Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/qHsLN52OLV40PkdsNg1LTDhrI1k.roa
File: qHsLN52OLV40PkdsNg1LTDhrI1k.roa (raw, json)
Hash identifier: o2jlcmcZCFuQ0+N7Kss7ufNJs+2izJmB43Pkb+WDd2c=
Subject key identifier: A8:7B:0B:37:9D:8E:2D:5E:34:3E:47:6C:36:0D:4B:4C:38:6B:23:59
Certificate issuer: /CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452
Certificate serial: 019424449B4D988D8D7A19D7F5BF2AC42746
Authority key identifier: DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/qHsLN52OLV40PkdsNg1LTDhrI1k.roa
Signing time: Wed 01 Jan 2025 23:47:43 +0000
ROA not before: Wed 01 Jan 2025 23:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33843
IP address blocks: 194.11.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9b:4d:98:8d:8d:7a:19:d7:f5:bf:2a:c4:27:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452
Validity
Not Before: Jan 1 23:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a87b0b379d8e2d5e343e476c360d4b4c386b2359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a2:e5:ce:9d:22:7e:b3:b6:9a:9e:08:95:3d:
e1:2c:12:63:a0:41:2d:e5:31:4d:a1:27:09:5e:4c:
8e:5a:40:1c:ba:6f:1b:ee:e6:3b:9d:e5:e9:6a:9b:
85:10:13:fc:1c:dd:aa:5e:15:1f:63:b7:12:48:6e:
fd:aa:6d:b7:89:f3:81:b1:80:d5:46:9b:0c:05:f6:
80:f1:01:6c:ea:9a:90:f0:1c:60:a3:b4:31:4e:fd:
36:4e:f2:06:25:6a:ac:e9:46:15:48:4d:7d:b3:90:
10:99:b6:f4:57:d7:e1:4c:75:a9:b2:bb:ef:5c:87:
67:a6:a7:b8:c0:70:8a:d4:96:47:68:4a:48:1a:67:
6f:90:83:b4:e9:39:5b:51:f7:ef:6a:b0:b7:bf:04:
a4:2c:39:a4:62:c6:47:22:43:87:8f:b2:dd:6a:99:
03:d7:13:63:df:fb:7e:0d:a6:b2:75:79:76:b8:ae:
cc:cd:bf:18:b2:41:a8:20:42:aa:65:b8:67:b3:80:
8c:a0:51:4d:d7:67:ee:13:b6:4d:b8:f4:67:23:b4:
8b:a6:06:83:0e:d8:26:97:e0:89:16:08:2c:32:20:
64:74:87:3b:d9:bf:97:0e:46:91:df:a6:89:1b:62:
99:42:a6:5e:f6:fd:41:5e:1d:e2:8b:c5:72:81:da:
38:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7B:0B:37:9D:8E:2D:5E:34:3E:47:6C:36:0D:4B:4C:38:6B:23:59
X509v3 Authority Key Identifier:
keyid:DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/qHsLN52OLV40PkdsNg1LTDhrI1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.170.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f5:5e:31:40:6f:43:6d:a0:38:f7:c5:24:44:12:a6:24:f5:
76:e6:f6:77:cc:a7:fb:04:cb:84:45:d0:cf:cb:a7:83:34:4b:
0d:e5:66:52:ba:6f:80:b4:97:e8:a7:5a:e1:61:97:8b:6a:1f:
5f:61:7c:f2:f6:4d:24:68:55:5b:ae:b0:6e:b8:b8:1e:6b:c5:
bb:48:aa:da:13:67:ed:ae:f3:d6:54:7c:63:f5:06:f2:02:e4:
27:0e:e3:44:39:25:15:d0:de:aa:47:28:d1:5c:0b:75:36:02:
78:db:63:b8:e6:fb:51:1f:9f:29:3b:c3:20:85:a2:c3:df:10:
2e:23:93:fd:af:b1:f1:3c:33:71:7e:d8:d6:f3:62:9c:9e:e3:
1e:4a:e5:02:4d:63:ec:14:08:ea:e7:77:10:45:e2:6d:d0:69:
c9:38:9b:af:6d:8f:34:d0:fa:d2:dd:c4:0a:2c:a4:cc:9a:7d:
cd:f3:d4:10:e8:30:8b:bd:88:54:d2:8f:89:49:81:d9:cd:c3:
c1:94:b8:10:d0:e3:18:6e:a7:24:b1:d5:66:68:9d:1b:5f:c1:
40:59:6a:81:8f:45:dc:43:8b:ee:46:0b:ef:11:a6:28:67:f5:
13:f2:13:a6:db:b6:fa:90:de:5d:ca:87:c6:5a:0e:c7:73:d0:
8e:4d:13:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRJtNmI2NehnX9b8qxCdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNhYTlhNGZlOWQ2MGM1Y2Y4NTNhOTI0ODIyMjY5ZjFj
Yzc0NTIwHhcNMjUwMTAxMjM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODdiMGIzNzlkOGUyZDVlMzQzZTQ3NmMzNjBkNGI0YzM4NmIyMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaLlzp0ifrO2mp4IlT3hLBJjoEEt
5TFNoScJXkyOWkAcum8b7uY7neXpapuFEBP8HN2qXhUfY7cSSG79qm23ifOBsYDV
RpsMBfaA8QFs6pqQ8Bxgo7QxTv02TvIGJWqs6UYVSE19s5AQmbb0V9fhTHWpsrvv
XIdnpqe4wHCK1JZHaEpIGmdvkIO06TlbUffvarC3vwSkLDmkYsZHIkOHj7LdapkD
1xNj3/t+DaaydXl2uK7Mzb8YskGoIEKqZbhns4CMoFFN12fuE7ZNuPRnI7SLpgaD
Dtgml+CJFggsMiBkdIc72b+XDkaR36aJG2KZQqZe9v1BXh3ii8Vygdo4bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKh7Czedji1eND5HbDYNS0w4ayNZMB8GA1UdIwQY
MBaAFNwDqppP6dYMXPhTqSSCImnxzHRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjkt
MWNhNzY2ZmJlZWJhLzEvcUhzTE41Mk9MVjQwUGtkc05nMUxURGhySTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjktMWNhNzY2ZmJlZWJh
LzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwguqMA0G
CSqGSIb3DQEBCwUAA4IBAQA39V4xQG9DbaA498UkRBKmJPV25vZ3zKf7BMuERdDP
y6eDNEsN5WZSum+AtJfop1rhYZeLah9fYXzy9k0kaFVbrrBuuLgea8W7SKraE2ft
rvPWVHxj9QbyAuQnDuNEOSUV0N6qRyjRXAt1NgJ422O45vtRH58pO8MghaLD3xAu
I5P9r7HxPDNxftjW82KcnuMeSuUCTWPsFAjq53cQReJt0GnJOJuvbY800PrS3cQK
LKTMmn3N89QQ6DCLvYhU0o+JSYHZzcPBlLgQ0OMYbqcksdVmaJ0bX8FAWWqBj0Xc
Q4vuRgvvEaYoZ/UT8hOm27b6kN5dyofGWg7Hc9COTRMG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net