Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/aC4B_zOH9szzj-1K9DYG0F04iu8.roa
File: aC4B_zOH9szzj-1K9DYG0F04iu8.roa (raw, json)
Hash identifier: kc1KHxUnIpKYjWq2WR0XM/ovAkWPQGgyJbLAi16DU9k=
Subject key identifier: 68:2E:01:FF:33:87:F6:CC:F3:8F:ED:4A:F4:36:06:D0:5D:38:8A:EF
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01942823903A790DBC68BC8400DEB03E2D71
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/aC4B_zOH9szzj-1K9DYG0F04iu8.roa
Signing time: Thu 02 Jan 2025 17:50:06 +0000
ROA not before: Thu 02 Jan 2025 17:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8328
IP address blocks: 193.172.126.0/24 maxlen: 24
193.172.193.0/24 maxlen: 24
193.173.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:90:3a:79:0d:bc:68:bc:84:00:de:b0:3e:2d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 17:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682e01ff3387f6ccf38fed4af43606d05d388aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:2a:40:8e:51:64:11:b9:1c:56:1f:e1:b7:
e0:2b:14:91:4f:e6:52:b6:78:03:4a:45:6d:16:79:
b7:97:46:45:23:5f:e3:77:d8:ff:bc:f6:71:5d:fd:
15:09:1d:d8:52:fa:69:6c:f2:57:ce:f2:ea:92:08:
cb:67:99:84:be:61:b6:bb:4a:8d:a5:19:3b:3e:a5:
94:65:79:08:73:e2:d8:42:29:e3:b8:d1:04:da:7d:
4f:4e:0e:3c:19:08:2d:d0:88:09:b3:ec:aa:ce:c1:
71:45:cf:3f:74:ea:47:d4:5a:9d:fd:99:f6:ee:a2:
67:49:fa:0d:4d:04:ba:e0:98:50:aa:1e:7f:4a:fa:
f7:9c:51:b1:47:a1:4e:40:df:ed:1f:36:f6:bf:1d:
8a:b1:15:92:e6:bb:c3:3a:09:6c:df:84:90:74:fa:
61:07:8d:6e:9f:fc:b7:41:10:42:1f:fa:44:21:e0:
90:15:98:72:43:98:16:11:2a:4f:1f:b7:94:f3:48:
89:05:1f:64:16:e8:22:33:9e:12:98:d0:33:cf:1c:
48:69:cf:fc:8c:46:10:87:20:e0:00:f0:43:2f:ee:
01:90:ca:74:ea:56:cb:e4:fa:31:ca:f8:fc:8d:af:
1a:9f:ad:92:76:26:54:c1:24:4e:0f:35:f3:ad:c8:
41:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2E:01:FF:33:87:F6:CC:F3:8F:ED:4A:F4:36:06:D0:5D:38:8A:EF
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/aC4B_zOH9szzj-1K9DYG0F04iu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.172.126.0/24
193.172.193.0/24
193.173.100.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d3:6c:df:ea:7e:98:e2:8f:86:85:b1:a1:6c:11:ed:ee:da:
21:95:6b:a5:1f:5d:ab:8b:be:98:2f:e2:60:7b:7e:37:aa:fb:
32:ed:61:40:79:8d:7c:6b:ce:6c:6c:55:bb:71:90:4d:0b:a4:
49:09:a3:10:d5:c9:88:9b:ec:03:93:53:a2:87:7d:b5:01:55:
17:56:1f:b2:3f:c5:64:9e:b3:07:e7:32:1c:c5:9c:98:63:b2:
9b:42:3d:af:61:2f:b7:a7:f1:76:6f:41:16:35:d0:09:4d:df:
27:d8:af:0b:a4:76:dc:61:45:da:da:fd:32:55:9d:a3:80:10:
8d:47:54:ad:16:90:59:d4:11:b1:88:60:8c:ba:96:55:48:9a:
ae:77:87:21:06:e8:51:b9:07:76:94:b3:03:0b:8d:8e:0e:10:
5d:9c:da:4a:8d:3c:c8:25:44:e1:a5:dc:d4:95:64:3c:91:a8:
df:8c:9c:42:5c:db:da:dc:2c:a4:70:81:c1:3a:93:96:a7:26:
73:25:36:8a:4f:f2:2d:bf:2a:ef:ca:45:ea:a0:18:24:eb:48:
7e:ff:42:ac:b7:a5:b1:5e:bf:5b:b8:31:70:42:ea:b7:b9:b0:
8a:2a:a5:76:80:33:8e:be:4a:03:cb:a6:fb:fe:d1:3e:5d:b9:
f5:b8:3a:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoI5A6eQ28aLyEAN6wPi1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwMTAyMTc1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJlMDFmZjMzODdmNmNjZjM4ZmVkNGFmNDM2MDZkMDVkMzg4YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5oqQI5RZBG5HFYf4bfgKxSRT+ZS
tngDSkVtFnm3l0ZFI1/jd9j/vPZxXf0VCR3YUvppbPJXzvLqkgjLZ5mEvmG2u0qN
pRk7PqWUZXkIc+LYQinjuNEE2n1PTg48GQgt0IgJs+yqzsFxRc8/dOpH1Fqd/Zn2
7qJnSfoNTQS64JhQqh5/Svr3nFGxR6FOQN/tHzb2vx2KsRWS5rvDOgls34SQdPph
B41un/y3QRBCH/pEIeCQFZhyQ5gWESpPH7eU80iJBR9kFugiM54SmNAzzxxIac/8
jEYQhyDgAPBDL+4BkMp06lbL5Poxyvj8ja8an62SdiZUwSRODzXzrchBMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGguAf8zh/bM84/tSvQ2BtBdOIrvMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvYUM0Ql96T0g5c3p6ai0xSzlEWUcwRjA0aXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwax+AwQA
wazBAwQAwa1kMA0GCSqGSIb3DQEBCwUAA4IBAQCG02zf6n6Y4o+GhbGhbBHt7toh
lWulH12ri76YL+Jge343qvsy7WFAeY18a85sbFW7cZBNC6RJCaMQ1cmIm+wDk1Oi
h321AVUXVh+yP8VknrMH5zIcxZyYY7KbQj2vYS+3p/F2b0EWNdAJTd8n2K8LpHbc
YUXa2v0yVZ2jgBCNR1StFpBZ1BGxiGCMupZVSJqud4chBuhRuQd2lLMDC42ODhBd
nNpKjTzIJUThpdzUlWQ8kajfjJxCXNva3CykcIHBOpOWpyZzJTaKT/ItvyrvykXq
oBgk60h+/0Kst6WxXr9buDFwQuq3ubCKKqV2gDOOvkoDy6b7/tE+Xbn1uDrV
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:20:48 2025 by rpki-client on console.sobornost.net