Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/9KIEF6YT58EHXPaFJx0hCikFN2Q.roa
File: 9KIEF6YT58EHXPaFJx0hCikFN2Q.roa (raw, json)
Hash identifier: gXNOJl2HxXybXStfdvJd6JQXiN8rjiGWYmTvUH/aOB8=
Subject key identifier: F4:A2:04:17:A6:13:E7:C1:07:5C:F6:85:27:1D:21:0A:29:05:37:64
Certificate issuer: /CN=5243ded745b05f4038e983fb9d78edf56f251346
Certificate serial: 019425FC6E8CA966AD0C7497750F19D79B60
Authority key identifier: 52:43:DE:D7:45:B0:5F:40:38:E9:83:FB:9D:78:ED:F5:6F:25:13:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkPe10WwX0A46YP7nXjt9W8lE0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/9KIEF6YT58EHXPaFJx0hCikFN2Q.roa
Signing time: Thu 02 Jan 2025 07:48:07 +0000
ROA not before: Thu 02 Jan 2025 07:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200602
IP address blocks: 193.143.18.0/24 maxlen: 24
193.143.72.0/24 maxlen: 24
193.143.75.0/24 maxlen: 24
193.143.76.0/24 maxlen: 24
2a0f:8e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:6e:8c:a9:66:ad:0c:74:97:75:0f:19:d7:9b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5243ded745b05f4038e983fb9d78edf56f251346
Validity
Not Before: Jan 2 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4a20417a613e7c1075cf685271d210a29053764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e6:72:fb:b4:7e:41:a1:d1:2c:a5:4d:69:f4:
9c:94:f8:45:64:74:cc:fc:cd:82:42:b7:83:4c:92:
6f:9c:7b:b5:eb:42:0a:8f:0c:04:fe:33:05:8b:c3:
df:f5:f3:9c:a2:5c:c0:bd:e1:4c:fb:5b:7d:b4:a7:
27:19:8a:ca:b7:9b:63:c5:05:0f:19:05:6c:10:fe:
8d:d7:94:35:88:44:8e:38:1e:32:ee:6e:8f:00:eb:
b2:43:63:b1:cb:31:7f:31:8e:92:68:f8:7b:34:2e:
3a:ce:4f:5d:0a:db:e3:84:f9:37:b4:df:dc:42:b9:
85:4d:54:42:90:41:48:33:65:de:26:cf:91:3f:09:
e0:5c:30:b4:8b:c2:73:86:55:7b:f6:35:d2:6a:db:
3f:ec:d5:82:64:68:1d:69:09:f2:7b:f8:73:42:3a:
47:14:74:70:d8:7c:a3:e3:fc:9b:7b:ca:84:18:06:
2e:b7:cb:29:56:27:33:ae:f8:66:e9:4a:35:37:50:
46:8f:d0:9a:1a:03:c4:8d:5c:7a:07:1b:cd:28:bc:
49:36:1e:da:61:44:52:43:51:09:c6:c6:0c:0b:03:
40:99:a4:84:61:87:56:39:3d:36:63:ad:b8:3f:18:
7f:5b:b0:20:ce:ac:e5:a9:45:87:91:ed:b3:c8:6b:
02:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A2:04:17:A6:13:E7:C1:07:5C:F6:85:27:1D:21:0A:29:05:37:64
X509v3 Authority Key Identifier:
keyid:52:43:DE:D7:45:B0:5F:40:38:E9:83:FB:9D:78:ED:F5:6F:25:13:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkPe10WwX0A46YP7nXjt9W8lE0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/9KIEF6YT58EHXPaFJx0hCikFN2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/UkPe10WwX0A46YP7nXjt9W8lE0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.18.0/24
193.143.72.0/24
193.143.75.0-193.143.76.255
IPv6:
2a0f:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
89:49:d5:a3:f0:a2:9b:36:a6:8b:56:6d:18:48:5f:55:ad:b2:
e0:1b:30:5b:b3:d7:1b:6f:69:2d:60:74:0d:2e:34:4f:90:5c:
da:e6:d1:c0:84:2a:61:ea:5e:9e:07:68:a4:8c:2b:66:52:ad:
2b:56:d2:cf:c3:ff:ca:41:de:00:7a:c1:9b:a1:66:3c:1b:39:
86:29:0d:93:e7:4b:76:6f:85:af:85:25:9b:85:23:72:be:f2:
97:1e:43:f2:4f:c2:e2:80:57:39:d0:ae:43:1a:a3:5c:c7:52:
fc:1c:52:10:7d:21:03:bc:a4:04:4e:ab:1f:a0:a9:eb:41:31:
1b:91:80:cd:ba:67:06:04:c0:87:1e:86:9e:2d:15:52:b0:46:
3e:69:a1:a6:9b:a0:97:19:4d:58:31:68:33:d3:c0:b3:20:00:
48:75:88:a3:53:f3:f0:96:d6:e0:92:94:63:fb:16:ca:8c:b9:
4e:5e:bf:95:7d:a7:07:e7:64:da:1a:43:46:64:93:bd:e2:5d:
58:16:a8:17:07:a5:a6:ef:a7:fb:66:c0:1d:9c:e2:e7:8d:7b:
d5:01:58:a1:0b:c4:e1:05:68:bd:31:5f:f8:0b:35:83:cb:5b:
21:f3:86:53:f6:a0:13:4d:f7:de:27:b3:c8:39:01:96:32:0f:
fd:e9:a6:10
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQl/G6MqWatDHSXdQ8Z15tgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDNkZWQ3NDViMDVmNDAzOGU5ODNmYjlkNzhlZGY1NmYy
NTEzNDYwHhcNMjUwMTAyMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGEyMDQxN2E2MTNlN2MxMDc1Y2Y2ODUyNzFkMjEwYTI5MDUzNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+Zy+7R+QaHRLKVNafSclPhFZHTM
/M2CQreDTJJvnHu160IKjwwE/jMFi8Pf9fOcolzAveFM+1t9tKcnGYrKt5tjxQUP
GQVsEP6N15Q1iESOOB4y7m6PAOuyQ2OxyzF/MY6SaPh7NC46zk9dCtvjhPk3tN/c
QrmFTVRCkEFIM2XeJs+RPwngXDC0i8JzhlV79jXSats/7NWCZGgdaQnye/hzQjpH
FHRw2Hyj4/ybe8qEGAYut8spViczrvhm6Uo1N1BGj9CaGgPEjVx6BxvNKLxJNh7a
YURSQ1EJxsYMCwNAmaSEYYdWOT02Y624Pxh/W7AgzqzlqUWHke2zyGsCQwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPSiBBemE+fBB1z2hScdIQopBTdkMB8GA1UdIwQY
MBaAFFJD3tdFsF9AOOmD+5147fVvJRNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtQZTEwV3dYMEE0NllQN25YanQ5VzhsRTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni82NjMzZDUtODY3Ni00ZWM0LWEzZmMt
YzUzNmRmNWMyNzRlLzEvOUtJRUY2WVQ1OEVIWFBhRkp4MGhDaWtGTjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni82NjMzZDUtODY3Ni00ZWM0LWEzZmMtYzUzNmRmNWMyNzRl
LzEvVWtQZTEwV3dYMEE0NllQN25YanQ5VzhsRTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwY8SAwQA
wY9IMAwDBADBj0sDBADBj0wwDQQCAAIwBwMFAyoPjkAwDQYJKoZIhvcNAQELBQAD
ggEBAIlJ1aPwops2potWbRhIX1WtsuAbMFuz1xtvaS1gdA0uNE+QXNrm0cCEKmHq
Xp4HaKSMK2ZSrStW0s/D/8pB3gB6wZuhZjwbOYYpDZPnS3Zvha+FJZuFI3K+8pce
Q/JPwuKAVznQrkMao1zHUvwcUhB9IQO8pAROqx+gqetBMRuRgM26ZwYEwIcehp4t
FVKwRj5poaaboJcZTVgxaDPTwLMgAEh1iKNT8/CW1uCSlGP7FsqMuU5ev5V9pwfn
ZNoaQ0Zkk73iXVgWqBcHpabvp/tmwB2c4ueNe9UBWKELxOEFaL0xX/gLNYPLWyHz
hlP2oBNN994ns8g5AZYyD/3pphA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net