Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/Dz49aMuKRlKMoJhdInbOpT8odb0.roa
File: Dz49aMuKRlKMoJhdInbOpT8odb0.roa (raw, json)
Hash identifier: eGQZ4ljYZGoi2bWlhPeueYms1SjbBMBvU/96IhPjXeA=
Subject key identifier: 0F:3E:3D:68:CB:8A:46:52:8C:A0:98:5D:22:76:CE:A5:3F:28:75:BD
Certificate issuer: /CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Certificate serial: 0195C79CB26FA0704B39901D966D5350ACAA
Authority key identifier: 30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/Dz49aMuKRlKMoJhdInbOpT8odb0.roa
Signing time: Mon 24 Mar 2025 10:04:50 +0000
ROA not before: Mon 24 Mar 2025 10:04:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209891
IP address blocks: 217.25.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:9c:b2:6f:a0:70:4b:39:90:1d:96:6d:53:50:ac:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Validity
Not Before: Mar 24 10:04:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f3e3d68cb8a46528ca0985d2276cea53f2875bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d2:08:8c:53:cb:10:ed:a7:0a:40:7a:11:53:
b9:b0:84:72:68:a0:f1:3f:21:18:e3:e4:74:e8:7b:
2f:44:01:6d:91:fd:a3:22:dd:dd:ca:be:e7:9f:e4:
06:44:0f:e9:47:85:11:13:64:01:18:87:a5:5e:ec:
17:ca:ae:64:08:0b:12:cf:c9:b5:76:87:d6:7d:39:
3f:e1:93:74:15:16:27:27:42:7d:45:c5:98:83:ae:
90:fa:75:29:d5:44:82:54:18:77:97:a0:42:6e:4c:
72:c4:f8:4a:6f:a5:8f:4b:48:59:d0:4e:44:c0:09:
5a:1c:9c:6e:31:e5:51:db:b4:31:86:2a:66:d5:33:
d8:f2:92:e0:d1:2e:b3:18:38:d7:cb:6a:59:04:2f:
a9:92:a9:46:f1:fc:28:39:d8:31:e0:7f:9d:f4:ce:
e8:8a:24:f8:5c:be:69:48:e2:05:d8:95:10:ac:ed:
2b:13:84:46:72:42:39:3c:b6:51:19:ce:d0:ad:1b:
ca:4c:ea:14:c2:9f:1d:2f:06:ba:9c:f0:86:d8:eb:
17:82:85:e5:40:f1:b9:15:dd:de:39:a6:ea:0c:89:
69:51:91:9c:92:1a:dc:17:59:62:7a:b5:dd:a6:3c:
88:95:98:20:1f:4c:a9:6e:65:fb:17:6a:8e:89:90:
1c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3E:3D:68:CB:8A:46:52:8C:A0:98:5D:22:76:CE:A5:3F:28:75:BD
X509v3 Authority Key Identifier:
keyid:30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/Dz49aMuKRlKMoJhdInbOpT8odb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/MC8J8mXpsnj4Bz1pgv8XVxOloPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.138.0/24
Signature Algorithm: sha256WithRSAEncryption
84:c6:53:4d:e8:87:57:5b:b4:08:bb:37:f0:b7:20:25:7f:c5:
8f:01:55:23:ea:b8:bd:f7:7c:eb:b1:de:e1:6c:23:98:d5:89:
50:bf:9b:5e:45:44:29:75:42:05:5e:bf:50:02:c7:e5:12:8c:
45:4a:dc:4d:8d:42:13:53:b4:09:ba:e9:f1:6a:a4:15:a0:7d:
6a:06:aa:6c:3b:b4:99:af:4b:65:76:13:19:1a:01:2a:45:4c:
79:64:86:b4:78:8d:cf:99:fd:93:77:ea:05:58:3b:03:e1:e3:
76:6d:22:ce:53:c4:f6:d1:d1:c2:ab:4c:e7:62:11:44:15:59:
90:87:38:ee:96:0e:5b:27:a6:11:a2:4b:26:1a:4b:74:bc:8d:
73:17:f2:c4:43:7b:69:76:73:8d:d7:af:59:cf:0d:97:2b:ce:
a1:e2:6f:e1:a7:bf:1a:17:e3:a9:e1:c0:83:47:56:38:07:b4:
2f:2b:cb:58:84:03:9c:56:e8:92:39:43:7d:d1:80:e1:44:e2:
fe:d3:92:13:cf:07:6a:6a:9e:d9:bc:fc:a9:7a:04:54:f1:dd:
18:ff:6a:99:5b:4e:0f:74:da:e5:4e:41:72:35:ce:70:3d:68:
9f:6d:9f:69:ad:ab:45:3c:53:65:89:dc:7d:b0:c8:b8:25:51:
a5:93:7c:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXHnLJvoHBLOZAdlm1TUKyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMmYwOWYyNjVlOWIyNzhmODA3M2Q2OTgyZmYxNzU3MTNh
NWEwZmEwHhcNMjUwMzI0MTAwNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNlM2Q2OGNiOGE0NjUyOGNhMDk4NWQyMjc2Y2VhNTNmMjg3NWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dIIjFPLEO2nCkB6EVO5sIRyaKDx
PyEY4+R06HsvRAFtkf2jIt3dyr7nn+QGRA/pR4URE2QBGIelXuwXyq5kCAsSz8m1
dofWfTk/4ZN0FRYnJ0J9RcWYg66Q+nUp1USCVBh3l6BCbkxyxPhKb6WPS0hZ0E5E
wAlaHJxuMeVR27Qxhipm1TPY8pLg0S6zGDjXy2pZBC+pkqlG8fwoOdgx4H+d9M7o
iiT4XL5pSOIF2JUQrO0rE4RGckI5PLZRGc7QrRvKTOoUwp8dLwa6nPCG2OsXgoXl
QPG5Fd3eOabqDIlpUZGckhrcF1lierXdpjyIlZggH0ypbmX7F2qOiZAcrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8+PWjLikZSjKCYXSJ2zqU/KHW9MB8GA1UdIwQY
MBaAFDAvCfJl6bJ4+Ac9aYL/F1cTpaD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODct
M2I1NWYyMzI3YjM0LzEvRHo0OWFNdUtSbEtNb0poZEluYk9wVDhvZGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODctM2I1NWYyMzI3YjM0
LzEvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RmKMA0G
CSqGSIb3DQEBCwUAA4IBAQCExlNN6IdXW7QIuzfwtyAlf8WPAVUj6ri993zrsd7h
bCOY1YlQv5teRUQpdUIFXr9QAsflEoxFStxNjUITU7QJuunxaqQVoH1qBqpsO7SZ
r0tldhMZGgEqRUx5ZIa0eI3Pmf2Td+oFWDsD4eN2bSLOU8T20dHCq0znYhFEFVmQ
hzjulg5bJ6YRoksmGkt0vI1zF/LEQ3tpdnON169Zzw2XK86h4m/hp78aF+Op4cCD
R1Y4B7QvK8tYhAOcVuiSOUN90YDhROL+05ITzwdqap7ZvPypegRU8d0Y/2qZW04P
dNrlTkFyNc5wPWifbZ9pratFPFNlidx9sMi4JVGlk3zS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:41 2025 by rpki-client on console.sobornost.net