Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/9x0cjGr7YULmSfzI3dcYG9w_06I.roa
File: 9x0cjGr7YULmSfzI3dcYG9w_06I.roa (raw, json)
Hash identifier: nZkDj/8oM/37FYrz8May17dhFjnT3DNeVQBgn2oaZf0=
Subject key identifier: F7:1D:1C:8C:6A:FB:61:42:E6:49:FC:C8:DD:D7:18:1B:DC:3F:D3:A2
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 019426D89F3ACC34AE85D67884EEAD50F17C
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/9x0cjGr7YULmSfzI3dcYG9w_06I.roa
Signing time: Thu 02 Jan 2025 11:48:38 +0000
ROA not before: Thu 02 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35616
IP address blocks: 193.23.29.0/24 maxlen: 24
2a04:9ac1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:9f:3a:cc:34:ae:85:d6:78:84:ee:ad:50:f1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f71d1c8c6afb6142e649fcc8ddd7181bdc3fd3a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e5:e8:c5:c2:03:83:00:55:6e:75:ea:fb:bd:
2b:65:71:2f:24:5b:06:8a:35:55:94:52:de:53:b1:
80:13:3a:a7:5a:e2:16:0c:ad:10:cd:f9:7d:90:85:
8f:dd:6e:93:e0:66:56:08:2a:93:10:c1:7c:03:c1:
b8:07:c3:1f:f8:fc:7f:63:e2:e6:77:f4:b9:eb:e0:
e1:f5:54:10:c9:1a:84:ad:7e:34:04:f8:20:69:b7:
85:03:49:ed:75:ea:5d:51:44:c2:a1:5d:e8:3f:e8:
ae:a0:eb:af:20:ae:49:1e:1b:b2:37:dc:e7:ce:b8:
c5:97:f7:83:ee:31:4b:f8:0c:31:61:5a:bc:ab:5e:
1b:5e:59:8b:a4:34:d3:31:4f:ae:3e:20:60:7d:34:
dc:f4:35:5f:14:67:63:98:17:e7:cd:97:d1:1a:05:
d3:6c:2b:93:57:1b:58:a7:7c:6b:34:4e:aa:79:c2:
5f:56:d9:f5:4d:3f:76:04:1e:d6:55:96:9c:74:5c:
39:d4:ce:75:c3:17:ad:c7:52:ff:5d:bb:94:00:69:
c9:70:b5:e7:4c:29:15:8b:43:65:ad:bc:4f:3a:33:
6e:5a:fb:16:7e:db:a1:9a:e7:fc:e4:93:bd:55:20:
08:21:57:f3:38:68:91:82:b8:5d:ff:b0:5d:5a:d3:
59:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1D:1C:8C:6A:FB:61:42:E6:49:FC:C8:DD:D7:18:1B:DC:3F:D3:A2
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/9x0cjGr7YULmSfzI3dcYG9w_06I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.29.0/24
IPv6:
2a04:9ac1::/32
Signature Algorithm: sha256WithRSAEncryption
78:44:68:fc:e0:0a:00:1d:2c:fc:10:df:04:ee:2f:42:9f:8c:
0c:a5:9d:a3:f5:7e:af:07:1a:47:f5:bb:41:70:20:c0:9d:fc:
8f:08:df:77:33:29:21:a9:d2:cc:1b:0c:69:1a:21:45:15:aa:
f0:ba:5d:7e:e1:16:32:e6:de:aa:ee:f9:26:5d:22:92:ac:bb:
d9:b6:41:2a:f5:59:41:20:fc:42:a6:a2:3a:a6:5d:f1:fe:e5:
dd:fd:4b:59:18:b3:3a:b6:b0:ef:ef:aa:6d:d6:ab:bf:a3:56:
e7:46:50:32:bc:9c:7b:8f:48:57:b2:fe:73:38:71:fb:84:93:
71:e2:90:ef:e1:0c:d8:0a:a0:ad:32:ef:20:4c:d8:10:69:66:
f0:ba:92:b7:44:2d:cb:be:26:59:92:e3:f4:f0:50:df:cc:17:
ca:9c:6b:96:07:43:b4:40:d1:c7:51:f1:71:8b:de:96:04:f3:
72:ea:57:4f:39:44:31:8b:c7:48:a7:14:76:e4:b6:0b:31:e5:
3d:d8:1f:ea:21:3b:2b:b6:9e:a1:3e:af:1b:5a:ce:29:f7:cd:
ca:98:18:1f:c5:72:aa:ea:3c:d8:a8:7f:fa:07:7d:a9:02:39:
da:79:82:62:9c:7f:81:61:31:c3:66:76:1e:c1:dc:09:33:cc:
37:81:6a:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2J86zDSuhdZ4hO6tUPF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjUwMTAyMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFkMWM4YzZhZmI2MTQyZTY0OWZjYzhkZGQ3MTgxYmRjM2ZkM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveXoxcIDgwBVbnXq+70rZXEvJFsG
ijVVlFLeU7GAEzqnWuIWDK0Qzfl9kIWP3W6T4GZWCCqTEMF8A8G4B8Mf+Px/Y+Lm
d/S56+Dh9VQQyRqErX40BPggabeFA0ntdepdUUTCoV3oP+iuoOuvIK5JHhuyN9zn
zrjFl/eD7jFL+AwxYVq8q14bXlmLpDTTMU+uPiBgfTTc9DVfFGdjmBfnzZfRGgXT
bCuTVxtYp3xrNE6qecJfVtn1TT92BB7WVZacdFw51M51wxetx1L/XbuUAGnJcLXn
TCkVi0NlrbxPOjNuWvsWftuhmuf85JO9VSAIIVfzOGiRgrhd/7BdWtNZDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPcdHIxq+2FC5kn8yN3XGBvcP9OiMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvOXgwY2pHcjdZVUxtU2Z6STNkY1lHOXdfMDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRcdMA0E
AgACMAcDBQAqBJrBMA0GCSqGSIb3DQEBCwUAA4IBAQB4RGj84AoAHSz8EN8E7i9C
n4wMpZ2j9X6vBxpH9btBcCDAnfyPCN93MykhqdLMGwxpGiFFFarwul1+4RYy5t6q
7vkmXSKSrLvZtkEq9VlBIPxCpqI6pl3x/uXd/UtZGLM6trDv76pt1qu/o1bnRlAy
vJx7j0hXsv5zOHH7hJNx4pDv4QzYCqCtMu8gTNgQaWbwupK3RC3LviZZkuP08FDf
zBfKnGuWB0O0QNHHUfFxi96WBPNy6ldPOUQxi8dIpxR25LYLMeU92B/qITsrtp6h
Pq8bWs4p983KmBgfxXKq6jzYqH/6B32pAjnaeYJinH+BYTHDZnYewdwJM8w3gWpv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net