Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/tO945n8IOH4m4HY-IByza0kUANU.roa
File: tO945n8IOH4m4HY-IByza0kUANU.roa (raw, json)
Hash identifier: 1Y70k1PM1fySvFZtbmtzuB2FgWQvwNTM4axab3kjR2A=
Subject key identifier: B4:EF:78:E6:7F:08:38:7E:26:E0:76:3E:20:1C:B3:6B:49:14:00:D5
Certificate issuer: /CN=3fb78cd1a310c99d6377140e528aa3e6e0dcab9f
Certificate serial: 0195F5A81B05A2E119105DB11DF582427F09
Authority key identifier: 3F:B7:8C:D1:A3:10:C9:9D:63:77:14:0E:52:8A:A3:E6:E0:DC:AB:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P7eM0aMQyZ1jdxQOUoqj5uDcq58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/tO945n8IOH4m4HY-IByza0kUANU.roa
Signing time: Wed 02 Apr 2025 08:39:49 +0000
ROA not before: Wed 02 Apr 2025 08:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39803
IP address blocks: 194.102.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:a8:1b:05:a2:e1:19:10:5d:b1:1d:f5:82:42:7f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fb78cd1a310c99d6377140e528aa3e6e0dcab9f
Validity
Not Before: Apr 2 08:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4ef78e67f08387e26e0763e201cb36b491400d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ed:f0:25:4f:18:13:3d:88:ee:db:51:3e:cb:
45:a3:c6:69:90:cf:40:58:85:c9:e9:8d:de:1f:ff:
d3:ad:14:a0:9c:7b:0a:a3:27:62:08:fb:36:8c:7b:
e4:63:4f:b7:29:0d:aa:74:9a:90:5d:53:dd:0e:29:
7c:5f:78:3c:29:c6:59:81:26:46:8e:1e:dc:34:b3:
f3:fb:36:80:45:0d:c8:b9:a9:e0:5e:b4:6d:1e:15:
bc:40:fc:a2:8f:ff:69:51:39:ec:b3:f9:a1:6c:fc:
57:e2:bd:00:51:ef:d4:4e:19:9e:68:60:ec:b4:98:
53:8d:9f:35:36:55:38:24:5d:f0:c9:b7:5e:27:0e:
24:c1:11:f2:7e:6e:a3:b6:e9:7b:af:66:79:09:25:
24:cc:ac:58:d3:8a:64:b2:88:27:0a:0d:22:08:77:
9f:4c:c4:bc:c7:14:76:c2:c0:26:65:6a:fe:f3:50:
48:90:2a:3d:0a:91:f4:5b:ec:4d:0e:62:24:ef:f9:
39:79:6f:28:05:8e:58:14:99:06:b1:56:d9:aa:10:
a7:51:45:31:09:74:d9:c7:f5:da:50:a6:11:23:63:
27:55:a2:fa:ad:33:f7:e1:29:0d:dc:df:93:79:ef:
8b:ee:4f:7e:8b:38:bd:86:15:e5:0f:0b:62:03:d1:
93:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EF:78:E6:7F:08:38:7E:26:E0:76:3E:20:1C:B3:6B:49:14:00:D5
X509v3 Authority Key Identifier:
keyid:3F:B7:8C:D1:A3:10:C9:9D:63:77:14:0E:52:8A:A3:E6:E0:DC:AB:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P7eM0aMQyZ1jdxQOUoqj5uDcq58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/tO945n8IOH4m4HY-IByza0kUANU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.100.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f7:0c:bd:4c:2c:02:d8:d6:7a:db:e9:66:1f:87:58:95:26:
b6:de:2a:82:66:22:c5:95:59:c0:1f:70:b2:ee:3c:3e:2d:dc:
0d:7b:23:cc:7d:8c:89:2e:29:70:46:49:cb:48:04:96:1d:38:
b3:e1:50:6b:90:6c:17:76:98:ce:aa:a8:e1:8d:f5:bb:ce:42:
fa:81:24:f5:e1:c2:ba:c6:91:8a:61:5d:0a:0a:dd:63:7e:c4:
4a:7c:77:84:01:33:dd:99:c4:6d:a9:75:58:be:11:b0:40:e2:
c2:0b:ad:96:31:7c:da:be:92:99:81:34:d3:32:20:a5:16:fe:
ee:86:ad:f3:c2:46:54:06:cd:76:19:cc:5b:75:32:29:bd:8d:
3f:9e:67:2b:b6:1c:85:b4:f3:88:26:76:3c:82:d2:57:51:c2:
08:09:24:0d:0c:87:ae:99:98:e8:45:fb:ee:5e:1b:cf:51:ba:
25:dc:03:94:20:06:9b:0c:41:26:8d:6b:fc:3d:76:13:f2:4a:
be:05:6c:c6:50:0f:a2:2d:59:08:43:ae:e5:bf:69:11:a1:da:
64:ef:39:cd:ca:53:0e:40:44:eb:58:2c:d8:16:ca:03:92:8a:
05:a4:90:88:a9:0b:4c:ce:a2:5b:de:d3:84:d9:3f:65:75:ad:
3b:9e:85:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX1qBsFouEZEF2xHfWCQn8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYjc4Y2QxYTMxMGM5OWQ2Mzc3MTQwZTUyOGFhM2U2ZTBk
Y2FiOWYwHhcNMjUwNDAyMDgzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGVmNzhlNjdmMDgzODdlMjZlMDc2M2UyMDFjYjM2YjQ5MTQwMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu3wJU8YEz2I7ttRPstFo8ZpkM9A
WIXJ6Y3eH//TrRSgnHsKoydiCPs2jHvkY0+3KQ2qdJqQXVPdDil8X3g8KcZZgSZG
jh7cNLPz+zaARQ3IuangXrRtHhW8QPyij/9pUTnss/mhbPxX4r0AUe/UThmeaGDs
tJhTjZ81NlU4JF3wybdeJw4kwRHyfm6jtul7r2Z5CSUkzKxY04pksognCg0iCHef
TMS8xxR2wsAmZWr+81BIkCo9CpH0W+xNDmIk7/k5eW8oBY5YFJkGsVbZqhCnUUUx
CXTZx/XaUKYRI2MnVaL6rTP34SkN3N+Tee+L7k9+izi9hhXlDwtiA9GTEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTveOZ/CDh+JuB2PiAcs2tJFADVMB8GA1UdIwQY
MBaAFD+3jNGjEMmdY3cUDlKKo+bg3KufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDdlTTBhTVF5WjFqZHhRT1VvcWo1dURjcTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMjNjM2YtYWFiMy00Njg0LTgxYzct
YzU4MTUxMThlNTJmLzEvdE85NDVuOElPSDRtNEhZLUlCeXphMGtVQU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMjNjM2YtYWFiMy00Njg0LTgxYzctYzU4MTUxMThlNTJm
LzEvUDdlTTBhTVF5WjFqZHhRT1VvcWo1dURjcTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmZkMA0G
CSqGSIb3DQEBCwUAA4IBAQBe9wy9TCwC2NZ62+lmH4dYlSa23iqCZiLFlVnAH3Cy
7jw+LdwNeyPMfYyJLilwRknLSASWHTiz4VBrkGwXdpjOqqjhjfW7zkL6gST14cK6
xpGKYV0KCt1jfsRKfHeEATPdmcRtqXVYvhGwQOLCC62WMXzavpKZgTTTMiClFv7u
hq3zwkZUBs12GcxbdTIpvY0/nmcrthyFtPOIJnY8gtJXUcIICSQNDIeumZjoRfvu
XhvPUbol3AOUIAabDEEmjWv8PXYT8kq+BWzGUA+iLVkIQ67lv2kRodpk7znNylMO
QETrWCzYFsoDkooFpJCIqQtMzqJb3tOE2T9lda07noUg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net