Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/EC126PvVDkQ1iOY37McYc_T5ZCw.roa
File: EC126PvVDkQ1iOY37McYc_T5ZCw.roa (raw, json)
Hash identifier: SsdcDgIQTRtebG8okZBaZbpFDLqRvzA20iEWSyuonyI=
Subject key identifier: 10:2D:76:E8:FB:D5:0E:44:35:88:E6:37:EC:C7:18:73:F4:F9:64:2C
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01945EF12DAB728DFCB11A3D8C86D8EBC461
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/EC126PvVDkQ1iOY37McYc_T5ZCw.roa
Signing time: Mon 13 Jan 2025 09:14:11 +0000
ROA not before: Mon 13 Jan 2025 09:14:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 170.62.236.0/24 maxlen: 24
170.62.237.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
170.62.239.0/24 maxlen: 24
170.62.244.0/24 maxlen: 24
170.62.245.0/24 maxlen: 24
193.142.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:f1:2d:ab:72:8d:fc:b1:1a:3d:8c:86:d8:eb:c4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 13 09:14:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=102d76e8fbd50e443588e637ecc71873f4f9642c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8d:fe:1e:5d:88:36:53:aa:ae:da:80:c1:7a:
91:51:af:18:c8:23:18:c6:90:c2:0e:51:34:bc:52:
ae:58:cc:5c:e2:08:c9:5a:f0:37:04:3a:b8:88:ec:
c9:a2:5a:c6:80:03:e8:26:fa:f2:19:2f:43:d2:ce:
4e:83:12:d8:9d:35:53:39:00:a7:f1:0a:28:a6:69:
fe:6d:1c:f3:e2:84:24:57:9a:8d:97:28:a9:db:5a:
9c:19:65:58:66:e6:42:85:42:0a:ce:fc:78:05:5b:
05:36:1f:06:38:4f:e6:71:34:88:96:9b:dc:9f:43:
f4:11:ea:e2:95:46:05:97:24:56:cb:c4:70:65:97:
a2:cd:b9:e5:26:3b:58:1d:15:cc:8b:1c:1a:d9:c2:
29:22:8d:f3:03:63:6f:50:0f:be:0c:86:1d:e1:74:
f5:cf:fe:b7:44:8f:f9:97:2d:cd:94:eb:87:3e:28:
c7:ab:5c:ba:64:24:12:6a:b0:1b:cf:2c:ad:c1:8b:
96:b6:91:1e:64:4f:62:e6:9d:49:50:7d:ee:11:18:
03:a7:49:32:ec:a8:50:6e:09:6a:40:a5:13:2e:71:
71:f8:68:78:b9:15:5d:8e:5f:54:16:a0:65:fd:8c:
a0:12:c0:f3:09:63:48:a2:b7:de:72:00:77:0d:5c:
69:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:2D:76:E8:FB:D5:0E:44:35:88:E6:37:EC:C7:18:73:F4:F9:64:2C
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/EC126PvVDkQ1iOY37McYc_T5ZCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.236.0/22
170.62.244.0/23
193.142.58.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c1:52:b7:30:ae:91:a9:e5:13:9d:bd:cb:84:5a:f2:47:1e:
c1:bc:5a:ad:03:7e:c9:ee:d5:d2:49:99:ca:aa:68:da:ef:90:
c3:08:b3:a5:30:06:87:52:7c:a3:70:d6:73:c4:dd:82:ca:c7:
f7:28:df:db:d0:be:8d:46:2b:4e:a0:f8:ae:ee:52:d7:8b:1d:
b6:ef:75:5c:bd:04:4f:cc:e3:e3:72:dd:c1:f8:6d:f6:5f:82:
aa:d0:91:fc:66:1d:e2:6a:77:44:e9:b9:ad:53:15:1a:57:53:
5d:23:0a:82:ca:70:e8:b0:d3:d5:ff:19:97:4d:9c:52:31:72:
13:8f:f4:08:a7:a1:12:26:cb:91:a8:30:35:47:10:96:5a:cc:
1a:6f:07:b0:cb:f2:b7:e6:6c:22:0d:58:9c:aa:a7:ae:56:f9:
a7:7e:24:7f:45:3b:19:7c:ef:8c:9f:1d:41:15:e4:ae:8a:73:
f6:01:e1:d7:fb:50:b3:51:e0:59:1a:c6:61:bd:18:51:be:ae:
8f:8d:b9:78:9b:94:82:9a:55:69:00:22:d8:80:9c:95:a1:ab:
78:10:47:a3:38:bf:03:51:64:09:c8:ba:65:ee:9a:ed:8b:9b:
24:00:38:e3:ab:24:4b:2e:1f:29:41:f2:59:16:da:c4:ee:44:
d8:b0:c3:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRe8S2rco38sRo9jIbY68RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTEzMDkxNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDJkNzZlOGZiZDUwZTQ0MzU4OGU2MzdlY2M3MTg3M2Y0Zjk2NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY3+Hl2INlOqrtqAwXqRUa8YyCMY
xpDCDlE0vFKuWMxc4gjJWvA3BDq4iOzJolrGgAPoJvryGS9D0s5OgxLYnTVTOQCn
8Qoopmn+bRzz4oQkV5qNlyip21qcGWVYZuZChUIKzvx4BVsFNh8GOE/mcTSIlpvc
n0P0EerilUYFlyRWy8RwZZeizbnlJjtYHRXMixwa2cIpIo3zA2NvUA++DIYd4XT1
z/63RI/5ly3NlOuHPijHq1y6ZCQSarAbzyytwYuWtpEeZE9i5p1JUH3uERgDp0ky
7KhQbglqQKUTLnFx+Gh4uRVdjl9UFqBl/YygEsDzCWNIorfecgB3DVxpRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBAtduj71Q5ENYjmN+zHGHP0+WQsMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvRUMxMjZQdlZEa1ExaU9ZMzdNY1ljX1Q1WkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCqj7sAwQB
qj70AwQAwY46MA0GCSqGSIb3DQEBCwUAA4IBAQAowVK3MK6RqeUTnb3LhFryRx7B
vFqtA37J7tXSSZnKqmja75DDCLOlMAaHUnyjcNZzxN2Cysf3KN/b0L6NRitOoPiu
7lLXix2273VcvQRPzOPjct3B+G32X4Kq0JH8Zh3iandE6bmtUxUaV1NdIwqCynDo
sNPV/xmXTZxSMXITj/QIp6ESJsuRqDA1RxCWWswabwewy/K35mwiDVicqqeuVvmn
fiR/RTsZfO+Mnx1BFeSuinP2AeHX+1CzUeBZGsZhvRhRvq6Pjbl4m5SCmlVpACLY
gJyVoat4EEejOL8DUWQJyLpl7prti5skADjjqyRLLh8pQfJZFtrE7kTYsMNk
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:27 2025 by rpki-client on console.sobornost.net