Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2VXYFXVF19WRXwmg7RptkcGqUe8.roa
File: 2VXYFXVF19WRXwmg7RptkcGqUe8.roa (raw, json)
Hash identifier: mkyycmOFBwwl+4yr5vjS5P5fQ3qDwQxkEqiobTGdfno=
Subject key identifier: D9:55:D8:15:75:45:D7:D5:91:5F:09:A0:ED:1A:6D:91:C1:AA:51:EF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196252B3FB375BAEC171741AD80487774B8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2VXYFXVF19WRXwmg7RptkcGqUe8.roa
Signing time: Fri 11 Apr 2025 14:05:13 +0000
ROA not before: Fri 11 Apr 2025 14:05:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203758
IP address blocks: 82.153.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:25:2b:3f:b3:75:ba:ec:17:17:41:ad:80:48:77:74:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 11 14:05:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d955d8157545d7d5915f09a0ed1a6d91c1aa51ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:cf:27:91:4d:7e:f3:b7:f9:6a:38:53:68:a2:
c0:2b:7d:c9:7a:13:01:a7:fc:2b:46:7a:a2:c0:5f:
31:ad:3d:bd:32:24:9f:6d:66:7d:46:85:5d:cf:5d:
79:41:a8:2d:c8:96:93:9c:55:57:6b:39:6c:fd:86:
26:e6:d2:79:9c:91:ab:ba:b6:8b:c6:4a:bd:cc:38:
53:5e:f1:c4:97:ff:aa:7a:57:3c:18:a3:1c:93:a4:
1d:57:00:1e:49:52:2a:84:d8:1a:52:98:6d:0c:85:
63:10:23:de:d4:5a:78:bf:4e:44:d1:44:7f:33:9b:
d7:be:1b:6d:b5:80:6a:98:9e:dc:13:fe:cb:88:15:
fb:c5:b1:43:e1:c2:db:eb:1c:1a:68:95:18:ac:ec:
a7:18:04:73:87:4f:bd:b8:50:1c:78:5b:6e:df:de:
e3:17:86:7e:76:4d:e4:9b:d4:9b:aa:f1:85:3e:d9:
18:f0:6a:48:10:14:90:5c:25:5a:1e:19:b4:f4:0f:
3c:b1:13:71:fa:c3:fa:be:68:d7:14:38:72:dc:32:
7e:96:39:56:fc:9a:f8:40:95:e6:8b:da:da:1c:49:
8c:af:28:da:58:1e:12:e2:e2:b5:0b:12:86:47:19:
dc:d4:23:4b:a8:e5:da:24:28:81:5b:d5:17:31:6a:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:55:D8:15:75:45:D7:D5:91:5F:09:A0:ED:1A:6D:91:C1:AA:51:EF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2VXYFXVF19WRXwmg7RptkcGqUe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.70.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ab:52:88:18:da:56:92:b0:8e:33:f9:b7:37:b2:55:55:77:
50:5d:35:55:bf:04:1f:ce:36:b5:97:38:ab:4f:c6:a3:2d:47:
ec:40:75:ae:14:cf:5e:94:59:f1:8b:04:e3:e0:67:0f:be:be:
0f:01:36:c4:11:a7:ee:04:42:5f:ef:f8:a0:b6:78:79:8d:d3:
a2:ee:8b:99:58:15:1e:ec:c7:90:76:f2:28:df:b8:d8:30:f7:
0d:54:a1:1d:30:00:6e:2c:fc:f9:fd:a1:b2:a5:89:8a:37:19:
23:30:6c:98:86:53:88:cc:f7:00:4f:17:98:12:e9:f2:9a:24:
3b:ae:c5:13:b1:fd:66:72:e1:91:b9:64:59:a5:e6:a9:e4:36:
d7:32:57:4f:e7:d0:47:7d:64:d1:52:34:b0:6b:20:f2:ee:9d:
36:eb:14:0e:fc:3a:a4:2c:0f:a9:ac:94:c3:92:43:3b:0b:66:
a0:cd:92:5a:c7:cb:43:ab:05:6f:08:ab:42:b9:2e:a5:ec:6b:
4b:79:d1:df:ea:9a:77:ab:ed:cc:74:60:f2:d9:e4:17:7c:be:
f3:2c:f7:41:9e:13:65:7b:50:31:cf:21:ac:34:da:48:d2:c9:
36:9a:3b:5a:f4:d4:f3:35:63:1a:15:12:da:b3:c5:a4:35:c8:
08:ad:a4:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYlKz+zdbrsFxdBrYBId3S4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDExMTQwNTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU1ZDgxNTc1NDVkN2Q1OTE1ZjA5YTBlZDFhNmQ5MWMxYWE1MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA888nkU1+87f5ajhTaKLAK33JehMB
p/wrRnqiwF8xrT29MiSfbWZ9RoVdz115QagtyJaTnFVXazls/YYm5tJ5nJGruraL
xkq9zDhTXvHEl/+qelc8GKMck6QdVwAeSVIqhNgaUphtDIVjECPe1Fp4v05E0UR/
M5vXvhtttYBqmJ7cE/7LiBX7xbFD4cLb6xwaaJUYrOynGARzh0+9uFAceFtu397j
F4Z+dk3km9SbqvGFPtkY8GpIEBSQXCVaHhm09A88sRNx+sP6vmjXFDhy3DJ+ljlW
/Jr4QJXmi9raHEmMryjaWB4S4uK1CxKGRxnc1CNLqOXaJCiBW9UXMWrn7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlV2BV1RdfVkV8JoO0abZHBqlHvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMlZYWUZYVkYxOVdSWHdtZzdScHRrY0dxVWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplGMA0G
CSqGSIb3DQEBCwUAA4IBAQAtq1KIGNpWkrCOM/m3N7JVVXdQXTVVvwQfzja1lzir
T8ajLUfsQHWuFM9elFnxiwTj4GcPvr4PATbEEafuBEJf7/igtnh5jdOi7ouZWBUe
7MeQdvIo37jYMPcNVKEdMABuLPz5/aGypYmKNxkjMGyYhlOIzPcATxeYEunymiQ7
rsUTsf1mcuGRuWRZpeap5DbXMldP59BHfWTRUjSwayDy7p026xQO/DqkLA+prJTD
kkM7C2agzZJax8tDqwVvCKtCuS6l7GtLedHf6pp3q+3MdGDy2eQXfL7zLPdBnhNl
e1AxzyGsNNpI0sk2mjta9NTzNWMaFRLas8WkNcgIraRI
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:16 2025 by rpki-client on console.sobornost.net