Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/8l1JGPKaxK0LdzidLYE5O7KO7uc.roa
File: 8l1JGPKaxK0LdzidLYE5O7KO7uc.roa (raw, json)
Hash identifier: iLVJNEHjRSQZgufW9Xco39laNybFCSoPb4TytjD2nas=
Subject key identifier: F2:5D:49:18:F2:9A:C4:AD:0B:77:38:9D:2D:81:39:3B:B2:8E:EE:E7
Certificate issuer: /CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Certificate serial: 0194236A3A4B4A3C6AF9314752FEE5F842A4
Authority key identifier: 88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/8l1JGPKaxK0LdzidLYE5O7KO7uc.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25536
IP address blocks: 195.245.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3a:4b:4a:3c:6a:f9:31:47:52:fe:e5:f8:42:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f25d4918f29ac4ad0b77389d2d81393bb28eeee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:36:3a:6c:77:fe:fa:df:b6:53:8d:e1:ba:f0:
0b:dd:17:63:eb:3f:40:0a:20:42:a5:6e:e0:2c:bc:
04:b6:7b:f0:19:ce:83:35:a6:d8:85:63:f0:a2:f8:
2a:10:61:4c:9e:e6:7b:09:a7:74:82:e5:29:a3:aa:
d6:6b:ac:0c:a8:5c:41:95:12:61:49:07:e6:1f:17:
da:86:84:58:bd:f3:ec:ee:d6:f8:3e:7e:7f:a3:a0:
24:d9:c0:d3:ac:51:db:27:7e:aa:e6:79:b9:f3:36:
6a:89:5c:ff:11:4d:bf:3b:89:3e:97:59:8b:c2:57:
10:85:26:87:7c:aa:e0:f4:fa:42:ec:48:37:cd:df:
b7:ce:c9:e9:ef:b5:13:5a:e8:f6:c6:99:28:7a:5f:
bb:19:f3:0f:d3:95:4e:8f:01:8b:94:f7:7c:b8:ef:
5f:96:b1:f6:00:3d:a1:1d:0d:5a:e8:3b:71:0d:c6:
37:ef:a4:54:14:07:c5:23:92:a7:1a:ff:00:df:8a:
0d:9a:74:75:e5:a4:fd:5b:83:29:97:c0:78:b9:d5:
5e:35:7b:84:55:18:8e:4f:f6:0d:ee:a9:c0:21:e5:
4c:ad:00:2b:91:d9:51:7a:4e:d7:41:a0:fb:a1:d1:
ea:4d:d7:91:03:ca:2d:c7:53:14:af:fb:36:cf:fd:
3c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5D:49:18:F2:9A:C4:AD:0B:77:38:9D:2D:81:39:3B:B2:8E:EE:E7
X509v3 Authority Key Identifier:
keyid:88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/8l1JGPKaxK0LdzidLYE5O7KO7uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/iKWrZp-r5y3sLoN4R2p-kVwk7c8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:76:4e:c5:93:92:c1:1a:80:b8:de:5e:67:02:a0:d0:2c:16:
05:82:b4:7a:59:7e:6a:c1:e0:a3:a3:d1:b8:09:94:3b:0e:cd:
7c:d1:10:7e:15:b5:3b:b9:3a:79:a8:e6:3b:38:18:c6:34:d8:
53:72:87:1d:c5:98:40:8d:46:09:fd:21:12:f6:c8:f0:c4:6a:
b3:44:b1:da:6f:70:33:2f:b9:d6:9e:92:ab:f0:b9:91:2d:34:
4d:20:b4:ad:b3:2e:c7:99:48:e7:8f:9a:59:a2:39:58:5a:3c:
05:f2:b5:54:71:c5:25:59:40:00:3e:d9:60:94:38:65:82:30:
a4:a5:f7:0a:a5:5e:10:a9:0d:57:47:b7:96:af:06:60:14:99:
b7:61:e2:70:93:ff:ca:15:dd:af:8c:78:03:c9:33:af:7f:38:
34:e1:33:36:82:9f:66:54:9c:9d:40:6c:c3:35:1c:b2:33:ff:
ba:82:fd:1f:44:55:54:12:22:84:a1:6b:68:0a:2c:06:33:bf:
eb:ea:21:3e:73:e8:08:80:67:66:3d:77:d5:09:48:e2:cd:f3:
40:41:67:15:bc:72:0d:e5:dd:8d:3e:79:c8:dd:00:5c:43:c4:
62:1c:a4:0e:08:86:cd:f4:f7:86:14:6f:72:67:6f:be:bf:e9:
41:2a:27:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajpLSjxq+TFHUv7l+EKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTVhYjY2OWZhYmU3MmRlYzJlODM3ODQ3NmE3ZTkxNWMy
NGVkY2YwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVkNDkxOGYyOWFjNGFkMGI3NzM4OWQyZDgxMzkzYmIyOGVlZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDY6bHf++t+2U43huvAL3Rdj6z9A
CiBCpW7gLLwEtnvwGc6DNabYhWPwovgqEGFMnuZ7Cad0guUpo6rWa6wMqFxBlRJh
SQfmHxfahoRYvfPs7tb4Pn5/o6Ak2cDTrFHbJ36q5nm58zZqiVz/EU2/O4k+l1mL
wlcQhSaHfKrg9PpC7Eg3zd+3zsnp77UTWuj2xpkoel+7GfMP05VOjwGLlPd8uO9f
lrH2AD2hHQ1a6DtxDcY376RUFAfFI5KnGv8A34oNmnR15aT9W4Mpl8B4udVeNXuE
VRiOT/YN7qnAIeVMrQArkdlRek7XQaD7odHqTdeRA8otx1MUr/s2z/08NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJdSRjymsStC3c4nS2BOTuyju7nMB8GA1UdIwQY
MBaAFIilq2afq+ct7C6DeEdqfpFcJO3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtXclpwLXI1eTNzTG9ONFIycC1rVndrN2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82OGNkMTAtZTVjYy00ZjQ3LTg0YTkt
MTVhMDIwN2Q0NjA5LzEvOGwxSkdQS2F4SzBMZHppZExZRTVPN0tPN3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82OGNkMTAtZTVjYy00ZjQ3LTg0YTktMTVhMDIwN2Q0NjA5
LzEvaUtXclpwLXI1eTNzTG9ONFIycC1rVndrN2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XcMA0G
CSqGSIb3DQEBCwUAA4IBAQBddk7Fk5LBGoC43l5nAqDQLBYFgrR6WX5qweCjo9G4
CZQ7Ds180RB+FbU7uTp5qOY7OBjGNNhTcocdxZhAjUYJ/SES9sjwxGqzRLHab3Az
L7nWnpKr8LmRLTRNILStsy7HmUjnj5pZojlYWjwF8rVUccUlWUAAPtlglDhlgjCk
pfcKpV4QqQ1XR7eWrwZgFJm3YeJwk//KFd2vjHgDyTOvfzg04TM2gp9mVJydQGzD
NRyyM/+6gv0fRFVUEiKEoWtoCiwGM7/r6iE+c+gIgGdmPXfVCUjizfNAQWcVvHIN
5d2NPnnI3QBcQ8RiHKQOCIbN9PeGFG9yZ2++v+lBKieO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net