Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/46f996-38de-42fb-b982-03bf6cf73ff1/1/654gVU41w8foyRrdow3IvLh38_0.roa
File: 654gVU41w8foyRrdow3IvLh38_0.roa (raw, json)
Hash identifier: FxM/zOQmEVryb2JTftwL4qqp6keHE//w4j2q3qFh7fE=
Subject key identifier: EB:9E:20:55:4E:35:C3:C7:E8:C9:1A:DD:A3:0D:C8:BC:B8:77:F3:FD
Certificate issuer: /CN=bf3de882c2619d680f2d7fe600b9016da287a8d3
Certificate serial: 0195A3CAC4FAC2E3CC382CFE509D9D8036B9
Authority key identifier: BF:3D:E8:82:C2:61:9D:68:0F:2D:7F:E6:00:B9:01:6D:A2:87:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vz3ogsJhnWgPLX_mALkBbaKHqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/46f996-38de-42fb-b982-03bf6cf73ff1/1/654gVU41w8foyRrdow3IvLh38_0.roa
Signing time: Mon 17 Mar 2025 11:08:49 +0000
ROA not before: Mon 17 Mar 2025 11:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59780
IP address blocks: 147.78.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:ca:c4:fa:c2:e3:cc:38:2c:fe:50:9d:9d:80:36:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf3de882c2619d680f2d7fe600b9016da287a8d3
Validity
Not Before: Mar 17 11:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb9e20554e35c3c7e8c91adda30dc8bcb877f3fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:de:1b:3b:d4:98:6a:ac:79:ec:2f:3c:2a:4e:
19:0e:8d:e6:3f:3d:24:43:61:5d:f8:af:df:a8:87:
20:5c:cc:3d:33:b0:8b:51:5a:dd:18:c8:d5:6e:e7:
bf:c6:df:0a:e8:78:5c:83:4f:38:fe:dd:3d:1c:c0:
d0:b3:a7:18:92:b1:7b:92:01:c4:c5:35:10:e8:86:
3d:b7:fe:ae:36:c4:45:4f:88:e9:69:4a:65:92:75:
cf:e4:de:67:cd:89:1f:2e:e5:11:7a:92:7b:21:e4:
a7:89:7c:d9:c8:00:dd:e2:b3:b4:72:3d:3e:c6:c9:
50:86:53:44:cc:36:5f:8d:19:79:16:a1:3c:4b:39:
2a:3c:66:2a:73:38:dc:3a:0e:af:d8:cb:9b:55:7d:
a5:a4:83:60:95:d2:ee:5e:df:f3:77:80:74:bd:b4:
e9:c4:34:d8:27:97:d5:48:6e:7a:d6:a2:83:4f:97:
d7:bb:0b:2d:b9:ef:f6:9c:6f:95:8d:0e:9f:1e:6d:
19:d3:32:81:6d:f0:96:35:f2:0a:2f:c9:4c:58:0c:
16:04:3c:80:32:dc:2f:6e:00:7c:08:bb:36:14:25:
3c:10:8a:6f:e3:54:fa:82:bf:ca:11:6a:31:06:b0:
1d:00:d6:d5:71:98:7c:44:1a:2b:e4:27:de:01:ed:
f5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9E:20:55:4E:35:C3:C7:E8:C9:1A:DD:A3:0D:C8:BC:B8:77:F3:FD
X509v3 Authority Key Identifier:
keyid:BF:3D:E8:82:C2:61:9D:68:0F:2D:7F:E6:00:B9:01:6D:A2:87:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vz3ogsJhnWgPLX_mALkBbaKHqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/46f996-38de-42fb-b982-03bf6cf73ff1/1/654gVU41w8foyRrdow3IvLh38_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/46f996-38de-42fb-b982-03bf6cf73ff1/1/vz3ogsJhnWgPLX_mALkBbaKHqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:a7:c5:c0:0c:64:cc:a0:5c:06:dd:bb:0e:96:d5:fe:11:e5:
6e:16:d9:7e:b7:cc:21:95:7a:27:e8:c4:52:e5:40:b6:5b:c3:
f1:5c:08:45:3b:b3:3b:d2:87:c1:ad:33:57:48:1a:e0:56:6d:
8a:3d:b7:4f:98:c0:67:7b:f9:2b:42:77:13:7e:d9:8f:6e:e8:
b5:26:e2:1e:f2:90:ea:ab:8a:d7:84:8e:b6:8b:9f:04:3d:b0:
f9:2a:4a:42:41:9e:df:c1:9f:3f:49:a1:ac:2c:c5:9d:bc:36:
15:86:2b:8d:47:f6:ca:75:8a:ad:c6:be:d4:3b:40:00:45:6a:
86:8f:d7:44:27:7d:8e:15:66:8d:cd:7b:a7:a4:ae:ed:37:23:
78:3e:6a:ed:a3:52:4c:f6:b4:a5:0c:c9:84:c7:1a:16:45:bc:
9e:53:f5:88:f0:73:da:2e:ea:17:06:08:7f:64:bc:8c:fc:e5:
0f:a1:b9:a0:94:43:7e:81:0d:8d:fe:c0:4a:2d:38:1e:06:41:
1d:8b:bc:74:35:2a:62:a5:ad:53:3f:05:ad:e8:a5:63:6b:a4:
db:67:23:85:24:74:a4:0b:5d:e4:a9:ce:a4:12:b4:7e:72:7c:
49:1c:be:7a:e3:b3:fe:5f:b1:40:a5:5d:c7:a1:a5:a1:cb:0b:
4e:fb:8a:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWjysT6wuPMOCz+UJ2dgDa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmM2RlODgyYzI2MTlkNjgwZjJkN2ZlNjAwYjkwMTZkYTI4
N2E4ZDMwHhcNMjUwMzE3MTEwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjllMjA1NTRlMzVjM2M3ZThjOTFhZGRhMzBkYzhiY2I4NzdmM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt4bO9SYaqx57C88Kk4ZDo3mPz0k
Q2Fd+K/fqIcgXMw9M7CLUVrdGMjVbue/xt8K6Hhcg084/t09HMDQs6cYkrF7kgHE
xTUQ6IY9t/6uNsRFT4jpaUplknXP5N5nzYkfLuURepJ7IeSniXzZyADd4rO0cj0+
xslQhlNEzDZfjRl5FqE8SzkqPGYqczjcOg6v2MubVX2lpINgldLuXt/zd4B0vbTp
xDTYJ5fVSG561qKDT5fXuwstue/2nG+VjQ6fHm0Z0zKBbfCWNfIKL8lMWAwWBDyA
MtwvbgB8CLs2FCU8EIpv41T6gr/KEWoxBrAdANbVcZh8RBor5CfeAe31ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOueIFVONcPH6Mka3aMNyLy4d/P9MB8GA1UdIwQY
MBaAFL896ILCYZ1oDy1/5gC5AW2ih6jTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnozb2dzSmhuV2dQTFhfbUFMa0JiYUtIcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80NmY5OTYtMzhkZS00MmZiLWI5ODIt
MDNiZjZjZjczZmYxLzEvNjU0Z1ZVNDF3OGZveVJyZG93M0l2TGgzOF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80NmY5OTYtMzhkZS00MmZiLWI5ODItMDNiZjZjZjczZmYx
LzEvdnozb2dzSmhuV2dQTFhfbUFMa0JiYUtIcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk07QMA0G
CSqGSIb3DQEBCwUAA4IBAQBbp8XADGTMoFwG3bsOltX+EeVuFtl+t8whlXon6MRS
5UC2W8PxXAhFO7M70ofBrTNXSBrgVm2KPbdPmMBne/krQncTftmPbui1JuIe8pDq
q4rXhI62i58EPbD5KkpCQZ7fwZ8/SaGsLMWdvDYVhiuNR/bKdYqtxr7UO0AARWqG
j9dEJ32OFWaNzXunpK7tNyN4Pmrto1JM9rSlDMmExxoWRbyeU/WI8HPaLuoXBgh/
ZLyM/OUPobmglEN+gQ2N/sBKLTgeBkEdi7x0NSpipa1TPwWt6KVja6TbZyOFJHSk
C13kqc6kErR+cnxJHL5647P+X7FApV3HoaWhywtO+4qE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:41 2025 by rpki-client on console.sobornost.net