Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/9qsPYE67U8LKJS5RPyzpaJjKAjw.roa
File: 9qsPYE67U8LKJS5RPyzpaJjKAjw.roa (raw, json)
Hash identifier: ate2+ga4mYDOeR+5DaCdTzRa6tHIKsrgVcrNBTn+5LQ=
Subject key identifier: F6:AB:0F:60:4E:BB:53:C2:CA:25:2E:51:3F:2C:E9:68:98:CA:02:3C
Certificate issuer: /CN=72ca456cad238830b38ecd4d267cacfa5cd5f1f1
Certificate serial: 01941F8CA6D305F27E4CF493039E8A20BA28
Authority key identifier: 72:CA:45:6C:AD:23:88:30:B3:8E:CD:4D:26:7C:AC:FA:5C:D5:F1:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cspFbK0jiDCzjs1NJnys-lzV8fE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/9qsPYE67U8LKJS5RPyzpaJjKAjw.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39146
IP address blocks: 194.26.76.0/24 maxlen: 24
194.26.77.0/24 maxlen: 24
194.26.78.0/24 maxlen: 24
194.26.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a6:d3:05:f2:7e:4c:f4:93:03:9e:8a:20:ba:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ca456cad238830b38ecd4d267cacfa5cd5f1f1
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6ab0f604ebb53c2ca252e513f2ce96898ca023c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f3:ae:79:af:25:9a:72:55:56:f1:44:00:be:
4f:91:5f:88:ce:5b:1c:d6:7c:66:f5:bd:b7:d9:7b:
a0:3f:5e:85:53:0a:92:33:92:4e:9a:f3:72:ba:ae:
4a:99:d4:3e:d0:47:c3:4e:0d:69:11:03:5a:a8:57:
b5:56:3d:cf:ba:66:6a:5a:fa:a8:23:4c:1e:8a:87:
11:fc:8d:79:8b:b3:fc:e5:17:98:45:91:28:c7:34:
ea:cf:1c:48:bd:a2:5c:94:1f:17:39:b0:91:0f:4e:
99:fa:c8:1f:44:08:49:78:10:9b:27:04:9b:32:9d:
08:ea:51:b0:54:9f:54:6f:9f:48:42:50:39:d4:9a:
56:2a:ff:9c:e3:fb:5f:d9:19:34:fd:a1:89:23:d3:
ad:a6:41:3a:fc:9e:77:dd:c6:0e:79:f8:88:0f:5c:
fe:69:46:9c:ad:4f:cc:ce:a1:25:eb:e1:98:5d:81:
89:98:43:fc:3d:3d:b1:c9:4e:94:5d:a6:e6:d9:e5:
b4:bc:46:8f:7e:cf:85:e9:60:a6:1b:fd:ce:9e:2e:
f0:db:35:1a:19:7c:4d:ba:21:ad:22:f1:a9:59:23:
2b:8b:1a:2d:a5:84:33:26:67:82:83:59:7d:30:9b:
43:3f:f9:be:7b:e0:94:e5:d8:c1:57:ea:aa:61:10:
96:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:AB:0F:60:4E:BB:53:C2:CA:25:2E:51:3F:2C:E9:68:98:CA:02:3C
X509v3 Authority Key Identifier:
keyid:72:CA:45:6C:AD:23:88:30:B3:8E:CD:4D:26:7C:AC:FA:5C:D5:F1:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cspFbK0jiDCzjs1NJnys-lzV8fE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/9qsPYE67U8LKJS5RPyzpaJjKAjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/cspFbK0jiDCzjs1NJnys-lzV8fE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.76.0/22
Signature Algorithm: sha256WithRSAEncryption
08:25:8f:ce:fb:fa:d2:e8:99:78:a5:f3:56:14:b6:ae:c9:67:
34:eb:e4:fb:56:a1:02:4b:d2:30:b2:94:b8:29:cb:c0:3e:1f:
d0:dd:83:f3:d9:b8:6d:17:80:cb:64:98:16:6a:18:99:21:0d:
40:ac:52:00:0e:f7:07:ce:85:3d:55:93:aa:78:f6:a6:0f:62:
7d:53:69:39:ff:5e:4e:d1:3e:39:97:c2:49:6c:51:03:06:3a:
08:db:d6:a4:08:b0:53:d2:df:4b:75:4f:51:76:aa:73:d8:b5:
4b:1f:fe:b3:46:82:90:d5:4c:e7:ce:ac:34:d8:04:a0:54:fa:
9b:da:af:25:00:c6:67:e6:55:b8:f5:67:72:e7:53:e1:be:03:
62:86:fa:da:85:d3:07:a2:42:b2:02:d7:cc:4d:02:d4:bb:f7:
69:19:1d:13:18:ba:0a:e4:3d:c8:cd:b8:c3:8a:50:51:fb:19:
98:7f:9d:c5:43:a4:07:30:cc:9c:78:55:f7:d7:4c:df:a9:55:
81:cf:d0:67:fa:a8:af:5a:e8:9c:f2:60:65:24:4c:a5:8b:19:
46:14:5e:00:06:74:3c:0c:e7:d5:93:f5:f2:29:83:8a:e2:3a:
3f:16:9e:b8:ac:5e:92:7c:62:96:5d:f5:ab:af:7a:95:e5:7e:
e0:59:7b:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKbTBfJ+TPSTA56KILooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2E0NTZjYWQyMzg4MzBiMzhlY2Q0ZDI2N2NhY2ZhNWNk
NWYxZjEwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmFiMGY2MDRlYmI1M2MyY2EyNTJlNTEzZjJjZTk2ODk4Y2EwMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPOuea8lmnJVVvFEAL5PkV+Izlsc
1nxm9b232XugP16FUwqSM5JOmvNyuq5KmdQ+0EfDTg1pEQNaqFe1Vj3PumZqWvqo
I0weiocR/I15i7P85ReYRZEoxzTqzxxIvaJclB8XObCRD06Z+sgfRAhJeBCbJwSb
Mp0I6lGwVJ9Ub59IQlA51JpWKv+c4/tf2Rk0/aGJI9OtpkE6/J533cYOefiID1z+
aUacrU/MzqEl6+GYXYGJmEP8PT2xyU6UXabm2eW0vEaPfs+F6WCmG/3Oni7w2zUa
GXxNuiGtIvGpWSMrixotpYQzJmeCg1l9MJtDP/m+e+CU5djBV+qqYRCWVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFParD2BOu1PCyiUuUT8s6WiYygI8MB8GA1UdIwQY
MBaAFHLKRWytI4gws47NTSZ8rPpc1fHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NwRmJLMGppREN6anMxTkpueXMtbHpWOGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NzMxZjMtYjE4MC00MDU0LThhY2It
MmNhMTNkZDFkYjYzLzEvOXFzUFlFNjdVOExLSlM1UlB5enBhSmpLQWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81NzMxZjMtYjE4MC00MDU0LThhY2ItMmNhMTNkZDFkYjYz
LzEvY3NwRmJLMGppREN6anMxTkpueXMtbHpWOGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhpMMA0G
CSqGSIb3DQEBCwUAA4IBAQAIJY/O+/rS6Jl4pfNWFLauyWc06+T7VqECS9IwspS4
KcvAPh/Q3YPz2bhtF4DLZJgWahiZIQ1ArFIADvcHzoU9VZOqePamD2J9U2k5/15O
0T45l8JJbFEDBjoI29akCLBT0t9LdU9Rdqpz2LVLH/6zRoKQ1Uznzqw02ASgVPqb
2q8lAMZn5lW49Wdy51PhvgNihvrahdMHokKyAtfMTQLUu/dpGR0TGLoK5D3IzbjD
ilBR+xmYf53FQ6QHMMyceFX310zfqVWBz9Bn+qivWuic8mBlJEylixlGFF4ABnQ8
DOfVk/XyKYOK4jo/Fp64rF6SfGKWXfWrr3qV5X7gWXvC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net