Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/tPs3GfF30oL_YN3V2-6-sgSR5vI.roa
File: tPs3GfF30oL_YN3V2-6-sgSR5vI.roa (raw, json)
Hash identifier: dKCGleVNGeQ7syDLSUJzqSgk8sblx18tc2ARIjFcsRs=
Subject key identifier: B4:FB:37:19:F1:77:D2:82:FF:60:DD:D5:DB:EE:BE:B2:04:91:E6:F2
Certificate issuer: /CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7
Certificate serial: 0195278BB6F99295C5BAD43FE4191D898B93
Authority key identifier: BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/tPs3GfF30oL_YN3V2-6-sgSR5vI.roa
Signing time: Fri 21 Feb 2025 08:07:02 +0000
ROA not before: Fri 21 Feb 2025 08:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13283
IP address blocks: 159.103.0.0/16 maxlen: 16
159.103.0.0/17 maxlen: 17
159.103.128.0/17 maxlen: 17
2a06:d581:1000::/36 maxlen: 36
2a06:d581:1000::/37 maxlen: 37
2a06:d581:1800::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:8b:b6:f9:92:95:c5:ba:d4:3f:e4:19:1d:89:8b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7
Validity
Not Before: Feb 21 08:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4fb3719f177d282ff60ddd5dbeebeb20491e6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:15:88:67:ca:26:c6:cc:e6:54:b3:e0:b5:6e:
7c:2c:a6:96:14:60:02:77:44:5c:8e:61:5e:a1:c0:
93:24:da:9f:32:af:2f:77:f5:d6:b0:cf:ee:45:8d:
62:6a:d5:d7:ce:6f:10:a2:a3:ce:91:73:4a:56:d7:
b6:7d:02:73:07:06:bf:fc:b1:7e:5c:ee:e1:80:a4:
a8:90:24:94:da:46:d2:e8:66:bf:fa:a4:af:0f:ba:
f4:5d:70:09:0a:51:ab:14:5f:f3:10:e7:12:7e:a6:
93:3f:cb:cc:42:8f:0a:90:ef:05:0a:58:e7:66:24:
8a:b5:43:fb:11:e2:ba:d0:57:dd:a0:d3:4f:52:cb:
d2:27:d1:bb:40:1c:01:3a:e6:79:a6:c2:81:e0:d6:
21:fb:11:a5:77:17:23:c9:51:25:20:3c:ef:69:68:
e6:5b:d5:75:a4:87:1a:fb:5c:bf:ac:42:2b:3b:09:
94:82:ff:1f:e5:8b:92:d8:69:73:4a:37:d5:4f:dc:
45:14:6e:d4:58:7d:00:17:9d:d6:02:f9:71:77:92:
fa:db:50:3c:a6:68:58:ce:bb:8f:05:cb:ab:73:c7:
29:d5:a3:d3:f1:55:3a:47:61:8b:50:ee:bf:ec:a4:
26:37:c8:9b:5d:d1:74:20:06:39:c7:ac:a8:25:e2:
21:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:FB:37:19:F1:77:D2:82:FF:60:DD:D5:DB:EE:BE:B2:04:91:E6:F2
X509v3 Authority Key Identifier:
keyid:BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/tPs3GfF30oL_YN3V2-6-sgSR5vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.103.0.0/16
IPv6:
2a06:d581:1000::/36
Signature Algorithm: sha256WithRSAEncryption
67:c6:37:9d:94:5d:cd:94:1a:d3:2c:82:5b:2c:24:52:6c:26:
97:11:e0:ed:cc:53:34:9d:9e:d5:c6:d6:31:1c:1f:48:03:d8:
ef:3c:e1:99:a3:9e:21:2f:50:83:d6:56:bd:a8:48:2f:65:c9:
a7:9a:60:df:43:a2:c4:cd:e3:68:29:f0:15:3e:23:a8:6f:1e:
b3:52:3e:bd:aa:e6:68:25:08:5a:44:2b:26:5d:dd:fc:1c:e7:
c4:8b:b6:b7:c6:05:a4:ca:85:ed:5b:d0:6a:10:c8:de:c2:09:
36:ce:38:ac:4e:8d:70:a1:05:db:ac:9a:b4:34:f8:23:29:f1:
ca:0d:ad:33:3b:cd:0d:a7:6c:97:8a:e2:aa:67:74:46:71:b3:
fc:36:cd:ed:fb:cf:76:e2:a5:9f:d7:7e:c5:0d:3b:12:93:09:
e6:7c:1d:83:1a:c8:f8:f3:81:bc:00:f6:ff:59:d3:fc:ed:78:
d7:89:63:46:63:7e:4a:4b:2e:cb:ed:53:6f:ec:7f:81:23:92:
fa:98:2e:01:e5:b8:e5:fc:df:0a:a0:c8:71:cb:7b:c0:b5:38:
a3:3b:bc:2b:19:4d:4a:10:53:bc:4b:7c:a0:bb:05:9c:e8:df:
5a:35:49:70:6b:c7:eb:fb:59:8b:a7:a6:bf:2d:e7:c7:2a:25:
3a:88:2d:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUni7b5kpXFutQ/5BkdiYuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTdlZDA4YjhlOWU4ZWVmNWY4M2UzY2NiMjY3NDVmOGIz
ODg1ZTcwHhcNMjUwMjIxMDgwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGZiMzcxOWYxNzdkMjgyZmY2MGRkZDVkYmVlYmViMjA0OTFlNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RWIZ8omxszmVLPgtW58LKaWFGAC
d0RcjmFeocCTJNqfMq8vd/XWsM/uRY1iatXXzm8QoqPOkXNKVte2fQJzBwa//LF+
XO7hgKSokCSU2kbS6Ga/+qSvD7r0XXAJClGrFF/zEOcSfqaTP8vMQo8KkO8FCljn
ZiSKtUP7EeK60FfdoNNPUsvSJ9G7QBwBOuZ5psKB4NYh+xGldxcjyVElIDzvaWjm
W9V1pIca+1y/rEIrOwmUgv8f5YuS2GlzSjfVT9xFFG7UWH0AF53WAvlxd5L621A8
pmhYzruPBcurc8cp1aPT8VU6R2GLUO6/7KQmN8ibXdF0IAY5x6yoJeIhvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLT7Nxnxd9KC/2Dd1dvuvrIEkebyMB8GA1UdIwQY
MBaAFLqn7Qi46eju9fg+PMsmdF+LOIXnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjct
OGE5NmYwM2JjNjE3LzEvdFBzM0dmRjMwb0xfWU4zVjItNi1zZ1NSNXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjctOGE5NmYwM2JjNjE3
LzEvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTALBAIAATAFAwMAn2cwDgQC
AAIwCAMGBCoG1YEQMA0GCSqGSIb3DQEBCwUAA4IBAQBnxjedlF3NlBrTLIJbLCRS
bCaXEeDtzFM0nZ7VxtYxHB9IA9jvPOGZo54hL1CD1la9qEgvZcmnmmDfQ6LEzeNo
KfAVPiOobx6zUj69quZoJQhaRCsmXd38HOfEi7a3xgWkyoXtW9BqEMjewgk2zjis
To1woQXbrJq0NPgjKfHKDa0zO80Np2yXiuKqZ3RGcbP8Ns3t+8924qWf137FDTsS
kwnmfB2DGsj484G8APb/WdP87XjXiWNGY35KSy7L7VNv7H+BI5L6mC4B5bjl/N8K
oMhxy3vAtTijO7wrGU1KEFO8S3yguwWc6N9aNUlwa8fr+1mLp6a/LefHKiU6iC28
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:54 2025 by rpki-client on console.sobornost.net