Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/pszj2ow_8e4yhWJ4p_2OlR6lAZA.roa
File: pszj2ow_8e4yhWJ4p_2OlR6lAZA.roa (raw, json)
Hash identifier: Bkleu+zwlUm+Ij3pdF+L2pghaKZyEcPMCuJgamcNwU0=
Subject key identifier: A6:CC:E3:DA:8C:3F:F1:EE:32:85:62:78:A7:FD:8E:95:1E:A5:01:90
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 0194282702CFE28023A63B59117493725764
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/pszj2ow_8e4yhWJ4p_2OlR6lAZA.roa
Signing time: Thu 02 Jan 2025 17:53:52 +0000
ROA not before: Thu 02 Jan 2025 17:53:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49825
IP address blocks: 193.19.82.0/23 maxlen: 24
194.165.0.0/24 maxlen: 24
194.165.1.0/24 maxlen: 24
195.211.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:02:cf:e2:80:23:a6:3b:59:11:74:93:72:57:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Jan 2 17:53:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6cce3da8c3ff1ee32856278a7fd8e951ea50190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c6:d3:51:92:8b:ec:ca:12:11:83:b1:6d:8c:
0d:3d:3f:dc:25:dc:b2:34:72:38:86:9f:fd:ed:42:
0e:65:7a:56:64:5f:37:d0:5c:1e:f5:0f:11:75:6c:
59:b8:cc:e5:61:62:47:8f:a2:04:03:ab:b8:85:ad:
96:08:1e:fd:7c:84:1b:29:67:ee:4e:2e:47:b0:69:
57:25:ed:4f:31:14:45:be:39:78:ec:3f:07:d9:29:
64:ee:52:b1:0f:81:4a:cd:c8:93:b3:68:82:93:e5:
ad:b3:15:97:24:5b:6a:6a:d5:67:45:8c:05:2a:1a:
94:86:22:10:56:f0:8e:2d:ef:d5:57:30:e5:0c:6f:
02:f0:07:b5:41:24:71:88:4e:46:ce:9b:b0:c7:01:
dc:96:41:3a:66:7d:8f:79:1d:2a:33:64:95:62:90:
75:cd:d1:10:0d:d5:d8:e1:40:14:46:b5:93:1e:ef:
95:dc:8f:44:ec:47:2b:4c:74:57:62:f0:b3:4d:d6:
b8:7f:1a:e4:05:1a:b7:84:67:10:bf:3f:96:60:18:
a1:17:e5:8a:b7:b3:a1:c1:99:d4:c9:4a:0e:a6:67:
a6:82:9d:4b:db:6a:b5:b3:5f:e7:34:8e:d1:b6:ea:
e4:e9:90:e1:8f:ea:63:20:37:c9:50:49:14:34:2e:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:CC:E3:DA:8C:3F:F1:EE:32:85:62:78:A7:FD:8E:95:1E:A5:01:90
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/pszj2ow_8e4yhWJ4p_2OlR6lAZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.0.0/23
195.211.76.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:17:dd:77:29:4c:e2:b2:51:c7:3a:e2:e7:5b:9e:2e:ab:40:
a7:51:05:54:a1:b7:88:27:71:f0:10:b5:ce:16:97:da:19:17:
7f:e6:6e:78:2a:82:88:16:56:cf:3a:3f:45:cc:d9:34:d3:27:
9f:fb:97:ea:7c:89:38:44:0c:83:38:1c:57:3b:dc:ef:87:66:
10:cf:08:6f:9c:a4:c0:61:3c:54:48:22:bf:43:02:9c:79:23:
bd:f8:e2:ae:25:c4:c4:a6:a7:71:fc:a3:a3:e5:95:12:82:aa:
aa:da:20:ab:d6:35:25:77:f2:ad:38:3a:62:37:d0:af:0f:1f:
c9:11:60:19:db:7c:f0:f1:26:d0:e9:d1:51:47:f8:c3:16:b5:
4d:a4:de:c0:e6:04:9c:b3:4b:94:72:8f:72:3b:a4:86:50:61:
be:aa:4c:45:bc:26:20:ea:b3:81:83:6d:3e:e6:29:0a:e3:73:
0f:32:f3:94:db:27:5a:10:10:b3:e2:4c:c9:b4:e6:f9:dd:56:
da:eb:7e:3a:f5:7b:97:61:4b:50:5b:da:a6:0c:27:f4:70:b9:
3f:a6:5d:4d:de:85:b7:a5:f4:34:c6:9e:57:6e:51:87:aa:2c:
b6:26:b5:8e:39:58:64:e0:d1:b1:47:74:fc:33:40:88:43:73:
c5:a4:01:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJwLP4oAjpjtZEXSTcldkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjUwMTAyMTc1MzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmNjZTNkYThjM2ZmMWVlMzI4NTYyNzhhN2ZkOGU5NTFlYTUwMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsbTUZKL7MoSEYOxbYwNPT/cJdyy
NHI4hp/97UIOZXpWZF830Fwe9Q8RdWxZuMzlYWJHj6IEA6u4ha2WCB79fIQbKWfu
Ti5HsGlXJe1PMRRFvjl47D8H2Slk7lKxD4FKzciTs2iCk+WtsxWXJFtqatVnRYwF
KhqUhiIQVvCOLe/VVzDlDG8C8Ae1QSRxiE5GzpuwxwHclkE6Zn2PeR0qM2SVYpB1
zdEQDdXY4UAURrWTHu+V3I9E7EcrTHRXYvCzTda4fxrkBRq3hGcQvz+WYBihF+WK
t7OhwZnUyUoOpmemgp1L22q1s1/nNI7Rturk6ZDhj+pjIDfJUEkUNC5fsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKbM49qMP/HuMoVieKf9jpUepQGQMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvcHN6ajJvd184ZTR5aFdKNHBfMk9sUjZsQVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRNSAwQB
wqUAAwQCw9NMMA0GCSqGSIb3DQEBCwUAA4IBAQBeF913KUzislHHOuLnW54uq0Cn
UQVUobeIJ3HwELXOFpfaGRd/5m54KoKIFlbPOj9FzNk00yef+5fqfIk4RAyDOBxX
O9zvh2YQzwhvnKTAYTxUSCK/QwKceSO9+OKuJcTEpqdx/KOj5ZUSgqqq2iCr1jUl
d/KtODpiN9CvDx/JEWAZ23zw8SbQ6dFRR/jDFrVNpN7A5gScs0uUco9yO6SGUGG+
qkxFvCYg6rOBg20+5ikK43MPMvOU2ydaEBCz4kzJtOb53Vba63469XuXYUtQW9qm
DCf0cLk/pl1N3oW3pfQ0xp5XblGHqiy2JrWOOVhk4NGxR3T8M0CIQ3PFpAFD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net