Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/h9mNIwplN3HJblv2au9Os6COmfk.roa
File: h9mNIwplN3HJblv2au9Os6COmfk.roa (raw, json)
Hash identifier: MUN1yxszebSMcti0G9u7TeXrwfcHsFyRaIzpQnCM9XQ=
Subject key identifier: 87:D9:8D:23:0A:65:37:71:C9:6E:5B:F6:6A:EF:4E:B3:A0:8E:99:F9
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 0194221F446B2C9A06490E04966BC2633C1F
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/h9mNIwplN3HJblv2au9Os6COmfk.roa
Signing time: Wed 01 Jan 2025 13:47:41 +0000
ROA not before: Wed 01 Jan 2025 13:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205879
IP address blocks: 213.156.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:44:6b:2c:9a:06:49:0e:04:96:6b:c2:63:3c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 13:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87d98d230a653771c96e5bf66aef4eb3a08e99f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:af:c1:14:d2:8f:66:21:98:87:b6:0b:64:
8e:df:11:bd:92:f9:82:4f:eb:7d:13:b4:f3:d3:f2:
1d:7f:a4:aa:85:60:b0:25:a1:f2:7e:4d:dd:9e:cc:
63:65:be:49:0a:78:95:d2:30:55:f3:e9:e8:b4:07:
f9:ac:fd:53:cf:ce:a8:a4:48:e3:43:80:0a:ce:70:
f3:68:45:4d:6b:dd:74:59:1b:aa:91:8c:1b:4d:76:
50:2e:2a:d0:6b:d5:88:e1:c1:d8:f8:c9:bd:99:e0:
12:69:b3:fa:2b:ce:ab:59:20:43:7b:17:7a:d0:3f:
c6:1f:7f:1d:a6:15:76:d3:32:3c:74:1b:26:ae:09:
22:96:51:68:3e:45:f0:c5:09:c9:40:30:24:4b:54:
f8:ab:01:ea:da:5a:a1:e7:02:4b:27:57:dc:5d:f1:
40:9c:47:f2:63:c4:c3:0e:b5:ce:28:79:fe:6f:4f:
78:91:4d:f8:ba:65:4b:8d:66:49:80:41:4a:f2:a0:
df:63:ac:aa:b4:ab:7d:08:f8:3e:c4:c8:f1:01:57:
f5:c7:62:e5:23:6d:b0:10:9c:94:fd:c0:d8:64:b1:
59:58:a0:9c:27:86:01:c0:fa:cd:e4:b7:97:b7:cf:
89:9c:8f:e6:1e:e1:de:34:34:9d:71:ae:80:1a:15:
f6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D9:8D:23:0A:65:37:71:C9:6E:5B:F6:6A:EF:4E:B3:A0:8E:99:F9
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/h9mNIwplN3HJblv2au9Os6COmfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.156.101.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:00:05:41:78:ed:14:89:7e:18:e5:f0:b0:3f:6a:a7:0e:2b:
7d:c3:d6:e1:55:5e:cf:6f:8c:99:d5:5b:0a:79:68:e0:88:9f:
7d:4f:54:72:7a:d4:c3:cd:7e:94:36:c9:ec:e1:53:3a:81:11:
37:a4:c0:6e:11:59:7b:76:71:cc:90:c7:ad:61:70:dc:d9:23:
c9:53:92:36:70:f1:1d:03:4f:5a:cb:f1:26:dd:a3:55:de:cb:
16:df:22:1c:f8:a8:5e:7f:74:5c:2b:32:75:9e:79:bb:f5:f5:
8a:b4:5f:82:56:de:f4:9b:d5:de:e0:17:0c:99:15:c2:dc:c6:
a6:92:bf:1d:ae:06:b2:1a:91:e6:17:2e:c8:90:61:d9:ad:fc:
bd:f2:b7:8a:76:f7:ef:d2:6f:30:1d:8c:2f:92:64:6a:a8:1b:
f1:ab:ee:b0:47:ab:de:6a:d5:70:fa:db:8e:00:46:ea:3c:e1:
d4:44:30:6d:67:cd:c4:ba:ed:52:58:21:a9:a0:4a:fb:6a:b2:
52:a7:7c:d2:b2:0a:6a:b1:40:78:c5:b8:37:da:e4:b5:9c:7c:
fb:31:33:4d:dd:8d:9c:67:d7:96:6b:e2:d6:31:8f:62:83:d0:
57:9f:f8:b8:26:2e:5d:98:aa:2d:e7:89:73:f9:96:8b:a2:de:
20:36:52:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH0RrLJoGSQ4ElmvCYzwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjUwMTAxMTM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q5OGQyMzBhNjUzNzcxYzk2ZTViZjY2YWVmNGViM2EwOGU5OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhSvwRTSj2YhmIe2C2SO3xG9kvmC
T+t9E7Tz0/Idf6SqhWCwJaHyfk3dnsxjZb5JCniV0jBV8+notAf5rP1Tz86opEjj
Q4AKznDzaEVNa910WRuqkYwbTXZQLirQa9WI4cHY+Mm9meASabP6K86rWSBDexd6
0D/GH38dphV20zI8dBsmrgkillFoPkXwxQnJQDAkS1T4qwHq2lqh5wJLJ1fcXfFA
nEfyY8TDDrXOKHn+b094kU34umVLjWZJgEFK8qDfY6yqtKt9CPg+xMjxAVf1x2Ll
I22wEJyU/cDYZLFZWKCcJ4YBwPrN5LeXt8+JnI/mHuHeNDSdca6AGhX2QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfZjSMKZTdxyW5b9mrvTrOgjpn5MB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvaDltTkl3cGxOM0hKYmx2MmF1OU9zNkNPbWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZxlMA0G
CSqGSIb3DQEBCwUAA4IBAQB7AAVBeO0UiX4Y5fCwP2qnDit9w9bhVV7Pb4yZ1VsK
eWjgiJ99T1RyetTDzX6UNsns4VM6gRE3pMBuEVl7dnHMkMetYXDc2SPJU5I2cPEd
A09ay/Em3aNV3ssW3yIc+Khef3RcKzJ1nnm79fWKtF+CVt70m9Xe4BcMmRXC3Mam
kr8drgayGpHmFy7IkGHZrfy98reKdvfv0m8wHYwvkmRqqBvxq+6wR6veatVw+tuO
AEbqPOHURDBtZ83Euu1SWCGpoEr7arJSp3zSsgpqsUB4xbg32uS1nHz7MTNN3Y2c
Z9eWa+LWMY9ig9BXn/i4Ji5dmKot54lz+ZaLot4gNlKl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:35 2025 by rpki-client on console.sobornost.net