Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/2wLUU494Ia20PxAfcxd4SZbY_g0.roa
File: 2wLUU494Ia20PxAfcxd4SZbY_g0.roa (raw, json)
Hash identifier: fvCIqXB/feD7/7NGOTx8qOmkJPy1MIly8nqeUxBI1Xk=
Subject key identifier: DB:02:D4:53:8F:78:21:AD:B4:3F:10:1F:73:17:78:49:96:D8:FE:0D
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 019425222EF837A265179F70A57FA0802F3E
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/2wLUU494Ia20PxAfcxd4SZbY_g0.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200088
IP address blocks: 83.168.112.0/24 maxlen: 24
83.168.113.0/24 maxlen: 24
83.168.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2e:f8:37:a2:65:17:9f:70:a5:7f:a0:80:2f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db02d4538f7821adb43f101f7317784996d8fe0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:30:09:3b:38:c0:00:a6:e8:4e:6e:47:48:
cf:6c:01:79:5c:cd:c0:46:eb:fe:38:ae:a6:aa:36:
88:b5:a4:cd:16:77:b3:38:56:c1:27:37:bb:87:34:
af:24:b4:c4:45:17:ee:25:58:6c:33:5f:21:81:27:
ae:2d:88:bc:e5:67:37:9a:66:67:fb:c2:54:81:1f:
39:1d:9b:88:87:ba:4d:d0:e7:87:eb:85:3e:a0:c0:
57:68:83:75:fb:3c:56:47:b8:c3:a8:4d:c3:d3:e6:
79:1a:14:c8:f5:26:10:c9:0d:c2:71:54:cd:6e:45:
5b:79:57:ad:88:98:cd:79:42:6e:94:2c:54:9d:a3:
09:0f:55:5e:22:a6:71:2b:70:fd:3b:20:9e:24:f4:
e5:2e:4e:08:d5:aa:7f:34:07:03:49:9e:b0:6a:71:
48:40:96:9f:3f:4a:27:bd:0c:89:a9:6e:63:ec:00:
cf:a2:e4:dc:aa:b6:8a:10:ba:1a:5d:1d:24:94:f3:
70:90:29:6b:d4:97:26:74:52:e4:85:65:56:c6:b3:
96:6f:a0:c3:63:52:f2:84:ae:83:05:58:90:03:05:
a1:eb:dd:6c:b9:95:10:35:42:03:2c:fa:6e:ef:b3:
26:b0:f0:af:38:86:b1:97:b8:cc:74:88:0a:0c:ca:
b6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:02:D4:53:8F:78:21:AD:B4:3F:10:1F:73:17:78:49:96:D8:FE:0D
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/2wLUU494Ia20PxAfcxd4SZbY_g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.112.0/23
83.168.123.0/24
Signature Algorithm: sha256WithRSAEncryption
99:db:74:0d:06:91:87:98:c2:5c:55:b7:dc:c5:9c:3c:2c:06:
aa:10:b1:f6:5b:1e:77:b9:47:06:1c:1e:d3:72:d6:0c:fe:d6:
47:fe:6a:88:a5:12:b5:86:fa:dd:c5:aa:43:33:fd:59:59:60:
a1:bc:ee:6d:3c:ef:fb:c0:e6:9f:87:eb:01:bb:cb:ca:d2:0f:
71:84:70:a9:e7:92:d2:0d:c3:04:7b:b1:a6:63:6c:2d:74:24:
00:a6:91:fd:42:37:25:8f:a4:9c:fd:05:ae:d2:cc:73:d8:ee:
c1:ed:ed:3e:67:99:5e:b2:f0:02:9f:f2:b9:f1:06:8b:2f:42:
66:f9:c2:62:b5:9b:e0:df:77:16:16:b9:e8:e2:97:30:0d:3b:
36:45:96:ce:09:22:de:40:98:38:d3:8f:e4:f7:74:32:c3:56:
d4:5c:ee:15:55:7a:4c:5a:f5:5e:99:ed:24:cb:1f:5f:10:69:
99:17:15:c0:66:5e:c8:4a:bf:d7:a8:3b:7c:69:97:71:f9:6a:
60:51:f5:cb:4d:f4:a9:22:fd:1e:5f:22:70:15:f0:62:c4:86:
2c:2a:bb:c3:b5:3e:d6:13:68:dd:a2:06:b6:1c:7a:62:f9:e6:
c0:36:ba:ee:be:05:a2:cc:f1:c1:73:ea:15:3b:e3:ee:44:37:
a1:dd:a5:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIi74N6JlF59wpX+ggC8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjAyZDQ1MzhmNzgyMWFkYjQzZjEwMWY3MzE3Nzg0OTk2ZDhmZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7owCTs4wACm6E5uR0jPbAF5XM3A
Ruv+OK6mqjaItaTNFnezOFbBJze7hzSvJLTERRfuJVhsM18hgSeuLYi85Wc3mmZn
+8JUgR85HZuIh7pN0OeH64U+oMBXaIN1+zxWR7jDqE3D0+Z5GhTI9SYQyQ3CcVTN
bkVbeVetiJjNeUJulCxUnaMJD1VeIqZxK3D9OyCeJPTlLk4I1ap/NAcDSZ6wanFI
QJafP0onvQyJqW5j7ADPouTcqraKELoaXR0klPNwkClr1JcmdFLkhWVWxrOWb6DD
Y1LyhK6DBViQAwWh691suZUQNUIDLPpu77MmsPCvOIaxl7jMdIgKDMq2RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsC1FOPeCGttD8QH3MXeEmW2P4NMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvMndMVVU0OTRJYTIwUHhBZmN4ZDRTWmJZX2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBU6hwAwQA
U6h7MA0GCSqGSIb3DQEBCwUAA4IBAQCZ23QNBpGHmMJcVbfcxZw8LAaqELH2Wx53
uUcGHB7TctYM/tZH/mqIpRK1hvrdxapDM/1ZWWChvO5tPO/7wOafh+sBu8vK0g9x
hHCp55LSDcMEe7GmY2wtdCQAppH9Qjclj6Sc/QWu0sxz2O7B7e0+Z5lesvACn/K5
8QaLL0Jm+cJitZvg33cWFrno4pcwDTs2RZbOCSLeQJg404/k93Qyw1bUXO4VVXpM
WvVeme0kyx9fEGmZFxXAZl7ISr/XqDt8aZdx+WpgUfXLTfSpIv0eXyJwFfBixIYs
KrvDtT7WE2jdoga2HHpi+ebANrruvgWizPHBc+oVO+PuRDeh3aVZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net