Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IfUSZ47cuzQulgLsruCHYRsa130.roa
File: IfUSZ47cuzQulgLsruCHYRsa130.roa (raw, json)
Hash identifier: EUnu8q7eVqfHutdwfxzXbgFkgleKe14//20XLpaCuak=
Subject key identifier: 21:F5:12:67:8E:DC:BB:34:2E:96:02:EC:AE:E0:87:61:1B:1A:D7:7D
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0195D134249A226FB07B69BFEA33BB86FD53
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IfUSZ47cuzQulgLsruCHYRsa130.roa
Signing time: Wed 26 Mar 2025 06:46:50 +0000
ROA not before: Wed 26 Mar 2025 06:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213773
IP address blocks: 170.62.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:34:24:9a:22:6f:b0:7b:69:bf:ea:33:bb:86:fd:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 26 06:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21f512678edcbb342e9602ecaee087611b1ad77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:de:49:6d:99:75:5b:a1:34:c1:6a:24:ea:6e:
b2:40:1a:88:60:d0:a5:23:f7:46:03:56:4a:2d:91:
92:85:29:71:ee:03:43:8c:07:f1:3c:f4:6c:f6:08:
26:2c:1a:c6:ab:d5:29:a8:92:0c:80:13:65:2f:08:
44:7b:35:22:4d:61:06:55:fd:4f:ca:25:39:62:b4:
93:9e:9e:4e:c1:b9:3a:5b:be:e3:96:25:a6:7a:58:
80:23:01:ae:a3:84:16:92:23:89:69:84:8c:36:34:
1c:78:e0:b0:ed:2a:23:d3:e6:45:f8:80:b0:c9:66:
f6:ad:76:08:3d:47:3e:a6:49:58:00:4d:21:b6:c9:
75:a4:fc:14:2f:70:60:4c:e7:cc:33:19:c8:a7:f1:
3f:73:d9:2d:b6:c6:65:87:a1:71:8b:5a:5c:24:8e:
6a:5d:58:5e:82:89:06:bc:9d:b2:51:a2:be:5a:a7:
5c:78:62:44:bc:aa:12:ee:1c:ce:9d:8f:8f:7d:d3:
6c:a8:e4:52:01:a5:ff:b0:63:23:6e:90:25:a9:e1:
36:2f:1d:9a:7d:d4:5e:f3:d7:e4:82:1e:75:ae:47:
f4:88:a3:9b:a7:55:43:4c:5f:e8:56:93:27:70:d2:
e0:5d:20:fc:3a:43:11:d1:84:d0:05:5f:c6:f9:ca:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F5:12:67:8E:DC:BB:34:2E:96:02:EC:AE:E0:87:61:1B:1A:D7:7D
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IfUSZ47cuzQulgLsruCHYRsa130.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.203.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:29:32:d3:19:fd:18:14:4b:7d:cd:6d:e9:66:e1:4b:9a:03:
86:49:ac:ef:d9:2c:c0:f3:c3:a5:7b:cd:41:02:c3:4d:0b:ff:
42:34:30:10:9f:1b:a8:81:db:71:b0:37:bb:ab:90:67:5d:36:
b8:c5:3f:f2:7c:21:ec:b1:90:6e:cf:49:64:f4:02:fc:d3:f5:
8f:75:92:93:9c:c6:c2:78:32:f8:70:92:23:6f:15:c6:b5:ea:
d0:48:99:6f:0a:c0:de:b8:87:cb:69:44:fc:1c:c5:0a:9d:5c:
43:5d:7a:96:4e:56:52:f0:f2:df:a4:77:7e:51:80:87:3d:25:
5e:b0:3d:ea:14:29:31:a9:51:d7:4a:79:d9:ef:02:6a:da:9b:
69:e4:e5:e5:e4:1e:3c:4a:52:fc:61:13:5a:02:8b:4b:ca:2d:
d4:d5:21:0b:06:6d:16:43:c0:cb:fc:77:d4:4d:c6:bc:92:2d:
d2:8f:09:a8:37:1f:b7:b8:43:b8:df:34:29:b0:e0:20:ff:07:
e6:c5:59:93:50:06:37:a1:ce:66:1e:52:96:7c:2d:b0:cc:2e:
aa:74:ad:4d:9d:d5:07:af:75:3d:7a:8d:d3:38:df:0d:00:c1:
68:ba:32:74:4a:9f:87:f0:8b:21:47:42:61:be:27:88:dd:f9:
7d:7f:63:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXRNCSaIm+we2m/6jO7hv1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzI2MDY0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY1MTI2NzhlZGNiYjM0MmU5NjAyZWNhZWUwODc2MTFiMWFkNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7t5JbZl1W6E0wWok6m6yQBqIYNCl
I/dGA1ZKLZGShSlx7gNDjAfxPPRs9ggmLBrGq9UpqJIMgBNlLwhEezUiTWEGVf1P
yiU5YrSTnp5Owbk6W77jliWmeliAIwGuo4QWkiOJaYSMNjQceOCw7Soj0+ZF+ICw
yWb2rXYIPUc+pklYAE0htsl1pPwUL3BgTOfMMxnIp/E/c9kttsZlh6Fxi1pcJI5q
XVhegokGvJ2yUaK+WqdceGJEvKoS7hzOnY+PfdNsqORSAaX/sGMjbpAlqeE2Lx2a
fdRe89fkgh51rkf0iKObp1VDTF/oVpMncNLgXSD8OkMR0YTQBV/G+com1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCH1EmeO3Ls0LpYC7K7gh2EbGtd9MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSWZVU1o0N2N1elF1bGdMc3J1Q0hZUnNhMTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj7LMA0G
CSqGSIb3DQEBCwUAA4IBAQDOKTLTGf0YFEt9zW3pZuFLmgOGSazv2SzA88Ole81B
AsNNC/9CNDAQnxuogdtxsDe7q5BnXTa4xT/yfCHssZBuz0lk9AL80/WPdZKTnMbC
eDL4cJIjbxXGterQSJlvCsDeuIfLaUT8HMUKnVxDXXqWTlZS8PLfpHd+UYCHPSVe
sD3qFCkxqVHXSnnZ7wJq2ptp5OXl5B48SlL8YRNaAotLyi3U1SELBm0WQ8DL/HfU
Tca8ki3SjwmoNx+3uEO43zQpsOAg/wfmxVmTUAY3oc5mHlKWfC2wzC6qdK1NndUH
r3U9eo3TON8NAMFoujJ0Sp+H8IshR0JhvieI3fl9f2NJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:41 2025 by rpki-client on console.sobornost.net