Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/i_E14tU_jnnkTSG9INpa9JShg9E.roa
File: i_E14tU_jnnkTSG9INpa9JShg9E.roa (raw, json)
Hash identifier: ZqQOvQcYLRY+mr+wSPe0ltP607X6tGik7hBPTVxfXqk=
Subject key identifier: 8B:F1:35:E2:D5:3F:8E:79:E4:4D:21:BD:20:DA:5A:F4:94:A1:83:D1
Certificate issuer: /CN=3f56a63331552ef91d8a0005a338ec982df37c8b
Certificate serial: 019426D971ED1051611C661EA1C97889B697
Authority key identifier: 3F:56:A6:33:31:55:2E:F9:1D:8A:00:05:A3:38:EC:98:2D:F3:7C:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1amMzFVLvkdigAFozjsmC3zfIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/i_E14tU_jnnkTSG9INpa9JShg9E.roa
Signing time: Thu 02 Jan 2025 11:49:32 +0000
ROA not before: Thu 02 Jan 2025 11:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198575
IP address blocks: 194.146.66.0/23 maxlen: 23
194.146.66.0/24 maxlen: 24
194.146.67.0/24 maxlen: 24
2a00:6e40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:71:ed:10:51:61:1c:66:1e:a1:c9:78:89:b6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f56a63331552ef91d8a0005a338ec982df37c8b
Validity
Not Before: Jan 2 11:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bf135e2d53f8e79e44d21bd20da5af494a183d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:12:7c:74:a3:00:6d:ce:10:50:f3:79:d9:
d1:77:d3:af:fa:81:24:4d:86:6f:cb:9e:3a:d7:58:
e7:29:21:89:60:d0:ef:14:ce:d8:2c:77:90:73:65:
4d:7d:e1:4c:e4:11:c3:92:15:5e:6c:69:18:30:64:
6d:66:70:3e:8f:76:31:ea:96:62:a0:7a:5e:e2:6c:
08:0f:cf:59:d7:41:44:ee:3e:91:a6:a8:27:81:9b:
12:7a:f3:8d:48:6c:4b:a4:ac:2f:8a:88:d1:17:f7:
a7:05:f7:b8:2d:05:14:4d:32:b1:80:55:ac:0b:b0:
73:73:4b:3f:56:ff:56:17:45:96:28:ee:2f:42:fd:
08:cf:c8:ed:12:8b:32:77:f5:e3:f4:f4:73:40:2c:
0a:fe:12:f7:9a:1c:c5:5c:a9:e8:e2:3b:f3:4f:4c:
dc:0c:1c:76:21:cb:ac:8f:a9:d8:f0:fd:4f:4d:bf:
9a:23:3b:47:14:eb:09:7a:22:34:8e:c8:65:b0:e9:
a2:7d:d6:dd:5c:48:1f:67:2c:d6:62:9c:a8:b0:1f:
2a:6f:b7:7b:0a:b7:38:e5:b1:49:40:18:15:70:c8:
f8:10:39:24:90:bd:34:3b:60:55:02:39:08:78:6e:
be:31:80:f9:07:bf:0a:fc:10:2b:46:a1:0f:63:22:
70:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F1:35:E2:D5:3F:8E:79:E4:4D:21:BD:20:DA:5A:F4:94:A1:83:D1
X509v3 Authority Key Identifier:
keyid:3F:56:A6:33:31:55:2E:F9:1D:8A:00:05:A3:38:EC:98:2D:F3:7C:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1amMzFVLvkdigAFozjsmC3zfIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/i_E14tU_jnnkTSG9INpa9JShg9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2b179c-2d2d-4423-b6d6-b0837a7d4641/1/P1amMzFVLvkdigAFozjsmC3zfIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.66.0/23
IPv6:
2a00:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
14:bd:2a:b2:b4:2e:2e:b6:cc:34:ce:9e:f2:47:cf:63:f7:78:
d5:dc:51:4c:2e:7b:0d:61:87:73:d1:5e:a3:b9:6d:67:cc:2a:
9f:68:c6:e7:93:26:f1:0c:92:83:fa:61:31:fb:c0:ed:06:fd:
e3:d5:89:12:84:e6:a1:60:cf:02:f9:6b:a4:47:b3:1f:fa:73:
7a:b9:cc:c4:5f:44:41:38:96:e4:f4:f0:d7:d0:e0:5e:02:28:
9b:ad:58:27:1c:62:d6:06:bb:4c:73:21:bd:3b:b9:49:ba:ed:
f4:09:e1:72:d1:00:9e:ea:04:a3:5e:e7:23:89:e4:3a:2f:89:
46:eb:7c:06:8a:cb:ae:d2:1e:87:5c:41:c3:38:cc:0f:0e:eb:
d9:6a:85:dc:4e:22:dc:67:33:91:17:33:75:c3:39:e4:9c:c9:
6f:47:fe:e9:63:b2:62:d9:58:48:3f:16:41:db:49:5d:2a:ef:
05:e6:f6:f9:58:18:30:45:39:95:08:6a:a9:7b:15:04:2d:b4:
b3:31:36:f0:60:c8:fe:f8:51:26:6a:1d:7a:8f:22:1d:b4:ba:
60:e0:f8:3f:ce:ac:e0:73:13:54:17:f8:4a:2b:00:4f:e9:c4:
59:ab:55:8c:46:e5:a3:55:bf:e4:27:0d:f6:6f:9a:e3:b6:cb:
fe:22:b4:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2XHtEFFhHGYeocl4ibaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNTZhNjMzMzE1NTJlZjkxZDhhMDAwNWEzMzhlYzk4MmRm
MzdjOGIwHhcNMjUwMTAyMTE0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYxMzVlMmQ1M2Y4ZTc5ZTQ0ZDIxYmQyMGRhNWFmNDk0YTE4M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArocSfHSjAG3OEFDzednRd9Ov+oEk
TYZvy54611jnKSGJYNDvFM7YLHeQc2VNfeFM5BHDkhVebGkYMGRtZnA+j3Yx6pZi
oHpe4mwID89Z10FE7j6RpqgngZsSevONSGxLpKwviojRF/enBfe4LQUUTTKxgFWs
C7Bzc0s/Vv9WF0WWKO4vQv0Iz8jtEosyd/Xj9PRzQCwK/hL3mhzFXKno4jvzT0zc
DBx2Icusj6nY8P1PTb+aIztHFOsJeiI0jshlsOmifdbdXEgfZyzWYpyosB8qb7d7
Crc45bFJQBgVcMj4EDkkkL00O2BVAjkIeG6+MYD5B78K/BArRqEPYyJwzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIvxNeLVP4555E0hvSDaWvSUoYPRMB8GA1UdIwQY
MBaAFD9WpjMxVS75HYoABaM47Jgt83yLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDFhbU16RlZMdmtkaWdBRm96anNtQzN6ZklzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yYjE3OWMtMmQyZC00NDIzLWI2ZDYt
YjA4MzdhN2Q0NjQxLzEvaV9FMTR0VV9qbm5rVFNHOUlOcGE5SlNoZzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yYjE3OWMtMmQyZC00NDIzLWI2ZDYtYjA4MzdhN2Q0NjQx
LzEvUDFhbU16RlZMdmtkaWdBRm96anNtQzN6ZklzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwpJCMA0E
AgACMAcDBQAqAG5AMA0GCSqGSIb3DQEBCwUAA4IBAQAUvSqytC4utsw0zp7yR89j
93jV3FFMLnsNYYdz0V6juW1nzCqfaMbnkybxDJKD+mEx+8DtBv3j1YkShOahYM8C
+WukR7Mf+nN6uczEX0RBOJbk9PDX0OBeAiibrVgnHGLWBrtMcyG9O7lJuu30CeFy
0QCe6gSjXucjieQ6L4lG63wGisuu0h6HXEHDOMwPDuvZaoXcTiLcZzORFzN1wznk
nMlvR/7pY7Ji2VhIPxZB20ldKu8F5vb5WBgwRTmVCGqpexUELbSzMTbwYMj++FEm
ah16jyIdtLpg4Pg/zqzgcxNUF/hKKwBP6cRZq1WMRuWjVb/kJw32b5rjtsv+IrS9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:19 2025 by rpki-client on console.sobornost.net