Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/cIkzHkYil73CUQBJR_lXOc-rvck.roa
File: cIkzHkYil73CUQBJR_lXOc-rvck.roa (raw, json)
Hash identifier: rY7DgjrJWLfJoJzDxWf7uBXP1TGyTLjuDroDK6Z0PGQ=
Subject key identifier: 70:89:33:1E:46:22:97:BD:C2:51:00:49:47:F9:57:39:CF:AB:BD:C9
Certificate issuer: /CN=0d18532baa2fd86583a263bb1fbccbc80d40d990
Certificate serial: 019427B57D9A94C48774FE7C5F3FF6879D54
Authority key identifier: 0D:18:53:2B:AA:2F:D8:65:83:A2:63:BB:1F:BC:CB:C8:0D:40:D9:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DRhTK6ov2GWDomO7H7zLyA1A2ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/cIkzHkYil73CUQBJR_lXOc-rvck.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207628
IP address blocks: 176.119.207.0/24 maxlen: 24
2a05:ed40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7d:9a:94:c4:87:74:fe:7c:5f:3f:f6:87:9d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d18532baa2fd86583a263bb1fbccbc80d40d990
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7089331e462297bdc251004947f95739cfabbdc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:11:67:61:1d:28:30:d7:b3:b1:ec:fc:f5:13:
e0:ab:98:82:c7:97:e4:2c:63:e5:1f:19:1d:56:f9:
07:16:2e:47:2a:a1:91:94:77:87:5a:7e:a6:4c:62:
12:a9:3c:a9:45:1a:a9:a0:c4:7b:d6:96:25:98:1c:
bc:19:99:3a:a0:99:4d:6f:96:f9:d5:a3:14:aa:74:
dd:fe:ad:d5:c0:b4:90:ef:46:4b:a0:2a:b3:0c:40:
20:22:7d:27:c3:e7:31:c0:ef:5e:3c:23:bd:05:ad:
be:be:01:1d:33:23:d3:ef:b0:c0:0f:a4:42:d1:b8:
04:58:60:22:25:90:76:ab:d4:e5:09:fd:cd:23:f8:
4d:b2:ca:8a:9e:d1:ac:0b:65:87:43:cf:e6:be:ba:
fd:14:09:f1:b9:c4:01:09:ec:f5:7d:df:6c:c3:fe:
d6:cf:0c:bc:ab:22:10:9d:46:89:95:a5:78:c7:cf:
b3:73:a1:d2:8a:df:33:fb:84:0b:10:77:74:22:c6:
a2:ff:a5:e2:fe:cc:89:1d:76:3a:2a:1b:b2:91:b2:
3c:9d:16:d1:90:c5:4b:41:a8:07:e5:07:b7:bc:7e:
9d:2a:53:75:26:5a:67:67:c2:d8:bc:00:11:d3:ba:
20:4b:9f:de:da:70:95:bf:61:7f:0c:e8:c4:79:9a:
66:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:89:33:1E:46:22:97:BD:C2:51:00:49:47:F9:57:39:CF:AB:BD:C9
X509v3 Authority Key Identifier:
keyid:0D:18:53:2B:AA:2F:D8:65:83:A2:63:BB:1F:BC:CB:C8:0D:40:D9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRhTK6ov2GWDomO7H7zLyA1A2ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/cIkzHkYil73CUQBJR_lXOc-rvck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b8b5bd-8adf-43ef-8abd-2b3a159ca2ef/1/DRhTK6ov2GWDomO7H7zLyA1A2ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.207.0/24
IPv6:
2a05:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
9f:6e:fb:4c:b6:89:85:dd:34:24:01:b4:d3:0a:5a:47:cf:2d:
53:c5:a3:3c:6b:55:0a:5a:cc:6a:2b:28:4c:b3:fe:03:0a:50:
43:1b:1a:3d:56:bf:2c:4c:30:43:61:d9:03:4b:27:3d:bf:26:
4a:f4:55:a3:be:ed:27:8b:5b:27:08:4d:84:12:3f:dc:ad:4e:
17:7a:31:de:3b:9a:23:e4:e2:89:6e:42:ee:92:f8:d2:b8:2a:
04:dd:47:55:f1:eb:3e:5e:48:5a:e5:36:40:64:22:04:81:aa:
6d:f7:9e:66:cf:19:e5:a1:30:d4:a2:79:35:14:3f:8d:1a:87:
59:43:42:9d:3a:9c:a0:94:90:9a:2a:ac:db:73:0e:53:6f:f0:
c7:10:46:43:5d:5f:68:07:ef:aa:d6:21:c2:8b:15:76:85:bf:
32:5e:9d:bc:76:7e:77:f1:f5:93:b9:23:76:aa:23:91:c7:69:
fe:9f:ee:2f:5e:92:02:65:2b:b8:3a:ab:8f:e8:50:8f:d1:0a:
02:c1:ad:b2:a1:0a:c4:22:79:90:24:11:61:d8:00:88:16:d0:
6d:f4:c5:d6:89:89:de:8f:03:12:e0:68:b9:57:2f:a9:cf:6c:
58:99:0a:65:d3:d4:2f:47:45:47:63:0a:97:6f:7a:81:65:f8:
fc:78:8a:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntX2alMSHdP58Xz/2h51UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMTg1MzJiYWEyZmQ4NjU4M2EyNjNiYjFmYmNjYmM4MGQ0
MGQ5OTAwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg5MzMxZTQ2MjI5N2JkYzI1MTAwNDk0N2Y5NTczOWNmYWJiZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhFnYR0oMNezsez89RPgq5iCx5fk
LGPlHxkdVvkHFi5HKqGRlHeHWn6mTGISqTypRRqpoMR71pYlmBy8GZk6oJlNb5b5
1aMUqnTd/q3VwLSQ70ZLoCqzDEAgIn0nw+cxwO9ePCO9Ba2+vgEdMyPT77DAD6RC
0bgEWGAiJZB2q9TlCf3NI/hNssqKntGsC2WHQ8/mvrr9FAnxucQBCez1fd9sw/7W
zwy8qyIQnUaJlaV4x8+zc6HSit8z+4QLEHd0Isai/6Xi/syJHXY6KhuykbI8nRbR
kMVLQagH5Qe3vH6dKlN1JlpnZ8LYvAAR07ogS5/e2nCVv2F/DOjEeZpmgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHCJMx5GIpe9wlEASUf5VznPq73JMB8GA1UdIwQY
MBaAFA0YUyuqL9hlg6Jjux+8y8gNQNmQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFJoVEs2b3YyR1dEb21PN0g3ekx5QTFBMlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iOGI1YmQtOGFkZi00M2VmLThhYmQt
MmIzYTE1OWNhMmVmLzEvY0lrekhrWWlsNzNDVVFCSlJfbFhPYy1ydmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iOGI1YmQtOGFkZi00M2VmLThhYmQtMmIzYTE1OWNhMmVm
LzEvRFJoVEs2b3YyR1dEb21PN0g3ekx5QTFBMlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsHfPMA0E
AgACMAcDBQMqBe1AMA0GCSqGSIb3DQEBCwUAA4IBAQCfbvtMtomF3TQkAbTTClpH
zy1TxaM8a1UKWsxqKyhMs/4DClBDGxo9Vr8sTDBDYdkDSyc9vyZK9FWjvu0ni1sn
CE2EEj/crU4XejHeO5oj5OKJbkLukvjSuCoE3UdV8es+Xkha5TZAZCIEgapt955m
zxnloTDUonk1FD+NGodZQ0KdOpyglJCaKqzbcw5Tb/DHEEZDXV9oB++q1iHCixV2
hb8yXp28dn538fWTuSN2qiORx2n+n+4vXpICZSu4OquP6FCP0QoCwa2yoQrEInmQ
JBFh2ACIFtBt9MXWiYnejwMS4Gi5Vy+pz2xYmQpl09QvR0VHYwqXb3qBZfj8eIod
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net