Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/rdMKkMaHfdWNXSGH8FsWUlQ7D6Q.roa
File: rdMKkMaHfdWNXSGH8FsWUlQ7D6Q.roa (raw, json)
Hash identifier: lGvKyGfhIjanaigrkcQySpZWBGRsLu6frqamWcC0ZCs=
Subject key identifier: AD:D3:0A:90:C6:87:7D:D5:8D:5D:21:87:F0:5B:16:52:54:3B:0F:A4
Certificate issuer: /CN=5b1d228b6acbd1803cff560fa4b42f832d28324f
Certificate serial: 01942444ABC6B3C990A59D0F98BBB7E13E4D
Authority key identifier: 5B:1D:22:8B:6A:CB:D1:80:3C:FF:56:0F:A4:B4:2F:83:2D:28:32:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/rdMKkMaHfdWNXSGH8FsWUlQ7D6Q.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2200
IP address blocks: 192.54.174.0/24 maxlen: 24
192.54.175.0/24 maxlen: 24
192.54.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ab:c6:b3:c9:90:a5:9d:0f:98:bb:b7:e1:3e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b1d228b6acbd1803cff560fa4b42f832d28324f
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=add30a90c6877dd58d5d2187f05b1652543b0fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a5:c3:42:35:62:92:62:fe:8d:9a:19:91:74:
52:a0:21:65:86:55:09:0c:e9:be:86:02:b1:35:db:
85:1d:38:48:eb:91:28:06:25:cc:ca:d3:25:90:96:
ac:7d:f2:c2:26:9b:be:38:f9:d8:e8:cc:51:49:29:
19:84:d1:be:2a:12:77:48:50:6f:e9:e5:58:d2:5d:
3f:aa:c3:44:65:c8:5b:0f:4d:3f:44:2d:a9:fc:eb:
96:af:96:8a:2c:93:c5:39:73:07:d4:3b:fd:12:33:
34:43:85:37:79:a6:dd:6a:b1:79:cd:90:26:2a:0a:
66:70:98:2f:bf:83:20:67:42:f9:cc:dc:27:4e:bb:
d6:b8:af:73:af:1c:c7:d5:ae:2f:f3:2c:e5:e8:3a:
42:4e:13:d0:94:bc:a0:85:d0:67:7b:7d:42:dd:cb:
23:f5:8e:3c:e8:8e:d9:40:c5:42:f6:93:cf:c8:94:
94:f5:0a:3c:cf:dc:93:07:88:49:d8:82:4a:cd:87:
2c:f0:ce:4e:00:bb:2f:51:b0:a0:23:f2:31:47:f3:
5d:72:8b:51:e7:3b:1e:0b:af:3f:58:40:7b:65:fd:
40:b2:93:45:51:09:54:59:2f:3c:06:b4:7b:6e:90:
d2:cc:46:8f:62:52:ec:9b:44:a4:81:6a:35:56:26:
af:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D3:0A:90:C6:87:7D:D5:8D:5D:21:87:F0:5B:16:52:54:3B:0F:A4
X509v3 Authority Key Identifier:
keyid:5B:1D:22:8B:6A:CB:D1:80:3C:FF:56:0F:A4:B4:2F:83:2D:28:32:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/rdMKkMaHfdWNXSGH8FsWUlQ7D6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9eed05-1477-4f05-8ae3-618e89b12c41/1/Wx0ii2rL0YA8_1YPpLQvgy0oMk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.54.174.0-192.54.176.255
Signature Algorithm: sha256WithRSAEncryption
96:26:b6:00:32:2d:61:59:d0:97:98:92:ad:25:ca:a6:26:48:
57:b4:b6:f0:32:5d:1b:4c:6c:8a:e4:a9:ca:74:b6:66:aa:4f:
f5:2c:1b:59:e3:0f:b3:c8:d0:e8:d3:30:45:16:bf:c0:6e:82:
54:f0:b8:80:1c:dc:2c:b8:a5:2e:4a:5e:08:a0:53:76:33:16:
6d:1c:05:87:1e:f2:9a:44:57:07:8f:85:f0:52:3e:6e:1e:7b:
52:ea:5b:42:73:ff:ea:e5:92:d2:b6:71:7e:32:9f:40:18:9c:
b7:c8:97:3b:52:92:63:eb:06:3d:27:57:37:c8:81:86:17:1f:
ea:6f:98:ff:eb:25:c5:e9:6a:21:7f:97:e3:db:75:4d:03:3b:
9a:9d:59:6e:6a:86:fb:90:f4:53:fa:79:8e:c9:bd:4f:99:5a:
52:ec:32:3e:2f:eb:b0:97:15:ca:60:fa:ab:6f:f7:71:aa:cd:
51:d3:53:54:91:89:33:09:c9:4d:6c:0d:56:fe:9a:5e:b1:11:
9b:b4:9c:22:11:df:68:d7:28:00:cc:dc:ac:db:86:bb:3d:d4:
e6:d6:2e:70:6e:6b:ed:0a:d5:a6:53:34:39:43:2b:47:3d:73:
24:19:02:8e:c8:f3:44:58:64:25:f2:e0:69:46:e1:06:4a:2a:
e3:ef:f5:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQkRKvGs8mQpZ0PmLu34T5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMWQyMjhiNmFjYmQxODAzY2ZmNTYwZmE0YjQyZjgzMmQy
ODMyNGYwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQzMGE5MGM2ODc3ZGQ1OGQ1ZDIxODdmMDViMTY1MjU0M2IwZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqXDQjVikmL+jZoZkXRSoCFlhlUJ
DOm+hgKxNduFHThI65EoBiXMytMlkJasffLCJpu+OPnY6MxRSSkZhNG+KhJ3SFBv
6eVY0l0/qsNEZchbD00/RC2p/OuWr5aKLJPFOXMH1Dv9EjM0Q4U3eabdarF5zZAm
KgpmcJgvv4MgZ0L5zNwnTrvWuK9zrxzH1a4v8yzl6DpCThPQlLyghdBne31C3csj
9Y486I7ZQMVC9pPPyJSU9Qo8z9yTB4hJ2IJKzYcs8M5OALsvUbCgI/IxR/NdcotR
5zseC68/WEB7Zf1AspNFUQlUWS88BrR7bpDSzEaPYlLsm0SkgWo1ViavuwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK3TCpDGh33VjV0hh/BbFlJUOw+kMB8GA1UdIwQY
MBaAFFsdIotqy9GAPP9WD6S0L4MtKDJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3gwaWkyckwwWUE4XzFZUHBMUXZneTBvTWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZWVkMDUtMTQ3Ny00ZjA1LThhZTMt
NjE4ZTg5YjEyYzQxLzEvcmRNS2tNYUhmZFdOWFNHSDhGc1dVbFE3RDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZWVkMDUtMTQ3Ny00ZjA1LThhZTMtNjE4ZTg5YjEyYzQx
LzEvV3gwaWkyckwwWUE4XzFZUHBMUXZneTBvTWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHANq4D
BADANrAwDQYJKoZIhvcNAQELBQADggEBAJYmtgAyLWFZ0JeYkq0lyqYmSFe0tvAy
XRtMbIrkqcp0tmaqT/UsG1njD7PI0OjTMEUWv8BuglTwuIAc3Cy4pS5KXgigU3Yz
Fm0cBYce8ppEVwePhfBSPm4ee1LqW0Jz/+rlktK2cX4yn0AYnLfIlztSkmPrBj0n
VzfIgYYXH+pvmP/rJcXpaiF/l+PbdU0DO5qdWW5qhvuQ9FP6eY7JvU+ZWlLsMj4v
67CXFcpg+qtv93GqzVHTU1SRiTMJyU1sDVb+ml6xEZu0nCIR32jXKADM3Kzbhrs9
1ObWLnBua+0K1aZTNDlDK0c9cyQZAo7I80RYZCXy4GlG4QZKKuPv9Qs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:29 2025 by rpki-client on console.sobornost.net