Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f4b1a1-fe88-4450-bd32-d0c83be40185/1/K4wUu7obHZ1pQeOh3vYsQgoummw.roa
File: K4wUu7obHZ1pQeOh3vYsQgoummw.roa (raw, json)
Hash identifier: jArnZVWT3LFdRd35DdT9LyAFWuY1r/brZRKqPdnSEKo=
Subject key identifier: 2B:8C:14:BB:BA:1B:1D:9D:69:41:E3:A1:DE:F6:2C:42:0A:2E:9A:6C
Certificate issuer: /CN=80c72eaebc20461c31cf942e4e155f07b8a03c7c
Certificate serial: 01942669DD11C2C36251CA1150E54A28BD5D
Authority key identifier: 80:C7:2E:AE:BC:20:46:1C:31:CF:94:2E:4E:15:5F:07:B8:A0:3C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gMcurrwgRhwxz5QuThVfB7igPHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f4b1a1-fe88-4450-bd32-d0c83be40185/1/K4wUu7obHZ1pQeOh3vYsQgoummw.roa
Signing time: Thu 02 Jan 2025 09:47:39 +0000
ROA not before: Thu 02 Jan 2025 09:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45035
IP address blocks: 195.60.178.0/24 maxlen: 24
195.60.179.0/24 maxlen: 24
195.158.234.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:dd:11:c2:c3:62:51:ca:11:50:e5:4a:28:bd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80c72eaebc20461c31cf942e4e155f07b8a03c7c
Validity
Not Before: Jan 2 09:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b8c14bbba1b1d9d6941e3a1def62c420a2e9a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b2:d4:66:8d:29:44:bd:db:7c:0d:4f:78:1e:
bc:1e:4b:ab:0b:53:d8:71:98:5e:1f:42:d5:cc:26:
ae:f5:0b:5f:49:f1:21:09:be:61:34:a5:6c:f8:b1:
ba:2f:a5:4f:34:23:57:66:3d:71:56:d7:bb:86:7f:
2f:f7:b1:00:64:83:0a:00:e2:ce:49:5a:19:b1:1c:
42:e9:5c:5a:18:6b:62:79:51:66:a7:47:fb:d2:c9:
7a:cb:c0:ac:8b:6c:61:4b:99:22:d3:4a:86:98:c0:
79:d0:3e:f2:e4:66:74:85:06:f5:22:1c:3e:72:b1:
d9:c9:c0:22:05:c1:ee:76:a8:94:65:13:2a:73:94:
08:4f:3d:5e:e1:ed:92:a4:e1:80:02:f4:4a:13:00:
26:15:05:6d:c4:46:e2:35:92:d7:73:b3:01:f8:09:
e3:5d:3f:6c:2b:c3:95:ef:b9:f2:c3:dd:8e:eb:a7:
9d:c7:c3:6b:9e:55:3d:b8:0a:a8:5c:73:d2:24:92:
10:84:d8:dc:66:b9:18:0f:20:a1:4e:0f:0b:ab:22:
3a:af:3d:cb:01:f9:7d:b4:7d:dc:2e:46:b3:97:fe:
e4:4a:1b:f6:9f:5b:6e:07:37:c5:21:05:62:1a:4c:
ff:73:68:21:f3:f5:b0:33:b0:04:1f:85:55:38:43:
be:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8C:14:BB:BA:1B:1D:9D:69:41:E3:A1:DE:F6:2C:42:0A:2E:9A:6C
X509v3 Authority Key Identifier:
keyid:80:C7:2E:AE:BC:20:46:1C:31:CF:94:2E:4E:15:5F:07:B8:A0:3C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gMcurrwgRhwxz5QuThVfB7igPHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f4b1a1-fe88-4450-bd32-d0c83be40185/1/K4wUu7obHZ1pQeOh3vYsQgoummw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f4b1a1-fe88-4450-bd32-d0c83be40185/1/gMcurrwgRhwxz5QuThVfB7igPHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.178.0/23
195.158.234.0/23
Signature Algorithm: sha256WithRSAEncryption
99:b6:50:0e:a8:99:e5:11:da:49:16:f5:c2:3b:c7:30:fa:17:
66:c1:e1:94:cc:44:4f:b1:8d:71:61:0f:b8:70:75:76:3f:a9:
36:88:e2:6b:59:22:64:1a:ed:13:aa:fa:b3:15:c2:46:b3:61:
e5:23:ff:74:43:1d:df:92:1b:17:8c:cb:ca:24:2e:77:55:39:
be:b7:aa:7e:43:71:e8:4a:10:12:3f:0b:72:f7:a3:c1:97:a0:
44:e7:62:d1:af:43:5f:87:74:28:fc:73:b0:73:b0:70:28:8a:
70:e3:34:13:6b:03:28:bc:ea:d0:74:7a:0a:03:13:68:9a:c7:
f0:fd:27:cd:29:10:c8:9e:bd:ac:3c:ba:cf:d7:6d:d2:d5:3b:
04:01:4d:9b:e7:cb:84:da:00:9c:94:5b:cd:e4:b7:4c:1a:2c:
64:3b:63:7d:29:dc:9a:67:bf:a7:b7:45:0d:1d:0f:cf:b8:ff:
77:18:c0:53:0c:5b:45:dd:33:f1:41:15:ff:81:94:0d:62:4b:
f1:04:39:5f:7f:89:68:74:94:81:e9:f3:68:87:af:c1:27:26:
e6:fe:ea:c7:f9:ec:43:ba:ed:2c:e0:41:d1:25:4f:34:21:12:
a3:7a:98:61:19:b9:59:91:69:fb:b3:f0:82:6e:24:45:04:c7:
bb:11:30:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmad0RwsNiUcoRUOVKKL1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYzcyZWFlYmMyMDQ2MWMzMWNmOTQyZTRlMTU1ZjA3Yjhh
MDNjN2MwHhcNMjUwMTAyMDk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjhjMTRiYmJhMWIxZDlkNjk0MWUzYTFkZWY2MmM0MjBhMmU5YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bLUZo0pRL3bfA1PeB68HkurC1PY
cZheH0LVzCau9QtfSfEhCb5hNKVs+LG6L6VPNCNXZj1xVte7hn8v97EAZIMKAOLO
SVoZsRxC6VxaGGtieVFmp0f70sl6y8Csi2xhS5ki00qGmMB50D7y5GZ0hQb1Ihw+
crHZycAiBcHudqiUZRMqc5QITz1e4e2SpOGAAvRKEwAmFQVtxEbiNZLXc7MB+Anj
XT9sK8OV77nyw92O66edx8NrnlU9uAqoXHPSJJIQhNjcZrkYDyChTg8LqyI6rz3L
Afl9tH3cLkazl/7kShv2n1tuBzfFIQViGkz/c2gh8/WwM7AEH4VVOEO+xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCuMFLu6Gx2daUHjod72LEIKLppsMB8GA1UdIwQY
MBaAFIDHLq68IEYcMc+ULk4VXwe4oDx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ01jdXJyd2dSaHd4ejVRdVRoVmZCN2lnUEh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNGIxYTEtZmU4OC00NDUwLWJkMzIt
ZDBjODNiZTQwMTg1LzEvSzR3VXU3b2JIWjFwUWVPaDN2WXNRZ291bW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNGIxYTEtZmU4OC00NDUwLWJkMzItZDBjODNiZTQwMTg1
LzEvZ01jdXJyd2dSaHd4ejVRdVRoVmZCN2lnUEh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwzyyAwQB
w57qMA0GCSqGSIb3DQEBCwUAA4IBAQCZtlAOqJnlEdpJFvXCO8cw+hdmweGUzERP
sY1xYQ+4cHV2P6k2iOJrWSJkGu0TqvqzFcJGs2HlI/90Qx3fkhsXjMvKJC53VTm+
t6p+Q3HoShASPwty96PBl6BE52LRr0Nfh3Qo/HOwc7BwKIpw4zQTawMovOrQdHoK
AxNomsfw/SfNKRDInr2sPLrP123S1TsEAU2b58uE2gCclFvN5LdMGixkO2N9Kdya
Z7+nt0UNHQ/PuP93GMBTDFtF3TPxQRX/gZQNYkvxBDlff4lodJSB6fNoh6/BJybm
/urH+exDuu0s4EHRJU80IRKjephhGblZkWn7s/CCbiRFBMe7ETDW
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net