Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/lBu7CwE3UJV_l_-xHUG1qoahCTQ.roa
File: lBu7CwE3UJV_l_-xHUG1qoahCTQ.roa (raw, json)
Hash identifier: fQvVs4QYMOjRdLpo5ySosD6udSmF5lBQB4/GrAlIHkM=
Subject key identifier: 94:1B:BB:0B:01:37:50:95:7F:97:FF:B1:1D:41:B5:AA:86:A1:09:34
Certificate issuer: /CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Certificate serial: 019427B6980C6D66E42E3E03FEA98A2D3179
Authority key identifier: 9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/lBu7CwE3UJV_l_-xHUG1qoahCTQ.roa
Signing time: Thu 02 Jan 2025 15:51:05 +0000
ROA not before: Thu 02 Jan 2025 15:51:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201633
IP address blocks: 193.33.156.0/24 maxlen: 24
206.225.17.0/24 maxlen: 24
2a12:d4c0:b00b::/48 maxlen: 48
2a12:d4c0:beef::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:98:0c:6d:66:e4:2e:3e:03:fe:a9:8a:2d:31:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Validity
Not Before: Jan 2 15:51:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=941bbb0b013750957f97ffb11d41b5aa86a10934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ea:37:99:09:26:0b:f9:6b:37:6a:93:aa:5b:
46:12:ce:51:21:8a:1b:a8:5a:13:9d:7a:93:0c:08:
f5:1f:64:be:41:97:41:d8:5d:86:9f:58:e1:78:e9:
d0:bf:3a:78:27:21:45:77:39:e8:c6:ed:ca:0e:86:
3f:da:47:84:d0:dd:ec:31:4e:da:72:15:55:b9:d8:
07:7d:b2:d5:3b:c1:14:43:e5:66:d7:1e:f8:78:3d:
c2:68:41:40:9c:7b:f3:3d:fb:5a:e0:92:d4:aa:0e:
5b:d4:66:ff:c7:20:cf:cd:24:7a:86:ce:b6:5c:1d:
b4:c4:16:e6:69:cb:ba:a0:96:e9:67:96:0a:cd:db:
d9:c2:e9:25:d5:f2:db:ac:f6:05:15:2b:9e:23:65:
da:b8:63:24:c9:63:65:48:2d:b6:e2:c4:4b:bc:c1:
ed:1a:9a:3f:47:19:cd:a3:38:ac:ae:ce:3a:12:cb:
f9:71:07:8c:26:60:86:11:25:d2:62:78:c4:95:93:
22:69:00:5b:19:0e:92:4a:5c:a6:d2:0f:14:2c:23:
65:7b:10:11:d7:49:92:5a:a0:5c:89:94:2b:0c:43:
4e:10:2f:a1:72:25:77:cd:7c:29:6f:32:4c:0d:f3:
6b:3e:ea:da:98:11:2c:a6:4b:e1:bc:af:af:7d:51:
79:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1B:BB:0B:01:37:50:95:7F:97:FF:B1:1D:41:B5:AA:86:A1:09:34
X509v3 Authority Key Identifier:
keyid:9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/lBu7CwE3UJV_l_-xHUG1qoahCTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/ntoJbbyNWaRCchzBadautkn1_T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.156.0/24
206.225.17.0/24
IPv6:
2a12:d4c0:b00b::/48
2a12:d4c0:beef::/48
Signature Algorithm: sha256WithRSAEncryption
68:ed:3d:e6:72:9f:59:ec:9c:36:d4:69:e4:42:cf:26:18:e2:
06:4e:be:d7:33:d0:ea:11:07:b0:d1:19:07:18:0e:43:bc:36:
0b:4c:0f:18:53:80:ed:1a:a7:6a:79:59:61:bd:7e:92:68:63:
cc:17:ec:bb:03:b0:1b:92:0e:b6:70:77:c3:80:a1:2a:3e:62:
a4:f4:99:a2:0b:a9:88:57:c5:c7:e7:33:7f:ed:49:bb:bb:db:
66:1d:21:c2:5e:e4:88:50:36:b6:fb:51:cd:b0:71:99:85:a8:
4d:ee:ff:62:0b:89:0d:95:7f:2a:58:f5:58:4f:04:a0:6a:2c:
5e:dc:78:5a:ed:57:72:ec:ff:66:e4:84:d4:45:a8:84:65:30:
10:79:02:82:2d:06:fa:37:85:16:48:ed:cd:d2:b5:55:c1:80:
3e:71:6d:0d:ce:80:c7:8f:0d:30:d4:f7:50:7e:27:84:5b:2d:
5e:b1:b0:b4:0b:cc:4d:a0:f0:57:7d:af:f1:29:b5:91:62:aa:
13:ed:0e:0a:36:76:78:1f:df:be:98:04:87:55:ca:df:f3:35:
1b:d0:69:c6:48:bb:fb:a8:f7:b7:59:a8:25:34:c7:28:89:f4:
70:0d:f3:bf:a3:04:f5:24:88:e3:d7:12:60:cc:76:92:ce:6d:
a0:af:e7:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQntpgMbWbkLj4D/qmKLTF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGEwOTZkYmM4ZDU5YTQ0MjcyMWNjMTY5ZDZhZWI2NDlm
NWZkM2YwHhcNMjUwMTAyMTU1MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFiYmIwYjAxMzc1MDk1N2Y5N2ZmYjExZDQxYjVhYTg2YTEwOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeo3mQkmC/lrN2qTqltGEs5RIYob
qFoTnXqTDAj1H2S+QZdB2F2Gn1jheOnQvzp4JyFFdznoxu3KDoY/2keE0N3sMU7a
chVVudgHfbLVO8EUQ+Vm1x74eD3CaEFAnHvzPfta4JLUqg5b1Gb/xyDPzSR6hs62
XB20xBbmacu6oJbpZ5YKzdvZwukl1fLbrPYFFSueI2XauGMkyWNlSC224sRLvMHt
Gpo/RxnNozisrs46Esv5cQeMJmCGESXSYnjElZMiaQBbGQ6SSlym0g8ULCNlexAR
10mSWqBciZQrDENOEC+hciV3zXwpbzJMDfNrPuramBEspkvhvK+vfVF5swIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJQbuwsBN1CVf5f/sR1BtaqGoQk0MB8GA1UdIwQY
MBaAFJ7aCW28jVmkQnIcwWnWrrZJ9f0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAt
YmRjNWQ2Y2IyMTQxLzEvbEJ1N0N3RTNVSlZfbF8teEhVRzFxb2FoQ1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAtYmRjNWQ2Y2IyMTQx
LzEvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwSGcAwQA
zuERMBgEAgACMBIDBwAqEtTAsAsDBwAqEtTAvu8wDQYJKoZIhvcNAQELBQADggEB
AGjtPeZyn1nsnDbUaeRCzyYY4gZOvtcz0OoRB7DRGQcYDkO8NgtMDxhTgO0ap2p5
WWG9fpJoY8wX7LsDsBuSDrZwd8OAoSo+YqT0maILqYhXxcfnM3/tSbu722YdIcJe
5IhQNrb7Uc2wcZmFqE3u/2ILiQ2VfypY9VhPBKBqLF7ceFrtV3Ls/2bkhNRFqIRl
MBB5AoItBvo3hRZI7c3StVXBgD5xbQ3OgMePDTDU91B+J4RbLV6xsLQLzE2g8Fd9
r/EptZFiqhPtDgo2dngf376YBIdVyt/zNRvQacZIu/uo97dZqCU0xyiJ9HAN87+j
BPUkiOPXEmDMdpLObaCv5+c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net