Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/MK5kvHBNAAlnKRq0I1CvZhVF9Ng.roa
File: MK5kvHBNAAlnKRq0I1CvZhVF9Ng.roa (raw, json)
Hash identifier: ku7EY/yVBZoDpf18kdWwR04OCaLbQDYij0LYSvbt0Ho=
Subject key identifier: 30:AE:64:BC:70:4D:00:09:67:29:1A:B4:23:50:AF:66:15:45:F4:D8
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 01948973FA4BBED289D4EEECAF3A46F72DDB
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/MK5kvHBNAAlnKRq0I1CvZhVF9Ng.roa
Signing time: Tue 21 Jan 2025 15:21:06 +0000
ROA not before: Tue 21 Jan 2025 15:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
2a0f:6c40::/32 maxlen: 32
2a0f:6c41::/32 maxlen: 32
2a0f:6c42::/32 maxlen: 32
2a0f:6c43::/32 maxlen: 32
2a0f:6c44::/32 maxlen: 32
2a0f:6c45::/32 maxlen: 32
2a0f:6c46::/32 maxlen: 32
2a0f:6c47::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:73:fa:4b:be:d2:89:d4:ee:ec:af:3a:46:f7:2d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Jan 21 15:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30ae64bc704d000967291ab42350af661545f4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:de:51:7e:2c:ce:25:2b:7b:45:a0:f1:d6:6c:
cb:8d:fd:15:ef:44:14:85:ff:68:72:2d:1e:df:20:
d5:3f:fd:e2:e1:5d:33:cf:3a:6e:e0:42:14:21:31:
25:25:80:6d:8a:60:38:a9:bb:82:a9:1b:92:61:3d:
4f:49:f0:2e:17:1f:bd:13:17:c2:f2:c6:c7:f4:d7:
6f:85:f7:0c:23:dd:dc:b4:4a:2c:42:36:63:01:32:
b4:ee:48:66:4a:b4:b5:da:35:23:7d:a2:84:4b:5e:
44:1a:8d:7b:c7:84:d0:d7:a4:ac:41:23:af:1c:b3:
77:fd:a3:cd:ce:c5:a0:6b:df:15:ff:87:da:78:14:
4f:84:5f:a6:a7:4a:c7:fd:00:83:c6:3b:88:65:92:
37:cf:da:b3:58:b5:60:a3:32:15:3b:bd:5e:96:81:
60:08:79:c5:8e:fc:ba:29:f4:93:25:48:1d:4b:e6:
41:4f:55:7e:e7:2f:30:09:e5:57:81:ac:0f:ad:d4:
63:62:3d:fc:d5:6c:1c:8b:3c:14:2f:43:4d:a8:99:
1c:f7:0f:72:8b:00:1f:9f:e8:b5:64:4c:50:3e:5d:
93:6e:8b:7a:6e:03:47:eb:ba:91:fe:31:da:0e:52:
b0:4c:f6:13:82:44:7c:da:25:90:2d:60:ad:b8:a0:
6b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AE:64:BC:70:4D:00:09:67:29:1A:B4:23:50:AF:66:15:45:F4:D8
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/MK5kvHBNAAlnKRq0I1CvZhVF9Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
IPv6:
2a0f:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
36:25:c5:66:c9:de:e5:8c:2f:97:b3:07:c6:90:eb:ab:32:3e:
bb:59:9a:f0:a3:83:e7:32:3a:ff:46:34:4f:5f:d1:40:f0:8a:
1a:b4:ae:58:c7:64:0b:f2:a0:90:34:78:7b:b6:7a:0b:a3:06:
55:cd:7c:67:4d:5e:4c:5e:5f:b9:e3:44:fb:a8:6b:33:3f:bd:
53:b5:77:67:45:d5:5a:db:0c:b7:4a:f6:ac:bc:31:2b:49:f8:
b1:6a:cb:82:ea:cc:5a:52:45:bb:54:e3:dc:40:4a:3b:70:9a:
f3:93:26:8d:35:92:71:f1:40:c9:90:40:26:20:2c:48:3f:01:
01:fc:7f:fd:ba:00:42:0b:65:f5:c3:40:e2:b4:33:77:51:12:
15:a6:39:29:56:0d:14:b1:ca:d3:78:93:38:17:c1:1a:fe:d6:
c5:d6:e6:51:90:bf:0f:46:ff:7e:2e:a6:d5:fe:f7:c7:02:9e:
48:c3:c9:3c:9a:68:88:4b:70:a3:9c:e4:87:2e:50:91:94:fb:
28:0a:f8:05:91:1a:53:c4:30:b6:99:55:0a:42:26:f9:af:a6:
1e:6b:00:ca:13:1c:ea:d3:24:c7:42:cd:ef:f1:df:b3:95:07:
28:42:2b:69:d0:ee:86:25:4f:e0:2f:93:ec:23:03:a2:f8:7a:
bd:7b:2c:98
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZSJc/pLvtKJ1O7srzpG9y3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjUwMTIxMTUyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFlNjRiYzcwNGQwMDA5NjcyOTFhYjQyMzUwYWY2NjE1NDVmNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzt5RfizOJSt7RaDx1mzLjf0V70QU
hf9oci0e3yDVP/3i4V0zzzpu4EIUITElJYBtimA4qbuCqRuSYT1PSfAuFx+9ExfC
8sbH9NdvhfcMI93ctEosQjZjATK07khmSrS12jUjfaKES15EGo17x4TQ16SsQSOv
HLN3/aPNzsWga98V/4faeBRPhF+mp0rH/QCDxjuIZZI3z9qzWLVgozIVO71eloFg
CHnFjvy6KfSTJUgdS+ZBT1V+5y8wCeVXgawPrdRjYj381WwcizwUL0NNqJkc9w9y
iwAfn+i1ZExQPl2Tbot6bgNH67qR/jHaDlKwTPYTgkR82iWQLWCtuKBrHQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDCuZLxwTQAJZykatCNQr2YVRfTYMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvTUs1a3ZIQk5BQWxuS1JxMEkxQ3ZaaFZGOU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwG0eMAwD
BADAbSUDBADAbSYwDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQADggEBADYl
xWbJ3uWML5ezB8aQ66syPrtZmvCjg+cyOv9GNE9f0UDwihq0rljHZAvyoJA0eHu2
egujBlXNfGdNXkxeX7njRPuoazM/vVO1d2dF1VrbDLdK9qy8MStJ+LFqy4LqzFpS
RbtU49xASjtwmvOTJo01knHxQMmQQCYgLEg/AQH8f/26AEILZfXDQOK0M3dREhWm
OSlWDRSxytN4kzgXwRr+1sXW5lGQvw9G/34uptX+98cCnkjDyTyaaIhLcKOc5Icu
UJGU+ygK+AWRGlPEMLaZVQpCJvmvph5rAMoTHOrTJMdCze/x37OVByhCK2nQ7oYl
T+Avk+wjA6L4er17LJg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net