Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/1J3XFfkD_kgt0cIOeJk8XXDDsy8.roa
File: 1J3XFfkD_kgt0cIOeJk8XXDDsy8.roa (raw, json)
Hash identifier: AP/u0xAGOiTwGCk0a0xRx1BeOTsEHzjmgZ5lrGRtErA=
Subject key identifier: D4:9D:D7:15:F9:03:FE:48:2D:D1:C2:0E:78:99:3C:5D:70:C3:B3:2F
Certificate issuer: /CN=ec05986897d024e48c7cd25e1891c4208ff3bbb2
Certificate serial: 019424453686C24EC6DD5A1300630D8C4D38
Authority key identifier: EC:05:98:68:97:D0:24:E4:8C:7C:D2:5E:18:91:C4:20:8F:F3:BB:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7AWYaJfQJOSMfNJeGJHEII_zu7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/1J3XFfkD_kgt0cIOeJk8XXDDsy8.roa
Signing time: Wed 01 Jan 2025 23:48:23 +0000
ROA not before: Wed 01 Jan 2025 23:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35740
IP address blocks: 195.170.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:36:86:c2:4e:c6:dd:5a:13:00:63:0d:8c:4d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec05986897d024e48c7cd25e1891c4208ff3bbb2
Validity
Not Before: Jan 1 23:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d49dd715f903fe482dd1c20e78993c5d70c3b32f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ca:b2:42:d1:23:96:60:a1:b0:a8:d8:e0:06:
cf:78:55:f8:28:81:d7:b4:04:52:76:cc:24:23:b9:
1d:ad:0c:50:3b:d0:db:2c:b5:4a:da:1d:ec:33:d4:
f8:fd:1b:55:d9:7b:12:79:4a:2d:57:ff:a7:14:be:
4e:e3:50:29:37:dc:d7:da:3d:bb:72:2f:a4:9d:f4:
7e:e4:17:81:d4:e0:8c:70:fd:46:26:bf:03:f5:d9:
d2:04:59:7d:16:2f:7c:48:ca:7f:2a:35:9c:c0:46:
3f:3f:c7:6e:50:94:41:28:96:4e:27:8d:c9:6b:cf:
14:9a:ef:19:2d:1b:e1:5c:e0:5a:49:bb:5f:5b:05:
5a:82:e0:32:45:87:8e:98:0c:45:af:9f:95:47:d9:
f7:bc:a0:c2:cd:4a:dc:1a:40:ad:1a:73:f1:94:20:
aa:c7:96:5b:f2:42:b1:e7:ae:f2:b4:63:52:9a:48:
5f:82:72:3b:39:b1:78:af:db:e7:50:0a:5d:57:5a:
61:49:7e:da:34:23:52:4d:0c:81:85:94:2a:a3:74:
2b:e1:ad:2c:42:9e:32:62:08:ce:39:c4:e3:47:58:
64:1b:16:73:17:06:cb:75:19:60:b4:6e:33:ce:92:
17:c7:30:a1:6b:86:cc:6a:ce:74:d4:7c:35:6d:5d:
e2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9D:D7:15:F9:03:FE:48:2D:D1:C2:0E:78:99:3C:5D:70:C3:B3:2F
X509v3 Authority Key Identifier:
keyid:EC:05:98:68:97:D0:24:E4:8C:7C:D2:5E:18:91:C4:20:8F:F3:BB:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7AWYaJfQJOSMfNJeGJHEII_zu7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/1J3XFfkD_kgt0cIOeJk8XXDDsy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/7AWYaJfQJOSMfNJeGJHEII_zu7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.170.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:29:50:ac:0a:7f:83:76:97:77:06:bf:50:47:b3:1e:20:6d:
66:cc:4d:dc:ca:8b:bf:f2:a8:24:71:74:66:4e:46:2e:99:7b:
b2:5b:95:d5:91:23:22:fa:06:59:a8:58:8a:ce:ec:bb:b3:43:
54:39:84:0a:99:d5:a7:1a:b1:4f:32:73:d0:2c:01:85:c3:03:
c7:15:52:37:0c:75:b9:65:3f:d2:b0:54:8b:b1:3a:1b:e4:5a:
c0:81:56:e3:07:ad:73:a2:e8:90:97:92:93:96:c7:92:ee:d5:
41:5d:ad:34:06:3d:66:3c:05:a3:40:1c:de:30:54:9f:c1:ae:
9d:65:d8:7a:2e:f4:cf:6a:5e:25:09:ac:1c:12:d6:0a:eb:df:
12:ea:c3:20:e9:c6:ae:5c:47:91:ee:ad:d6:4d:d8:e8:8a:fd:
5b:27:a2:ac:31:26:b1:ec:2a:81:87:42:a3:23:ed:35:84:44:
ef:ee:a9:fa:a6:ce:da:4c:34:be:59:51:1b:5c:7c:0e:e7:98:
9d:a7:70:6e:c1:c5:4e:e2:ec:f7:b9:20:a6:5e:9a:7d:96:b7:
59:15:1f:e3:28:3b:aa:d6:f2:ff:61:82:ae:23:ee:7c:51:49:
fe:c9:4f:76:b9:e3:95:d5:a9:32:22:68:e8:ef:ec:69:56:48:
a4:a8:85:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRTaGwk7G3VoTAGMNjE04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMDU5ODY4OTdkMDI0ZTQ4YzdjZDI1ZTE4OTFjNDIwOGZm
M2JiYjIwHhcNMjUwMTAxMjM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDlkZDcxNWY5MDNmZTQ4MmRkMWMyMGU3ODk5M2M1ZDcwYzNiMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MqyQtEjlmChsKjY4AbPeFX4KIHX
tARSdswkI7kdrQxQO9DbLLVK2h3sM9T4/RtV2XsSeUotV/+nFL5O41ApN9zX2j27
ci+knfR+5BeB1OCMcP1GJr8D9dnSBFl9Fi98SMp/KjWcwEY/P8duUJRBKJZOJ43J
a88Umu8ZLRvhXOBaSbtfWwVaguAyRYeOmAxFr5+VR9n3vKDCzUrcGkCtGnPxlCCq
x5Zb8kKx567ytGNSmkhfgnI7ObF4r9vnUApdV1phSX7aNCNSTQyBhZQqo3Qr4a0s
Qp4yYgjOOcTjR1hkGxZzFwbLdRlgtG4zzpIXxzCha4bMas501Hw1bV3iuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSd1xX5A/5ILdHCDniZPF1ww7MvMB8GA1UdIwQY
MBaAFOwFmGiX0CTkjHzSXhiRxCCP87uyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0FXWWFKZlFKT1NNZk5KZUdKSEVJSV96dTdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hZDZhZjAtMDA1Zi00M2EzLWFhOWQt
NzY2ZDFmMzI0MzNjLzEvMUozWEZma0Rfa2d0MGNJT2VKazhYWEREc3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hZDZhZjAtMDA1Zi00M2EzLWFhOWQtNzY2ZDFmMzI0MzNj
LzEvN0FXWWFKZlFKT1NNZk5KZUdKSEVJSV96dTdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6qqMA0G
CSqGSIb3DQEBCwUAA4IBAQCwKVCsCn+Ddpd3Br9QR7MeIG1mzE3cyou/8qgkcXRm
TkYumXuyW5XVkSMi+gZZqFiKzuy7s0NUOYQKmdWnGrFPMnPQLAGFwwPHFVI3DHW5
ZT/SsFSLsTob5FrAgVbjB61zouiQl5KTlseS7tVBXa00Bj1mPAWjQBzeMFSfwa6d
Zdh6LvTPal4lCawcEtYK698S6sMg6cauXEeR7q3WTdjoiv1bJ6KsMSax7CqBh0Kj
I+01hETv7qn6ps7aTDS+WVEbXHwO55idp3BuwcVO4uz3uSCmXpp9lrdZFR/jKDuq
1vL/YYKuI+58UUn+yU92ueOV1akyImjo7+xpVkikqIX+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:57 2025 by rpki-client on console.sobornost.net