Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/JCqxOWvRMd2lIIGe0fYoaGdhwgI.roa
File: JCqxOWvRMd2lIIGe0fYoaGdhwgI.roa (raw, json)
Hash identifier: q79BmLDis9K2JVt9ulN+DMiX99ELtsqzHLGGugITbVk=
Subject key identifier: 24:2A:B1:39:6B:D1:31:DD:A5:20:81:9E:D1:F6:28:68:67:61:C2:02
Certificate issuer: /CN=b17ebf441ee1085631eeb7719a8982dfd8057be1
Certificate serial: 01942522287E3C0CC0BDF10028B229236F11
Authority key identifier: B1:7E:BF:44:1E:E1:08:56:31:EE:B7:71:9A:89:82:DF:D8:05:7B:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sX6_RB7hCFYx7rdxmomC39gFe-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/JCqxOWvRMd2lIIGe0fYoaGdhwgI.roa
Signing time: Thu 02 Jan 2025 03:49:43 +0000
ROA not before: Thu 02 Jan 2025 03:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199444
IP address blocks: 188.213.212.0/24 maxlen: 24
194.39.241.0/24 maxlen: 24
2a13:a080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:28:7e:3c:0c:c0:bd:f1:00:28:b2:29:23:6f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b17ebf441ee1085631eeb7719a8982dfd8057be1
Validity
Not Before: Jan 2 03:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=242ab1396bd131dda520819ed1f628686761c202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:78:4c:82:43:d9:82:cb:f1:eb:9f:5a:36:
25:a2:bc:59:a9:9d:3f:fc:a9:f3:4f:b9:6e:b6:7c:
13:ee:02:44:da:e4:ce:5f:3b:bb:24:43:1d:14:f8:
16:4b:de:cc:7d:40:77:d2:24:41:38:a1:8e:ff:98:
7d:8d:4d:5e:1f:d4:33:10:cd:69:41:2b:6a:87:88:
7c:e8:ba:9b:d8:6c:c0:3e:a5:cd:0e:a3:6c:14:65:
42:54:8d:0b:81:97:68:ad:6a:a8:72:97:b1:74:c5:
37:07:3d:ec:a2:c6:7e:64:a2:80:73:82:01:df:ca:
da:5a:12:3b:08:22:6f:59:33:68:29:d0:f6:c1:2f:
c9:ea:9c:cf:fe:61:b5:2b:15:e1:d1:2c:3f:5e:2a:
a2:db:5f:0d:7a:bf:a4:6d:6d:2e:a9:ba:6c:05:52:
e8:ed:f9:67:9e:8c:70:67:aa:1a:69:79:0f:51:f5:
12:f1:75:d3:50:eb:dc:48:dd:ed:b2:ba:25:7d:af:
d2:8c:1a:8f:b9:8c:f3:db:24:fd:59:3e:d6:f4:97:
6c:20:45:57:cc:ea:be:b3:7b:cd:32:85:db:bd:e1:
97:8e:bb:8c:33:c1:6e:59:70:3d:3c:aa:f0:8a:c8:
8e:30:bb:d9:3b:47:ff:cc:cc:34:55:e5:ea:40:00:
ec:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2A:B1:39:6B:D1:31:DD:A5:20:81:9E:D1:F6:28:68:67:61:C2:02
X509v3 Authority Key Identifier:
keyid:B1:7E:BF:44:1E:E1:08:56:31:EE:B7:71:9A:89:82:DF:D8:05:7B:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sX6_RB7hCFYx7rdxmomC39gFe-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/JCqxOWvRMd2lIIGe0fYoaGdhwgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/sX6_RB7hCFYx7rdxmomC39gFe-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.213.212.0/24
194.39.241.0/24
IPv6:
2a13:a080::/29
Signature Algorithm: sha256WithRSAEncryption
4a:f9:8a:6f:c2:a2:38:90:a0:e6:02:40:24:09:95:f8:c7:2f:
9c:95:09:fc:25:ae:6a:0f:4b:4d:9d:fd:00:ee:9b:22:a6:aa:
62:b8:63:8e:6e:9b:61:04:d0:bb:4f:8c:8a:19:eb:bb:0b:bb:
d2:c7:f2:90:dd:2a:8f:4c:41:39:4e:57:c7:db:b3:fb:3c:24:
1c:b7:00:7f:9f:88:fb:92:19:2a:04:66:a0:55:02:74:c1:53:
75:36:89:e6:d2:57:dc:f4:06:0e:44:b5:ca:c5:73:1d:52:86:
ee:93:de:77:b4:ea:65:5a:b2:45:d4:dc:64:f2:77:af:20:73:
c4:50:c5:c4:03:0c:ab:7e:23:94:f4:cd:7a:e4:2d:48:22:74:
d9:7d:7f:25:c3:56:d2:7c:4c:e8:f6:d7:43:ea:bc:32:7b:da:
2c:ff:8e:99:0a:68:c2:f9:3d:fa:b7:10:bf:a3:34:30:b4:00:
3d:c1:18:61:5d:5f:57:7e:81:bb:c6:c0:84:68:c8:97:27:d9:
5c:2a:4b:a3:f0:d7:02:5f:96:18:6e:8c:f2:7c:51:c9:d8:75:
b1:b9:e0:e4:62:33:2d:53:d7:c3:87:40:4f:32:62:68:5b:37:
17:e7:77:48:94:7a:63:e8:db:14:79:52:07:42:a9:cf:5b:02:
72:a2:ad:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIih+PAzAvfEAKLIpI28RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxN2ViZjQ0MWVlMTA4NTYzMWVlYjc3MTlhODk4MmRmZDgw
NTdiZTEwHhcNMjUwMTAyMDM0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJhYjEzOTZiZDEzMWRkYTUyMDgxOWVkMWY2Mjg2ODY3NjFjMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8Z4TIJD2YLL8eufWjYlorxZqZ0/
/KnzT7lutnwT7gJE2uTOXzu7JEMdFPgWS97MfUB30iRBOKGO/5h9jU1eH9QzEM1p
QStqh4h86Lqb2GzAPqXNDqNsFGVCVI0LgZdorWqocpexdMU3Bz3sosZ+ZKKAc4IB
38raWhI7CCJvWTNoKdD2wS/J6pzP/mG1KxXh0Sw/Xiqi218Ner+kbW0uqbpsBVLo
7flnnoxwZ6oaaXkPUfUS8XXTUOvcSN3tsrolfa/SjBqPuYzz2yT9WT7W9JdsIEVX
zOq+s3vNMoXbveGXjruMM8FuWXA9PKrwisiOMLvZO0f/zMw0VeXqQADs/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCQqsTlr0THdpSCBntH2KGhnYcICMB8GA1UdIwQY
MBaAFLF+v0Qe4QhWMe63cZqJgt/YBXvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1g2X1JCN2hDRll4N3JkeG1vbUMzOWdGZS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xOWFlMDUtMmZiMy00MjRlLWFlMjYt
MjIzMGRiZDVlZGJiLzEvSkNxeE9XdlJNZDJsSUlHZTBmWW9hR2Rod2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xOWFlMDUtMmZiMy00MjRlLWFlMjYtMjIzMGRiZDVlZGJi
LzEvc1g2X1JCN2hDRll4N3JkeG1vbUMzOWdGZS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvNXUAwQA
wifxMA0EAgACMAcDBQMqE6CAMA0GCSqGSIb3DQEBCwUAA4IBAQBK+YpvwqI4kKDm
AkAkCZX4xy+clQn8Ja5qD0tNnf0A7psipqpiuGOObpthBNC7T4yKGeu7C7vSx/KQ
3SqPTEE5TlfH27P7PCQctwB/n4j7khkqBGagVQJ0wVN1Nonm0lfc9AYORLXKxXMd
Uobuk953tOplWrJF1Nxk8nevIHPEUMXEAwyrfiOU9M165C1IInTZfX8lw1bSfEzo
9tdD6rwye9os/46ZCmjC+T36txC/ozQwtAA9wRhhXV9XfoG7xsCEaMiXJ9lcKkuj
8NcCX5YYbozyfFHJ2HWxueDkYjMtU9fDh0BPMmJoWzcX53dIlHpj6NsUeVIHQqnP
WwJyoq3q
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net