Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DnX8Gv7nr-2qVYgDJsro3YohUzI.roa
File: DnX8Gv7nr-2qVYgDJsro3YohUzI.roa (raw, json)
Hash identifier: p/WUO0rX4TYRuxs5hnZNvSxEUDAWXmSqF0/FkQSl6xc=
Subject key identifier: 0E:75:FC:1A:FE:E7:AF:ED:AA:55:88:03:26:CA:E8:DD:8A:21:53:32
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01961474DFC12C01CEB1CC5D05B28287F160
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DnX8Gv7nr-2qVYgDJsro3YohUzI.roa
Signing time: Tue 08 Apr 2025 08:12:05 +0000
ROA not before: Tue 08 Apr 2025 08:12:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393942
IP address blocks: 82.153.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:74:df:c1:2c:01:ce:b1:cc:5d:05:b2:82:87:f1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 8 08:12:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e75fc1afee7afedaa55880326cae8dd8a215332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:46:38:fc:15:6c:69:cb:cd:58:bf:26:cd:c8:
9f:f8:2c:7e:00:00:4d:87:46:23:90:cc:ae:c0:82:
1a:03:68:0d:7a:2a:4c:a7:4f:e9:77:e5:44:34:6f:
2f:96:bb:02:45:f0:a2:b5:fc:51:15:73:87:a4:88:
22:f6:01:25:f0:cf:cc:da:1a:2a:54:d2:b6:9e:41:
89:f8:52:57:e5:3c:44:48:66:4d:8b:16:c7:f8:50:
70:11:1c:bd:a8:f3:51:ac:14:37:b0:26:80:2c:e1:
0e:9c:12:8b:3d:b5:33:45:59:6c:0a:fe:24:b7:9b:
08:55:f7:91:9e:28:97:a4:c8:04:09:eb:0f:c7:f2:
04:a6:f9:00:e7:ae:96:55:20:61:99:43:98:12:01:
27:82:18:d7:f1:d3:67:81:bb:0d:02:a9:10:ea:79:
eb:92:25:db:90:fc:70:36:0b:03:76:49:29:bf:a7:
66:7f:22:a4:f2:1c:8d:91:4e:0f:aa:d3:94:ba:a2:
50:8d:d0:b9:cf:33:cc:a7:4d:ba:35:50:0b:b1:32:
53:e0:3c:c2:22:ad:17:2c:cd:55:64:a4:43:8a:0d:
b9:a3:7b:ca:a3:31:57:4a:a6:eb:20:eb:f6:10:2c:
ee:80:35:68:6a:ad:0f:0b:31:9d:9f:cc:60:05:3a:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:75:FC:1A:FE:E7:AF:ED:AA:55:88:03:26:CA:E8:DD:8A:21:53:32
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DnX8Gv7nr-2qVYgDJsro3YohUzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
Signature Algorithm: sha256WithRSAEncryption
23:86:af:36:c4:f2:4c:5a:3b:d6:e5:98:c7:86:3c:6c:6f:d6:
c3:40:1d:33:e4:0a:09:c2:e5:9a:16:6b:78:0d:c5:ea:1e:dc:
c4:96:d4:f1:a9:f0:e5:1b:1f:e9:27:56:a2:a7:e4:12:e8:4b:
d8:45:1f:b9:a3:5b:3e:39:42:7d:8b:b1:fa:a8:3b:13:c9:6a:
64:0b:1a:e7:96:89:00:93:79:98:28:46:c8:4e:29:da:aa:8b:
90:03:9a:7a:68:80:3a:73:54:82:8f:5e:d3:52:2a:5b:f9:37:
1f:4a:f6:0d:e5:a4:92:00:7b:a7:45:4a:10:8c:47:01:8f:4f:
2b:8e:c1:bf:e2:09:cc:0b:8c:d8:ea:a9:bf:c7:b3:1e:83:8b:
80:48:55:94:60:a7:8a:b4:bf:95:2c:07:c7:39:0f:22:56:08:
a2:bb:60:34:b2:79:9f:26:09:ca:06:1e:93:ce:b8:66:dd:04:
05:7b:5c:68:98:57:44:08:af:fc:dd:9f:51:ce:e2:79:3d:42:
a6:30:ea:78:af:de:81:93:90:2e:27:ff:42:92:80:1e:6a:ab:
1d:bc:bd:70:7d:5a:86:dd:28:9f:55:c4:dc:a2:ad:fe:26:c4:
e8:76:a2:e2:67:ec:1c:f2:06:7f:59:89:af:d9:92:59:f6:ba:
ef:3e:52:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYUdN/BLAHOscxdBbKCh/FgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA4MDgxMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc1ZmMxYWZlZTdhZmVkYWE1NTg4MDMyNmNhZThkZDhhMjE1MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0Y4/BVsacvNWL8mzcif+Cx+AABN
h0YjkMyuwIIaA2gNeipMp0/pd+VENG8vlrsCRfCitfxRFXOHpIgi9gEl8M/M2hoq
VNK2nkGJ+FJX5TxESGZNixbH+FBwERy9qPNRrBQ3sCaALOEOnBKLPbUzRVlsCv4k
t5sIVfeRniiXpMgECesPx/IEpvkA566WVSBhmUOYEgEnghjX8dNngbsNAqkQ6nnr
kiXbkPxwNgsDdkkpv6dmfyKk8hyNkU4PqtOUuqJQjdC5zzPMp026NVALsTJT4DzC
Iq0XLM1VZKRDig25o3vKozFXSqbrIOv2ECzugDVoaq0PCzGdn8xgBTq/NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA51/Br+56/tqlWIAybK6N2KIVMyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRG5YOEd2N25yLTJxVllnREpzcm8zWW9oVXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpncMA0G
CSqGSIb3DQEBCwUAA4IBAQAjhq82xPJMWjvW5ZjHhjxsb9bDQB0z5AoJwuWaFmt4
DcXqHtzEltTxqfDlGx/pJ1aip+QS6EvYRR+5o1s+OUJ9i7H6qDsTyWpkCxrnlokA
k3mYKEbITinaqouQA5p6aIA6c1SCj17TUipb+TcfSvYN5aSSAHunRUoQjEcBj08r
jsG/4gnMC4zY6qm/x7Meg4uASFWUYKeKtL+VLAfHOQ8iVgiiu2A0snmfJgnKBh6T
zrhm3QQFe1xomFdECK/83Z9RzuJ5PUKmMOp4r96Bk5AuJ/9CkoAeaqsdvL1wfVqG
3SifVcTcoq3+JsTodqLiZ+wc8gZ/WYmv2ZJZ9rrvPlKi
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:16 2025 by rpki-client on console.sobornost.net