Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/AgU01_JNS28etvxsdg12QdG_9TQ.roa
File: AgU01_JNS28etvxsdg12QdG_9TQ.roa (raw, json)
Hash identifier: 8EHC06vY9bnzZwrB6V3JBnUnbhffqwXotHDPwmpI35A=
Subject key identifier: 02:05:34:D7:F2:4D:4B:6F:1E:B6:FC:6C:76:0D:76:41:D1:BF:F5:34
Certificate issuer: /CN=40518ecbd6464d78ad451551648f9206f7fb5f42
Certificate serial: 0196154B8165DD21B8D490845057FED52F58
Authority key identifier: 40:51:8E:CB:D6:46:4D:78:AD:45:15:51:64:8F:92:06:F7:FB:5F:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/AgU01_JNS28etvxsdg12QdG_9TQ.roa
Signing time: Tue 08 Apr 2025 12:06:31 +0000
ROA not before: Tue 08 Apr 2025 12:06:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214849
IP address blocks: 138.222.64.0/24 maxlen: 24
138.222.65.0/24 maxlen: 24
138.222.66.0/24 maxlen: 24
138.222.67.0/24 maxlen: 24
138.222.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:4b:81:65:dd:21:b8:d4:90:84:50:57:fe:d5:2f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40518ecbd6464d78ad451551648f9206f7fb5f42
Validity
Not Before: Apr 8 12:06:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=020534d7f24d4b6f1eb6fc6c760d7641d1bff534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a8:63:05:f7:68:a6:42:16:9e:f2:f2:dd:1c:
80:8d:2f:8e:d3:a4:08:dc:70:d8:8b:78:77:9f:af:
b6:ff:ec:fd:c3:60:26:76:03:5b:25:43:81:14:3a:
cd:9f:e9:69:5f:71:4a:af:27:fb:e3:19:6d:42:b5:
0a:cc:50:90:ea:89:9b:69:cb:43:a9:d6:32:71:86:
a7:f4:2d:67:47:d6:25:0b:58:96:e2:31:51:fa:45:
bc:2d:98:6c:33:2e:15:01:d1:8a:86:39:3a:fd:f3:
90:4e:06:8c:79:1c:26:90:70:19:53:c5:15:e1:cb:
cb:57:11:a3:e0:4f:80:dc:85:36:23:a5:14:c2:dd:
4a:93:d5:c5:38:6b:a0:02:e4:c2:76:98:b9:23:5d:
93:fa:5c:91:bd:9c:11:df:9a:2c:9c:d7:46:43:1c:
43:93:b1:8d:8c:51:ab:e4:92:6d:7e:28:7a:74:9d:
18:ef:75:5c:bf:b7:2a:c7:6f:c3:c7:92:13:a8:6e:
12:62:51:28:f9:1a:c0:c1:e7:57:a3:d0:fe:66:b7:
83:10:88:7c:f8:f2:8d:41:4d:c8:a7:ea:fa:1c:34:
3c:20:c9:cb:ce:7c:d0:23:e3:2e:e2:f7:fe:9b:d7:
c0:74:12:a5:3e:4d:89:a1:70:1e:82:f6:ed:e7:83:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:05:34:D7:F2:4D:4B:6F:1E:B6:FC:6C:76:0D:76:41:D1:BF:F5:34
X509v3 Authority Key Identifier:
keyid:40:51:8E:CB:D6:46:4D:78:AD:45:15:51:64:8F:92:06:F7:FB:5F:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/AgU01_JNS28etvxsdg12QdG_9TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/QFGOy9ZGTXitRRVRZI-SBvf7X0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.222.64.0-138.222.68.255
Signature Algorithm: sha256WithRSAEncryption
0a:93:ad:91:63:23:b8:18:2a:b8:13:cc:05:ed:d6:17:4e:86:
1e:18:b0:00:7c:4e:de:62:d5:e0:c0:fb:68:aa:56:ff:0e:16:
49:21:02:ca:d3:13:ea:34:55:0e:cd:cf:e4:9c:a0:5f:57:75:
4d:91:3a:a8:1c:b1:85:14:f6:5f:6f:63:ce:3d:6e:85:5f:3a:
80:e8:82:7f:05:e3:81:56:7d:7b:d8:d3:00:1f:3f:54:c3:7a:
4f:f0:3c:d7:13:4a:11:50:d2:13:c9:74:e5:6f:8f:9a:79:59:
15:e0:7a:31:19:df:d5:d9:fc:26:77:e2:e8:7f:60:a9:24:f5:
d5:a5:1a:dc:78:07:d4:36:3c:7d:23:f1:71:63:7c:36:ea:ae:
ec:7f:ee:a0:9b:04:06:35:6f:f9:23:b6:1a:27:b7:29:14:c8:
85:b6:4a:2f:22:e5:4d:33:29:95:2f:ac:e9:91:83:0a:1a:03:
9e:cf:ef:d0:ae:79:70:17:1c:aa:7e:e5:94:a2:ed:f8:2f:a2:
57:b5:c4:d0:1b:3c:ce:33:5b:9b:c4:86:8e:0b:58:cc:96:7d:
96:02:45:9d:ea:76:fb:19:36:8b:81:0b:d2:f7:7f:4f:fa:6e:
48:37:1f:77:99:88:c0:02:db:98:67:7f:c1:a5:4d:0f:78:62:
21:2b:0b:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYVS4Fl3SG41JCEUFf+1S9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNTE4ZWNiZDY0NjRkNzhhZDQ1MTU1MTY0OGY5MjA2Zjdm
YjVmNDIwHhcNMjUwNDA4MTIwNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjA1MzRkN2YyNGQ0YjZmMWViNmZjNmM3NjBkNzY0MWQxYmZmNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKhjBfdopkIWnvLy3RyAjS+O06QI
3HDYi3h3n6+2/+z9w2AmdgNbJUOBFDrNn+lpX3FKryf74xltQrUKzFCQ6ombactD
qdYycYan9C1nR9YlC1iW4jFR+kW8LZhsMy4VAdGKhjk6/fOQTgaMeRwmkHAZU8UV
4cvLVxGj4E+A3IU2I6UUwt1Kk9XFOGugAuTCdpi5I12T+lyRvZwR35osnNdGQxxD
k7GNjFGr5JJtfih6dJ0Y73Vcv7cqx2/Dx5ITqG4SYlEo+RrAwedXo9D+ZreDEIh8
+PKNQU3Ip+r6HDQ8IMnLznzQI+Mu4vf+m9fAdBKlPk2JoXAegvbt54OgVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAIFNNfyTUtvHrb8bHYNdkHRv/U0MB8GA1UdIwQY
MBaAFEBRjsvWRk14rUUVUWSPkgb3+19CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZHT3k5WkdUWGl0UlJWUlpJLVNCdmY3WDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80MzcxNTAtNzgzYy00MzFhLWIzZmQt
N2MzZDc5NDAxZWMyLzEvQWdVMDFfSk5TMjhldHZ4c2RnMTJRZEdfOVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80MzcxNTAtNzgzYy00MzFhLWIzZmQtN2MzZDc5NDAxZWMy
LzEvUUZHT3k5WkdUWGl0UlJWUlpJLVNCdmY3WDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAaK3kAD
BACK3kQwDQYJKoZIhvcNAQELBQADggEBAAqTrZFjI7gYKrgTzAXt1hdOhh4YsAB8
Tt5i1eDA+2iqVv8OFkkhAsrTE+o0VQ7Nz+ScoF9XdU2ROqgcsYUU9l9vY849boVf
OoDogn8F44FWfXvY0wAfP1TDek/wPNcTShFQ0hPJdOVvj5p5WRXgejEZ39XZ/CZ3
4uh/YKkk9dWlGtx4B9Q2PH0j8XFjfDbqrux/7qCbBAY1b/kjthontykUyIW2Si8i
5U0zKZUvrOmRgwoaA57P79CueXAXHKp+5ZSi7fgvole1xNAbPM4zW5vEho4LWMyW
fZYCRZ3qdvsZNouBC9L3f0/6bkg3H3eZiMAC25hnf8GlTQ94YiErC7g=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net