Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/DcSO93z7fLoOXoqmDIifEXGL2wg.roa
File: DcSO93z7fLoOXoqmDIifEXGL2wg.roa (raw, json)
Hash identifier: nhLe1W2M8L/RVeyBnebjnTgtFIE/bzp14sFZY8G/wn8=
Subject key identifier: 0D:C4:8E:F7:7C:FB:7C:BA:0E:5E:8A:A6:0C:88:9F:11:71:8B:DB:08
Certificate issuer: /CN=cb302a273ab4ef25a8ea91a4a3779bcf7d1de59b
Certificate serial: 019420683B8C2089BB637B13C8769AFE9B64
Authority key identifier: CB:30:2A:27:3A:B4:EF:25:A8:EA:91:A4:A3:77:9B:CF:7D:1D:E5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/DcSO93z7fLoOXoqmDIifEXGL2wg.roa
Signing time: Wed 01 Jan 2025 05:48:09 +0000
ROA not before: Wed 01 Jan 2025 05:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43028
IP address blocks: 193.200.201.0/24 maxlen: 24
2001:67c:12c8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3b:8c:20:89:bb:63:7b:13:c8:76:9a:fe:9b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb302a273ab4ef25a8ea91a4a3779bcf7d1de59b
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dc48ef77cfb7cba0e5e8aa60c889f11718bdb08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4b:f2:48:ea:1f:9c:70:fd:15:cf:88:10:88:
98:90:9a:11:48:84:d2:7e:1a:0f:40:c1:53:cd:d0:
82:92:09:28:4e:7b:14:25:85:24:c8:78:fa:04:71:
14:55:72:6b:0d:fe:a4:20:fc:7d:ce:23:9b:3b:80:
3f:db:ed:20:c1:73:a1:5c:f5:20:a9:80:47:90:34:
6c:38:53:c0:ae:53:aa:6f:79:fd:0c:d0:7e:ea:b8:
9a:ff:76:ea:9d:7f:9f:c0:29:b1:eb:16:c6:7e:07:
b9:4d:4b:8f:9c:8b:70:78:4a:22:0e:92:6c:41:40:
45:79:10:e6:6b:93:8f:da:64:ed:1b:7a:fb:3e:07:
09:30:07:af:68:6e:15:b7:44:11:8e:89:b3:16:9c:
34:62:f7:19:0b:a8:2b:ab:65:bf:26:0e:95:bc:ae:
2f:9d:b1:4d:b2:fa:e5:50:30:1d:5b:9e:e0:cb:6b:
35:3e:d7:e3:98:1e:37:f9:01:84:10:71:77:5f:b4:
89:c7:7f:5a:bb:92:16:1d:64:d6:c3:f4:c2:5a:d1:
37:b4:f7:0c:d2:3f:aa:0c:50:b6:ba:b3:0c:e8:c5:
61:e2:84:de:f4:a5:b6:79:2a:96:87:db:ba:88:6f:
82:ce:ad:09:c8:7b:51:63:06:2c:89:68:7a:c6:cc:
20:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C4:8E:F7:7C:FB:7C:BA:0E:5E:8A:A6:0C:88:9F:11:71:8B:DB:08
X509v3 Authority Key Identifier:
keyid:CB:30:2A:27:3A:B4:EF:25:A8:EA:91:A4:A3:77:9B:CF:7D:1D:E5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/DcSO93z7fLoOXoqmDIifEXGL2wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/yzAqJzq07yWo6pGko3ebz30d5Zs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.201.0/24
IPv6:
2001:67c:12c8::/48
Signature Algorithm: sha256WithRSAEncryption
7a:43:af:f7:c6:08:70:ce:57:fc:e4:11:42:62:76:c1:8c:5d:
1f:ba:28:7f:ee:af:7b:bf:72:82:b3:71:3c:4c:be:f2:07:98:
db:0e:8e:58:22:9a:97:c6:08:e5:1f:bb:24:52:42:4c:9c:b8:
df:d9:96:a3:a6:74:d2:e0:fa:63:14:d4:3b:bd:f8:cd:f3:82:
32:7a:1f:26:bb:05:95:5c:dd:7f:37:85:54:23:8a:fd:12:dd:
c4:d9:b7:c1:5e:38:bd:4e:94:0d:c7:e4:88:70:dd:d9:f1:d7:
d7:b3:c5:70:99:09:21:93:2c:fa:06:b4:84:b5:16:13:ec:84:
08:46:68:4a:29:4f:d9:c4:11:88:03:0c:e7:e1:75:61:ee:50:
b3:b0:a3:0b:a2:27:6f:40:97:be:76:67:1b:af:8a:4e:08:89:
72:3b:f9:71:34:8e:50:9f:d1:7f:22:03:73:f4:1e:7a:e1:ce:
2a:f9:b9:6e:92:99:98:d0:9d:cd:61:ae:f5:c3:a8:e5:46:75:
10:e0:24:27:c2:70:83:2b:e8:af:8b:32:18:74:e8:99:05:c6:
9a:34:9e:f8:78:0d:28:0c:d3:28:43:69:12:78:3a:da:63:72:
7f:dc:ac:93:55:7a:6a:68:70:3f:7d:8d:c5:00:07:80:77:b0:
5f:48:1c:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaDuMIIm7Y3sTyHaa/ptkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzAyYTI3M2FiNGVmMjVhOGVhOTFhNGEzNzc5YmNmN2Qx
ZGU1OWIwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGM0OGVmNzdjZmI3Y2JhMGU1ZThhYTYwYzg4OWYxMTcxOGJkYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0vySOofnHD9Fc+IEIiYkJoRSITS
fhoPQMFTzdCCkgkoTnsUJYUkyHj6BHEUVXJrDf6kIPx9ziObO4A/2+0gwXOhXPUg
qYBHkDRsOFPArlOqb3n9DNB+6ria/3bqnX+fwCmx6xbGfge5TUuPnItweEoiDpJs
QUBFeRDma5OP2mTtG3r7PgcJMAevaG4Vt0QRjomzFpw0YvcZC6grq2W/Jg6VvK4v
nbFNsvrlUDAdW57gy2s1PtfjmB43+QGEEHF3X7SJx39au5IWHWTWw/TCWtE3tPcM
0j+qDFC2urMM6MVh4oTe9KW2eSqWh9u6iG+Czq0JyHtRYwYsiWh6xswgiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA3Ejvd8+3y6Dl6KpgyInxFxi9sIMB8GA1UdIwQY
MBaAFMswKic6tO8lqOqRpKN3m899HeWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpBcUp6cTA3eVdvNnBHa28zZWJ6MzBkNVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85NzdkZGItMzA5NS00ODhkLWIzNmIt
ODAwOGQxZTdjMzhjLzEvRGNTTzkzejdmTG9PWG9xbURJaWZFWEdMMndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85NzdkZGItMzA5NS00ODhkLWIzNmItODAwOGQxZTdjMzhj
LzEveXpBcUp6cTA3eVdvNnBHa28zZWJ6MzBkNVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcjJMA8E
AgACMAkDBwAgAQZ8EsgwDQYJKoZIhvcNAQELBQADggEBAHpDr/fGCHDOV/zkEUJi
dsGMXR+6KH/ur3u/coKzcTxMvvIHmNsOjlgimpfGCOUfuyRSQkycuN/ZlqOmdNLg
+mMU1Du9+M3zgjJ6Hya7BZVc3X83hVQjiv0S3cTZt8FeOL1OlA3H5Ihw3dnx19ez
xXCZCSGTLPoGtIS1FhPshAhGaEopT9nEEYgDDOfhdWHuULOwowuiJ29Al752Zxuv
ik4IiXI7+XE0jlCf0X8iA3P0Hnrhzir5uW6SmZjQnc1hrvXDqOVGdRDgJCfCcIMr
6K+LMhh06JkFxpo0nvh4DSgM0yhDaRJ4Otpjcn/crJNVempocD99jcUAB4B3sF9I
HGo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net