Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/9L1jJAO_HMQ73m0y2wPc0NTq508.roa
File: 9L1jJAO_HMQ73m0y2wPc0NTq508.roa (raw, json)
Hash identifier: dppWJh2OxH8+hUL7V9AV0LikKL7kW2xpJmDuGMTyRBM=
Subject key identifier: F4:BD:63:24:03:BF:1C:C4:3B:DE:6D:32:DB:03:DC:D0:D4:EA:E7:4F
Certificate issuer: /CN=68c0f2d0776f7e1d349075881c35e9d387463405
Certificate serial: 0194236A1311120636883E5D38F45ECCA6AB
Authority key identifier: 68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/9L1jJAO_HMQ73m0y2wPc0NTq508.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215633
IP address blocks: 194.0.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:13:11:12:06:36:88:3e:5d:38:f4:5e:cc:a6:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c0f2d0776f7e1d349075881c35e9d387463405
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4bd632403bf1cc43bde6d32db03dcd0d4eae74f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:da:4e:b5:bd:f0:1a:3d:41:ec:e7:b7:9c:e0:
4c:13:2e:43:df:28:20:d7:05:ea:8d:5f:1d:f1:8c:
da:cc:e2:10:74:92:7c:50:76:de:2f:a1:25:e7:9a:
51:02:a3:ea:b5:c5:d6:f5:15:a2:75:cf:8c:ed:92:
fe:2b:3e:5b:4a:88:d8:f1:74:c6:ef:2c:eb:29:9a:
35:00:44:62:14:6b:bb:bb:95:63:a5:3f:c1:a3:ca:
2f:78:bc:0c:17:7d:11:40:97:37:5c:24:f4:1e:38:
aa:a7:03:5b:80:13:b3:0c:de:db:a3:6c:49:d6:ba:
c6:1d:ae:68:36:34:ab:fe:a6:ae:6d:1b:19:18:a4:
fd:e2:60:1b:04:63:90:1f:38:36:fb:3c:1b:48:29:
06:fe:ce:b2:1e:c6:9e:ca:61:99:f9:cb:cd:77:18:
a2:51:08:1a:ac:eb:22:55:b2:db:39:d9:44:41:e0:
f6:4a:b6:54:82:4a:1c:c8:19:8b:20:52:d1:51:1b:
bf:fd:95:05:c7:d3:62:4c:08:8e:9b:2b:b1:1a:61:
42:4f:5d:17:dc:04:f6:d7:0e:d1:df:ce:84:ca:92:
d6:0d:e8:a6:8e:7c:eb:76:08:52:53:13:39:2d:97:
1d:32:c8:8f:3c:71:f3:80:db:96:6b:74:0f:fd:ef:
92:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BD:63:24:03:BF:1C:C4:3B:DE:6D:32:DB:03:DC:D0:D4:EA:E7:4F
X509v3 Authority Key Identifier:
keyid:68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/9L1jJAO_HMQ73m0y2wPc0NTq508.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.234.0/24
Signature Algorithm: sha256WithRSAEncryption
16:d1:87:89:07:db:94:32:dc:b3:9b:36:b0:ae:75:1e:0a:3c:
36:f3:da:c6:26:97:d6:38:06:c8:99:77:3d:ae:95:54:9a:80:
7d:cf:3d:9d:28:5b:32:79:0e:ba:49:4f:04:09:73:7d:8d:f5:
76:e7:9b:97:7f:36:f3:10:ff:bd:1f:8c:ef:9f:21:7d:52:f0:
58:02:18:98:78:ca:13:c8:70:da:2f:b9:6b:cd:3d:83:a2:df:
60:a1:f1:f7:44:de:0a:56:58:25:8e:aa:5b:3c:6c:5f:27:f4:
30:35:2b:a9:6b:33:72:2e:bd:f6:91:6b:32:54:25:9c:e5:2a:
17:bc:e4:59:2d:d7:d1:d7:31:3e:81:dc:22:91:48:97:d3:46:
fa:a8:db:97:d8:61:9f:4f:37:d0:f8:0e:55:93:aa:f5:30:cc:
44:b9:f2:c7:78:50:b2:27:89:29:5f:3c:63:75:0f:98:ea:b2:
52:25:47:af:e2:39:f6:04:22:a4:f0:b4:d3:15:02:85:b5:93:
88:18:8a:9c:3c:8a:77:89:60:c7:f7:a0:60:35:a2:f5:58:3c:
fd:49:3e:c9:2d:27:f3:ae:96:a5:27:e4:17:fe:3e:c4:b0:79:
3b:d6:04:3d:5c:40:4a:dc:d0:e7:6f:ec:38:3a:43:68:37:68:
99:b5:3a:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahMREgY2iD5dOPRezKarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzBmMmQwNzc2ZjdlMWQzNDkwNzU4ODFjMzVlOWQzODc0
NjM0MDUwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJkNjMyNDAzYmYxY2M0M2JkZTZkMzJkYjAzZGNkMGQ0ZWFlNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9pOtb3wGj1B7Oe3nOBMEy5D3ygg
1wXqjV8d8YzazOIQdJJ8UHbeL6El55pRAqPqtcXW9RWidc+M7ZL+Kz5bSojY8XTG
7yzrKZo1AERiFGu7u5VjpT/Bo8oveLwMF30RQJc3XCT0HjiqpwNbgBOzDN7bo2xJ
1rrGHa5oNjSr/qaubRsZGKT94mAbBGOQHzg2+zwbSCkG/s6yHsaeymGZ+cvNdxii
UQgarOsiVbLbOdlEQeD2SrZUgkocyBmLIFLRURu//ZUFx9NiTAiOmyuxGmFCT10X
3AT21w7R386EypLWDeimjnzrdghSUxM5LZcdMsiPPHHzgNuWa3QP/e+ShQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPS9YyQDvxzEO95tMtsD3NDU6udPMB8GA1UdIwQY
MBaAFGjA8tB3b34dNJB1iBw16dOHRjQFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgt
ZjlkOWMwM2Q0YjRjLzEvOUwxakpBT19ITVE3M20weTJ3UGMwTlRxNTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgtZjlkOWMwM2Q0YjRj
LzEvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDqMA0G
CSqGSIb3DQEBCwUAA4IBAQAW0YeJB9uUMtyzmzawrnUeCjw289rGJpfWOAbImXc9
rpVUmoB9zz2dKFsyeQ66SU8ECXN9jfV255uXfzbzEP+9H4zvnyF9UvBYAhiYeMoT
yHDaL7lrzT2Dot9gofH3RN4KVlgljqpbPGxfJ/QwNSupazNyLr32kWsyVCWc5SoX
vORZLdfR1zE+gdwikUiX00b6qNuX2GGfTzfQ+A5Vk6r1MMxEufLHeFCyJ4kpXzxj
dQ+Y6rJSJUev4jn2BCKk8LTTFQKFtZOIGIqcPIp3iWDH96BgNaL1WDz9ST7JLSfz
rpalJ+QX/j7EsHk71gQ9XEBK3NDnb+w4OkNoN2iZtTrr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net