Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/A7D3Cac07ciD12G4ouU3R13gR5c.roa
File: A7D3Cac07ciD12G4ouU3R13gR5c.roa (raw, json)
Hash identifier: HV8zomq6+oAbiKoqIJeu6lgmOjiLPcvFOkuyAR9bgbY=
Subject key identifier: 03:B0:F7:09:A7:34:ED:C8:83:D7:61:B8:A2:E5:37:47:5D:E0:47:97
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 01943FE7DC788EB62CE697895A4B1C71EF78
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/A7D3Cac07ciD12G4ouU3R13gR5c.roa
Signing time: Tue 07 Jan 2025 08:35:47 +0000
ROA not before: Tue 07 Jan 2025 08:35:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 65632
IP address blocks: 188.125.163.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3f:e7:dc:78:8e:b6:2c:e6:97:89:5a:4b:1c:71:ef:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 7 08:35:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03b0f709a734edc883d761b8a2e537475de04797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c7:68:73:fe:75:b8:65:b8:fe:ef:6e:e0:84:
14:c2:4b:0e:90:91:e9:6b:46:10:de:14:66:9c:7a:
c2:64:bf:42:6a:f6:ca:7d:e9:19:0c:04:ff:ed:ce:
a4:db:d1:6d:aa:a8:35:24:89:35:93:fc:7c:0c:51:
86:ea:af:5c:3e:86:f5:3e:28:35:d4:b7:6b:10:e5:
ba:bb:e6:df:5f:18:b3:3d:00:39:6a:8e:51:79:2a:
5a:f2:99:82:12:b1:eb:ef:f8:10:1c:ec:41:b7:4d:
17:cd:f1:0a:e7:2d:d9:fd:30:8e:5a:9f:08:36:34:
48:94:fb:87:d2:aa:33:00:b2:f6:fe:5c:7b:c9:f1:
db:04:59:d0:d8:a6:fe:c9:7e:77:f6:77:41:9f:1f:
8e:ca:25:2a:30:09:f4:33:e2:b0:c6:18:c1:02:94:
ad:7b:c1:f5:dd:43:24:85:13:be:02:05:b8:30:0f:
c1:a5:51:7a:72:5c:2a:7f:ca:46:2e:70:7c:84:0b:
28:b4:00:78:82:76:64:1e:df:02:53:07:a0:2b:01:
6b:d8:c5:59:bb:84:f2:19:7f:a1:cf:9d:4c:65:30:
d9:cd:37:04:d5:a0:75:20:22:38:b3:b8:dc:fb:ff:
b7:f3:4b:c7:64:de:3e:ac:f8:0c:f7:e0:3e:f6:95:
ea:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B0:F7:09:A7:34:ED:C8:83:D7:61:B8:A2:E5:37:47:5D:E0:47:97
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/A7D3Cac07ciD12G4ouU3R13gR5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.163.0-188.125.166.255
188.125.170.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:cd:1f:bf:06:20:3a:2f:4f:03:fa:54:b1:3b:d8:9d:a5:de:
b6:bd:50:cb:8e:20:c6:34:82:13:62:67:72:54:18:25:23:99:
61:a3:1b:6f:43:52:44:d4:b2:69:51:ef:7c:79:fa:58:1c:e7:
9d:4f:1e:9a:29:26:23:f8:a4:21:d2:e3:b8:15:ed:aa:c8:a4:
d5:a0:cd:3f:39:f7:aa:81:93:43:b7:02:80:e3:1a:18:42:d3:
99:d8:76:7b:41:cf:9f:12:99:57:6c:c4:9f:06:94:eb:82:60:
ef:b9:86:21:e9:2b:2a:8c:07:e4:e9:25:3e:b5:45:f2:ef:98:
02:ca:c3:a4:4e:e3:e1:49:fb:de:26:0b:26:90:b7:fc:f9:23:
ae:54:bb:68:c8:37:e9:0b:28:ba:c1:89:45:57:5b:0a:75:24:
51:6b:80:2a:47:70:c3:88:e8:02:b6:bd:7a:5d:06:42:c6:8e:
cb:b4:b9:41:91:07:bc:c5:40:60:7d:ee:f9:27:53:1e:f1:c9:
92:8f:60:f1:56:e6:2f:67:06:6f:39:2d:b9:a4:b8:d3:0f:76:
f9:8d:db:72:41:cb:cc:1c:30:96:69:43:5e:75:38:0b:36:80:
ce:58:aa:54:0b:ae:3a:04:1f:97:1b:b6:de:cd:d7:35:d1:85:
2d:98:b9:77
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQ/59x4jrYs5peJWkscce94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjUwMTA3MDgzNTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2IwZjcwOWE3MzRlZGM4ODNkNzYxYjhhMmU1Mzc0NzVkZTA0Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsdoc/51uGW4/u9u4IQUwksOkJHp
a0YQ3hRmnHrCZL9CavbKfekZDAT/7c6k29Ftqqg1JIk1k/x8DFGG6q9cPob1Pig1
1LdrEOW6u+bfXxizPQA5ao5ReSpa8pmCErHr7/gQHOxBt00XzfEK5y3Z/TCOWp8I
NjRIlPuH0qozALL2/lx7yfHbBFnQ2Kb+yX539ndBnx+OyiUqMAn0M+KwxhjBApSt
e8H13UMkhRO+AgW4MA/BpVF6clwqf8pGLnB8hAsotAB4gnZkHt8CUwegKwFr2MVZ
u4TyGX+hz51MZTDZzTcE1aB1ICI4s7jc+/+380vHZN4+rPgM9+A+9pXqvwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAOw9wmnNO3Ig9dhuKLlN0dd4EeXMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvQTdEM0NhYzA3Y2lEMTJHNG91VTNSMTNnUjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC8faMD
BAC8faYDBAC8faowDQYJKoZIhvcNAQELBQADggEBAL/NH78GIDovTwP6VLE72J2l
3ra9UMuOIMY0ghNiZ3JUGCUjmWGjG29DUkTUsmlR73x5+lgc551PHpopJiP4pCHS
47gV7arIpNWgzT8596qBk0O3AoDjGhhC05nYdntBz58SmVdsxJ8GlOuCYO+5hiHp
KyqMB+TpJT61RfLvmALKw6RO4+FJ+94mCyaQt/z5I65Uu2jIN+kLKLrBiUVXWwp1
JFFrgCpHcMOI6AK2vXpdBkLGjsu0uUGRB7zFQGB97vknUx7xyZKPYPFW5i9nBm85
LbmkuNMPdvmN23JBy8wcMJZpQ151OAs2gM5YqlQLrjoEH5cbtt7N1zXRhS2YuXc=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:07 2025 by rpki-client on console.sobornost.net