Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/caXYCCXqjYg5FcmsNZB3ePKReDk.roa
File: caXYCCXqjYg5FcmsNZB3ePKReDk.roa (raw, json)
Hash identifier: XSzupsyXsQ8GmhQZJGGSHfiNeG8fCN+9mFDFmlJ4Bu4=
Subject key identifier: 71:A5:D8:08:25:EA:8D:88:39:15:C9:AC:35:90:77:78:F2:91:78:39
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 019427481876FDBF0AEB87EE0078FF4F3E65
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/caXYCCXqjYg5FcmsNZB3ePKReDk.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203477
IP address blocks: 212.1.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:18:76:fd:bf:0a:eb:87:ee:00:78:ff:4f:3e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71a5d80825ea8d883915c9ac35907778f2917839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ee:a7:85:5a:62:1e:c5:61:25:6e:93:9d:aa:
b9:e8:cf:cd:42:51:48:8c:8e:89:44:2a:96:83:97:
84:ce:52:aa:92:20:21:78:68:6b:29:bb:48:9f:18:
d4:25:57:81:5a:4b:7f:be:fb:1a:48:78:ec:fc:40:
b6:8a:52:21:0d:b5:0f:64:e1:df:ef:b5:08:39:8c:
7f:70:44:41:79:72:3e:f1:af:f8:4e:f5:28:bc:14:
a6:e8:1e:76:d3:f2:a3:4c:60:84:2d:2c:ed:e1:0d:
1e:39:1a:8d:8e:96:a5:bb:21:64:11:67:fd:ba:dd:
96:8b:e3:b6:d2:37:35:3b:8c:82:e9:ee:34:e9:2e:
d9:4c:3d:25:4f:1e:66:a5:6d:36:1e:ff:da:16:18:
2d:39:b3:7b:93:32:7e:8d:7e:d1:70:d9:6d:77:9e:
98:4e:d7:6f:44:7c:3c:ce:e2:b9:c2:06:9b:8f:fe:
da:b4:bf:00:ed:6b:ed:1f:46:fe:5f:db:a9:eb:0f:
ea:ee:d1:05:e6:1c:51:0e:e7:12:b5:e4:13:98:d8:
09:c9:d7:96:6a:b0:16:df:65:e8:ea:65:6c:b6:97:
75:56:14:82:6f:8f:82:3c:5a:06:bf:a8:68:0e:a0:
82:d2:97:36:59:4c:52:51:70:c2:52:5c:6b:c1:9d:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A5:D8:08:25:EA:8D:88:39:15:C9:AC:35:90:77:78:F2:91:78:39
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/caXYCCXqjYg5FcmsNZB3ePKReDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.65.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:c7:77:da:76:4d:38:aa:cd:2b:54:4d:e9:69:34:fb:e1:70:
5b:b7:8c:11:d0:22:94:4a:2a:60:06:f5:4d:72:15:a4:e9:6e:
e9:7c:3f:37:70:83:5e:50:99:69:0e:61:7a:ec:09:49:19:ba:
72:f3:24:22:77:ce:00:2e:1f:cb:66:37:ae:57:12:6e:fe:91:
4b:84:f8:3f:3b:a7:11:d7:be:47:de:2d:2e:0f:61:3e:7a:be:
81:97:af:fa:26:41:8a:f9:3d:c2:ce:d5:dd:d3:ab:87:72:1f:
a6:e5:91:cb:3c:7e:f3:d8:70:7f:b6:0b:d0:29:ab:66:f3:62:
3c:5d:d4:ab:84:03:6c:5e:f6:4b:17:05:fd:34:51:8c:be:15:
bd:39:4f:3b:75:cb:43:a4:2f:85:85:be:99:c7:d3:26:ce:5d:
f3:3d:0e:fc:80:3c:65:e1:c0:e5:cd:2e:45:a1:37:23:39:e1:
eb:1f:be:a1:07:e9:85:ea:b1:d4:90:90:3b:a9:86:ff:15:0e:
d2:a8:7c:b7:53:da:e3:e9:e5:4b:04:ff:ee:d5:99:97:6a:17:
ad:b2:24:50:ba:cb:05:ab:be:f4:44:41:cf:cb:8a:39:c4:14:
c1:64:35:90:ff:bd:77:c9:f9:81:80:90:c5:e6:a7:73:69:cb:
76:94:ab:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSBh2/b8K64fuAHj/Tz5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE1ZDgwODI1ZWE4ZDg4MzkxNWM5YWMzNTkwNzc3OGYyOTE3ODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+6nhVpiHsVhJW6Tnaq56M/NQlFI
jI6JRCqWg5eEzlKqkiAheGhrKbtInxjUJVeBWkt/vvsaSHjs/EC2ilIhDbUPZOHf
77UIOYx/cERBeXI+8a/4TvUovBSm6B520/KjTGCELSzt4Q0eORqNjpaluyFkEWf9
ut2Wi+O20jc1O4yC6e406S7ZTD0lTx5mpW02Hv/aFhgtObN7kzJ+jX7RcNltd56Y
TtdvRHw8zuK5wgabj/7atL8A7WvtH0b+X9up6w/q7tEF5hxRDucSteQTmNgJydeW
arAW32Xo6mVstpd1VhSCb4+CPFoGv6hoDqCC0pc2WUxSUXDCUlxrwZ2QUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGl2Agl6o2IORXJrDWQd3jykXg5MB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvY2FYWUNDWHFqWWc1RmNtc05aQjNlUEtSZURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AFBMA0G
CSqGSIb3DQEBCwUAA4IBAQDJx3fadk04qs0rVE3paTT74XBbt4wR0CKUSipgBvVN
chWk6W7pfD83cINeUJlpDmF67AlJGbpy8yQid84ALh/LZjeuVxJu/pFLhPg/O6cR
175H3i0uD2E+er6Bl6/6JkGK+T3CztXd06uHch+m5ZHLPH7z2HB/tgvQKatm82I8
XdSrhANsXvZLFwX9NFGMvhW9OU87dctDpC+Fhb6Zx9Mmzl3zPQ78gDxl4cDlzS5F
oTcjOeHrH76hB+mF6rHUkJA7qYb/FQ7SqHy3U9rj6eVLBP/u1ZmXahetsiRQussF
q770REHPy4o5xBTBZDWQ/713yfmBgJDF5qdzact2lKts
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net