Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/0TAMfzKO6y7wTDVfhrp7A0vqejU.roa
File: 0TAMfzKO6y7wTDVfhrp7A0vqejU.roa (raw, json)
Hash identifier: 3Yzu9IXvscc/7fQLVXNg8nKXbm7Wf5jZKKVCSByaB5U=
Subject key identifier: D1:30:0C:7F:32:8E:EB:2E:F0:4C:35:5F:86:BA:7B:03:4B:EA:7A:35
Certificate issuer: /CN=aaca8dc0c0b921b089f1602618e4553797a74742
Certificate serial: 019522C6671AA482C18FA11037E6FC7A1E32
Authority key identifier: AA:CA:8D:C0:C0:B9:21:B0:89:F1:60:26:18:E4:55:37:97:A7:47:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/0TAMfzKO6y7wTDVfhrp7A0vqejU.roa
Signing time: Thu 20 Feb 2025 09:53:02 +0000
ROA not before: Thu 20 Feb 2025 09:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51105
IP address blocks: 194.147.252.0/24 maxlen: 24
194.147.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:c6:67:1a:a4:82:c1:8f:a1:10:37:e6:fc:7a:1e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaca8dc0c0b921b089f1602618e4553797a74742
Validity
Not Before: Feb 20 09:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1300c7f328eeb2ef04c355f86ba7b034bea7a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c8:dd:90:1e:67:08:4d:d8:6f:fa:14:d0:97:
59:51:1a:36:80:fc:4f:0f:99:fa:3d:44:3c:88:36:
a1:70:6c:0e:59:17:e3:02:17:85:31:b9:ce:3e:01:
d5:b0:3b:4e:39:14:3e:89:37:3f:08:09:6b:84:73:
1a:7c:e6:ce:af:15:6d:a1:c5:69:42:30:45:eb:40:
a5:85:0d:f1:46:76:1e:a4:c5:f0:ef:a8:b6:36:14:
66:fd:58:0b:3b:a3:61:d2:0f:d8:f8:66:27:bf:c9:
2b:77:70:ad:ca:74:d6:a7:c2:8d:5d:26:f8:c6:ae:
28:16:07:80:2f:34:0e:a2:a9:c7:8e:dd:58:9f:13:
cc:9a:b2:d7:ef:5c:6b:e3:b9:77:5c:09:81:70:ee:
dc:53:74:2b:be:f7:22:05:ca:66:48:8d:13:79:23:
3a:93:73:9f:ac:f6:9d:0d:14:7a:1d:06:86:24:23:
64:d1:ad:b0:d9:d6:c6:c4:b6:15:bf:8b:cb:ac:3e:
4c:70:3b:d2:da:4c:4d:eb:49:09:86:87:e7:0f:7e:
be:32:6e:b7:7d:85:85:f3:a2:dd:a5:14:2d:bb:18:
9e:b8:d4:d2:f2:d1:f3:bf:85:88:ac:7c:29:24:44:
55:a4:6d:4a:74:5f:a1:78:34:6e:a7:46:4f:fe:d6:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:30:0C:7F:32:8E:EB:2E:F0:4C:35:5F:86:BA:7B:03:4B:EA:7A:35
X509v3 Authority Key Identifier:
keyid:AA:CA:8D:C0:C0:B9:21:B0:89:F1:60:26:18:E4:55:37:97:A7:47:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/0TAMfzKO6y7wTDVfhrp7A0vqejU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.252.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:7a:22:ca:23:0f:8b:0c:04:c4:f0:03:e2:90:91:96:66:1c:
9c:2c:25:58:3f:87:b3:1e:38:ce:67:a6:9f:6f:c5:41:c2:b4:
ca:90:49:76:17:86:59:01:b8:d8:66:8d:c9:3d:0c:41:36:3a:
7e:b8:77:ec:e5:97:09:9a:95:62:10:10:77:b7:3b:03:63:c4:
76:74:2f:fd:d8:02:bb:de:87:06:2b:73:3f:93:ec:99:d1:26:
e9:ce:c3:c9:4f:d6:e9:b6:6e:f8:31:e7:2a:3e:e0:ad:3f:33:
b4:d2:fb:7f:c3:66:12:4c:60:2d:99:fc:eb:0d:a7:c0:ac:75:
5c:71:a0:7e:a5:cf:97:20:7a:68:ba:0f:57:0f:d5:89:53:db:
45:9a:2c:3d:91:5e:50:6e:bb:f2:ac:ab:92:8f:a7:60:ae:59:
5f:b4:b6:e7:3a:da:23:cf:a7:1c:6a:a6:b9:92:fd:a4:14:1e:
9b:9a:a5:f1:da:b9:a9:dc:f1:b9:3c:de:0a:00:7a:53:75:3c:
6e:7d:17:21:28:24:9d:b7:39:4f:f9:6a:45:03:20:be:bc:b3:
cb:e5:d5:0e:72:e2:0e:d5:71:71:f2:df:28:7b:15:eb:9f:92:
52:4c:61:61:99:d2:c8:4c:84:2f:0a:e9:9c:4c:02:a1:d3:c7:
df:25:a5:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUixmcapILBj6EQN+b8eh4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2E4ZGMwYzBiOTIxYjA4OWYxNjAyNjE4ZTQ1NTM3OTdh
NzQ3NDIwHhcNMjUwMjIwMDk1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMwMGM3ZjMyOGVlYjJlZjA0YzM1NWY4NmJhN2IwMzRiZWE3YTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sjdkB5nCE3Yb/oU0JdZURo2gPxP
D5n6PUQ8iDahcGwOWRfjAheFMbnOPgHVsDtOORQ+iTc/CAlrhHMafObOrxVtocVp
QjBF60ClhQ3xRnYepMXw76i2NhRm/VgLO6Nh0g/Y+GYnv8krd3CtynTWp8KNXSb4
xq4oFgeALzQOoqnHjt1YnxPMmrLX71xr47l3XAmBcO7cU3QrvvciBcpmSI0TeSM6
k3OfrPadDRR6HQaGJCNk0a2w2dbGxLYVv4vLrD5McDvS2kxN60kJhofnD36+Mm63
fYWF86LdpRQtuxieuNTS8tHzv4WIrHwpJERVpG1KdF+heDRup0ZP/tZmGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEwDH8yjusu8Ew1X4a6ewNL6no1MB8GA1UdIwQY
MBaAFKrKjcDAuSGwifFgJhjkVTeXp0dCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lYjMxZGItZTY1NC00OTFlLWExNDEt
OTFkNTA3MzhkMWU4LzEvMFRBTWZ6S082eTd3VERWZmhycDdBMHZxZWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lYjMxZGItZTY1NC00OTFlLWExNDEtOTFkNTA3MzhkMWU4
LzEvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpP8MA0G
CSqGSIb3DQEBCwUAA4IBAQB+eiLKIw+LDATE8APikJGWZhycLCVYP4ezHjjOZ6af
b8VBwrTKkEl2F4ZZAbjYZo3JPQxBNjp+uHfs5ZcJmpViEBB3tzsDY8R2dC/92AK7
3ocGK3M/k+yZ0SbpzsPJT9bptm74MecqPuCtPzO00vt/w2YSTGAtmfzrDafArHVc
caB+pc+XIHpoug9XD9WJU9tFmiw9kV5QbrvyrKuSj6dgrllftLbnOtojz6ccaqa5
kv2kFB6bmqXx2rmp3PG5PN4KAHpTdTxufRchKCSdtzlP+WpFAyC+vLPL5dUOcuIO
1XFx8t8oexXrn5JSTGFhmdLITIQvCumcTAKh08ffJaXH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:54 2025 by rpki-client on console.sobornost.net