2z2M5NLOA9vdwmLw5w26
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:55:49 2025 by rpki-client on console.sobornost.net