Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/ifGa29cDfCtmHluYzDCGArXBHSE.roa
File: ifGa29cDfCtmHluYzDCGArXBHSE.roa (raw, json)
Hash identifier: SagmwRWK2BwuwUrS3xLYWQnMEp8bHt5W3ObsAvGOP+A=
Subject key identifier: 89:F1:9A:DB:D7:03:7C:2B:66:1E:5B:98:CC:30:86:02:B5:C1:1D:21
Certificate issuer: /CN=8e622a34c55e39b8fa15a37ba9e370eaafd99774
Certificate serial: 01941FFA0DA9E7D95D47E3A17A7677EB3EC1
Authority key identifier: 8E:62:2A:34:C5:5E:39:B8:FA:15:A3:7B:A9:E3:70:EA:AF:D9:97:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmIqNMVeObj6FaN7qeNw6q_Zl3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/ifGa29cDfCtmHluYzDCGArXBHSE.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198033
IP address blocks: 195.190.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0d:a9:e7:d9:5d:47:e3:a1:7a:76:77:eb:3e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e622a34c55e39b8fa15a37ba9e370eaafd99774
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89f19adbd7037c2b661e5b98cc308602b5c11d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:4d:c1:fe:c6:43:63:b2:07:0d:20:e5:62:
dc:32:bc:59:b9:64:a2:da:9e:af:ee:5e:29:00:f4:
db:7b:98:e9:73:aa:e0:b8:0f:a1:92:28:2a:39:7d:
c1:a8:3f:30:57:35:2b:10:91:39:31:dc:f5:97:3a:
c7:3c:98:fa:96:3a:95:ef:09:26:2c:15:1b:06:48:
23:4f:f8:ca:5e:ce:20:4a:be:b0:a0:37:fb:3f:96:
95:85:be:21:12:49:92:6d:0d:00:16:46:db:e6:4c:
49:04:df:33:ee:43:b6:61:f8:ac:83:8a:7f:10:8c:
fc:74:b0:e8:70:e0:f7:fd:db:7e:be:9c:72:51:ec:
ca:34:33:17:55:78:09:e4:0f:4d:ef:58:2e:fc:1a:
2f:34:03:24:33:4a:12:16:c0:c9:fb:c7:2b:10:16:
26:dd:99:5c:c5:e5:62:93:50:b0:71:ab:5d:5c:97:
78:af:21:7e:4a:da:6a:6b:82:1a:a4:62:53:d1:60:
44:24:f6:7b:3c:c3:cb:97:dd:97:8b:77:46:f5:2f:
93:81:e4:cf:25:8c:47:43:d8:63:17:06:78:ca:57:
e0:d7:ed:cd:62:50:5a:17:35:da:9d:b3:fd:75:38:
30:b1:db:f2:88:b7:74:01:cb:53:32:71:49:7e:d7:
cc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F1:9A:DB:D7:03:7C:2B:66:1E:5B:98:CC:30:86:02:B5:C1:1D:21
X509v3 Authority Key Identifier:
keyid:8E:62:2A:34:C5:5E:39:B8:FA:15:A3:7B:A9:E3:70:EA:AF:D9:97:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmIqNMVeObj6FaN7qeNw6q_Zl3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/ifGa29cDfCtmHluYzDCGArXBHSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/jmIqNMVeObj6FaN7qeNw6q_Zl3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.152.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:2b:23:ce:e6:45:52:fc:64:30:33:8b:85:a1:f0:26:59:5c:
58:ea:a6:79:1e:c0:c0:d3:36:75:20:fa:67:1e:db:03:9d:aa:
63:b1:cb:35:43:e9:65:67:79:54:20:50:67:4a:73:8b:a3:7f:
79:51:22:a8:34:59:de:6d:10:6c:0c:33:29:2b:c0:94:9d:47:
07:fc:84:a7:ac:fd:73:29:60:bd:70:87:aa:c8:aa:0f:5a:d0:
71:6c:c6:35:f0:57:55:5b:d7:b9:1e:c4:d0:cc:fb:56:83:8d:
27:97:ad:63:b0:16:8a:5d:be:6d:18:2b:2c:d3:71:b3:e8:14:
f2:b1:e3:a4:41:bb:24:25:21:c9:aa:0f:20:02:8a:64:f0:49:
b9:d7:8c:74:71:39:5b:50:db:9a:31:61:36:45:04:b8:63:ae:
69:3d:d4:46:63:96:b5:db:21:5c:71:13:48:66:36:ef:c5:dc:
10:35:ee:82:91:85:23:4b:4c:fe:3f:db:69:b3:70:3f:b3:35:
d1:2e:8e:03:6e:b6:43:71:53:31:97:86:e0:be:4a:00:63:20:
d1:ad:a7:8f:01:e6:bd:22:46:e8:05:cb:05:43:a1:ff:2a:7a:
5f:f9:54:25:4a:6e:82:24:fe:dd:cd:f2:a2:70:9b:12:93:2d:
a9:61:b1:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+g2p59ldR+OhenZ36z7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjIyYTM0YzU1ZTM5YjhmYTE1YTM3YmE5ZTM3MGVhYWZk
OTk3NzQwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWYxOWFkYmQ3MDM3YzJiNjYxZTViOThjYzMwODYwMmI1YzExZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLZNwf7GQ2OyBw0g5WLcMrxZuWSi
2p6v7l4pAPTbe5jpc6rguA+hkigqOX3BqD8wVzUrEJE5Mdz1lzrHPJj6ljqV7wkm
LBUbBkgjT/jKXs4gSr6woDf7P5aVhb4hEkmSbQ0AFkbb5kxJBN8z7kO2Yfisg4p/
EIz8dLDocOD3/dt+vpxyUezKNDMXVXgJ5A9N71gu/BovNAMkM0oSFsDJ+8crEBYm
3ZlcxeVik1CwcatdXJd4ryF+Stpqa4IapGJT0WBEJPZ7PMPLl92Xi3dG9S+TgeTP
JYxHQ9hjFwZ4ylfg1+3NYlBaFzXanbP9dTgwsdvyiLd0ActTMnFJftfMuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInxmtvXA3wrZh5bmMwwhgK1wR0hMB8GA1UdIwQY
MBaAFI5iKjTFXjm4+hWje6njcOqv2Zd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1JcU5NVmVPYmo2RmFON3FlTnc2cV9abDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84MmNiM2UtODE5OS00OTE3LWExNzYt
ZTUwZTFlOWJiNGIzLzEvaWZHYTI5Y0RmQ3RtSGx1WXpEQ0dBclhCSFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84MmNiM2UtODE5OS00OTE3LWExNzYtZTUwZTFlOWJiNGIz
LzEvam1JcU5NVmVPYmo2RmFON3FlTnc2cV9abDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76YMA0G
CSqGSIb3DQEBCwUAA4IBAQDFKyPO5kVS/GQwM4uFofAmWVxY6qZ5HsDA0zZ1IPpn
HtsDnapjscs1Q+llZ3lUIFBnSnOLo395USKoNFnebRBsDDMpK8CUnUcH/ISnrP1z
KWC9cIeqyKoPWtBxbMY18FdVW9e5HsTQzPtWg40nl61jsBaKXb5tGCss03Gz6BTy
seOkQbskJSHJqg8gAopk8Em514x0cTlbUNuaMWE2RQS4Y65pPdRGY5a12yFccRNI
ZjbvxdwQNe6CkYUjS0z+P9tps3A/szXRLo4DbrZDcVMxl4bgvkoAYyDRraePAea9
IkboBcsFQ6H/Knpf+VQlSm6CJP7dzfKicJsSky2pYbHK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:33 2025 by rpki-client on console.sobornost.net