Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/sQhT4EcSgUdSOJf-IlcAVbhhanQ.roa
File: sQhT4EcSgUdSOJf-IlcAVbhhanQ.roa (raw, json)
Hash identifier: yOHMgQvvnUGeXtEo1mVldnI757iV9L6oiBbCrHJFV5Y=
Subject key identifier: B1:08:53:E0:47:12:81:47:52:38:97:FE:22:57:00:55:B8:61:6A:74
Certificate issuer: /CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Certificate serial: 01942521746E1C2D8B25807A13A763A6AE38
Authority key identifier: 74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/sQhT4EcSgUdSOJf-IlcAVbhhanQ.roa
Signing time: Thu 02 Jan 2025 03:48:57 +0000
ROA not before: Thu 02 Jan 2025 03:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50897
IP address blocks: 192.44.75.0/24 maxlen: 24
192.108.115.0/24 maxlen: 24
192.108.116.0/24 maxlen: 24
192.108.117.0/24 maxlen: 24
192.108.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:74:6e:1c:2d:8b:25:80:7a:13:a7:63:a6:ae:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b10853e047128147523897fe22570055b8616a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:75:d0:c4:98:91:41:b0:d6:0f:c8:68:2c:
07:c6:b8:b5:03:9b:52:f5:c6:ab:94:ef:c0:26:ba:
1b:eb:ae:71:84:bd:32:14:e2:20:49:cd:00:5a:fa:
e8:9d:78:43:20:da:b5:cb:df:1a:85:d8:1c:4f:82:
da:ba:25:0e:70:ab:31:4d:b8:f8:c9:11:03:40:9e:
96:20:23:a9:1a:fa:5c:cf:eb:8a:69:76:0b:4e:ee:
1f:b0:e6:ab:96:58:54:ba:a5:06:ac:66:51:65:4b:
7f:b6:34:0d:3b:97:4f:ac:d8:22:76:08:20:31:bd:
1e:97:55:16:70:41:62:e2:a5:bb:cf:da:bc:81:31:
59:f0:44:de:64:2b:41:49:68:f8:17:ea:07:07:46:
cc:a4:0f:30:6e:1c:ce:62:e4:c8:ae:94:3a:de:fa:
39:81:90:80:40:07:e0:e4:03:cc:0f:ba:57:a2:e3:
e1:5b:24:7e:d1:2f:d9:ec:9b:d5:b2:20:c7:bd:94:
27:46:28:3c:fb:b8:9d:f5:60:e3:67:3b:40:26:e1:
5f:d4:f0:98:00:d0:46:c6:45:b7:c6:e9:61:b4:e1:
39:85:04:e6:12:33:72:2c:95:60:95:f7:ba:7b:e2:
0c:78:52:da:04:bb:ed:5d:13:d3:c4:8d:31:01:ba:
a6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:08:53:E0:47:12:81:47:52:38:97:FE:22:57:00:55:B8:61:6A:74
X509v3 Authority Key Identifier:
keyid:74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/sQhT4EcSgUdSOJf-IlcAVbhhanQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.44.75.0/24
192.108.115.0-192.108.118.255
Signature Algorithm: sha256WithRSAEncryption
2a:bc:2a:26:28:2d:df:03:20:15:79:87:8f:05:04:f5:f2:c4:
a6:d9:21:6c:12:ce:87:1f:47:85:0a:b6:73:43:89:b7:99:0a:
3c:3b:35:6d:ad:b0:66:8d:05:c8:3a:4c:35:84:21:17:5a:cd:
0f:d3:e0:23:d9:c8:bf:c2:6c:6b:5f:a1:7d:a1:5b:c5:cb:8f:
d4:fe:42:3b:15:b2:d7:15:db:72:94:c4:e0:d9:da:ec:5e:ef:
e0:7c:b2:1a:82:c0:da:14:c9:ba:d7:a7:03:21:14:74:52:d5:
9f:d0:53:11:fe:9f:d3:6b:9e:d4:f5:5f:8e:9a:a1:a0:58:4f:
11:f7:df:55:e8:cd:8c:4a:4f:17:0a:06:98:07:96:e1:9f:1e:
f4:da:e6:50:02:d6:b0:dd:19:ff:ab:fe:00:0a:83:70:03:fc:
cb:6a:ee:08:5b:78:0a:01:a8:4d:bf:cf:35:ca:c3:49:64:db:
b1:16:e4:e3:2a:81:75:32:99:4b:e5:95:5e:5f:d2:8f:51:1f:
59:42:35:87:71:8d:07:6c:f6:6c:86:ff:f2:84:3f:22:1c:5e:
80:38:3a:f2:39:be:1b:0a:37:8d:31:1c:81:c1:37:46:4a:fd:
38:f7:d0:03:00:34:28:4a:3a:38:f0:b8:d6:eb:d8:f5:65:6c:
6e:8a:82:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIXRuHC2LJYB6E6djpq44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjY3ZjNlY2ZjYzYxNjY4ZTA1MDFiY2E2MGNlZDZkZDc1
ZDM0N2MwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA4NTNlMDQ3MTI4MTQ3NTIzODk3ZmUyMjU3MDA1NWI4NjE2YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1510MSYkUGw1g/IaCwHxri1A5tS
9carlO/AJrob665xhL0yFOIgSc0AWvronXhDINq1y98ahdgcT4LauiUOcKsxTbj4
yREDQJ6WICOpGvpcz+uKaXYLTu4fsOarllhUuqUGrGZRZUt/tjQNO5dPrNgidggg
Mb0el1UWcEFi4qW7z9q8gTFZ8ETeZCtBSWj4F+oHB0bMpA8wbhzOYuTIrpQ63vo5
gZCAQAfg5APMD7pXouPhWyR+0S/Z7JvVsiDHvZQnRig8+7id9WDjZztAJuFf1PCY
ANBGxkW3xulhtOE5hQTmEjNyLJVglfe6e+IMeFLaBLvtXRPTxI0xAbqmywIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLEIU+BHEoFHUjiX/iJXAFW4YWp0MB8GA1UdIwQY
MBaAFHQmfz7PzGFmjgUBvKYM7W3XXTR8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQt
NGUzZjRkNjhmNjgyLzEvc1FoVDRFY1NnVWRTT0pmLUlsY0FWYmhoYW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQtNGUzZjRkNjhmNjgy
LzEvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwCxLMAwD
BADAbHMDBADAbHYwDQYJKoZIhvcNAQELBQADggEBACq8KiYoLd8DIBV5h48FBPXy
xKbZIWwSzocfR4UKtnNDibeZCjw7NW2tsGaNBcg6TDWEIRdazQ/T4CPZyL/CbGtf
oX2hW8XLj9T+QjsVstcV23KUxODZ2uxe7+B8shqCwNoUybrXpwMhFHRS1Z/QUxH+
n9NrntT1X46aoaBYTxH331XozYxKTxcKBpgHluGfHvTa5lAC1rDdGf+r/gAKg3AD
/Mtq7ghbeAoBqE2/zzXKw0lk27EW5OMqgXUymUvllV5f0o9RH1lCNYdxjQds9myG
//KEPyIcXoA4OvI5vhsKN40xHIHBN0ZK/Tj30AMANChKOjjwuNbr2PVlbG6KgvQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:42 2025 by rpki-client on console.sobornost.net