Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9CecUJWAhyUbD-JEeW3t7Q_bT3I.roa
File: 9CecUJWAhyUbD-JEeW3t7Q_bT3I.roa (raw, json)
Hash identifier: Ql1G0HHXMA7dM1rPg1JGzT0qhMxhyvoFIN+xbPIAbQE=
Subject key identifier: F4:27:9C:50:95:80:87:25:1B:0F:E2:44:79:6D:ED:ED:0F:DB:4F:72
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01942747A550476DFBFEC60A190DE1CE9DCA
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9CecUJWAhyUbD-JEeW3t7Q_bT3I.roa
Signing time: Thu 02 Jan 2025 13:49:54 +0000
ROA not before: Thu 02 Jan 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204650
IP address blocks: 2.188.239.0/24 maxlen: 24
2.189.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a5:50:47:6d:fb:fe:c6:0a:19:0d:e1:ce:9d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4279c50958087251b0fe244796deded0fdb4f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:9e:0c:17:c3:3c:bf:de:53:2d:79:86:f9:
0d:bf:b0:c0:c9:ea:73:f2:36:6b:3a:cf:7a:ef:0d:
a7:1a:ef:82:87:7a:14:e9:4e:e9:62:15:ff:f6:2a:
bf:b6:b9:2a:57:df:bf:8a:62:78:ad:30:eb:11:4e:
23:eb:12:ff:09:83:90:95:96:a6:40:12:29:db:da:
03:f3:bc:22:b5:d1:4f:30:e8:7b:64:de:4a:05:88:
ab:eb:a6:6b:c5:56:a3:70:34:09:52:fd:f5:79:99:
5a:10:1e:0e:ae:7f:47:17:e1:23:19:63:2d:b0:9d:
b6:d0:85:84:00:5d:0f:a6:b4:de:78:3b:b6:e2:c7:
68:e5:8b:ce:20:83:00:4b:1d:f4:6f:67:95:98:56:
d7:0e:61:91:f1:8d:70:75:96:46:53:2a:72:41:15:
ba:55:17:89:3d:64:50:06:7d:4e:ee:4a:64:41:f2:
bb:91:e5:d6:00:eb:b3:7b:5c:f9:ef:af:36:ca:38:
4b:ae:02:d9:d2:19:e1:c6:a3:db:61:23:9a:3e:d7:
05:32:21:26:ea:ae:b1:28:8c:7b:51:c2:88:3b:a8:
20:ab:ad:53:58:1f:70:cb:5d:7d:a8:2b:ec:0d:15:
9c:3a:6b:20:23:4d:2d:eb:f6:5e:a5:c2:03:2b:43:
2d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:27:9C:50:95:80:87:25:1B:0F:E2:44:79:6D:ED:ED:0F:DB:4F:72
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9CecUJWAhyUbD-JEeW3t7Q_bT3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.239.0/24
2.189.96.0/19
Signature Algorithm: sha256WithRSAEncryption
82:6c:9d:9d:08:bf:15:4f:c3:27:42:38:d5:5c:74:4e:9c:da:
1f:87:7d:17:b1:55:81:2c:76:ef:85:d6:7b:a7:07:60:a3:c3:
7f:6d:e6:bc:24:ad:fc:42:50:83:a3:df:d0:d2:27:5f:fa:0f:
66:91:00:fb:39:11:96:5b:51:3d:39:1b:cc:1f:0a:2a:f3:b9:
1b:fb:45:28:a7:94:25:89:da:06:2a:be:14:3b:0e:2c:2d:9f:
11:28:3b:99:93:eb:ce:44:1a:7c:90:4c:1f:ef:30:00:be:be:
d6:b8:0c:98:58:4b:52:6c:8a:b2:a6:32:6f:30:c0:f1:78:0a:
90:91:db:5b:07:b9:b9:84:a4:e1:7d:58:d4:5a:21:70:3b:8e:
d5:9a:7a:e0:69:18:0e:5c:c5:89:2b:8c:0a:85:44:77:73:b4:
06:34:be:26:84:a4:ff:08:2d:34:26:f9:a0:95:90:c2:25:46:
b0:13:f9:18:ad:1f:f2:3f:1a:16:09:64:5a:5a:71:5d:06:d5:
49:db:9e:88:ff:1f:81:62:20:07:f3:ed:91:6b:7e:db:c1:67:
7c:cb:28:16:9b:00:83:3c:18:16:cd:5e:b6:9e:8f:c0:3e:66:
ea:77:84:34:b4:58:d8:0a:93:4d:49:37:bf:12:5a:f7:99:10:
54:f0:b6:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR6VQR237/sYKGQ3hzp3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI3OWM1MDk1ODA4NzI1MWIwZmUyNDQ3OTZkZWRlZDBmZGI0ZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCaeDBfDPL/eUy15hvkNv7DAyepz
8jZrOs967w2nGu+Ch3oU6U7pYhX/9iq/trkqV9+/imJ4rTDrEU4j6xL/CYOQlZam
QBIp29oD87witdFPMOh7ZN5KBYir66ZrxVajcDQJUv31eZlaEB4Orn9HF+EjGWMt
sJ220IWEAF0PprTeeDu24sdo5YvOIIMASx30b2eVmFbXDmGR8Y1wdZZGUypyQRW6
VReJPWRQBn1O7kpkQfK7keXWAOuze1z57682yjhLrgLZ0hnhxqPbYSOaPtcFMiEm
6q6xKIx7UcKIO6ggq61TWB9wy119qCvsDRWcOmsgI00t6/ZepcIDK0MtTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPQnnFCVgIclGw/iRHlt7e0P209yMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvOUNlY1VKV0FoeVViRC1KRWVXM3Q3UV9iVDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAArzvAwQF
Ar1gMA0GCSqGSIb3DQEBCwUAA4IBAQCCbJ2dCL8VT8MnQjjVXHROnNofh30XsVWB
LHbvhdZ7pwdgo8N/bea8JK38QlCDo9/Q0idf+g9mkQD7ORGWW1E9ORvMHwoq87kb
+0Uop5QlidoGKr4UOw4sLZ8RKDuZk+vORBp8kEwf7zAAvr7WuAyYWEtSbIqypjJv
MMDxeAqQkdtbB7m5hKThfVjUWiFwO47VmnrgaRgOXMWJK4wKhUR3c7QGNL4mhKT/
CC00JvmglZDCJUawE/kYrR/yPxoWCWRaWnFdBtVJ256I/x+BYiAH8+2Ra37bwWd8
yygWmwCDPBgWzV62no/APmbqd4Q0tFjYCpNNSTe/Elr3mRBU8LYp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:53 2025 by rpki-client on console.sobornost.net