Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/XFfGj08np--Em5Z5kIc20cz3an8.roa
File: XFfGj08np--Em5Z5kIc20cz3an8.roa (raw, json)
Hash identifier: 731ZgOzIZopYbaORYzYFZjPA2ROCuek/j9hLL8+uhPA=
Subject key identifier: 5C:57:C6:8F:4F:27:A7:EF:84:9B:96:79:90:87:36:D1:CC:F7:6A:7F
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 019421B16D8A96A263A95613918ADDFB67A6
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/XFfGj08np--Em5Z5kIc20cz3an8.roa
Signing time: Wed 01 Jan 2025 11:47:43 +0000
ROA not before: Wed 01 Jan 2025 11:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3549
IP address blocks: 192.109.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:6d:8a:96:a2:63:a9:56:13:91:8a:dd:fb:67:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 11:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c57c68f4f27a7ef849b9679908736d1ccf76a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2e:eb:8d:4c:8f:2f:0b:47:58:7e:72:ba:29:
c8:c6:26:56:88:fc:62:e0:1a:10:cc:34:d9:8a:da:
65:74:1f:0e:05:4b:9a:51:b3:5b:e1:d2:d8:8b:e7:
f3:2b:3e:11:6a:fe:cb:c4:7e:b1:8b:34:9d:b4:cd:
35:6e:04:d3:b3:ac:88:4a:30:d1:08:11:43:71:92:
be:7f:e3:e4:d0:38:50:f0:81:d7:06:5e:8b:8a:8a:
b2:f4:66:72:8a:0d:38:ba:49:45:66:b1:e6:05:cd:
a7:b0:2f:7b:18:fa:ae:77:ae:cf:e8:24:9e:25:f4:
66:1c:d1:a0:e9:af:c6:a1:8f:c3:15:6e:40:ca:27:
13:99:37:2d:0e:6b:65:90:37:50:f5:a1:ea:0a:55:
5c:40:85:41:5d:dc:4d:d1:a2:b2:3a:e3:fa:d5:23:
64:d9:22:54:9d:a8:6c:9a:1b:da:5c:31:15:02:3c:
86:31:51:d8:9b:d9:12:02:c9:68:86:a8:dc:b2:53:
5c:3e:48:b3:f7:1e:31:7e:51:c2:37:77:62:ee:72:
c1:74:5a:fa:3b:cf:3a:23:b7:a9:ed:12:17:6b:f0:
48:a0:42:f9:ba:d0:31:87:8f:1c:a2:96:cd:33:71:
9a:df:48:a9:c3:3c:9e:22:2b:05:c2:1c:bc:e4:01:
58:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:57:C6:8F:4F:27:A7:EF:84:9B:96:79:90:87:36:D1:CC:F7:6A:7F
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/XFfGj08np--Em5Z5kIc20cz3an8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.148.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c6:76:c7:b5:69:b9:4f:c9:c0:98:0e:52:4a:93:58:f8:5c:
fb:ed:69:7b:45:87:ee:6c:f9:5e:78:d3:cb:e0:2e:d2:19:a8:
bd:71:8b:2b:e5:3a:16:b5:f0:eb:94:f2:c9:06:95:cc:3a:cf:
36:d5:3e:80:11:67:b4:0d:61:07:5a:b5:14:19:d8:e2:e1:8d:
3c:a2:e4:81:54:67:86:18:f1:07:3d:00:38:6e:8e:9f:f1:0d:
88:b9:5b:de:04:fb:71:1a:c5:8e:31:d1:7f:67:c5:bb:3d:28:
14:9e:47:e2:f4:ac:95:7a:86:1c:20:71:84:bf:91:3f:87:d7:
a8:be:69:3d:14:3b:60:d5:18:03:96:ef:0a:60:c0:a3:9c:65:
65:d2:91:71:9c:60:e7:f0:e2:76:4e:9e:ef:df:a9:b0:5b:34:
95:6f:22:85:68:72:c0:25:0e:9d:bb:0c:70:c1:55:05:66:53:
f1:2b:c5:bd:23:74:5a:0f:75:b1:45:d6:19:be:ec:16:f7:ab:
bb:8d:dc:42:49:50:f7:ad:76:89:0b:37:37:95:2f:77:0a:4a:
7d:f8:f5:44:f8:91:25:29:0f:30:b0:33:ba:71:f9:96:85:07:
cf:57:3d:0b:7e:9e:67:f3:79:4b:e6:76:e9:c2:a4:0e:9f:a0:
9a:43:8e:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsW2KlqJjqVYTkYrd+2emMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjUwMTAxMTE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU3YzY4ZjRmMjdhN2VmODQ5Yjk2Nzk5MDg3MzZkMWNjZjc2YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS7rjUyPLwtHWH5yuinIxiZWiPxi
4BoQzDTZitpldB8OBUuaUbNb4dLYi+fzKz4Rav7LxH6xizSdtM01bgTTs6yISjDR
CBFDcZK+f+Pk0DhQ8IHXBl6Lioqy9GZyig04uklFZrHmBc2nsC97GPqud67P6CSe
JfRmHNGg6a/GoY/DFW5AyicTmTctDmtlkDdQ9aHqClVcQIVBXdxN0aKyOuP61SNk
2SJUnahsmhvaXDEVAjyGMVHYm9kSAslohqjcslNcPkiz9x4xflHCN3di7nLBdFr6
O886I7ep7RIXa/BIoEL5utAxh48copbNM3Ga30ipwzyeIisFwhy85AFYyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxXxo9PJ6fvhJuWeZCHNtHM92p/MB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvWEZmR2owOG5wLS1FbTVaNWtJYzIwY3ozYW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2UMA0G
CSqGSIb3DQEBCwUAA4IBAQBmxnbHtWm5T8nAmA5SSpNY+Fz77Wl7RYfubPleeNPL
4C7SGai9cYsr5ToWtfDrlPLJBpXMOs821T6AEWe0DWEHWrUUGdji4Y08ouSBVGeG
GPEHPQA4bo6f8Q2IuVveBPtxGsWOMdF/Z8W7PSgUnkfi9KyVeoYcIHGEv5E/h9eo
vmk9FDtg1RgDlu8KYMCjnGVl0pFxnGDn8OJ2Tp7v36mwWzSVbyKFaHLAJQ6duwxw
wVUFZlPxK8W9I3RaD3WxRdYZvuwW96u7jdxCSVD3rXaJCzc3lS93Ckp9+PVE+JEl
KQ8wsDO6cfmWhQfPVz0Lfp5n83lL5nbpwqQOn6CaQ45+
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:56 2025 by rpki-client on console.sobornost.net