Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ckxfsidkq0zDgn8HR-xIWsqm2AQ.roa
File: ckxfsidkq0zDgn8HR-xIWsqm2AQ.roa (raw, json)
Hash identifier: WdjOIbcaJnLXbL/Nx00pV5xdwXgfnCo9JLmJy57TSjE=
Subject key identifier: 72:4C:5F:B2:27:64:AB:4C:C3:82:7F:07:47:EC:48:5A:CA:A6:D8:04
Certificate issuer: /CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Certificate serial: 0194266BAC935985A248A666BE4FE489FDD9
Authority key identifier: 65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ckxfsidkq0zDgn8HR-xIWsqm2AQ.roa
Signing time: Thu 02 Jan 2025 09:49:38 +0000
ROA not before: Thu 02 Jan 2025 09:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30870
IP address blocks: 84.244.153.0/24 maxlen: 24
84.244.170.0/23 maxlen: 23
84.244.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ac:93:59:85:a2:48:a6:66:be:4f:e4:89:fd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Validity
Not Before: Jan 2 09:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=724c5fb22764ab4cc3827f0747ec485acaa6d804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3e:df:5c:5d:96:c7:2a:f1:b6:3c:ed:b1:13:
70:3b:43:21:55:d6:d3:0f:60:1d:16:a2:d3:49:17:
da:b8:d0:fe:44:66:ff:e0:d8:7a:af:4f:76:52:10:
18:5b:1c:11:78:b8:89:c7:4e:3f:91:1e:37:81:90:
83:62:3d:ef:47:7a:c6:9d:7d:f1:75:12:3c:b8:ec:
5d:80:74:ed:46:0c:a7:36:d7:c1:e2:50:c2:ad:9b:
7d:d4:6c:26:89:fe:2c:f4:3b:4e:65:66:39:e8:cc:
c6:33:a8:6b:9e:79:a4:15:bd:90:37:15:05:8f:c1:
af:51:a4:7b:ea:a2:bc:2e:91:97:7c:aa:6b:a0:09:
18:33:ad:a6:fa:31:7e:9c:1f:d3:ff:2e:f7:69:61:
65:cc:71:2e:5d:af:da:c1:7d:70:8c:e2:8a:40:90:
e2:86:bd:03:15:ce:ee:4c:f7:8c:41:18:bc:88:52:
60:d6:b5:32:5d:cb:ab:2d:3c:74:b2:3b:f7:ec:62:
2d:93:93:b6:ad:31:8c:f4:3e:38:23:cc:d6:ad:df:
92:72:2e:40:e2:f0:b0:4c:fb:90:bd:47:78:b2:0d:
f8:9d:f6:3b:b4:68:63:a5:c3:a7:a8:fe:1c:a0:48:
3f:6a:20:bf:ca:43:3b:59:34:1c:e0:d7:b0:26:21:
17:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4C:5F:B2:27:64:AB:4C:C3:82:7F:07:47:EC:48:5A:CA:A6:D8:04
X509v3 Authority Key Identifier:
keyid:65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ckxfsidkq0zDgn8HR-xIWsqm2AQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.244.153.0/24
84.244.170.0-84.244.172.255
Signature Algorithm: sha256WithRSAEncryption
5e:cf:b9:33:36:ab:c1:17:cb:05:71:f3:85:e2:93:94:a7:22:
26:62:68:f1:a1:cd:fe:64:5b:1d:39:7f:6b:9a:7a:74:0f:54:
c7:6f:cc:93:d2:4f:4f:fc:bf:6f:fd:f5:8c:95:38:2e:6e:7a:
74:1f:79:26:42:54:50:43:c8:c1:72:14:96:30:ad:1a:11:f2:
a8:a3:d5:07:77:85:61:df:9b:aa:bf:07:c9:ab:66:16:dc:25:
ed:d2:a7:47:06:92:2e:72:47:1a:6d:64:ef:44:4b:78:5d:52:
99:05:18:f5:54:4b:a1:28:d0:6b:c8:43:95:12:7c:f9:04:fc:
7c:c8:af:ec:4d:31:4e:42:10:8f:7d:06:63:be:bb:9e:d1:7b:
50:f8:bf:9b:59:d4:b8:42:1a:08:ed:eb:a8:70:d5:25:ff:ae:
df:40:8f:3a:76:82:f4:98:1e:f1:b1:0e:2b:de:04:b0:39:2b:
1c:ae:4f:ad:1a:75:62:c0:bf:3e:c6:c3:0c:26:f6:64:3b:07:
bc:ae:73:91:ff:55:f5:a8:50:2c:52:89:34:4a:4b:70:0a:fb:
1f:13:c6:53:95:07:f2:24:8b:4d:34:ec:fe:5e:2e:6c:16:af:
a6:11:40:d4:63:d3:a1:fb:2f:a1:41:6b:5b:26:91:e1:a5:12:
26:9d:be:7a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQma6yTWYWiSKZmvk/kif3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTFjZTVlMmY1M2I3YmI4Y2FjOGYzOWUyOTRlODlhNDVi
MjAwMjkwHhcNMjUwMTAyMDk0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRjNWZiMjI3NjRhYjRjYzM4MjdmMDc0N2VjNDg1YWNhYTZkODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz7fXF2WxyrxtjztsRNwO0MhVdbT
D2AdFqLTSRfauND+RGb/4Nh6r092UhAYWxwReLiJx04/kR43gZCDYj3vR3rGnX3x
dRI8uOxdgHTtRgynNtfB4lDCrZt91Gwmif4s9DtOZWY56MzGM6hrnnmkFb2QNxUF
j8GvUaR76qK8LpGXfKproAkYM62m+jF+nB/T/y73aWFlzHEuXa/awX1wjOKKQJDi
hr0DFc7uTPeMQRi8iFJg1rUyXcurLTx0sjv37GItk5O2rTGM9D44I8zWrd+Sci5A
4vCwTPuQvUd4sg34nfY7tGhjpcOnqP4coEg/aiC/ykM7WTQc4NewJiEXMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHJMX7InZKtMw4J/B0fsSFrKptgEMB8GA1UdIwQY
MBaAFGURzl4vU7e7jKyPOeKU6JpFsgApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYt
NWNiOTM0YTU1YjBkLzEvY2t4ZnNpZGtxMHpEZ244SFIteElXc3FtMkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYtNWNiOTM0YTU1YjBk
LzEvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVPSZMAwD
BAFU9KoDBABU9KwwDQYJKoZIhvcNAQELBQADggEBAF7PuTM2q8EXywVx84Xik5Sn
IiZiaPGhzf5kWx05f2uaenQPVMdvzJPST0/8v2/99YyVOC5uenQfeSZCVFBDyMFy
FJYwrRoR8qij1Qd3hWHfm6q/B8mrZhbcJe3Sp0cGki5yRxptZO9ES3hdUpkFGPVU
S6Eo0GvIQ5USfPkE/HzIr+xNMU5CEI99BmO+u57Re1D4v5tZ1LhCGgjt66hw1SX/
rt9Ajzp2gvSYHvGxDiveBLA5KxyuT60adWLAvz7Gwwwm9mQ7B7yuc5H/VfWoUCxS
iTRKS3AK+x8TxlOVB/Iki0007P5eLmwWr6YRQNRj06H7L6FBa1smkeGlEiadvno=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:13 2025 by rpki-client on console.sobornost.net