Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/8Si4NFM1aPw38WaLXshjg45ES-o.roa
File: 8Si4NFM1aPw38WaLXshjg45ES-o.roa (raw, json)
Hash identifier: UrtM0JR+sNV9ZzpQeGuDk9MuIMLeRxzIPtw2VVcogHo=
Subject key identifier: F1:28:B8:34:53:35:68:FC:37:F1:66:8B:5E:C8:63:83:8E:44:4B:EA
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B8D0D13CD652FAA2E5889368B0C69
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/8Si4NFM1aPw38WaLXshjg45ES-o.roa
Signing time: Thu 02 Jan 2025 09:49:30 +0000
ROA not before: Thu 02 Jan 2025 09:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43402
IP address blocks: 84.232.59.0/24 maxlen: 24
94.76.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8d:0d:13:cd:65:2f:aa:2e:58:89:36:8b:0c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f128b834533568fc37f1668b5ec863838e444bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3f:e5:f9:cf:00:fc:c9:c0:8c:a3:6d:2a:53:
ec:c4:69:6e:d3:f4:17:ad:10:79:51:30:4f:6c:40:
f2:71:3b:4e:89:c1:e2:cf:75:2e:c0:3a:7d:46:3d:
86:73:a5:73:6f:6e:32:4c:03:87:54:b1:8c:70:06:
48:32:46:a3:ee:e3:40:3d:be:d6:f7:1f:2f:5e:d3:
79:dd:f2:4e:1a:1e:e0:5c:91:f8:20:34:4a:f2:b2:
7b:a3:3c:9b:7e:5e:cf:4f:3d:8c:38:a7:5a:c5:51:
e9:7f:dd:5c:33:36:5d:1f:3b:f1:4f:f4:83:34:31:
c5:e1:aa:2b:6c:3e:ce:d8:a7:ca:43:60:ce:34:7e:
40:a9:94:5b:d3:f6:da:3e:b9:98:1e:01:6d:8f:9b:
fc:f8:ce:40:aa:04:4e:db:72:b2:bb:c6:93:39:f7:
79:30:60:08:55:35:fe:70:69:ad:69:3d:ae:fb:39:
03:8b:5b:d6:2c:3a:a4:1b:c9:66:6a:fb:75:d9:ff:
74:b9:0c:4a:52:f8:03:7f:04:81:8f:2d:b7:b9:fb:
c9:d2:f0:83:75:e0:47:e2:5f:ba:55:7a:81:23:00:
ba:9c:97:35:f7:ec:58:f8:48:04:40:8f:60:a8:bb:
7b:39:75:b5:e3:ca:55:7e:d0:2f:44:d2:c7:bf:91:
4c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:28:B8:34:53:35:68:FC:37:F1:66:8B:5E:C8:63:83:8E:44:4B:EA
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/8Si4NFM1aPw38WaLXshjg45ES-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.59.0/24
94.76.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:68:9d:74:69:fa:22:ee:12:b8:b5:d5:89:fe:e0:49:6f:96:
dc:40:41:39:97:be:62:a2:bf:92:d1:ba:f8:74:aa:0f:48:b0:
d7:93:bc:20:a5:14:0d:5c:92:6c:d1:86:77:c4:1a:ec:c2:cb:
fd:54:f4:fa:ee:91:7e:a3:95:ab:ea:92:34:dd:0f:b9:cf:ba:
26:a0:c7:dd:65:1b:08:9f:f4:94:7c:f4:41:70:89:9e:29:45:
70:6c:d6:5d:e5:7d:53:67:67:69:7c:5a:65:15:0b:2b:48:9a:
b0:e0:d9:25:0a:46:34:e5:2d:0f:94:4e:3e:7f:d3:62:44:61:
26:19:05:e0:37:6c:dc:32:61:2d:0b:cd:a3:16:21:a1:97:92:
af:e7:0e:47:b4:0e:bb:ff:ed:7e:42:00:d8:c6:19:71:20:08:
23:14:5d:bd:d8:38:0c:1d:62:4b:15:78:8d:31:ae:8b:c5:fc:
70:3e:fc:69:17:74:ce:da:ab:fb:21:8c:38:10:84:6b:91:8d:
cb:25:d6:81:f1:c8:d4:da:b4:a4:c3:72:0c:9e:bd:ec:a6:b3:
83:86:12:54:b6:30:0c:eb:42:56:11:d5:0b:d9:37:dd:c5:1f:
0a:2e:2a:ce:50:f2:41:54:7b:42:48:97:7c:5d:62:a3:f0:10:
0b:d4:b1:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma40NE81lL6ouWIk2iwxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI4YjgzNDUzMzU2OGZjMzdmMTY2OGI1ZWM4NjM4MzhlNDQ0YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT/l+c8A/MnAjKNtKlPsxGlu0/QX
rRB5UTBPbEDycTtOicHiz3UuwDp9Rj2Gc6Vzb24yTAOHVLGMcAZIMkaj7uNAPb7W
9x8vXtN53fJOGh7gXJH4IDRK8rJ7ozybfl7PTz2MOKdaxVHpf91cMzZdHzvxT/SD
NDHF4aorbD7O2KfKQ2DONH5AqZRb0/baPrmYHgFtj5v8+M5AqgRO23Kyu8aTOfd5
MGAIVTX+cGmtaT2u+zkDi1vWLDqkG8lmavt12f90uQxKUvgDfwSBjy23ufvJ0vCD
deBH4l+6VXqBIwC6nJc19+xY+EgEQI9gqLt7OXW148pVftAvRNLHv5FMkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPEouDRTNWj8N/Fmi17IY4OOREvqMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvOFNpNE5GTTFhUHczOFdhTFhzaGpnNDVFUy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVOg7AwQA
Xky9MA0GCSqGSIb3DQEBCwUAA4IBAQCwaJ10afoi7hK4tdWJ/uBJb5bcQEE5l75i
or+S0br4dKoPSLDXk7wgpRQNXJJs0YZ3xBrswsv9VPT67pF+o5Wr6pI03Q+5z7om
oMfdZRsIn/SUfPRBcImeKUVwbNZd5X1TZ2dpfFplFQsrSJqw4NklCkY05S0PlE4+
f9NiRGEmGQXgN2zcMmEtC82jFiGhl5Kv5w5HtA67/+1+QgDYxhlxIAgjFF292DgM
HWJLFXiNMa6LxfxwPvxpF3TO2qv7IYw4EIRrkY3LJdaB8cjU2rSkw3IMnr3sprOD
hhJUtjAM60JWEdUL2TfdxR8KLirOUPJBVHtCSJd8XWKj8BAL1LHB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net