Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/BGlv0Nq1aORhjho_eomErpdENqs.roa
File: BGlv0Nq1aORhjho_eomErpdENqs.roa (raw, json)
Hash identifier: tJlt0s+DB+Wx1B02lbAuTeaAFj/Rwy4EK+7+WopLHuY=
Subject key identifier: 04:69:6F:D0:DA:B5:68:E4:61:8E:1A:3F:7A:89:84:AE:97:44:36:AB
Certificate issuer: /CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Certificate serial: 019426D9779A70E1480D72D7804C4CA3870A
Authority key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/BGlv0Nq1aORhjho_eomErpdENqs.roa
Signing time: Thu 02 Jan 2025 11:49:33 +0000
ROA not before: Thu 02 Jan 2025 11:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25236
IP address blocks: 147.78.117.0/24 maxlen: 24
176.111.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:77:9a:70:e1:48:0d:72:d7:80:4c:4c:a3:87:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Validity
Not Before: Jan 2 11:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04696fd0dab568e4618e1a3f7a8984ae974436ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:92:bd:79:ff:5c:67:b3:df:63:ac:4a:b2:59:
d6:3a:3d:68:b3:de:d8:21:e9:f2:d5:e3:b6:71:c8:
5b:f7:ee:1a:f9:39:3b:c5:b9:21:5b:ef:2e:66:ff:
b0:ba:f4:1a:95:d6:2c:b8:88:c2:3b:40:71:27:85:
26:ca:ce:42:9d:4b:3e:a6:39:5a:70:c9:57:a1:61:
e7:75:86:90:6a:4e:40:42:a2:65:3a:f0:8f:7f:d0:
6d:2e:01:04:9b:74:5c:20:11:3f:87:06:4b:33:8f:
2f:fc:3d:41:dd:7a:4b:0c:c5:9d:80:7b:8a:6c:cb:
3b:da:18:83:51:d5:27:23:1c:bb:f3:59:6a:a9:44:
3f:70:57:cd:af:fb:a4:94:0b:15:5d:57:76:88:41:
fc:6d:e0:ee:c0:cd:24:cf:98:86:79:7a:5f:ac:b2:
67:0e:f1:ba:5e:68:83:cb:e8:6f:17:02:8e:c6:de:
62:cb:a4:42:8a:fe:19:07:73:6e:3c:90:85:41:d1:
35:f0:c6:d9:38:8e:95:c4:5d:9b:b2:8c:74:8d:d0:
ed:a8:91:cc:2a:33:93:e8:48:a6:5e:85:35:96:2a:
37:bf:24:87:81:9e:6f:49:da:f3:f1:71:ff:34:cf:
2c:73:07:2b:29:89:34:37:38:3d:5e:63:b4:da:58:
90:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:69:6F:D0:DA:B5:68:E4:61:8E:1A:3F:7A:89:84:AE:97:44:36:AB
X509v3 Authority Key Identifier:
keyid:A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/BGlv0Nq1aORhjho_eomErpdENqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.117.0/24
176.111.50.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:75:d5:16:35:29:ef:df:ab:d4:64:ad:03:48:37:a9:d4:f8:
fb:30:d4:44:40:f1:1d:a8:8c:ff:44:09:b0:7f:a5:41:e6:fa:
5a:f9:36:de:5d:2e:a1:48:2a:0f:40:fb:f1:33:ec:bf:f5:2d:
a3:41:61:92:04:85:42:97:41:8d:64:ed:55:dd:8c:3b:21:25:
79:21:71:ba:97:c4:bc:89:9a:f3:c3:b9:78:33:4e:78:04:8c:
86:36:52:d8:44:20:0f:b8:60:d8:44:66:fd:4b:a9:ab:c3:8c:
87:d1:86:68:17:1a:bb:1a:03:2d:e6:21:81:5a:ec:d3:e5:b0:
b3:12:08:71:8e:f4:c4:ea:93:95:9a:4e:11:71:84:84:8f:a1:
a7:42:a0:b8:a0:73:9d:02:27:33:f1:cb:c2:51:80:cc:75:d6:
98:af:ae:ce:a4:c6:3c:cf:65:f6:3b:76:6e:7c:10:98:7a:c1:
f1:23:9f:85:b5:dd:2e:66:6d:fe:44:bb:d2:3f:08:bf:6e:e9:
c3:f5:3d:a5:0b:71:4d:0c:18:4d:8a:93:a0:00:90:9e:27:56:
fe:9a:0c:53:75:5a:be:67:48:4f:48:ce:90:92:7a:a2:49:17:
2a:32:90:d1:3c:05:6f:05:70:0b:91:7d:5e:fa:df:c4:95:02:
fd:63:07:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2XeacOFIDXLXgExMo4cKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Yjc4OWIzMmUxNmU5ZGQyZjcwNTEzMTE5ZGM3N2VhNjFm
ZjFlMDkwHhcNMjUwMTAyMTE0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY5NmZkMGRhYjU2OGU0NjE4ZTFhM2Y3YTg5ODRhZTk3NDQzNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5K9ef9cZ7PfY6xKslnWOj1os97Y
Ieny1eO2cchb9+4a+Tk7xbkhW+8uZv+wuvQaldYsuIjCO0BxJ4Umys5CnUs+pjla
cMlXoWHndYaQak5AQqJlOvCPf9BtLgEEm3RcIBE/hwZLM48v/D1B3XpLDMWdgHuK
bMs72hiDUdUnIxy781lqqUQ/cFfNr/uklAsVXVd2iEH8beDuwM0kz5iGeXpfrLJn
DvG6XmiDy+hvFwKOxt5iy6RCiv4ZB3NuPJCFQdE18MbZOI6VxF2bsox0jdDtqJHM
KjOT6EimXoU1lio3vySHgZ5vSdrz8XH/NM8scwcrKYk0Nzg9XmO02liQVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFARpb9DatWjkYY4aP3qJhK6XRDarMB8GA1UdIwQY
MBaAFKa3ibMuFundL3BRMRncd+ph/x4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEt
MDZjOTI5NmYwOGEyLzEvQkdsdjBOcTFhT1JoamhvX2VvbUVycGRFTnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEtMDZjOTI5NmYwOGEy
LzEvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk051AwQA
sG8yMA0GCSqGSIb3DQEBCwUAA4IBAQA+ddUWNSnv36vUZK0DSDep1Pj7MNREQPEd
qIz/RAmwf6VB5vpa+TbeXS6hSCoPQPvxM+y/9S2jQWGSBIVCl0GNZO1V3Yw7ISV5
IXG6l8S8iZrzw7l4M054BIyGNlLYRCAPuGDYRGb9S6mrw4yH0YZoFxq7GgMt5iGB
WuzT5bCzEghxjvTE6pOVmk4RcYSEj6GnQqC4oHOdAicz8cvCUYDMddaYr67OpMY8
z2X2O3ZufBCYesHxI5+Ftd0uZm3+RLvSPwi/bunD9T2lC3FNDBhNipOgAJCeJ1b+
mgxTdVq+Z0hPSM6QknqiSRcqMpDRPAVvBXALkX1e+t/ElQL9YwfU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:07 2025 by rpki-client on console.sobornost.net