Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/iPiMHpc7CUaTXmUwMPRh2GVoFAI.roa
File: iPiMHpc7CUaTXmUwMPRh2GVoFAI.roa (raw, json)
Hash identifier: Abf+t1cvodDgIa0DyKbhPCWPfKYkW++9Af4b+zenlL0=
Subject key identifier: 88:F8:8C:1E:97:3B:09:46:93:5E:65:30:30:F4:61:D8:65:68:14:02
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 0194805F727682372ABA672713002BF6CC9C
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/iPiMHpc7CUaTXmUwMPRh2GVoFAI.roa
Signing time: Sun 19 Jan 2025 21:02:06 +0000
ROA not before: Sun 19 Jan 2025 21:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
2a0f:6c40::/32 maxlen: 32
2a0f:6c41::/32 maxlen: 32
2a0f:6c42::/32 maxlen: 32
2a0f:6c43::/32 maxlen: 32
2a0f:6c44::/32 maxlen: 32
2a0f:6c45::/32 maxlen: 32
2a0f:6c47::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:80:5f:72:76:82:37:2a:ba:67:27:13:00:2b:f6:cc:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Jan 19 21:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88f88c1e973b0946935e653030f461d865681402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:a2:65:f1:3d:15:ec:4b:d0:4d:89:0b:0e:
2a:20:a7:c1:b8:7d:b9:76:44:ab:06:89:34:cd:74:
45:12:37:e0:d3:67:d2:9a:d0:0b:46:ee:d9:94:f7:
9a:3b:c0:59:f9:8c:f5:f0:8d:23:f5:cd:fd:18:ab:
f3:cb:81:1f:70:0d:bd:3f:db:7b:43:d7:27:94:f3:
01:ff:c6:09:01:bf:85:49:f9:58:8a:8c:94:f8:8a:
7a:2b:40:64:7e:7e:12:90:12:18:4b:23:60:53:af:
b0:c3:1c:d7:ae:ef:29:55:ba:91:cd:45:ea:09:cf:
50:4b:05:94:df:6f:be:5d:ba:69:fc:47:ba:88:19:
45:b3:73:6f:1f:e3:a8:f7:04:7f:ba:3e:80:fd:92:
a5:4d:e4:0a:e2:4b:f1:63:7e:0d:33:45:2b:51:48:
df:65:22:35:3d:26:87:89:7f:b6:8e:70:84:aa:1b:
4b:00:4f:bd:87:df:7a:fd:01:8c:af:cf:b7:3f:11:
60:1f:51:d8:a2:57:b2:9b:d8:b2:ea:b3:5d:7c:b1:
65:62:da:29:dc:bd:50:a6:74:2f:87:cb:70:4d:4d:
84:47:82:88:38:ad:b4:98:d6:6a:f0:dd:6d:67:ef:
b8:00:db:90:1e:06:f8:38:e2:b9:12:88:07:df:cc:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F8:8C:1E:97:3B:09:46:93:5E:65:30:30:F4:61:D8:65:68:14:02
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/iPiMHpc7CUaTXmUwMPRh2GVoFAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
IPv6:
2a0f:6c40::-2a0f:6c45:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:6c47::/32
Signature Algorithm: sha256WithRSAEncryption
3c:06:1b:95:2d:a1:68:0c:dc:e2:d3:c2:43:2d:92:21:13:82:
ff:a1:3a:f6:37:fa:f1:62:f1:35:1c:fe:bd:e5:60:72:15:fb:
94:35:15:25:52:d4:20:fc:1f:14:d8:fe:28:c8:85:59:52:ba:
8f:f3:f5:e7:69:9b:d4:43:1d:df:c4:20:2a:72:43:2b:77:69:
5c:3e:00:61:1a:0e:f4:c0:9c:38:e1:d4:19:07:43:32:81:35:
41:b5:31:48:3c:ef:05:77:14:df:b1:42:01:a3:76:87:c5:6f:
9d:73:46:ab:73:1a:f8:05:2a:06:3d:f2:c8:77:92:ef:eb:30:
17:52:b3:1d:87:bb:d4:cf:56:80:75:51:0e:82:89:ed:c5:19:
8f:f9:39:9f:66:09:07:f1:b2:06:f2:00:2f:34:d1:32:18:5b:
3f:23:05:05:f0:0c:ff:1a:16:47:83:16:22:45:7a:51:10:7d:
51:4a:5d:31:f9:39:a8:96:83:a5:d3:85:29:71:61:ab:45:6a:
30:7f:fc:5c:bb:13:da:09:2f:50:2b:d8:c1:fd:b7:6c:e5:35:
5d:5e:5a:8d:58:29:fd:a0:06:18:c9:f1:99:80:e9:45:69:b3:
92:a3:a7:11:71:4c:11:53:f0:73:45:65:a2:6c:6c:e6:95:ca:
91:a6:27:66
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZSAX3J2gjcqumcnEwAr9sycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjUwMTE5MjEwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY4OGMxZTk3M2IwOTQ2OTM1ZTY1MzAzMGY0NjFkODY1NjgxNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuouiZfE9FexL0E2JCw4qIKfBuH25
dkSrBok0zXRFEjfg02fSmtALRu7ZlPeaO8BZ+Yz18I0j9c39GKvzy4EfcA29P9t7
Q9cnlPMB/8YJAb+FSflYioyU+Ip6K0Bkfn4SkBIYSyNgU6+wwxzXru8pVbqRzUXq
Cc9QSwWU32++Xbpp/Ee6iBlFs3NvH+Oo9wR/uj6A/ZKlTeQK4kvxY34NM0UrUUjf
ZSI1PSaHiX+2jnCEqhtLAE+9h996/QGMr8+3PxFgH1HYoleym9iy6rNdfLFlYtop
3L1QpnQvh8twTU2ER4KIOK20mNZq8N1tZ++4ANuQHgb4OOK5EogH38zD+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIj4jB6XOwlGk15lMDD0YdhlaBQCMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvaVBpTUhwYzdDVWFUWG1Vd01QUmgyR1ZvRkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAaBAIAATAUAwQAwG0eMAwD
BADAbSUDBADAbSYwHQQCAAIwFzAOAwUGKg9sQAMFASoPbEQDBQAqD2xHMA0GCSqG
SIb3DQEBCwUAA4IBAQA8BhuVLaFoDNzi08JDLZIhE4L/oTr2N/rxYvE1HP695WBy
FfuUNRUlUtQg/B8U2P4oyIVZUrqP8/XnaZvUQx3fxCAqckMrd2lcPgBhGg70wJw4
4dQZB0MygTVBtTFIPO8FdxTfsUIBo3aHxW+dc0arcxr4BSoGPfLId5Lv6zAXUrMd
h7vUz1aAdVEOgontxRmP+TmfZgkH8bIG8gAvNNEyGFs/IwUF8Az/GhZHgxYiRXpR
EH1RSl0x+TmoloOl04UpcWGrRWowf/xcuxPaCS9QK9jB/bds5TVdXlqNWCn9oAYY
yfGZgOlFabOSo6cRcUwRU/BzRWWibGzmlcqRpidm
-----END CERTIFICATE-----
Generated at Tue Jan 21 17:35:01 2025 by rpki-client on console.sobornost.net