Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/EsoIIrFbYFhVDfj6th4jhjn8bMs.roa
File: EsoIIrFbYFhVDfj6th4jhjn8bMs.roa (raw, json)
Hash identifier: QXxOo7J9CTQ0vAhyPXgGF7t6YymxNb/k2gt5l3VWLEM=
Subject key identifier: 12:CA:08:22:B1:5B:60:58:55:0D:F8:FA:B6:1E:23:86:39:FC:6C:CB
Certificate issuer: /CN=cc78bfceb41bafefc02f7952e1aa2480e986f037
Certificate serial: 0194282370320A6ECDBD7062D20A94420661
Authority key identifier: CC:78:BF:CE:B4:1B:AF:EF:C0:2F:79:52:E1:AA:24:80:E9:86:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/EsoIIrFbYFhVDfj6th4jhjn8bMs.roa
Signing time: Thu 02 Jan 2025 17:49:58 +0000
ROA not before: Thu 02 Jan 2025 17:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50332
IP address blocks: 109.233.136.0/21 maxlen: 21
2a0c:6100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:70:32:0a:6e:cd:bd:70:62:d2:0a:94:42:06:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc78bfceb41bafefc02f7952e1aa2480e986f037
Validity
Not Before: Jan 2 17:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12ca0822b15b6058550df8fab61e238639fc6ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:40:8f:b7:75:34:97:7e:3b:3d:33:45:9b:78:
c4:96:59:30:01:02:36:ff:37:0e:46:c6:cc:82:c0:
aa:a6:33:c6:5b:17:07:a4:c9:cd:c0:9a:a5:40:5b:
e5:78:f9:19:66:39:cd:69:8b:8c:be:b6:db:f1:70:
cc:04:77:2f:b4:b2:58:3c:2e:c9:bd:cd:87:a0:d2:
e8:70:ba:64:9d:6e:56:8a:1d:09:48:ee:c3:d7:eb:
ca:75:20:80:a2:c6:9f:b0:87:41:cd:4d:f8:fe:c0:
22:35:7a:b2:d5:f5:2e:c9:c9:ce:f5:4a:c9:b8:fe:
30:b8:ed:2e:0e:28:d4:b9:e1:20:d6:08:3e:c6:e4:
12:2d:3e:bf:a7:dc:03:19:e7:ee:4a:ec:b6:89:c1:
39:00:bf:af:9b:d9:39:35:89:cf:40:f3:2f:03:fe:
ba:d2:e5:44:29:d4:33:49:06:13:6f:e9:72:16:a2:
c1:43:d7:5b:ec:6f:d9:7f:c3:26:45:5b:96:c0:cf:
2e:79:e7:aa:54:10:45:f2:1d:5b:a0:e9:05:87:8b:
74:ce:1c:2f:86:9b:cc:84:1c:aa:a5:49:ba:8c:4b:
98:62:7a:7b:7b:de:67:c7:e6:e4:c3:d0:27:6b:fd:
49:79:92:38:c5:4e:c3:6a:39:cc:87:53:91:c8:b4:
32:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CA:08:22:B1:5B:60:58:55:0D:F8:FA:B6:1E:23:86:39:FC:6C:CB
X509v3 Authority Key Identifier:
keyid:CC:78:BF:CE:B4:1B:AF:EF:C0:2F:79:52:E1:AA:24:80:E9:86:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/EsoIIrFbYFhVDfj6th4jhjn8bMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/zHi_zrQbr-_AL3lS4aokgOmG8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.136.0/21
IPv6:
2a0c:6100::/29
Signature Algorithm: sha256WithRSAEncryption
71:1a:70:3e:17:91:51:61:e0:a6:00:28:7a:46:49:d9:c8:a6:
5c:54:93:03:a9:d7:9e:f9:41:f8:db:c3:44:b5:5f:4c:b0:9e:
56:59:a6:27:d9:e1:a3:d5:02:b6:38:45:73:bb:f2:ed:0c:55:
e3:27:11:fb:64:05:9f:b2:2e:77:39:4c:d0:80:4b:62:31:ec:
46:0b:51:ec:5d:f7:ec:be:73:ee:d6:10:ca:92:93:ed:9d:df:
b8:b8:2b:13:88:30:de:a9:49:4b:e7:44:db:4b:dd:2b:b1:30:
66:57:3f:ee:f1:07:f4:31:43:ce:30:ab:af:b6:36:59:9f:f8:
31:24:d7:c3:14:0d:54:bc:f5:79:62:b3:05:19:8a:3e:1e:78:
56:1b:6c:6d:09:bf:70:ad:de:8f:b1:fc:f3:ce:79:4e:f8:8d:
2e:2d:59:60:a7:12:10:ce:f2:92:1a:d3:7b:94:09:f5:b6:35:
d0:c7:47:24:42:b0:0f:d8:fe:96:4b:b1:53:0a:35:02:87:d4:
ca:b1:ae:fc:08:94:e8:1f:e2:1e:a0:ee:2c:4a:1f:5d:2c:d1:
e6:47:8c:76:e3:81:23:bf:14:08:eb:5b:4c:5d:c5:47:8c:81:
5f:b9:ae:14:2e:26:1f:b0:cd:00:af:8f:90:cb:05:29:b7:6e:
69:ca:ce:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoI3AyCm7NvXBi0gqUQgZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzhiZmNlYjQxYmFmZWZjMDJmNzk1MmUxYWEyNDgwZTk4
NmYwMzcwHhcNMjUwMTAyMTc0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNhMDgyMmIxNWI2MDU4NTUwZGY4ZmFiNjFlMjM4NjM5ZmM2Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kCPt3U0l347PTNFm3jEllkwAQI2
/zcORsbMgsCqpjPGWxcHpMnNwJqlQFvlePkZZjnNaYuMvrbb8XDMBHcvtLJYPC7J
vc2HoNLocLpknW5Wih0JSO7D1+vKdSCAosafsIdBzU34/sAiNXqy1fUuycnO9UrJ
uP4wuO0uDijUueEg1gg+xuQSLT6/p9wDGefuSuy2icE5AL+vm9k5NYnPQPMvA/66
0uVEKdQzSQYTb+lyFqLBQ9db7G/Zf8MmRVuWwM8ueeeqVBBF8h1boOkFh4t0zhwv
hpvMhByqpUm6jEuYYnp7e95nx+bkw9Ana/1JeZI4xU7DajnMh1ORyLQyTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBLKCCKxW2BYVQ34+rYeI4Y5/GzLMB8GA1UdIwQY
MBaAFMx4v860G6/vwC95UuGqJIDphvA3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhpX3pyUWJyLV9BTDNsUzRhb2tnT21HOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMTVmNDctMWNlMC00ZWU1LWFhNGEt
MTI3MmQyYWI0M2Q4LzEvRXNvSUlyRmJZRmhWRGZqNnRoNGpoam44Yk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMTVmNDctMWNlMC00ZWU1LWFhNGEtMTI3MmQyYWI0M2Q4
LzEvekhpX3pyUWJyLV9BTDNsUzRhb2tnT21HOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbemIMA0E
AgACMAcDBQMqDGEAMA0GCSqGSIb3DQEBCwUAA4IBAQBxGnA+F5FRYeCmACh6RknZ
yKZcVJMDqdee+UH428NEtV9MsJ5WWaYn2eGj1QK2OEVzu/LtDFXjJxH7ZAWfsi53
OUzQgEtiMexGC1HsXffsvnPu1hDKkpPtnd+4uCsTiDDeqUlL50TbS90rsTBmVz/u
8Qf0MUPOMKuvtjZZn/gxJNfDFA1UvPV5YrMFGYo+HnhWG2xtCb9wrd6PsfzzznlO
+I0uLVlgpxIQzvKSGtN7lAn1tjXQx0ckQrAP2P6WS7FTCjUCh9TKsa78CJToH+Ie
oO4sSh9dLNHmR4x244EjvxQI61tMXcVHjIFfua4ULiYfsM0Ar4+QywUpt25pys7g
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net