Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/9LD-hrLWBwUSPOko1WfMuzpukWE.roa
File: 9LD-hrLWBwUSPOko1WfMuzpukWE.roa (raw, json)
Hash identifier: IlW9fI4rY7r7GVZoUndhpUDRIk8UJ5M6N9Zdn/noO1E=
Subject key identifier: F4:B0:FE:86:B2:D6:07:05:12:3C:E9:28:D5:67:CC:BB:3A:6E:91:61
Certificate issuer: /CN=f031c2da6bb9a56c28efeec4e4df0758cc24eb26
Certificate serial: 019424B3795927B53695BCE13FD99D88501C
Authority key identifier: F0:31:C2:DA:6B:B9:A5:6C:28:EF:EE:C4:E4:DF:07:58:CC:24:EB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/9LD-hrLWBwUSPOko1WfMuzpukWE.roa
Signing time: Thu 02 Jan 2025 01:48:49 +0000
ROA not before: Thu 02 Jan 2025 01:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198320
IP address blocks: 130.255.117.0/24 maxlen: 24
130.255.118.0/24 maxlen: 24
130.255.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:79:59:27:b5:36:95:bc:e1:3f:d9:9d:88:50:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f031c2da6bb9a56c28efeec4e4df0758cc24eb26
Validity
Not Before: Jan 2 01:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4b0fe86b2d60705123ce928d567ccbb3a6e9161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4c:9e:ee:12:46:64:d3:60:97:2a:09:7b:63:
c4:32:c4:05:f9:34:5d:25:cc:6e:00:75:eb:01:10:
89:2b:75:eb:cb:72:8a:7a:87:e0:27:2f:46:24:ea:
43:ad:99:48:6b:70:4f:99:b8:27:79:63:c7:2b:bd:
86:d4:36:0e:4e:b3:16:4f:cc:66:8b:0e:15:50:35:
9e:97:76:b1:41:73:80:2c:e0:8c:b7:97:3a:74:9a:
99:13:5f:3c:c9:33:8e:ca:8f:b3:66:4e:41:ee:6d:
3d:cf:4d:10:46:24:31:f1:ca:78:9b:cc:db:e7:17:
3d:c1:23:d0:b8:a3:10:91:c3:5f:8b:ed:67:14:38:
6b:d8:29:a0:cf:7d:a2:ca:5d:5e:3d:b9:82:90:c6:
5c:cd:8a:e3:80:08:e7:23:bb:9c:cf:b9:57:8b:68:
13:0d:df:86:32:34:61:ba:87:ef:bd:ce:c3:4f:48:
b8:aa:11:13:39:07:22:9e:2b:16:64:38:f5:01:25:
6b:49:7a:d0:6b:6f:d9:f8:29:42:8e:70:4c:8d:94:
2c:c5:30:c9:60:9e:43:07:a2:a5:02:c3:92:85:66:
6b:69:ba:5d:c7:2c:a6:ae:80:fa:f5:11:4c:7f:76:
e8:3f:ef:b6:d9:68:36:2d:35:1d:f8:7b:86:eb:ec:
50:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B0:FE:86:B2:D6:07:05:12:3C:E9:28:D5:67:CC:BB:3A:6E:91:61
X509v3 Authority Key Identifier:
keyid:F0:31:C2:DA:6B:B9:A5:6C:28:EF:EE:C4:E4:DF:07:58:CC:24:EB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/9LD-hrLWBwUSPOko1WfMuzpukWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/8DHC2mu5pWwo7-7E5N8HWMwk6yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.117.0-130.255.119.255
Signature Algorithm: sha256WithRSAEncryption
4a:de:bb:a1:20:bc:3f:f5:7b:da:9f:27:71:18:04:f2:ac:58:
7f:13:7c:c3:98:69:23:ba:4f:67:3a:de:40:71:49:7a:71:05:
e1:c6:bc:f1:1d:33:75:d5:9a:d0:e2:e3:8c:71:be:29:17:6c:
00:63:98:31:4a:34:eb:42:f1:27:f9:d1:38:fe:52:21:ab:07:
3a:a9:1b:4f:3f:42:87:d6:42:35:ec:3f:8b:6e:95:b5:d1:87:
8b:74:08:d5:fe:68:c8:4e:c9:71:6d:a7:f0:bd:72:45:e6:41:
3b:3f:d4:76:7d:60:e4:3c:68:58:38:a6:0a:3e:35:0c:ca:a4:
a6:c8:41:dc:83:20:57:7b:44:99:db:61:59:74:8f:98:8d:5f:
f7:70:58:99:20:ae:d1:ee:9c:45:71:99:22:fa:c7:ba:a8:7f:
a7:73:07:9e:86:44:91:15:c7:9f:5c:85:9f:57:84:79:35:ca:
20:32:a3:6b:b6:35:b1:65:07:bd:bf:ea:56:57:64:2f:de:a3:
5a:e3:97:90:62:1f:86:1c:2e:70:78:08:75:db:93:d8:1a:52:
73:a9:9f:33:60:8e:24:e9:35:97:2a:f9:44:1c:7c:20:72:8e:
5d:b4:3b:66:7c:03:e6:b1:da:fe:47:af:31:14:ce:2b:d2:e3:
be:a1:d8:42
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQks3lZJ7U2lbzhP9mdiFAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzFjMmRhNmJiOWE1NmMyOGVmZWVjNGU0ZGYwNzU4Y2My
NGViMjYwHhcNMjUwMTAyMDE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIwZmU4NmIyZDYwNzA1MTIzY2U5MjhkNTY3Y2NiYjNhNmU5MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Uye7hJGZNNglyoJe2PEMsQF+TRd
JcxuAHXrARCJK3Xry3KKeofgJy9GJOpDrZlIa3BPmbgneWPHK72G1DYOTrMWT8xm
iw4VUDWel3axQXOALOCMt5c6dJqZE188yTOOyo+zZk5B7m09z00QRiQx8cp4m8zb
5xc9wSPQuKMQkcNfi+1nFDhr2Cmgz32iyl1ePbmCkMZczYrjgAjnI7ucz7lXi2gT
Dd+GMjRhuofvvc7DT0i4qhETOQcinisWZDj1ASVrSXrQa2/Z+ClCjnBMjZQsxTDJ
YJ5DB6KlAsOShWZrabpdxyymroD69RFMf3boP++22Wg2LTUd+HuG6+xQzwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPSw/oay1gcFEjzpKNVnzLs6bpFhMB8GA1UdIwQY
MBaAFPAxwtpruaVsKO/uxOTfB1jMJOsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERIQzJtdTVwV3dvNy03RTVOOEhXTXdrNnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kZDcwNGItYzczNS00NGRmLWE3OTYt
Zjg2MjQzYTljMmIzLzEvOUxELWhyTFdCd1VTUE9rbzFXZk11enB1a1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kZDcwNGItYzczNS00NGRmLWE3OTYtZjg2MjQzYTljMmIz
LzEvOERIQzJtdTVwV3dvNy03RTVOOEhXTXdrNnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACC/3UD
BAOC/3AwDQYJKoZIhvcNAQELBQADggEBAEreu6EgvD/1e9qfJ3EYBPKsWH8TfMOY
aSO6T2c63kBxSXpxBeHGvPEdM3XVmtDi44xxvikXbABjmDFKNOtC8Sf50Tj+UiGr
BzqpG08/QofWQjXsP4tulbXRh4t0CNX+aMhOyXFtp/C9ckXmQTs/1HZ9YOQ8aFg4
pgo+NQzKpKbIQdyDIFd7RJnbYVl0j5iNX/dwWJkgrtHunEVxmSL6x7qof6dzB56G
RJEVx59chZ9XhHk1yiAyo2u2NbFlB72/6lZXZC/eo1rjl5BiH4YcLnB4CHXbk9ga
UnOpnzNgjiTpNZcq+UQcfCByjl20O2Z8A+ax2v5HrzEUzivS476h2EI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net