Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/886163-65b3-4599-bf4b-f36cd8790b0a/1/SAqPRmB-G6msTnaXyr7m6jyG5Ko.roa
File: SAqPRmB-G6msTnaXyr7m6jyG5Ko.roa (raw, json)
Hash identifier: 2YxDfMO4o3RvNMQXIEtYRv7ty5CdsK9saG6EToUsNdQ=
Subject key identifier: 48:0A:8F:46:60:7E:1B:A9:AC:4E:76:97:CA:BE:E6:EA:3C:86:E4:AA
Certificate issuer: /CN=1ea7a6afb21bb148742f6155d1a39afc8fc7e79c
Certificate serial: 0194258F6FF1404210F1086A0647233D2D4E
Authority key identifier: 1E:A7:A6:AF:B2:1B:B1:48:74:2F:61:55:D1:A3:9A:FC:8F:C7:E7:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hqemr7IbsUh0L2FV0aOa_I_H55w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/886163-65b3-4599-bf4b-f36cd8790b0a/1/SAqPRmB-G6msTnaXyr7m6jyG5Ko.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211501
IP address blocks: 194.26.238.0/24 maxlen: 24
2a11:75c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6f:f1:40:42:10:f1:08:6a:06:47:23:3d:2d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea7a6afb21bb148742f6155d1a39afc8fc7e79c
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=480a8f46607e1ba9ac4e7697cabee6ea3c86e4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:61:9f:d5:d8:7e:bf:9e:bb:70:1c:df:09:f5:
29:a1:48:cc:cc:13:2f:77:cf:f0:7c:55:02:8e:e1:
7b:c8:a2:1e:b1:b7:d1:df:d2:b7:4b:88:0c:1d:05:
53:72:c8:b7:7c:f4:50:44:6b:ac:fc:9c:a7:a6:a2:
5e:99:97:1e:d5:d4:8a:88:c0:9a:d0:ef:cf:db:36:
a2:9f:df:52:ae:3d:61:5a:06:b0:4d:14:2a:c8:a5:
ed:44:52:cc:7b:3a:9b:58:eb:f8:9d:ae:ea:35:34:
4c:45:b1:59:c3:c9:1d:a6:73:9c:37:ad:99:d7:f2:
ba:f6:b1:47:1c:f4:79:43:4c:60:15:20:b5:b6:1c:
93:39:6c:2c:5d:df:65:08:20:5e:e3:f6:f4:c6:49:
ce:1f:8a:97:d7:27:9a:30:97:da:36:d3:65:69:27:
b5:35:d0:e5:44:05:27:7d:6b:22:a3:c1:90:22:6f:
96:02:00:60:70:6a:00:23:05:22:8f:cb:31:c2:9b:
54:fa:9a:bf:af:31:e9:a3:40:e3:8c:ed:36:b7:56:
fb:6f:d2:cc:23:ae:0b:66:55:15:d6:81:35:b4:54:
04:79:73:d3:60:9c:71:40:0b:27:8b:14:ba:86:f0:
23:11:c5:4d:51:b6:e4:91:8d:d4:7f:11:3e:77:11:
03:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0A:8F:46:60:7E:1B:A9:AC:4E:76:97:CA:BE:E6:EA:3C:86:E4:AA
X509v3 Authority Key Identifier:
keyid:1E:A7:A6:AF:B2:1B:B1:48:74:2F:61:55:D1:A3:9A:FC:8F:C7:E7:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hqemr7IbsUh0L2FV0aOa_I_H55w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/886163-65b3-4599-bf4b-f36cd8790b0a/1/SAqPRmB-G6msTnaXyr7m6jyG5Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/886163-65b3-4599-bf4b-f36cd8790b0a/1/Hqemr7IbsUh0L2FV0aOa_I_H55w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.238.0/24
IPv6:
2a11:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:ee:f9:7a:3b:8d:ee:d2:0a:55:ac:85:84:cd:98:4d:be:6f:
25:01:5d:45:b4:84:1a:17:cb:1e:b7:2f:b4:78:41:03:f7:a6:
98:5f:b7:8c:9b:26:8c:1f:db:e2:56:15:ee:50:c1:79:ef:c9:
f6:07:6a:cf:4d:cc:b5:99:de:94:9c:4c:0d:78:6f:6b:72:86:
6f:14:7d:87:e9:c4:ee:e0:1c:61:a1:62:4f:69:44:02:60:7c:
64:fd:15:a8:c9:79:4a:68:1b:e6:9c:7f:bd:8f:75:58:0a:38:
ba:6d:53:b6:41:a7:e9:0f:0d:8f:da:16:6d:b9:02:99:70:5d:
71:8b:aa:5e:0a:0f:44:9c:52:d1:57:8a:7f:3b:95:4a:bc:80:
c4:76:2b:46:ef:5d:6a:0e:8e:19:6a:c0:e7:90:3a:1f:f2:bf:
45:e3:9f:bc:9f:e2:16:da:dd:4f:3e:4e:2e:b7:02:5b:c3:fd:
19:83:3e:96:27:4e:51:1c:73:6c:c9:41:63:90:69:d0:48:1a:
0f:8b:60:4d:9c:7d:e2:0f:f9:02:32:5e:83:e7:91:b4:20:eb:
1c:3b:86:ee:ab:79:25:b4:5f:34:f5:6d:d7:b8:86:fd:ce:d5:
33:25:9b:2b:1a:99:c4:6c:34:ea:ec:79:d4:d0:bf:2a:c6:cf:
d8:00:6b:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj2/xQEIQ8QhqBkcjPS1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTdhNmFmYjIxYmIxNDg3NDJmNjE1NWQxYTM5YWZjOGZj
N2U3OWMwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODBhOGY0NjYwN2UxYmE5YWM0ZTc2OTdjYWJlZTZlYTNjODZlNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWGf1dh+v567cBzfCfUpoUjMzBMv
d8/wfFUCjuF7yKIesbfR39K3S4gMHQVTcsi3fPRQRGus/JynpqJemZce1dSKiMCa
0O/P2zain99Srj1hWgawTRQqyKXtRFLMezqbWOv4na7qNTRMRbFZw8kdpnOcN62Z
1/K69rFHHPR5Q0xgFSC1thyTOWwsXd9lCCBe4/b0xknOH4qX1yeaMJfaNtNlaSe1
NdDlRAUnfWsio8GQIm+WAgBgcGoAIwUij8sxwptU+pq/rzHpo0DjjO02t1b7b9LM
I64LZlUV1oE1tFQEeXPTYJxxQAsnixS6hvAjEcVNUbbkkY3UfxE+dxEDYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEgKj0ZgfhuprE52l8q+5uo8huSqMB8GA1UdIwQY
MBaAFB6npq+yG7FIdC9hVdGjmvyPx+ecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFlbXI3SWJzVWgwTDJGVjBhT2FfSV9INTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84ODYxNjMtNjViMy00NTk5LWJmNGIt
ZjM2Y2Q4NzkwYjBhLzEvU0FxUFJtQi1HNm1zVG5hWHlyN202anlHNUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84ODYxNjMtNjViMy00NTk5LWJmNGItZjM2Y2Q4NzkwYjBh
LzEvSHFlbXI3SWJzVWgwTDJGVjBhT2FfSV9INTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwhruMA0E
AgACMAcDBQMqEXXAMA0GCSqGSIb3DQEBCwUAA4IBAQAX7vl6O43u0gpVrIWEzZhN
vm8lAV1FtIQaF8sety+0eEED96aYX7eMmyaMH9viVhXuUMF578n2B2rPTcy1md6U
nEwNeG9rcoZvFH2H6cTu4BxhoWJPaUQCYHxk/RWoyXlKaBvmnH+9j3VYCji6bVO2
QafpDw2P2hZtuQKZcF1xi6peCg9EnFLRV4p/O5VKvIDEditG711qDo4ZasDnkDof
8r9F45+8n+IW2t1PPk4utwJbw/0Zgz6WJ05RHHNsyUFjkGnQSBoPi2BNnH3iD/kC
Ml6D55G0IOscO4buq3kltF809W3XuIb9ztUzJZsrGpnEbDTq7HnU0L8qxs/YAGsQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:38 2025 by rpki-client on console.sobornost.net