Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/P9IjOiRib_oTzk3RFCj75_fHPso.roa
File: P9IjOiRib_oTzk3RFCj75_fHPso.roa (raw, json)
Hash identifier: zczeX9mp/ovcEZlHCQx76naAHy+fi7XPa1xXLFJeJgA=
Subject key identifier: 3F:D2:23:3A:24:62:6F:FA:13:CE:4D:D1:14:28:FB:E7:F7:C7:3E:CA
Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Certificate serial: 01942747027C6D7FC7B6B68EB26EB054BD16
Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/P9IjOiRib_oTzk3RFCj75_fHPso.roa
Signing time: Thu 02 Jan 2025 13:49:12 +0000
ROA not before: Thu 02 Jan 2025 13:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25133
IP address blocks: 193.0.240.0/24 maxlen: 24
193.254.196.0/24 maxlen: 24
193.254.197.0/24 maxlen: 24
195.95.232.0/23 maxlen: 23
2a02:c080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:02:7c:6d:7f:c7:b6:b6:8e:b2:6e:b0:54:bd:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Validity
Not Before: Jan 2 13:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fd2233a24626ffa13ce4dd11428fbe7f7c73eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:a4:e4:34:c8:1e:47:e8:58:3e:cb:08:f3:
ba:55:2a:13:38:b1:45:62:83:78:55:ff:36:b8:b8:
86:58:36:e3:41:5d:05:0e:1a:ab:14:0c:3b:9d:e9:
b7:4e:cf:e3:20:8f:16:63:aa:c3:a9:f6:8f:5d:30:
87:3f:51:74:23:c2:ad:6c:e2:95:7f:a2:0f:51:22:
00:ed:77:eb:0b:ac:8a:cb:30:f3:37:2b:5e:22:68:
13:f4:c9:b5:d3:e7:3e:e5:3b:aa:29:25:03:9a:b5:
d4:2a:0a:4f:a9:b8:bc:f6:87:67:4b:98:ac:87:85:
15:41:e0:be:48:ee:e7:82:b6:53:33:6e:84:91:f9:
20:c6:df:55:bd:09:dd:33:a1:da:91:3e:06:77:2c:
ed:b8:14:5e:a6:2c:5a:ed:04:66:53:cb:8a:0f:7b:
c8:5c:b0:db:61:8d:99:d5:2f:a3:2b:6d:ec:6b:8e:
13:56:25:9b:55:5c:53:9b:cc:f2:f6:59:79:46:6b:
66:cf:06:b4:bb:eb:96:72:5e:a1:c9:c1:87:97:ec:
df:13:1a:d0:0b:70:36:7b:67:f9:ab:bf:1a:44:87:
39:34:63:17:50:12:9f:c5:44:06:97:48:1c:03:7a:
71:d1:6f:01:84:c4:19:ca:a6:d5:cc:1f:e3:01:34:
02:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D2:23:3A:24:62:6F:FA:13:CE:4D:D1:14:28:FB:E7:F7:C7:3E:CA
X509v3 Authority Key Identifier:
keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/P9IjOiRib_oTzk3RFCj75_fHPso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.240.0/24
193.254.196.0/23
195.95.232.0/23
IPv6:
2a02:c080::/29
Signature Algorithm: sha256WithRSAEncryption
29:40:80:ac:fe:19:a5:c6:eb:ea:11:1c:1f:3b:f9:64:e0:80:
a1:36:eb:7c:b9:26:a5:29:30:36:43:de:aa:b9:2f:39:f1:40:
51:a8:4d:57:37:28:26:85:4a:42:fb:45:e5:0e:7d:28:70:70:
75:d0:e8:84:85:04:9f:b8:53:ad:64:0a:cf:50:1a:a5:23:21:
4b:ab:6e:b5:f9:a1:b4:f8:84:b2:a1:67:4c:ea:0f:09:87:4e:
f8:3a:bc:97:dd:37:f4:82:d6:e3:ae:51:08:5e:3e:5f:8c:09:
6d:93:b6:cc:14:8a:2a:8c:c0:5a:3d:93:54:4f:9f:13:9d:66:
21:3f:d8:3c:1d:47:6b:9d:bb:0a:68:64:35:80:09:f2:15:da:
f8:13:73:79:7f:32:b6:83:b2:21:25:18:04:28:23:1e:8a:2b:
20:9c:28:fb:a6:d9:33:87:35:4b:a3:48:f9:23:f8:cf:95:26:
ff:3a:35:47:f3:68:00:ee:59:c8:78:13:56:01:ff:95:75:bb:
bd:7c:21:60:24:3b:fa:8c:50:ed:23:18:15:94:41:bc:5c:a4:
ca:1b:67:a4:1b:4a:6c:dc:bb:b4:3c:06:f3:bb:9b:61:85:48:
78:22:c4:a2:3b:8a:0f:f8:c0:5b:2a:aa:1d:41:e9:3a:3d:b0:
69:de:fd:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQnRwJ8bX/HtraOsm6wVL0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OGNjOGY1N2EyYjNjMjI5OWIxZjQ4MmI2N2UxNWQ5ZGU0
M2FkM2MwHhcNMjUwMTAyMTM0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQyMjMzYTI0NjI2ZmZhMTNjZTRkZDExNDI4ZmJlN2Y3YzczZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO2k5DTIHkfoWD7LCPO6VSoTOLFF
YoN4Vf82uLiGWDbjQV0FDhqrFAw7nem3Ts/jII8WY6rDqfaPXTCHP1F0I8KtbOKV
f6IPUSIA7XfrC6yKyzDzNyteImgT9Mm10+c+5TuqKSUDmrXUKgpPqbi89odnS5is
h4UVQeC+SO7ngrZTM26Ekfkgxt9VvQndM6HakT4GdyztuBRepixa7QRmU8uKD3vI
XLDbYY2Z1S+jK23sa44TViWbVVxTm8zy9ll5Rmtmzwa0u+uWcl6hycGHl+zfExrQ
C3A2e2f5q78aRIc5NGMXUBKfxUQGl0gcA3px0W8BhMQZyqbVzB/jATQCJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD/SIzokYm/6E85N0RQo++f3xz7KMB8GA1UdIwQY
MBaAFAaMyPV6KzwimbH0grZ+FdneQ608MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2It
MmEyODQxNmQ0NWIyLzEvUDlJak9pUmliX29UemszUkZDajc1X2ZIUHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2ItMmEyODQxNmQ0NWIy
LzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwQDwAwQB
wf7EAwQBw1/oMA0EAgACMAcDBQMqAsCAMA0GCSqGSIb3DQEBCwUAA4IBAQApQICs
/hmlxuvqERwfO/lk4IChNut8uSalKTA2Q96quS858UBRqE1XNygmhUpC+0XlDn0o
cHB10OiEhQSfuFOtZArPUBqlIyFLq261+aG0+ISyoWdM6g8Jh074OryX3Tf0gtbj
rlEIXj5fjAltk7bMFIoqjMBaPZNUT58TnWYhP9g8HUdrnbsKaGQ1gAnyFdr4E3N5
fzK2g7IhJRgEKCMeiisgnCj7ptkzhzVLo0j5I/jPlSb/OjVH82gA7lnIeBNWAf+V
dbu9fCFgJDv6jFDtIxgVlEG8XKTKG2ekG0ps3Lu0PAbzu5thhUh4IsSiO4oP+MBb
KqodQek6PbBp3v0e
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net