Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/Gs7jpmfMcoM_7G0YMuDGyfM_OJg.roa
File: Gs7jpmfMcoM_7G0YMuDGyfM_OJg.roa (raw, json)
Hash identifier: yj4gPBjqELyvepP37xZ0hFdHIhYTiec7NS5/dOABF/0=
Subject key identifier: 1A:CE:E3:A6:67:CC:72:83:3F:EC:6D:18:32:E0:C6:C9:F3:3F:38:98
Certificate issuer: /CN=0952ce4dd8640276f4c1841adb3a742f544924ea
Certificate serial: 0194214394F0658C6D72D65D69BA5C63AA8E
Authority key identifier: 09:52:CE:4D:D8:64:02:76:F4:C1:84:1A:DB:3A:74:2F:54:49:24:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVLOTdhkAnb0wYQa2zp0L1RJJOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/Gs7jpmfMcoM_7G0YMuDGyfM_OJg.roa
Signing time: Wed 01 Jan 2025 09:47:44 +0000
ROA not before: Wed 01 Jan 2025 09:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2852
IP address blocks: 160.217.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:94:f0:65:8c:6d:72:d6:5d:69:ba:5c:63:aa:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0952ce4dd8640276f4c1841adb3a742f544924ea
Validity
Not Before: Jan 1 09:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1acee3a667cc72833fec6d1832e0c6c9f33f3898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c5:41:cd:45:72:21:75:61:2d:55:76:28:bf:
cf:b4:01:b4:7a:ba:15:b8:93:30:4a:78:66:02:2e:
8a:92:e2:76:f0:27:ed:ff:d7:97:b3:4b:91:0f:dc:
fc:3d:a1:38:0c:2d:08:03:15:93:8b:ad:c7:b1:40:
68:f1:9f:ac:33:b4:9a:b9:89:da:98:ee:e5:b4:67:
99:3a:70:13:72:21:9d:3c:43:35:06:16:32:65:a1:
34:04:9a:ec:27:c6:97:11:66:74:bf:44:70:ef:09:
4f:94:34:8c:17:d2:a3:fd:84:c0:df:81:a2:b3:8a:
30:dc:ce:c7:62:11:95:a3:a9:c8:7a:da:9a:7d:36:
d0:d7:9e:fe:a1:c4:42:f4:15:fa:68:47:77:92:21:
c6:a3:4d:3a:71:da:73:ab:fb:4c:c1:bc:68:4e:c0:
31:b6:9c:1f:2c:b4:00:27:e5:19:94:a5:f1:cb:08:
86:f4:c8:54:3f:7b:9f:44:87:10:bd:0b:bf:cd:45:
16:ec:f3:0c:5e:fd:5c:67:4f:55:5a:64:f9:5c:3c:
8e:31:23:6d:41:51:b1:75:32:ea:2f:dc:b6:bb:b8:
99:06:61:c2:4b:a1:5d:28:1d:d9:fd:8f:44:77:3f:
89:27:f1:a2:a7:85:e8:a1:cb:64:3d:42:d2:ea:6c:
50:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:CE:E3:A6:67:CC:72:83:3F:EC:6D:18:32:E0:C6:C9:F3:3F:38:98
X509v3 Authority Key Identifier:
keyid:09:52:CE:4D:D8:64:02:76:F4:C1:84:1A:DB:3A:74:2F:54:49:24:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVLOTdhkAnb0wYQa2zp0L1RJJOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/Gs7jpmfMcoM_7G0YMuDGyfM_OJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/CVLOTdhkAnb0wYQa2zp0L1RJJOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.217.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:a4:d1:f3:d6:1c:8e:26:54:ec:f9:cc:c0:c2:eb:bd:5f:ae:
07:70:64:ce:6c:8a:21:ba:b1:6a:69:35:26:d1:24:1c:22:ee:
1b:de:52:a0:04:2f:4c:6c:66:ea:53:0a:57:65:b9:7e:84:ec:
b1:18:de:80:7a:ee:c0:b1:2f:78:f1:f9:ce:fa:e0:ed:49:f6:
3f:7d:7c:2d:0e:9b:46:d3:18:1f:01:76:e0:fa:64:00:85:8a:
4e:51:4d:02:b8:47:aa:30:df:08:90:0c:02:f1:dd:fa:ab:71:
78:6f:15:7d:33:85:da:ad:b0:8f:bd:37:08:15:e2:32:b6:d7:
dc:41:67:7d:53:a0:f6:41:c4:1c:74:c8:5b:44:cb:72:c3:09:
7e:2d:aa:9a:75:77:82:8a:8b:d3:c7:d9:40:d4:a5:48:7a:c0:
4f:68:6e:04:ce:b4:f5:30:49:5b:16:07:3c:4a:2c:f2:4d:1e:
42:69:d5:e4:1f:e3:b3:af:b6:cb:04:74:1a:73:d2:b0:76:05:
82:a2:b1:fa:7e:6c:21:d0:89:ed:4f:5e:3e:5d:1a:d2:36:b6:
e3:9d:30:5c:45:15:f7:f7:6a:e3:c0:4b:12:d7:cc:30:af:ac:
fe:83:93:7c:8f:6c:8a:55:0d:80:c2:25:8a:b1:32:8d:3c:40:
f9:08:c3:fe
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQhQ5TwZYxtctZdabpcY6qOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTJjZTRkZDg2NDAyNzZmNGMxODQxYWRiM2E3NDJmNTQ0
OTI0ZWEwHhcNMjUwMTAxMDk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWNlZTNhNjY3Y2M3MjgzM2ZlYzZkMTgzMmUwYzZjOWYzM2YzODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocVBzUVyIXVhLVV2KL/PtAG0eroV
uJMwSnhmAi6KkuJ28Cft/9eXs0uRD9z8PaE4DC0IAxWTi63HsUBo8Z+sM7SauYna
mO7ltGeZOnATciGdPEM1BhYyZaE0BJrsJ8aXEWZ0v0Rw7wlPlDSMF9Kj/YTA34Gi
s4ow3M7HYhGVo6nIetqafTbQ157+ocRC9BX6aEd3kiHGo006cdpzq/tMwbxoTsAx
tpwfLLQAJ+UZlKXxywiG9MhUP3ufRIcQvQu/zUUW7PMMXv1cZ09VWmT5XDyOMSNt
QVGxdTLqL9y2u7iZBmHCS6FdKB3Z/Y9Edz+JJ/Gip4XooctkPULS6mxQAQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBrO46ZnzHKDP+xtGDLgxsnzPziYMB8GA1UdIwQY
MBaAFAlSzk3YZAJ29MGEGts6dC9USSTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZMT1RkaGtBbmIwd1lRYTJ6cDBMMVJKSk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iNWQ5ZTAtYzZiNC00NmY2LWI0NWUt
YzU2ZjE3NzcwOWRlLzEvR3M3anBtZk1jb01fN0cwWU11REd5Zk1fT0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iNWQ5ZTAtYzZiNC00NmY2LWI0NWUtYzU2ZjE3NzcwOWRl
LzEvQ1ZMT1RkaGtBbmIwd1lRYTJ6cDBMMVJKSk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoNkwDQYJ
KoZIhvcNAQELBQADggEBAGmk0fPWHI4mVOz5zMDC671frgdwZM5siiG6sWppNSbR
JBwi7hveUqAEL0xsZupTCldluX6E7LEY3oB67sCxL3jx+c764O1J9j99fC0Om0bT
GB8BduD6ZACFik5RTQK4R6ow3wiQDALx3fqrcXhvFX0zhdqtsI+9NwgV4jK219xB
Z31ToPZBxBx0yFtEy3LDCX4tqpp1d4KKi9PH2UDUpUh6wE9obgTOtPUwSVsWBzxK
LPJNHkJp1eQf47OvtssEdBpz0rB2BYKisfp+bCHQie1PXj5dGtI2tuOdMFxFFff3
auPASxLXzDCvrP6Dk3yPbIpVDYDCJYqxMo08QPkIw/4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net