Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/04Xl2v7VZUiTmCr_w4v8QX2gTRY.roa
File: 04Xl2v7VZUiTmCr_w4v8QX2gTRY.roa (raw, json)
Hash identifier: MycY07gNOE3Ooqi4Uv41zgpH/iEzpn8tkzRPcGSW9aU=
Subject key identifier: D3:85:E5:DA:FE:D5:65:48:93:98:2A:FF:C3:8B:FC:41:7D:A0:4D:16
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 019428231B574F4BB2A093CDDE1D2CEB87C5
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/04Xl2v7VZUiTmCr_w4v8QX2gTRY.roa
Signing time: Thu 02 Jan 2025 17:49:36 +0000
ROA not before: Thu 02 Jan 2025 17:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51190
IP address blocks: 82.200.17.0/24 maxlen: 24
82.200.77.0/24 maxlen: 24
82.200.122.0/24 maxlen: 24
82.200.123.0/24 maxlen: 24
94.251.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:1b:57:4f:4b:b2:a0:93:cd:de:1d:2c:eb:87:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 17:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d385e5dafed5654893982affc38bfc417da04d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:63:c3:5d:da:7f:8b:85:74:64:8d:7b:c8:87:
80:cd:f3:00:41:21:b3:1c:aa:16:d8:02:32:7c:89:
40:40:bc:a5:2d:96:8c:35:29:a5:45:98:84:d9:6e:
fa:91:9d:18:ed:0b:77:4e:9b:7a:d3:4f:c0:52:d1:
5b:1b:49:93:fc:67:b6:ec:cf:aa:f7:ea:95:9d:4d:
4a:26:dc:fc:48:ed:be:86:3d:3f:a6:78:e2:87:9e:
70:19:83:91:0b:f5:f2:ec:8a:7c:66:e4:09:21:f6:
12:4b:a4:69:39:a0:e7:9f:43:77:29:e2:d8:7f:86:
c4:a7:89:90:82:84:71:71:2d:e3:41:5e:9f:d6:d3:
45:99:0b:2d:06:79:cd:ee:12:20:5e:3e:41:fa:79:
a5:62:ba:03:76:4f:5a:2c:6a:23:17:f7:e9:2a:3f:
2c:d4:f3:68:b8:68:25:3a:48:5b:66:17:dd:57:d5:
ce:90:46:4a:a1:c9:3e:a2:34:8d:88:8a:dc:ed:f3:
28:0e:66:47:9b:95:da:b8:72:f6:28:f3:22:28:55:
c4:17:30:fd:ad:10:11:21:5a:dd:6d:e5:a6:71:b7:
7b:02:9a:e6:79:c0:7b:a6:d6:96:cc:57:ad:08:f6:
31:6e:3b:48:90:5d:ad:fe:10:18:e5:29:68:d7:12:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:85:E5:DA:FE:D5:65:48:93:98:2A:FF:C3:8B:FC:41:7D:A0:4D:16
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/04Xl2v7VZUiTmCr_w4v8QX2gTRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.200.17.0/24
82.200.77.0/24
82.200.122.0/23
94.251.92.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:0a:16:3a:59:64:9a:3d:42:fb:6a:43:bf:bb:3c:0e:91:29:
2e:41:05:c4:25:e5:c5:5a:09:91:7e:02:ba:a1:f1:13:98:58:
eb:e9:e0:c1:28:fc:84:ea:34:68:5a:54:8e:1a:89:13:d8:8b:
83:dd:57:f7:d0:9d:5e:74:f7:3d:4b:cf:38:2c:4c:72:1a:c6:
90:db:47:ed:72:e1:b7:57:8b:0b:a9:15:e9:7d:d8:65:c7:6d:
79:d8:b2:77:2d:a4:4a:5e:36:f4:d4:39:9b:d3:6b:9c:e4:b0:
d8:ca:d2:d0:8b:bd:67:d0:47:d9:ff:09:99:a1:e2:32:dd:57:
3d:ef:b5:06:a8:22:93:cc:ef:15:20:44:cf:b9:d2:e0:3d:94:
b5:36:46:6f:3d:d8:f7:b3:bc:05:e0:7a:16:3a:46:af:76:7d:
aa:fd:71:58:83:58:a5:bd:59:df:83:10:25:64:23:e8:d6:28:
17:06:21:79:7a:1f:e9:a7:b9:89:74:17:4a:1c:1b:9e:ae:8c:
4b:33:d6:3c:4b:5d:bd:5f:e5:9c:4c:46:b3:06:b8:5f:12:c4:
a5:6e:24:5f:e7:2f:6f:14:40:e0:50:1e:ee:ad:71:c3:e5:69:
d5:be:9f:42:13:b2:82:7e:66:ef:77:97:34:ab:4c:ac:c5:82:
8d:76:2f:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoIxtXT0uyoJPN3h0s64fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjUwMTAyMTc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzg1ZTVkYWZlZDU2NTQ4OTM5ODJhZmZjMzhiZmM0MTdkYTA0ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2PDXdp/i4V0ZI17yIeAzfMAQSGz
HKoW2AIyfIlAQLylLZaMNSmlRZiE2W76kZ0Y7Qt3Tpt600/AUtFbG0mT/Ge27M+q
9+qVnU1KJtz8SO2+hj0/pnjih55wGYORC/Xy7Ip8ZuQJIfYSS6RpOaDnn0N3KeLY
f4bEp4mQgoRxcS3jQV6f1tNFmQstBnnN7hIgXj5B+nmlYroDdk9aLGojF/fpKj8s
1PNouGglOkhbZhfdV9XOkEZKock+ojSNiIrc7fMoDmZHm5XauHL2KPMiKFXEFzD9
rRARIVrdbeWmcbd7AprmecB7ptaWzFetCPYxbjtIkF2t/hAY5Slo1xIfJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNOF5dr+1WVIk5gq/8OL/EF9oE0WMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvMDRYbDJ2N1ZaVWlUbUNyX3c0djhRWDJnVFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUsgRAwQA
UshNAwQBUsh6AwQAXvtcMA0GCSqGSIb3DQEBCwUAA4IBAQCkChY6WWSaPUL7akO/
uzwOkSkuQQXEJeXFWgmRfgK6ofETmFjr6eDBKPyE6jRoWlSOGokT2IuD3Vf30J1e
dPc9S884LExyGsaQ20ftcuG3V4sLqRXpfdhlx2152LJ3LaRKXjb01Dmb02uc5LDY
ytLQi71n0EfZ/wmZoeIy3Vc977UGqCKTzO8VIETPudLgPZS1NkZvPdj3s7wF4HoW
Okavdn2q/XFYg1ilvVnfgxAlZCPo1igXBiF5eh/pp7mJdBdKHBueroxLM9Y8S129
X+WcTEazBrhfEsSlbiRf5y9vFEDgUB7urXHD5WnVvp9CE7KCfmbvd5c0q0ysxYKN
di8v
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net