Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/qJyacpBlbWQwXSv5l4Lxk3gU7sA.roa
File: qJyacpBlbWQwXSv5l4Lxk3gU7sA.roa (raw, json)
Hash identifier: A2lDMN5zFwbdpcFJxDl5a8uW8CFGyTpmaP19LpWfeHE=
Subject key identifier: A8:9C:9A:72:90:65:6D:64:30:5D:2B:F9:97:82:F1:93:78:14:EE:C0
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 01942369160AAC81808271C2AB613DB6A734
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/qJyacpBlbWQwXSv5l4Lxk3gU7sA.roa
Signing time: Wed 01 Jan 2025 19:47:57 +0000
ROA not before: Wed 01 Jan 2025 19:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48950
IP address blocks: 104.160.4.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:16:0a:ac:81:80:82:71:c2:ab:61:3d:b6:a7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jan 1 19:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a89c9a7290656d64305d2bf99782f1937814eec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8c:c0:6d:f4:3d:11:fc:7f:bf:53:59:3b:86:
2b:56:63:10:67:29:d2:eb:8f:12:8c:a6:40:21:b2:
dc:39:26:d9:8f:a8:80:5a:36:33:60:c1:ea:70:50:
7f:3d:33:28:51:da:74:29:70:f9:89:dc:d6:c1:68:
45:ff:f7:8b:fb:9c:40:ca:fd:3a:d9:4c:fe:23:fc:
45:3f:90:2d:b2:d1:a1:c9:44:f6:6f:d7:a3:d3:92:
bf:01:19:12:75:cc:2c:c3:72:ef:bf:68:96:e4:69:
40:a5:3e:6b:d4:0b:17:92:a1:57:cc:b7:30:b9:83:
70:24:85:ea:2a:79:35:49:f2:b8:17:56:8a:07:a0:
50:b2:14:62:dd:e7:1f:37:6e:b8:53:97:cd:59:da:
44:5c:dd:69:54:63:0f:21:35:b0:39:22:79:a8:b8:
f1:14:ad:ac:2f:e1:d0:cf:4f:53:bc:88:26:eb:c2:
f6:94:de:75:f5:d9:54:18:00:b5:b6:14:a3:3a:fe:
d4:29:d7:b7:b6:87:7f:69:b5:63:aa:59:73:1c:6f:
b7:9c:35:5e:c3:d9:e8:12:53:ac:2a:c7:0d:62:6d:
3f:69:55:53:15:f4:b0:8d:47:6a:6b:ca:a3:00:08:
2e:42:37:4d:23:3b:79:d1:d2:7d:6c:80:5b:fb:19:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9C:9A:72:90:65:6D:64:30:5D:2B:F9:97:82:F1:93:78:14:EE:C0
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/qJyacpBlbWQwXSv5l4Lxk3gU7sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.160.4.0/24
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
02:59:08:7d:e2:fc:35:c0:49:83:5f:1e:eb:70:1e:73:08:fa:
18:1e:81:33:30:85:8d:b7:b4:12:15:2d:a9:1c:98:3b:66:88:
7d:79:2a:17:b7:52:5f:17:9d:ec:28:d0:dd:a4:fb:3c:a1:7b:
7d:70:9d:30:13:d7:88:2d:35:df:35:66:99:8e:90:78:5c:e8:
ad:72:90:1d:72:1b:e5:e9:80:4a:ff:ac:9b:c2:24:de:88:5a:
2c:e9:ba:67:56:14:e6:99:b7:41:0f:9d:2d:a0:94:48:c7:77:
ce:a1:ac:a3:5b:f8:ac:2d:86:f6:c2:13:20:62:64:be:6d:19:
a3:45:93:45:35:c2:83:65:63:06:40:49:61:08:e2:3c:23:a3:
14:9d:b8:7b:5b:59:c5:fe:8a:69:aa:90:7a:da:01:0b:12:ba:
a1:ae:76:92:d2:94:7e:61:c4:e1:99:90:b1:e8:53:89:30:f6:
f2:09:64:7a:3f:0e:d9:d1:af:62:12:c3:1f:09:e0:cd:ee:b3:
27:8f:45:80:bd:2e:5e:ef:76:0e:cf:f9:08:71:ae:16:6c:b4:
8e:71:0f:35:66:97:dc:d4:95:29:a3:48:2d:06:ea:a1:dd:fe:
97:24:4b:44:e5:2c:d1:04:66:67:3b:c3:d7:50:9a:ac:f1:7b:
9f:99:95:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQjaRYKrIGAgnHCq2E9tqc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwMTAxMTk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODljOWE3MjkwNjU2ZDY0MzA1ZDJiZjk5NzgyZjE5Mzc4MTRlZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxozAbfQ9Efx/v1NZO4YrVmMQZynS
648SjKZAIbLcOSbZj6iAWjYzYMHqcFB/PTMoUdp0KXD5idzWwWhF//eL+5xAyv06
2Uz+I/xFP5AtstGhyUT2b9ej05K/ARkSdcwsw3Lvv2iW5GlApT5r1AsXkqFXzLcw
uYNwJIXqKnk1SfK4F1aKB6BQshRi3ecfN264U5fNWdpEXN1pVGMPITWwOSJ5qLjx
FK2sL+HQz09TvIgm68L2lN519dlUGAC1thSjOv7UKde3tod/abVjqllzHG+3nDVe
w9noElOsKscNYm0/aVVTFfSwjUdqa8qjAAguQjdNIzt50dJ9bIBb+xmr1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKicmnKQZW1kMF0r+ZeC8ZN4FO7AMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvcUp5YWNwQmxiV1F3WFN2NWw0THhrM2dVN3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAaKAEAwQA
aKAKAwQAnt4DAwQAnt4FAwQAnt4HMA0GCSqGSIb3DQEBCwUAA4IBAQACWQh94vw1
wEmDXx7rcB5zCPoYHoEzMIWNt7QSFS2pHJg7Zoh9eSoXt1JfF53sKNDdpPs8oXt9
cJ0wE9eILTXfNWaZjpB4XOitcpAdchvl6YBK/6ybwiTeiFos6bpnVhTmmbdBD50t
oJRIx3fOoayjW/isLYb2whMgYmS+bRmjRZNFNcKDZWMGQElhCOI8I6MUnbh7W1nF
/oppqpB62gELErqhrnaS0pR+YcThmZCx6FOJMPbyCWR6Pw7Z0a9iEsMfCeDN7rMn
j0WAvS5e73YOz/kIca4WbLSOcQ81Zpfc1JUpo0gtBuqh3f6XJEtE5SzRBGZnO8PX
UJqs8XufmZV2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:25 2025 by rpki-client on console.sobornost.net