Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/8qr5TNtGc99EM-QMiEzlHX-eukY.roa
File: 8qr5TNtGc99EM-QMiEzlHX-eukY.roa (raw, json)
Hash identifier: dcTHPs/n6VDmLIgcktF37rlPg3cwpYptx2bPoNDPRlM=
Subject key identifier: F2:AA:F9:4C:DB:46:73:DF:44:33:E4:0C:88:4C:E5:1D:7F:9E:BA:46
Certificate issuer: /CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Certificate serial: 01942369D54C8841916AAC38235C048DEE3F
Authority key identifier: 90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/8qr5TNtGc99EM-QMiEzlHX-eukY.roa
Signing time: Wed 01 Jan 2025 19:48:45 +0000
ROA not before: Wed 01 Jan 2025 19:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31431
IP address blocks: 195.128.228.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d5:4c:88:41:91:6a:ac:38:23:5c:04:8d:ee:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Validity
Not Before: Jan 1 19:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2aaf94cdb4673df4433e40c884ce51d7f9eba46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:26:a5:4a:ec:23:bc:7e:55:0f:5a:41:83:28:
e0:42:74:06:0b:fc:77:93:a3:d3:c1:a8:3a:5d:22:
b4:ee:0c:2d:14:a4:c1:77:97:5c:9c:db:7a:2b:a3:
e3:16:29:2b:29:a4:8b:0c:7a:a2:81:ed:47:0d:80:
f4:92:e0:b7:9a:e7:68:89:be:1c:a4:c7:f7:3b:23:
31:80:f9:1a:24:2d:2f:c0:a9:d6:d8:d1:8a:3d:53:
b4:c0:4e:15:a4:34:a4:b8:eb:fa:5b:75:99:33:1c:
e6:eb:69:b3:ed:d6:72:60:88:e0:d5:25:32:07:62:
0e:f6:d2:40:a1:26:ff:2d:b5:30:16:dc:2b:26:26:
ce:87:be:5e:a1:bd:4c:6e:79:20:9b:85:d5:ca:33:
27:44:29:87:12:64:fb:cb:ad:6e:b6:50:0e:9d:94:
51:e0:a1:da:58:bb:7b:ab:12:1f:0d:8c:c4:c5:d8:
a8:29:48:09:16:7b:4d:0d:c2:95:1a:0e:b9:95:b4:
fc:91:77:fa:3b:c5:28:57:63:fc:1f:ca:2f:40:98:
e6:e8:0d:cc:71:f5:6b:8a:fa:14:11:21:66:27:2f:
0e:43:5e:8d:39:12:2a:85:1f:eb:b2:a0:a3:6c:75:
85:ce:a4:98:bb:49:e2:ff:b6:8c:74:16:3c:d5:f4:
bf:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:F9:4C:DB:46:73:DF:44:33:E4:0C:88:4C:E5:1D:7F:9E:BA:46
X509v3 Authority Key Identifier:
keyid:90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/8qr5TNtGc99EM-QMiEzlHX-eukY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.228.0/23
Signature Algorithm: sha256WithRSAEncryption
23:c3:c6:9e:c6:f5:21:3b:fc:8b:22:ea:64:2c:ad:cd:46:70:
67:fa:1e:ff:55:46:81:b0:63:71:e4:74:7d:02:02:d6:8c:07:
82:af:01:81:9b:b0:50:f4:d6:c5:2e:d8:24:ac:6c:85:6e:55:
5c:e6:96:6d:73:6a:d5:b4:36:1f:4d:b5:51:f8:1d:1b:86:44:
c5:6d:eb:49:b7:08:80:53:33:31:a1:e7:63:b1:eb:e3:3f:86:
46:76:67:b3:da:86:af:60:ee:0d:f4:d9:84:c4:80:05:02:c5:
07:b7:8d:9e:97:a6:54:7d:4e:f1:f7:8f:db:1a:2f:5c:23:2d:
7b:b1:3f:8c:db:3f:b4:e1:63:26:26:b7:a9:39:37:da:ba:c5:
99:dc:60:36:55:b7:9a:98:a8:29:c1:2f:17:5c:42:88:77:b2:
84:dd:94:1a:56:52:d6:de:37:10:d4:4d:e9:37:e8:16:83:fa:
b2:08:5a:2f:44:26:c2:a4:11:a3:a3:d7:c3:6b:a9:3f:2e:dd:
96:a3:1b:f9:6d:b8:c4:bc:24:57:a7:9c:3b:d4:92:9d:9a:03:
5c:68:b1:67:5c:20:18:7a:d0:44:95:ce:77:4d:b6:9d:b3:9e:
b1:3f:40:2f:3c:5a:9e:0a:0f:65:24:a5:16:21:28:3e:63:6d:
3d:a4:60:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjadVMiEGRaqw4I1wEje4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDNlNTM3MWI2NGFiOTQyZDZkY2JhMDRhZGZmMmFlN2Fi
N2M3MTIwHhcNMjUwMTAxMTk0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhZjk0Y2RiNDY3M2RmNDQzM2U0MGM4ODRjZTUxZDdmOWViYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqialSuwjvH5VD1pBgyjgQnQGC/x3
k6PTwag6XSK07gwtFKTBd5dcnNt6K6PjFikrKaSLDHqige1HDYD0kuC3mudoib4c
pMf3OyMxgPkaJC0vwKnW2NGKPVO0wE4VpDSkuOv6W3WZMxzm62mz7dZyYIjg1SUy
B2IO9tJAoSb/LbUwFtwrJibOh75eob1Mbnkgm4XVyjMnRCmHEmT7y61utlAOnZRR
4KHaWLt7qxIfDYzExdioKUgJFntNDcKVGg65lbT8kXf6O8UoV2P8H8ovQJjm6A3M
cfVrivoUESFmJy8OQ16NORIqhR/rsqCjbHWFzqSYu0ni/7aMdBY81fS/YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKq+UzbRnPfRDPkDIhM5R1/nrpGMB8GA1UdIwQY
MBaAFJDT5TcbZKuULW3LoErf8q56t8cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTIt
YTE3ODgyYjkyNmEwLzEvOHFyNVROdEdjOTlFTS1RTWlFemxIWC1ldWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTItYTE3ODgyYjkyNmEw
LzEva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4DkMA0G
CSqGSIb3DQEBCwUAA4IBAQAjw8aexvUhO/yLIupkLK3NRnBn+h7/VUaBsGNx5HR9
AgLWjAeCrwGBm7BQ9NbFLtgkrGyFblVc5pZtc2rVtDYfTbVR+B0bhkTFbetJtwiA
UzMxoedjsevjP4ZGdmez2oavYO4N9NmExIAFAsUHt42el6ZUfU7x94/bGi9cIy17
sT+M2z+04WMmJrepOTfausWZ3GA2VbeamKgpwS8XXEKId7KE3ZQaVlLW3jcQ1E3p
N+gWg/qyCFovRCbCpBGjo9fDa6k/Lt2Woxv5bbjEvCRXp5w71JKdmgNcaLFnXCAY
etBElc53Tbads56xP0AvPFqeCg9lJKUWISg+Y209pGBm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:12 2025 by rpki-client on console.sobornost.net