Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/kQetHOp-0oC9GLt8UAm9tHq0lmg.roa
File: kQetHOp-0oC9GLt8UAm9tHq0lmg.roa (raw, json)
Hash identifier: 1SLK78wswQILSJR4QjWSbJxwM/1dACLvxbw0m27TusY=
Subject key identifier: 91:07:AD:1C:EA:7E:D2:80:BD:18:BB:7C:50:09:BD:B4:7A:B4:96:68
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 0195B8BD03AF60441BEA2112E72CAD0CBB44
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/kQetHOp-0oC9GLt8UAm9tHq0lmg.roa
Signing time: Fri 21 Mar 2025 12:45:49 +0000
ROA not before: Fri 21 Mar 2025 12:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8647
IP address blocks: 193.200.175.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:bd:03:af:60:44:1b:ea:21:12:e7:2c:ad:0c:bb:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Mar 21 12:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9107ad1cea7ed280bd18bb7c5009bdb47ab49668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1d:0f:29:65:a6:45:96:d7:3f:ad:5a:22:a4:
8c:d2:07:aa:20:16:4b:41:4a:44:b0:0b:37:a9:e8:
58:11:88:9f:8c:ae:eb:3e:b2:14:d0:28:a1:71:1d:
08:b4:88:86:a7:a2:7d:9e:2d:3b:38:bf:ec:db:8b:
57:7a:ab:ca:22:eb:fc:ba:4e:1f:c1:c1:71:b9:e6:
91:d8:61:c3:ce:bd:d7:1b:5a:d8:fc:67:71:15:ec:
8f:5d:8e:21:b4:db:32:a7:c8:42:2a:96:e5:d8:8e:
81:d7:c0:c8:d3:30:06:c4:0a:60:38:50:ff:ce:b3:
71:6a:35:6d:df:2c:95:ad:f1:34:b5:44:99:4d:b1:
e3:56:34:bd:c9:e0:62:f9:3a:c6:77:87:ad:29:2f:
d7:79:c7:27:07:1d:1e:06:bd:e7:d3:ec:15:af:03:
b8:fb:4f:13:5b:64:10:09:69:96:e3:73:89:92:f9:
d9:43:0a:5b:ff:19:c3:a7:8e:74:b5:94:e6:0c:05:
02:a3:86:7f:15:e6:db:07:f6:2c:6b:50:83:fd:14:
a6:4e:e1:96:94:e2:ab:25:5b:96:c0:8a:89:1e:80:
c4:05:08:78:8d:77:a0:0d:8f:d8:f0:59:61:23:69:
1d:15:03:b3:56:7b:17:d1:00:fb:a5:77:97:e0:64:
21:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:07:AD:1C:EA:7E:D2:80:BD:18:BB:7C:50:09:BD:B4:7A:B4:96:68
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/kQetHOp-0oC9GLt8UAm9tHq0lmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.175.0/24
Signature Algorithm: sha256WithRSAEncryption
37:77:a2:b3:00:63:9e:31:0c:fc:ed:26:a1:11:4e:f8:79:8a:
bb:06:5c:46:bb:24:21:e5:7b:a1:e9:c2:ea:1f:3a:51:c6:b5:
51:c0:7a:13:ef:b2:e2:03:e9:ad:ce:23:9f:95:9c:ee:08:0e:
1e:ec:b1:67:16:d8:53:36:ea:b7:fa:c4:58:0e:92:eb:00:f1:
91:a9:4c:e0:56:39:31:16:1b:c6:7e:d3:13:25:d4:42:f4:d1:
61:f2:6a:68:d2:0a:67:43:f9:f0:8d:65:78:bd:3f:f8:13:08:
f8:a4:e8:ec:2d:ba:80:32:ee:69:b7:c1:d6:93:28:79:74:5e:
b3:0e:82:9a:59:f4:46:82:a5:a3:98:52:7b:49:66:6b:f9:f7:
af:fb:1e:ac:24:12:5b:94:5d:30:36:25:d0:f5:da:54:5e:cd:
6a:71:01:a5:57:cf:b7:de:59:9f:83:ec:0f:b7:e6:62:ac:12:
4c:24:23:8f:dc:0f:e0:09:3f:9a:9e:8d:d8:56:e3:c2:11:3c:
17:27:cd:87:b1:66:72:ab:d8:86:30:0b:dc:65:cb:09:a0:be:
2b:fc:79:07:06:e8:b9:b6:38:d9:1b:43:58:57:8c:2c:d4:12:
fd:85:3b:db:e7:04:cb:0c:30:aa:be:e4:0b:78:8d:5f:10:a1:
05:47:06:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW4vQOvYEQb6iES5yytDLtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjUwMzIxMTI0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA3YWQxY2VhN2VkMjgwYmQxOGJiN2M1MDA5YmRiNDdhYjQ5NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB0PKWWmRZbXP61aIqSM0geqIBZL
QUpEsAs3qehYEYifjK7rPrIU0CihcR0ItIiGp6J9ni07OL/s24tXeqvKIuv8uk4f
wcFxueaR2GHDzr3XG1rY/GdxFeyPXY4htNsyp8hCKpbl2I6B18DI0zAGxApgOFD/
zrNxajVt3yyVrfE0tUSZTbHjVjS9yeBi+TrGd4etKS/XeccnBx0eBr3n0+wVrwO4
+08TW2QQCWmW43OJkvnZQwpb/xnDp450tZTmDAUCo4Z/FebbB/Ysa1CD/RSmTuGW
lOKrJVuWwIqJHoDEBQh4jXegDY/Y8FlhI2kdFQOzVnsX0QD7pXeX4GQhjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEHrRzqftKAvRi7fFAJvbR6tJZoMB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEva1FldEhPcC0wb0M5R0x0OFVBbTl0SHEwbG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcivMA0G
CSqGSIb3DQEBCwUAA4IBAQA3d6KzAGOeMQz87SahEU74eYq7BlxGuyQh5Xuh6cLq
HzpRxrVRwHoT77LiA+mtziOflZzuCA4e7LFnFthTNuq3+sRYDpLrAPGRqUzgVjkx
FhvGftMTJdRC9NFh8mpo0gpnQ/nwjWV4vT/4Ewj4pOjsLbqAMu5pt8HWkyh5dF6z
DoKaWfRGgqWjmFJ7SWZr+fev+x6sJBJblF0wNiXQ9dpUXs1qcQGlV8+33lmfg+wP
t+ZirBJMJCOP3A/gCT+ano3YVuPCETwXJ82HsWZyq9iGMAvcZcsJoL4r/HkHBui5
tjjZG0NYV4ws1BL9hTvb5wTLDDCqvuQLeI1fEKEFRwY4
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:27:40 2025 by rpki-client on console.sobornost.net