Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/l-1-sJYhOvDnP0vt97ZEE8EG64Y.roa
File: l-1-sJYhOvDnP0vt97ZEE8EG64Y.roa (raw, json)
Hash identifier: a9IJZav4U9lQV/r8RFyllgV9eyE4dU00VcjenG9YGbw=
Subject key identifier: 97:ED:7E:B0:96:21:3A:F0:E7:3F:4B:ED:F7:B6:44:13:C1:06:EB:86
Certificate issuer: /CN=31e6591d1a04d6afe1ed5f4ed01d394ae5148589
Certificate serial: 01955C57E8D7F109C31ADD54CF471F35D01F
Authority key identifier: 31:E6:59:1D:1A:04:D6:AF:E1:ED:5F:4E:D0:1D:39:4A:E5:14:85:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeZZHRoE1q_h7V9O0B05SuUUhYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/l-1-sJYhOvDnP0vt97ZEE8EG64Y.roa
Signing time: Mon 03 Mar 2025 14:10:19 +0000
ROA not before: Mon 03 Mar 2025 14:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212169
IP address blocks: 185.104.190.0/24 maxlen: 24
193.84.101.0/24 maxlen: 24
212.23.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:57:e8:d7:f1:09:c3:1a:dd:54:cf:47:1f:35:d0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31e6591d1a04d6afe1ed5f4ed01d394ae5148589
Validity
Not Before: Mar 3 14:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97ed7eb096213af0e73f4bedf7b64413c106eb86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:fc:b8:42:b1:c4:1a:58:24:1a:8e:8d:42:
f6:1e:de:3f:1d:54:d3:59:77:15:12:a9:e7:bf:57:
45:ad:93:50:f9:85:ee:be:88:54:de:25:b2:4c:a0:
2f:b2:23:3a:71:4f:13:4e:57:b2:e2:af:68:da:5f:
24:aa:be:c0:c5:f1:00:9b:fe:8c:ac:27:3a:b4:88:
cb:ee:b9:8d:94:21:cb:b6:bd:ae:2a:7b:16:2d:14:
69:7f:ca:38:8c:f3:6e:53:5f:26:4a:19:17:e8:86:
31:b3:55:d0:3e:8e:a9:a7:cf:01:7b:ba:18:f4:96:
2d:ed:8d:1b:8c:ab:e4:8b:4b:a4:11:b7:b1:67:29:
92:7b:59:ec:62:22:fa:9f:7e:69:ae:57:b6:9c:d2:
06:39:12:40:43:c8:0c:1d:7a:00:6a:3d:ef:34:9f:
2b:ac:3c:64:fe:5a:9b:01:58:55:a8:79:2c:8a:37:
d0:e3:76:20:2a:4b:49:f4:b2:2d:3a:ec:b6:e0:b2:
ef:60:bc:fa:e6:7c:fc:dc:82:d8:16:d0:fe:01:c9:
c2:0e:08:a3:ad:40:73:69:3a:c4:f6:7f:56:9d:09:
0d:5e:b3:ca:fb:0c:d2:35:60:fa:df:28:34:0f:01:
dc:7e:07:a1:85:6c:e9:08:5c:50:a3:38:77:d7:ed:
3e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:ED:7E:B0:96:21:3A:F0:E7:3F:4B:ED:F7:B6:44:13:C1:06:EB:86
X509v3 Authority Key Identifier:
keyid:31:E6:59:1D:1A:04:D6:AF:E1:ED:5F:4E:D0:1D:39:4A:E5:14:85:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeZZHRoE1q_h7V9O0B05SuUUhYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/l-1-sJYhOvDnP0vt97ZEE8EG64Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/MeZZHRoE1q_h7V9O0B05SuUUhYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.190.0/24
193.84.101.0/24
212.23.192.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a4:f5:9b:d6:fb:66:d5:ff:c4:94:01:7a:7b:0f:70:db:97:
4c:39:1f:24:bc:3f:f0:30:f8:41:55:83:f0:cc:32:75:ad:50:
3c:49:75:56:47:6e:d0:5f:ef:bd:69:99:e9:2d:50:83:49:21:
98:e1:1c:34:2b:3b:f8:d4:d2:d9:49:a5:cc:1b:24:67:06:f5:
6c:9a:73:4a:de:60:a2:91:96:b3:44:eb:c3:01:cf:f4:fb:4e:
ef:c1:3f:07:c1:2a:dc:fd:79:00:49:68:02:cc:8e:2d:70:77:
7f:76:44:c8:f3:fa:1e:3c:a5:87:14:33:9b:93:92:e3:b7:21:
f1:68:de:07:4a:4c:08:bd:3c:fe:d3:48:29:4c:1f:a6:22:4e:
7a:86:b7:bb:36:f1:c7:8e:0a:2a:68:72:d8:e6:f6:c1:be:bd:
8e:d7:7a:6e:69:ea:72:62:c8:a2:ca:7a:a3:c2:ee:be:e9:ea:
26:96:4e:6f:c5:3f:a7:23:4f:5b:29:f5:1f:37:72:30:38:56:
5d:e4:2e:19:1f:34:84:44:c1:53:78:ca:6c:b5:17:95:08:b2:
cf:8a:ee:a6:6b:40:b3:3a:ff:c5:3d:af:74:79:43:02:23:de:
92:73:49:33:66:6a:eb:9f:6f:87:4f:30:42:c4:b6:09:4c:99:
01:4c:9f:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVcV+jX8QnDGt1Uz0cfNdAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZTY1OTFkMWEwNGQ2YWZlMWVkNWY0ZWQwMWQzOTRhZTUx
NDg1ODkwHhcNMjUwMzAzMTQxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VkN2ViMDk2MjEzYWYwZTczZjRiZWRmN2I2NDQxM2MxMDZlYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ib8uEKxxBpYJBqOjUL2Ht4/HVTT
WXcVEqnnv1dFrZNQ+YXuvohU3iWyTKAvsiM6cU8TTley4q9o2l8kqr7AxfEAm/6M
rCc6tIjL7rmNlCHLtr2uKnsWLRRpf8o4jPNuU18mShkX6IYxs1XQPo6pp88Be7oY
9JYt7Y0bjKvki0ukEbexZymSe1nsYiL6n35prle2nNIGORJAQ8gMHXoAaj3vNJ8r
rDxk/lqbAVhVqHksijfQ43YgKktJ9LItOuy24LLvYLz65nz83ILYFtD+AcnCDgij
rUBzaTrE9n9WnQkNXrPK+wzSNWD63yg0DwHcfgehhWzpCFxQozh31+0+1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJftfrCWITrw5z9L7fe2RBPBBuuGMB8GA1UdIwQY
MBaAFDHmWR0aBNav4e1fTtAdOUrlFIWJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWVaWkhSb0UxcV9oN1Y5TzBCMDVTdVVVaFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NGE4NWUtYWQ0OS00YzYzLWFiNTkt
YWI3YjBhYTFjM2Q0LzEvbC0xLXNKWWhPdkRuUDB2dDk3WkVFOEVHNjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NGE4NWUtYWQ0OS00YzYzLWFiNTktYWI3YjBhYTFjM2Q0
LzEvTWVaWkhSb0UxcV9oN1Y5TzBCMDVTdVVVaFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWi+AwQA
wVRlAwQA1BfAMA0GCSqGSIb3DQEBCwUAA4IBAQBapPWb1vtm1f/ElAF6ew9w25dM
OR8kvD/wMPhBVYPwzDJ1rVA8SXVWR27QX++9aZnpLVCDSSGY4Rw0Kzv41NLZSaXM
GyRnBvVsmnNK3mCikZazROvDAc/0+07vwT8HwSrc/XkASWgCzI4tcHd/dkTI8/oe
PKWHFDObk5LjtyHxaN4HSkwIvTz+00gpTB+mIk56hre7NvHHjgoqaHLY5vbBvr2O
13puaepyYsiiynqjwu6+6eomlk5vxT+nI09bKfUfN3IwOFZd5C4ZHzSERMFTeMps
tReVCLLPiu6ma0CzOv/FPa90eUMCI96Sc0kzZmrrn2+HTzBCxLYJTJkBTJ87
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:26 2025 by rpki-client on console.sobornost.net