Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/Pk9eK0EWj_J0N4M2olPrrknNWdE.roa
File: Pk9eK0EWj_J0N4M2olPrrknNWdE.roa (raw, json)
Hash identifier: t3sUBm44iTOEND1bJO1gqiKeF1Mf+HEnp3wUiEC+pEM=
Subject key identifier: 3E:4F:5E:2B:41:16:8F:F2:74:37:83:36:A2:53:EB:AE:49:CD:59:D1
Certificate issuer: /CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Certificate serial: 0194221FFE7994F5FC530D720A527ACDA0C2
Authority key identifier: B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/Pk9eK0EWj_J0N4M2olPrrknNWdE.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201746
IP address blocks: 94.158.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fe:79:94:f5:fc:53:0d:72:0a:52:7a:cd:a0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e4f5e2b41168ff274378336a253ebae49cd59d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:ef:93:d5:03:9a:e5:07:d9:ed:ff:1f:da:
5f:d6:a0:40:45:25:ae:67:63:64:2a:a9:ac:e7:da:
a9:6d:92:09:e9:20:f8:ad:4f:ce:2d:78:e5:7d:15:
67:3a:4a:c5:2d:97:b6:fe:8b:59:26:6f:f8:94:21:
65:45:d5:27:45:e2:fc:21:2b:a2:0e:df:87:c1:0a:
ec:b9:1f:de:5f:4a:74:77:74:f3:6a:e3:5a:1d:74:
59:70:80:f0:be:14:94:4f:25:ae:b6:0e:f9:9b:67:
97:5e:62:ba:62:4b:85:25:98:7b:f2:7f:e9:f7:a4:
80:99:b1:b6:ab:71:99:f0:bb:f5:f0:4d:0c:ef:72:
f2:92:bd:09:18:8a:5c:92:b1:55:c9:4d:d3:a1:55:
88:37:77:c1:39:45:5a:bd:9a:b6:83:36:6c:d3:0a:
a9:12:bd:f5:83:68:53:bd:25:af:a8:b9:9e:39:a0:
b8:0b:e2:ae:2a:16:a9:61:74:a6:45:e1:e6:bb:68:
07:60:55:b0:e3:a0:bd:d7:a1:3f:71:fd:ae:04:b5:
67:e2:88:3b:8c:8a:bb:1a:bd:73:6b:3e:e1:16:5f:
99:bf:e7:b7:d7:2e:ba:79:88:19:1a:1b:9e:94:74:
d2:7e:46:6a:ff:ac:2f:12:9c:a5:5f:f0:11:4b:44:
d5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4F:5E:2B:41:16:8F:F2:74:37:83:36:A2:53:EB:AE:49:CD:59:D1
X509v3 Authority Key Identifier:
keyid:B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/Pk9eK0EWj_J0N4M2olPrrknNWdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/sgkwhUDE35ubt9Yyf6e11JAIBow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.254.0/24
Signature Algorithm: sha256WithRSAEncryption
42:22:35:a8:da:6e:19:71:a6:5c:be:d8:3c:c2:5d:4f:52:71:
26:e0:1a:b7:11:2b:de:9f:45:c8:e9:f6:67:c9:b2:9c:75:f4:
9b:fb:f9:33:6f:42:7d:3f:49:03:b8:e5:e9:15:18:4d:ce:0c:
d2:ed:ac:aa:ee:cb:23:e6:ad:4b:a2:fe:ea:da:04:6e:91:18:
60:1f:83:0c:54:34:e0:41:fc:4d:92:92:f1:a2:24:7b:b9:16:
15:d8:4c:f4:a8:0b:97:62:58:39:6f:a6:de:7d:d7:e1:6b:94:
ce:7e:42:1c:5d:2f:07:76:44:73:34:2f:74:9b:3f:4b:29:21:
37:98:3c:21:c5:ce:ca:19:10:ab:f3:ef:ed:3b:93:4d:7c:97:
54:aa:f7:78:11:bc:c6:b4:ac:98:ba:a1:49:c5:8d:27:af:48:
02:3d:9c:20:5d:b1:74:bb:e6:82:bd:91:4d:01:a7:ec:e8:53:
57:d9:a0:e5:af:28:9d:b0:ef:ed:f3:74:9d:f3:eb:33:9e:64:
c6:20:b6:d3:aa:49:43:49:b8:79:7a:2e:7c:d8:64:bd:3f:44:
ff:3e:f3:a8:7d:3c:c4:3c:7e:1f:8a:6a:f6:53:9f:f0:a0:f2:
a9:41:e9:56:ac:6b:f8:0f:99:38:93:2b:fd:56:71:5b:7c:76:
70:ba:20:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/55lPX8Uw1yClJ6zaDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDkzMDg1NDBjNGRmOWI5YmI3ZDYzMjdmYTdiNWQ0OTAw
ODA2OGMwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRmNWUyYjQxMTY4ZmYyNzQzNzgzMzZhMjUzZWJhZTQ5Y2Q1OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld3vk9UDmuUH2e3/H9pf1qBARSWu
Z2NkKqms59qpbZIJ6SD4rU/OLXjlfRVnOkrFLZe2/otZJm/4lCFlRdUnReL8ISui
Dt+HwQrsuR/eX0p0d3TzauNaHXRZcIDwvhSUTyWutg75m2eXXmK6YkuFJZh78n/p
96SAmbG2q3GZ8Lv18E0M73Lykr0JGIpckrFVyU3ToVWIN3fBOUVavZq2gzZs0wqp
Er31g2hTvSWvqLmeOaC4C+KuKhapYXSmReHmu2gHYFWw46C916E/cf2uBLVn4og7
jIq7Gr1zaz7hFl+Zv+e31y66eYgZGhuelHTSfkZq/6wvEpylX/ARS0TVEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5PXitBFo/ydDeDNqJT665JzVnRMB8GA1UdIwQY
MBaAFLIJMIVAxN+bm7fWMn+ntdSQCAaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAt
NjQ4MGMzZDFmNGU0LzEvUGs5ZUswRVdqX0owTjRNMm9sUHJya25OV2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAtNjQ4MGMzZDFmNGU0
LzEvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXp7+MA0G
CSqGSIb3DQEBCwUAA4IBAQBCIjWo2m4ZcaZcvtg8wl1PUnEm4Bq3ESven0XI6fZn
ybKcdfSb+/kzb0J9P0kDuOXpFRhNzgzS7ayq7ssj5q1Lov7q2gRukRhgH4MMVDTg
QfxNkpLxoiR7uRYV2Ez0qAuXYlg5b6befdfha5TOfkIcXS8HdkRzNC90mz9LKSE3
mDwhxc7KGRCr8+/tO5NNfJdUqvd4EbzGtKyYuqFJxY0nr0gCPZwgXbF0u+aCvZFN
Aafs6FNX2aDlryidsO/t83Sd8+sznmTGILbTqklDSbh5ei582GS9P0T/PvOofTzE
PH4fimr2U5/woPKpQelWrGv4D5k4kyv9VnFbfHZwuiB4
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:27:17 2025 by rpki-client on console.sobornost.net