Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/wU54z4fun2n9dhW1jQFZ_YTk2yQ.roa
File: wU54z4fun2n9dhW1jQFZ_YTk2yQ.roa (raw, json)
Hash identifier: DU49T5R+7YoJZkuw0c2yae6qHjR70t2dzMX7X38YQ80=
Subject key identifier: C1:4E:78:CF:87:EE:9F:69:FD:76:15:B5:8D:01:59:FD:84:E4:DB:24
Certificate issuer: /CN=3a839936aeeff288678e772633020fa259bd9cf2
Certificate serial: 0195289D75D507B40566C322B568062824FC
Authority key identifier: 3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/wU54z4fun2n9dhW1jQFZ_YTk2yQ.roa
Signing time: Fri 21 Feb 2025 13:06:02 +0000
ROA not before: Fri 21 Feb 2025 13:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60908
IP address blocks: 188.95.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:9d:75:d5:07:b4:05:66:c3:22:b5:68:06:28:24:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a839936aeeff288678e772633020fa259bd9cf2
Validity
Not Before: Feb 21 13:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c14e78cf87ee9f69fd7615b58d0159fd84e4db24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9a:cd:f4:e5:81:d0:38:12:cf:bb:0c:04:26:
54:03:d4:f7:db:f9:f7:0c:60:9e:4f:a6:91:f2:2c:
7d:02:b8:13:0e:bf:79:5d:38:f7:58:ec:e9:25:96:
af:7f:dd:cb:1d:60:99:d6:a1:10:6a:ab:0d:3f:1b:
9d:f4:01:94:16:8c:32:ee:53:89:96:66:de:d2:38:
cf:a3:f3:af:b3:dc:17:a1:32:a7:9c:eb:21:cc:da:
f0:16:47:e3:d6:41:0a:5e:9f:cc:48:1d:b0:2a:10:
02:af:41:cd:4d:72:2f:72:ef:1e:56:dc:c3:4b:3e:
3c:5c:49:d7:85:43:04:1c:b2:24:28:78:e5:85:c6:
bc:01:2c:0a:2e:bc:01:1b:95:30:a3:8d:0f:67:df:
2e:c7:92:4c:76:88:67:2b:43:44:82:8c:a7:fb:7d:
e4:38:72:21:ff:55:c6:2d:d6:ad:15:d4:eb:c5:18:
e9:10:10:33:21:f2:62:23:c1:77:62:ca:fc:a7:8d:
4a:36:d6:44:af:5e:f6:86:3e:06:75:56:a5:25:03:
e9:2d:1a:b1:15:48:13:5a:8e:6e:d4:62:32:c9:ac:
43:1e:ed:ac:89:fc:ba:e0:3f:d2:01:b3:3a:15:f9:
c0:48:95:3f:00:0f:b1:d1:a8:7b:8c:5f:0b:10:f9:
d9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4E:78:CF:87:EE:9F:69:FD:76:15:B5:8D:01:59:FD:84:E4:DB:24
X509v3 Authority Key Identifier:
keyid:3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/wU54z4fun2n9dhW1jQFZ_YTk2yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.68.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:13:a7:7a:9d:b4:9d:78:05:68:95:19:97:ee:c0:a6:b6:81:
57:f5:02:95:93:77:d5:22:8a:20:b3:dd:5d:05:ec:ef:79:23:
30:ff:1f:37:d1:c5:90:58:6e:53:55:1c:0a:d5:f1:61:3d:8f:
f0:8f:01:fe:11:62:26:2f:af:de:9a:57:77:6b:d3:58:49:de:
86:d6:57:29:ca:31:b7:cc:9b:75:ef:cd:a6:1b:79:a0:45:42:
cb:4b:50:ff:9b:cc:cd:3b:97:5b:22:ca:ff:ed:5b:ae:a8:91:
f7:06:8c:02:4f:35:59:d6:46:f0:04:41:a1:e6:47:b4:c1:08:
17:f4:ee:17:73:2c:77:30:7f:14:19:91:98:65:5a:54:09:54:
92:0e:d8:72:22:c5:c6:e4:b8:dc:95:b6:3f:fe:0a:80:14:f9:
3a:35:48:6e:d9:cd:b8:6b:90:27:16:fa:0a:39:a9:de:b7:12:
a5:1a:87:ef:81:2a:32:0b:87:81:47:ce:bc:6d:96:a4:88:fd:
91:35:1e:d3:7b:f1:f5:91:2d:8e:42:f8:05:74:ad:72:87:f9:
87:1f:ad:c5:28:d1:ce:ed:cd:01:7a:51:72:58:11:67:73:c7:
79:bf:07:4e:99:f3:dc:9f:0f:2d:6a:bd:29:6c:34:eb:4c:6f:
be:7f:ce:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUonXXVB7QFZsMitWgGKCT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODM5OTM2YWVlZmYyODg2NzhlNzcyNjMzMDIwZmEyNTli
ZDljZjIwHhcNMjUwMjIxMTMwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTRlNzhjZjg3ZWU5ZjY5ZmQ3NjE1YjU4ZDAxNTlmZDg0ZTRkYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZrN9OWB0DgSz7sMBCZUA9T32/n3
DGCeT6aR8ix9ArgTDr95XTj3WOzpJZavf93LHWCZ1qEQaqsNPxud9AGUFowy7lOJ
lmbe0jjPo/Ovs9wXoTKnnOshzNrwFkfj1kEKXp/MSB2wKhACr0HNTXIvcu8eVtzD
Sz48XEnXhUMEHLIkKHjlhca8ASwKLrwBG5Uwo40PZ98ux5JMdohnK0NEgoyn+33k
OHIh/1XGLdatFdTrxRjpEBAzIfJiI8F3Ysr8p41KNtZEr172hj4GdValJQPpLRqx
FUgTWo5u1GIyyaxDHu2sify64D/SAbM6FfnASJU/AA+x0ah7jF8LEPnZhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFOeM+H7p9p/XYVtY0BWf2E5NskMB8GA1UdIwQY
MBaAFDqDmTau7/KIZ453JjMCD6JZvZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQt
ODM1ZjRlMzcyODNjLzEvd1U1NHo0ZnVuMm45ZGhXMWpRRlpfWVRrMnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQtODM1ZjRlMzcyODNj
LzEvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9EMA0G
CSqGSIb3DQEBCwUAA4IBAQBOE6d6nbSdeAVolRmX7sCmtoFX9QKVk3fVIoogs91d
BezveSMw/x830cWQWG5TVRwK1fFhPY/wjwH+EWImL6/emld3a9NYSd6G1lcpyjG3
zJt1782mG3mgRULLS1D/m8zNO5dbIsr/7VuuqJH3BowCTzVZ1kbwBEGh5ke0wQgX
9O4Xcyx3MH8UGZGYZVpUCVSSDthyIsXG5LjclbY//gqAFPk6NUhu2c24a5AnFvoK
OanetxKlGofvgSoyC4eBR868bZakiP2RNR7Te/H1kS2OQvgFdK1yh/mHH63FKNHO
7c0BelFyWBFnc8d5vwdOmfPcnw8tar0pbDTrTG++f86N
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net