Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/I1O4inp7HBvWNe9o3Cdiqxo24PI.roa
File: I1O4inp7HBvWNe9o3Cdiqxo24PI.roa (raw, json)
Hash identifier: w0+4BIRKhD7XUvL36J282b0/EXDqyGM8URO+oQQ/ReM=
Subject key identifier: 23:53:B8:8A:7A:7B:1C:1B:D6:35:EF:68:DC:27:62:AB:1A:36:E0:F2
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 019427B65EA0B6A0C3CD80CF210FAE3176EF
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/I1O4inp7HBvWNe9o3Cdiqxo24PI.roa
Signing time: Thu 02 Jan 2025 15:50:50 +0000
ROA not before: Thu 02 Jan 2025 15:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211360
IP address blocks: 193.84.108.0/24 maxlen: 24
2a10:ba80::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:5e:a0:b6:a0:c3:cd:80:cf:21:0f:ae:31:76:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 2 15:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2353b88a7a7b1c1bd635ef68dc2762ab1a36e0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:21:04:23:41:7b:56:34:93:b3:97:89:0c:f5:
3a:63:80:c5:00:cd:c5:3f:e5:94:b3:42:46:e3:7a:
ee:c2:6f:ee:7c:06:7d:91:ea:c9:d9:53:e9:eb:1a:
4a:cc:33:1b:e6:cc:a6:f6:77:eb:b7:7d:7d:5c:3f:
2a:0a:ca:9f:ea:9d:6b:ab:d0:d6:e5:d9:60:09:c0:
1d:db:0c:17:5f:77:88:46:d8:aa:87:e9:b6:09:e1:
55:13:d3:7c:0f:e7:2b:1e:6e:e0:bd:98:56:c7:e8:
8c:c6:51:4e:ad:a6:59:c7:9d:81:c2:b3:56:d4:83:
fa:6f:bc:e4:39:97:d5:b3:65:02:e1:87:3b:1f:1e:
6b:35:4f:15:ba:4a:e4:ed:06:5a:f4:38:35:54:8b:
e7:e0:db:a8:1f:56:89:4b:8d:b4:b9:da:f2:b8:86:
dc:7e:30:b6:d7:33:b6:47:a9:d5:53:93:8a:f0:1b:
dc:49:27:75:34:08:e0:94:ae:97:bf:21:68:e3:e9:
ff:59:71:6a:c6:73:3b:4a:b1:60:84:8a:64:d6:e3:
73:a3:9d:5f:e4:b8:13:72:ca:f1:f5:fd:23:99:00:
3c:ac:96:e8:a3:f3:41:46:1a:cd:40:ac:bb:15:b2:
89:c4:e7:69:2f:e1:36:ff:94:3f:f6:19:fb:7b:be:
7b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:53:B8:8A:7A:7B:1C:1B:D6:35:EF:68:DC:27:62:AB:1A:36:E0:F2
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/I1O4inp7HBvWNe9o3Cdiqxo24PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.108.0/24
IPv6:
2a10:ba80::/31
Signature Algorithm: sha256WithRSAEncryption
6c:16:17:68:1d:c8:dc:d8:d8:25:8c:f2:61:c6:7d:2f:d4:60:
5c:c4:d8:ff:6b:cc:5a:2e:b5:e7:57:89:76:7a:db:51:e3:f6:
c2:10:f5:d1:98:8a:b3:5a:44:e7:6c:bc:15:f7:23:6d:6d:3a:
17:03:4b:19:58:d8:44:1c:a2:ca:df:56:1d:b3:3e:86:03:e7:
97:7e:9a:41:55:65:36:05:75:fe:71:5f:a4:87:5b:f6:6e:a9:
9e:b6:06:45:ad:c9:06:bc:54:64:d9:ec:8a:be:f5:28:28:28:
28:60:77:e5:e4:b8:36:28:9e:2d:f3:db:76:da:cd:34:87:07:
37:93:6c:a6:aa:cf:9d:4f:68:9e:e6:91:d7:61:63:ee:3a:ce:
fc:4d:36:11:b7:85:c6:03:89:54:aa:10:36:f6:69:c0:4a:f6:
35:16:d9:cd:c9:ff:f2:3c:4c:b8:39:97:cd:95:e4:1a:0b:17:
51:37:3d:a3:75:7f:21:57:48:52:ce:17:c6:a5:34:4e:f2:27:
bd:e5:9b:f8:06:c3:9b:e6:e6:7d:aa:6b:65:a6:0e:4f:66:16:
40:27:83:f8:ff:30:a7:38:3f:c7:4a:65:56:d3:97:46:24:fd:
99:02:a2:9a:62:0e:df:63:40:8d:b9:9a:33:35:85:3a:6f:a4:
ff:c9:ae:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntl6gtqDDzYDPIQ+uMXbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjUwMTAyMTU1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzUzYjg4YTdhN2IxYzFiZDYzNWVmNjhkYzI3NjJhYjFhMzZlMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yEEI0F7VjSTs5eJDPU6Y4DFAM3F
P+WUs0JG43ruwm/ufAZ9kerJ2VPp6xpKzDMb5sym9nfrt319XD8qCsqf6p1rq9DW
5dlgCcAd2wwXX3eIRtiqh+m2CeFVE9N8D+crHm7gvZhWx+iMxlFOraZZx52BwrNW
1IP6b7zkOZfVs2UC4Yc7Hx5rNU8Vukrk7QZa9Dg1VIvn4NuoH1aJS420udryuIbc
fjC21zO2R6nVU5OK8BvcSSd1NAjglK6XvyFo4+n/WXFqxnM7SrFghIpk1uNzo51f
5LgTcsrx9f0jmQA8rJboo/NBRhrNQKy7FbKJxOdpL+E2/5Q/9hn7e757mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCNTuIp6exwb1jXvaNwnYqsaNuDyMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvSTFPNGlucDdIQnZXTmU5bzNDZGlxeG8yNFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwVRsMA0E
AgACMAcDBQEqELqAMA0GCSqGSIb3DQEBCwUAA4IBAQBsFhdoHcjc2NgljPJhxn0v
1GBcxNj/a8xaLrXnV4l2ettR4/bCEPXRmIqzWkTnbLwV9yNtbToXA0sZWNhEHKLK
31Ydsz6GA+eXfppBVWU2BXX+cV+kh1v2bqmetgZFrckGvFRk2eyKvvUoKCgoYHfl
5Lg2KJ4t89t22s00hwc3k2ymqs+dT2ie5pHXYWPuOs78TTYRt4XGA4lUqhA29mnA
SvY1FtnNyf/yPEy4OZfNleQaCxdRNz2jdX8hV0hSzhfGpTRO8ie95Zv4BsOb5uZ9
qmtlpg5PZhZAJ4P4/zCnOD/HSmVW05dGJP2ZAqKaYg7fY0CNuZozNYU6b6T/ya5o
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net