Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/h3MBCKUGhHfeEGJEjBUvFcZingY.roa
File: h3MBCKUGhHfeEGJEjBUvFcZingY.roa (raw, json)
Hash identifier: Kf87fhJV7eWi54ATVvDhv4SnGp1TZLheM1w//OwPipM=
Subject key identifier: 87:73:01:08:A5:06:84:77:DE:10:62:44:8C:15:2F:15:C6:62:9E:06
Certificate issuer: /CN=e8ca70c1fc95b9b1e9dc7775455badb9214f91d0
Certificate serial: 019426D9653CC7BEB65FFF64A23F82897C83
Authority key identifier: E8:CA:70:C1:FC:95:B9:B1:E9:DC:77:75:45:5B:AD:B9:21:4F:91:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6MpwwfyVubHp3Hd1RVutuSFPkdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/h3MBCKUGhHfeEGJEjBUvFcZingY.roa
Signing time: Thu 02 Jan 2025 11:49:28 +0000
ROA not before: Thu 02 Jan 2025 11:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9136
IP address blocks: 194.39.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:65:3c:c7:be:b6:5f:ff:64:a2:3f:82:89:7c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8ca70c1fc95b9b1e9dc7775455badb9214f91d0
Validity
Not Before: Jan 2 11:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87730108a5068477de1062448c152f15c6629e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e6:6e:6d:24:ea:c3:81:84:4a:46:54:39:83:
93:72:33:e9:97:78:c7:94:19:87:24:51:dc:7b:0a:
fb:da:80:35:67:e4:e8:69:18:ca:8b:fa:57:23:f2:
1b:21:78:f6:1e:a4:28:cd:a3:f0:68:fd:42:57:fb:
0b:8f:88:f1:22:44:3a:db:18:a0:27:26:e4:5b:fe:
8b:ef:81:af:13:7d:e8:c0:0a:b4:56:61:44:57:79:
b2:0b:3a:10:e9:c9:46:2e:cb:55:fb:34:b4:a0:79:
a8:ab:51:43:93:44:80:e5:7b:13:b1:65:0c:45:a9:
f5:63:d1:0e:56:9c:9e:cf:db:d4:29:c3:57:84:c9:
cd:b1:fb:36:2e:16:1e:dc:e7:4e:ce:21:c4:7a:db:
ef:21:2b:f4:4e:7a:83:de:81:03:fa:eb:dc:8e:26:
4b:4d:b8:bb:c9:a7:96:dd:a5:97:80:17:17:2f:ac:
cc:40:0b:05:db:26:49:33:6c:56:2d:5d:27:57:06:
0b:83:78:ec:db:9d:20:95:73:12:bc:1b:26:5b:06:
42:74:a3:90:1e:aa:d0:b1:c6:40:99:29:97:cc:b7:
52:fe:07:07:96:e0:1f:16:e5:65:31:96:f2:54:9c:
ee:a4:72:a2:48:9e:12:0b:16:55:15:07:a8:2e:95:
10:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:73:01:08:A5:06:84:77:DE:10:62:44:8C:15:2F:15:C6:62:9E:06
X509v3 Authority Key Identifier:
keyid:E8:CA:70:C1:FC:95:B9:B1:E9:DC:77:75:45:5B:AD:B9:21:4F:91:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MpwwfyVubHp3Hd1RVutuSFPkdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/h3MBCKUGhHfeEGJEjBUvFcZingY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5fb9fe-ddc7-4432-a4a3-16d9f7d074f3/1/6MpwwfyVubHp3Hd1RVutuSFPkdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.104.0/22
Signature Algorithm: sha256WithRSAEncryption
51:24:ae:a6:cd:c2:5d:b5:f8:e0:5a:98:ce:80:b7:4d:c6:e0:
c3:3d:ff:65:05:92:c3:8b:45:25:6e:ad:f2:cb:bd:9c:9c:e7:
8b:1e:5b:d7:75:30:8c:7f:fa:10:3a:a6:a8:8e:50:e1:b6:a9:
9b:30:55:02:56:58:9e:2e:d4:b1:91:f7:ce:b8:a7:fd:dd:fd:
14:db:df:e3:bf:6f:2a:4e:d8:8e:bf:aa:83:d4:99:cc:4b:a9:
70:f6:00:b5:ef:89:d8:51:ba:26:1e:41:b6:07:c5:e2:c3:5a:
d6:5e:d0:72:2e:3c:35:db:ed:99:dd:ed:51:5f:48:60:7e:98:
4c:83:3a:5b:b2:c1:fc:8f:e4:fc:35:01:29:f3:6e:e3:79:c1:
ec:b9:56:85:eb:48:8f:5e:56:2f:5b:0d:84:a2:de:4c:f6:a7:
99:8e:80:14:58:a9:80:a3:f7:a5:bb:26:1d:67:40:ee:95:fc:
3f:04:06:b3:38:5e:04:83:e1:cd:be:38:d4:67:a0:94:91:5c:
e9:8d:eb:d5:da:ec:37:66:d8:1d:e8:fa:83:e8:f3:7f:c3:8c:
21:d5:f6:ac:cd:25:8e:3c:b3:cd:47:20:5c:1c:82:bb:c4:2b:
f7:02:1f:9a:92:55:1e:32:d0:de:88:b6:f3:d5:34:d8:19:49:
c6:e4:c2:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2WU8x762X/9koj+CiXyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Y2E3MGMxZmM5NWI5YjFlOWRjNzc3NTQ1NWJhZGI5MjE0
ZjkxZDAwHhcNMjUwMTAyMTE0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzczMDEwOGE1MDY4NDc3ZGUxMDYyNDQ4YzE1MmYxNWM2NjI5ZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieZubSTqw4GESkZUOYOTcjPpl3jH
lBmHJFHcewr72oA1Z+ToaRjKi/pXI/IbIXj2HqQozaPwaP1CV/sLj4jxIkQ62xig
JybkW/6L74GvE33owAq0VmFEV3myCzoQ6clGLstV+zS0oHmoq1FDk0SA5XsTsWUM
Ran1Y9EOVpyez9vUKcNXhMnNsfs2LhYe3OdOziHEetvvISv0TnqD3oED+uvcjiZL
Tbi7yaeW3aWXgBcXL6zMQAsF2yZJM2xWLV0nVwYLg3js250glXMSvBsmWwZCdKOQ
HqrQscZAmSmXzLdS/gcHluAfFuVlMZbyVJzupHKiSJ4SCxZVFQeoLpUQwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdzAQilBoR33hBiRIwVLxXGYp4GMB8GA1UdIwQY
MBaAFOjKcMH8lbmx6dx3dUVbrbkhT5HQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1wd3dmeVZ1YkhwM0hkMVJWdXR1U0ZQa2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81ZmI5ZmUtZGRjNy00NDMyLWE0YTMt
MTZkOWY3ZDA3NGYzLzEvaDNNQkNLVUdoSGZlRUdKRWpCVXZGY1ppbmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81ZmI5ZmUtZGRjNy00NDMyLWE0YTMtMTZkOWY3ZDA3NGYz
LzEvNk1wd3dmeVZ1YkhwM0hkMVJWdXR1U0ZQa2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwidoMA0G
CSqGSIb3DQEBCwUAA4IBAQBRJK6mzcJdtfjgWpjOgLdNxuDDPf9lBZLDi0Ulbq3y
y72cnOeLHlvXdTCMf/oQOqaojlDhtqmbMFUCVlieLtSxkffOuKf93f0U29/jv28q
TtiOv6qD1JnMS6lw9gC174nYUbomHkG2B8Xiw1rWXtByLjw12+2Z3e1RX0hgfphM
gzpbssH8j+T8NQEp827jecHsuVaF60iPXlYvWw2Eot5M9qeZjoAUWKmAo/eluyYd
Z0Dulfw/BAazOF4Eg+HNvjjUZ6CUkVzpjevV2uw3Ztgd6PqD6PN/w4wh1faszSWO
PLPNRyBcHIK7xCv3Ah+aklUeMtDeiLbz1TTYGUnG5MIm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net