Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsaBLJPGfzwoRUbJtKzMcqdap-s.roa
File: CsaBLJPGfzwoRUbJtKzMcqdap-s.roa (raw, json)
Hash identifier: kBKGyqi3r0GRspWtOKmPNrpFMAC+4ZLj2LI62XEJH50=
Subject key identifier: 0A:C6:81:2C:93:C6:7F:3C:28:45:46:C9:B4:AC:CC:72:A7:5A:A7:EB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195FFF8059A80720E10ABB7072961A56A1B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsaBLJPGfzwoRUbJtKzMcqdap-s.roa
Signing time: Fri 04 Apr 2025 08:43:19 +0000
ROA not before: Fri 04 Apr 2025 08:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 82.153.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:f8:05:9a:80:72:0e:10:ab:b7:07:29:61:a5:6a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 4 08:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ac6812c93c67f3c284546c9b4accc72a75aa7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:17:37:d8:6a:6b:4d:b2:4a:c9:b5:64:29:07:
f0:27:4a:ee:5b:d5:21:b9:db:dc:0a:36:56:6c:0e:
f1:11:a2:23:11:eb:6d:d7:90:b6:1f:a6:73:09:ad:
c3:a4:f4:2b:75:db:b0:02:7b:f5:f6:8f:53:c4:32:
1a:df:75:7f:55:34:a1:29:cb:ee:76:2c:66:59:f2:
cf:1e:e3:f1:9b:72:da:32:60:db:9a:de:d1:3c:b7:
14:2b:bb:48:de:18:e1:7a:b3:c7:0b:9c:cb:93:a6:
65:3a:2b:e7:ee:cd:ae:92:71:88:c0:fb:5b:c9:be:
21:8a:48:78:30:5b:46:20:00:9f:c4:56:6c:43:76:
c3:1e:80:bc:c2:d8:af:38:1a:b0:f2:92:19:4e:1a:
bb:83:36:fd:7e:a0:c4:02:ca:71:5a:aa:f5:90:74:
63:f2:3b:b3:58:f3:f4:7c:34:49:57:7f:b1:52:79:
a4:22:85:17:84:da:89:77:12:7e:79:db:8a:43:c8:
24:90:1e:46:b1:60:2e:16:b7:c8:10:35:a0:7b:b2:
0f:01:c3:1e:47:97:1e:a9:d7:9a:19:e0:85:a9:80:
34:56:42:9c:3e:f0:2f:93:5d:7c:09:d0:fe:19:f1:
21:e6:f9:e3:c9:5d:30:7f:5d:77:66:50:3f:a7:1d:
9a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C6:81:2C:93:C6:7F:3C:28:45:46:C9:B4:AC:CC:72:A7:5A:A7:EB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsaBLJPGfzwoRUbJtKzMcqdap-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.219.0/24
Signature Algorithm: sha256WithRSAEncryption
80:b6:ac:d7:e1:22:1f:f3:0f:b9:5d:3f:a3:78:10:18:d1:86:
8c:63:da:60:98:27:00:1d:e4:f1:75:39:fa:d6:75:48:1f:36:
bc:4a:95:3b:7c:7f:e7:ca:92:28:00:33:d5:7d:4f:9a:d3:13:
26:84:d9:2f:d4:ee:ba:40:dc:48:39:0b:b2:78:f3:11:3f:f0:
aa:78:a8:3d:db:a9:bf:71:fa:3a:77:f4:bf:db:9c:f1:f3:8a:
66:8d:a1:e8:f0:cc:42:6c:5c:55:c3:57:0a:63:31:13:f1:47:
87:2c:fc:9b:2f:f5:1c:48:08:3a:2f:5b:db:2e:50:c3:96:18:
7d:61:6a:25:ba:a2:ba:0b:a2:b6:21:9a:39:05:d0:35:3c:6f:
b0:d1:20:ae:ed:4e:a0:8e:1e:1b:81:f9:7c:45:09:46:6c:ce:
07:5c:40:ef:22:dc:b9:3c:af:eb:ac:b0:7d:05:2b:b7:0f:99:
c2:70:c5:cb:56:62:bb:a1:10:8a:46:83:b6:ba:a7:bc:7b:46:
87:84:31:2a:aa:44:6f:fe:46:72:8b:ac:03:0d:d0:df:28:ad:
0a:4b:84:0e:17:2e:13:18:88:01:1b:05:36:74:b1:73:ea:86:
41:a8:e7:ab:9e:77:a1:66:ab:0d:31:3e:4e:ce:82:48:9b:ab:
26:b8:d0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX/+AWagHIOEKu3BylhpWobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA0MDg0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWM2ODEyYzkzYzY3ZjNjMjg0NTQ2YzliNGFjY2M3MmE3NWFhN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRc32GprTbJKybVkKQfwJ0ruW9Uh
udvcCjZWbA7xEaIjEett15C2H6ZzCa3DpPQrdduwAnv19o9TxDIa33V/VTShKcvu
dixmWfLPHuPxm3LaMmDbmt7RPLcUK7tI3hjherPHC5zLk6ZlOivn7s2uknGIwPtb
yb4hikh4MFtGIACfxFZsQ3bDHoC8wtivOBqw8pIZThq7gzb9fqDEAspxWqr1kHRj
8juzWPP0fDRJV3+xUnmkIoUXhNqJdxJ+eduKQ8gkkB5GsWAuFrfIEDWge7IPAcMe
R5ceqdeaGeCFqYA0VkKcPvAvk118CdD+GfEh5vnjyV0wf113ZlA/px2a6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArGgSyTxn88KEVGybSszHKnWqfrMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ3NhQkxKUEdmendvUlViSnRLek1jcWRhcC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnbMA0G
CSqGSIb3DQEBCwUAA4IBAQCAtqzX4SIf8w+5XT+jeBAY0YaMY9pgmCcAHeTxdTn6
1nVIHza8SpU7fH/nypIoADPVfU+a0xMmhNkv1O66QNxIOQuyePMRP/CqeKg926m/
cfo6d/S/25zx84pmjaHo8MxCbFxVw1cKYzET8UeHLPybL/UcSAg6L1vbLlDDlhh9
YWoluqK6C6K2IZo5BdA1PG+w0SCu7U6gjh4bgfl8RQlGbM4HXEDvIty5PK/rrLB9
BSu3D5nCcMXLVmK7oRCKRoO2uqe8e0aHhDEqqkRv/kZyi6wDDdDfKK0KS4QOFy4T
GIgBGwU2dLFz6oZBqOernnehZqsNMT5OzoJIm6smuNDE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:16 2025 by rpki-client on console.sobornost.net