Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/38ChC54MipQ2oUyMl9LHxJPZyGY.roa
File: 38ChC54MipQ2oUyMl9LHxJPZyGY.roa (raw, json)
Hash identifier: oZd7O3FQ96+P+5QZC26B+0IWiqxNL14ov/QbnFUoZaY=
Subject key identifier: DF:C0:A1:0B:9E:0C:8A:94:36:A1:4C:8C:97:D2:C7:C4:93:D9:C8:66
Certificate issuer: /CN=1da443c33de5ae43506fd2406b7653661c527334
Certificate serial: 0194266BBB54614ADC3B548EC729A23E33C5
Authority key identifier: 1D:A4:43:C3:3D:E5:AE:43:50:6F:D2:40:6B:76:53:66:1C:52:73:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/38ChC54MipQ2oUyMl9LHxJPZyGY.roa
Signing time: Thu 02 Jan 2025 09:49:42 +0000
ROA not before: Thu 02 Jan 2025 09:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51331
IP address blocks: 188.246.114.0/24 maxlen: 24
188.246.115.0/24 maxlen: 24
188.246.116.0/22 maxlen: 22
188.246.116.0/24 maxlen: 24
188.246.117.0/24 maxlen: 24
188.246.118.0/24 maxlen: 24
188.246.119.0/24 maxlen: 24
2a00:c587:fd00::/40 maxlen: 40
2a00:c587:fe00::/40 maxlen: 40
2a00:c587:ff00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:bb:54:61:4a:dc:3b:54:8e:c7:29:a2:3e:33:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da443c33de5ae43506fd2406b7653661c527334
Validity
Not Before: Jan 2 09:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfc0a10b9e0c8a9436a14c8c97d2c7c493d9c866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7a:94:72:8f:74:0f:7f:0d:4d:bd:a6:f3:58:
2f:0f:af:58:43:48:43:50:8b:80:6a:4b:ed:48:59:
bb:0c:f9:a2:4c:d0:28:40:01:ce:8d:e1:05:fa:e7:
d7:bc:53:79:ab:0d:50:51:51:5d:78:ac:89:a1:7f:
c6:e1:c0:27:dd:80:c6:11:8b:0c:29:25:5b:68:c6:
af:7e:e7:97:ae:3b:8c:b1:30:90:3c:fe:94:27:db:
0d:2f:1b:77:4c:08:2d:71:13:e3:3f:15:b0:a0:01:
c4:a8:0b:fc:21:be:71:72:03:ab:dc:db:82:2d:47:
42:9b:97:5f:a7:ce:40:fa:03:60:55:a7:37:25:03:
e2:d2:d1:fc:95:43:c5:f7:98:bd:db:56:64:d1:e9:
5c:c9:09:70:66:08:5d:e8:23:bf:8f:31:bb:5f:4e:
e2:52:db:a2:14:62:a3:21:3a:1a:f0:36:fc:a0:66:
41:69:90:98:f7:01:f9:d5:3b:29:63:9b:49:0e:8c:
cc:86:cf:36:fb:86:8d:76:85:03:9d:e0:b6:9d:ad:
4e:53:cb:b4:e2:12:a6:13:8a:a3:63:e3:f2:03:01:
0d:1f:ae:f5:c5:93:13:d4:5f:cb:77:94:a2:7b:f1:
29:a3:4c:8a:50:da:f4:06:b6:b8:30:d5:cd:48:9c:
94:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C0:A1:0B:9E:0C:8A:94:36:A1:4C:8C:97:D2:C7:C4:93:D9:C8:66
X509v3 Authority Key Identifier:
keyid:1D:A4:43:C3:3D:E5:AE:43:50:6F:D2:40:6B:76:53:66:1C:52:73:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/38ChC54MipQ2oUyMl9LHxJPZyGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.246.114.0-188.246.119.255
IPv6:
2a00:c587:fd00::-2a00:c587:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:70:a7:d0:24:af:e7:60:59:38:74:f9:35:3f:2e:f1:dd:b3:
f2:f9:7d:96:b9:f1:ac:6c:6d:06:52:30:e0:c7:57:b1:a9:0c:
b7:e7:d4:4b:7a:00:58:65:bc:0e:ce:ee:ed:8b:b8:d9:31:32:
8c:5a:f6:a8:64:ee:30:7b:08:1a:66:90:35:f0:56:04:50:64:
3a:9e:b7:3a:61:22:14:fc:28:87:16:a9:31:31:08:f9:38:74:
85:f5:a5:ee:60:6b:0a:88:80:c8:45:26:a3:46:ab:d9:b5:c5:
b0:25:a0:53:d3:24:a5:9b:9f:d2:63:e8:40:4c:1a:08:2b:d9:
2b:f2:33:bd:6a:86:c2:23:93:c8:b2:f8:c2:71:1f:87:a8:e3:
7d:d9:f8:9a:46:1c:1e:d5:85:94:33:9c:84:aa:6f:e5:b0:77:
52:4d:7d:1a:17:6f:ee:d7:30:79:7f:fa:5c:43:e3:8a:d7:bb:
9b:3c:5f:47:47:0a:18:73:0a:97:47:a6:ba:27:7b:9e:5d:c9:
6f:13:eb:5a:9d:0b:fd:75:2e:9e:0a:59:64:0e:d2:f8:cb:47:
29:f6:51:a9:e8:a4:44:3f:fb:18:10:b4:e7:b9:01:46:56:5a:
7b:54:b8:9c:09:de:d3:78:9e:8d:8d:59:1d:f7:ea:5f:be:7c:
a0:ef:96:8e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma7tUYUrcO1SOxymiPjPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYTQ0M2MzM2RlNWFlNDM1MDZmZDI0MDZiNzY1MzY2MWM1
MjczMzQwHhcNMjUwMTAyMDk0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmMwYTEwYjllMGM4YTk0MzZhMTRjOGM5N2QyYzdjNDkzZDljODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznqUco90D38NTb2m81gvD69YQ0hD
UIuAakvtSFm7DPmiTNAoQAHOjeEF+ufXvFN5qw1QUVFdeKyJoX/G4cAn3YDGEYsM
KSVbaMavfueXrjuMsTCQPP6UJ9sNLxt3TAgtcRPjPxWwoAHEqAv8Ib5xcgOr3NuC
LUdCm5dfp85A+gNgVac3JQPi0tH8lUPF95i921Zk0elcyQlwZghd6CO/jzG7X07i
UtuiFGKjIToa8Db8oGZBaZCY9wH51TspY5tJDozMhs82+4aNdoUDneC2na1OU8u0
4hKmE4qjY+PyAwENH671xZMT1F/Ld5Sie/Epo0yKUNr0Bra4MNXNSJyU5QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN/AoQueDIqUNqFMjJfSx8ST2chmMB8GA1UdIwQY
MBaAFB2kQ8M95a5DUG/SQGt2U2YcUnM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGFSRHd6M2xya05RYjlKQWEzWlRaaHhTY3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82N2E4NDktMTEwNi00NWQwLWI3MjIt
ZmU0MGEwNWFiYTdmLzEvMzhDaEM1NE1pcFEyb1V5TWw5TEh4SlBaeUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82N2E4NDktMTEwNi00NWQwLWI3MjItZmU0MGEwNWFiYTdm
LzEvSGFSRHd6M2xya05RYjlKQWEzWlRaaHhTY3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAG89nID
BAO89nAwFwQCAAIwETAPAwYAKgDFh/0DBQMqAMWAMA0GCSqGSIb3DQEBCwUAA4IB
AQA7cKfQJK/nYFk4dPk1Py7x3bPy+X2WufGsbG0GUjDgx1exqQy359RLegBYZbwO
zu7ti7jZMTKMWvaoZO4wewgaZpA18FYEUGQ6nrc6YSIU/CiHFqkxMQj5OHSF9aXu
YGsKiIDIRSajRqvZtcWwJaBT0ySlm5/SY+hATBoIK9kr8jO9aobCI5PIsvjCcR+H
qON92fiaRhwe1YWUM5yEqm/lsHdSTX0aF2/u1zB5f/pcQ+OK17ubPF9HRwoYcwqX
R6a6J3ueXclvE+tanQv9dS6eCllkDtL4y0cp9lGp6KREP/sYELTnuQFGVlp7VLic
Cd7TeJ6NjVkd9+pfvnyg75aO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net