Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/JHrBDLJcPTsnCrG8bwT8t1HgBcs.roa
File: JHrBDLJcPTsnCrG8bwT8t1HgBcs.roa (raw, json)
Hash identifier: EkBSfLVT+kDIdrM6KiFxSbKixbIyNKDlGgPJ4ui1fhc=
Subject key identifier: 24:7A:C1:0C:B2:5C:3D:3B:27:0A:B1:BC:6F:04:FC:B7:51:E0:05:CB
Certificate issuer: /CN=a0d3ed5795348a04e7ecd172d7642fa962097287
Certificate serial: 019589FC5351AC3B7CE8879BD6DE6AD1D2BC
Authority key identifier: A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/JHrBDLJcPTsnCrG8bwT8t1HgBcs.roa
Signing time: Wed 12 Mar 2025 10:52:49 +0000
ROA not before: Wed 12 Mar 2025 10:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214593
IP address blocks: 194.164.108.0/22 maxlen: 22
194.164.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:fc:53:51:ac:3b:7c:e8:87:9b:d6:de:6a:d1:d2:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3ed5795348a04e7ecd172d7642fa962097287
Validity
Not Before: Mar 12 10:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=247ac10cb25c3d3b270ab1bc6f04fcb751e005cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:3f:24:8b:8e:7f:fb:9d:5a:cb:67:b5:7d:
7f:3e:4b:51:f3:22:08:9f:27:16:d5:c9:5e:0f:fd:
75:e0:63:3f:c5:25:8e:a8:70:7f:12:b1:77:ec:9b:
ba:b3:49:c4:d2:66:3b:4b:0a:7b:8e:33:af:cc:27:
14:f6:4f:cc:44:96:64:ae:5e:39:8d:8c:c1:3e:16:
8f:b1:8f:05:05:ab:94:d9:49:b9:7c:d9:67:87:a1:
ce:67:78:ad:5a:0c:31:00:a6:79:77:35:9d:45:17:
4e:b9:b5:40:46:97:3a:3d:b3:41:d0:6a:9d:db:04:
c3:3b:52:d9:a6:d2:58:ef:c4:08:1c:56:62:17:1c:
6d:de:1e:70:7e:fe:4c:5e:5b:28:11:38:a5:6b:32:
86:65:44:3a:8d:74:d0:b3:fa:ff:3f:51:1b:e7:d3:
22:5c:c3:bc:05:26:99:83:10:34:39:93:0d:65:d7:
c7:da:cb:aa:bb:a8:1c:64:fe:aa:b7:96:96:a5:6d:
3b:e6:cc:b2:33:4b:8a:d5:e4:be:2a:ce:69:29:12:
06:37:a7:2b:24:87:f1:a5:0f:86:38:f1:79:c9:8b:
ac:d1:72:90:ee:e3:f0:14:a5:97:43:23:5a:53:6f:
5d:c2:8e:19:a0:d4:db:aa:95:6b:65:06:ae:43:81:
01:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7A:C1:0C:B2:5C:3D:3B:27:0A:B1:BC:6F:04:FC:B7:51:E0:05:CB
X509v3 Authority Key Identifier:
keyid:A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/JHrBDLJcPTsnCrG8bwT8t1HgBcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.108.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:f1:6e:1c:9e:73:70:d0:ad:d6:ab:07:f0:5b:75:62:f3:a5:
e7:c0:c4:f1:4b:24:06:be:51:03:79:6c:1d:c2:3a:15:80:cc:
52:0c:a7:b0:2e:34:0f:d9:09:17:b2:42:70:84:37:c0:66:65:
d8:be:56:e4:cc:5e:5a:00:8c:77:88:59:a4:85:f2:5a:c7:0c:
ed:ab:69:cb:ef:6d:b1:d0:15:4c:f3:2e:e9:29:f1:f1:57:e7:
35:7b:83:4d:d9:41:db:b2:94:69:10:3f:33:40:89:ea:a7:64:
ab:37:56:48:9e:fc:b3:96:aa:ae:bb:82:a9:1f:60:03:96:f9:
fa:13:8c:f9:7d:d9:45:0f:79:a7:17:fb:7f:bc:aa:24:d6:ea:
b1:80:16:90:6d:c3:90:40:f6:8c:61:19:e3:92:6b:c5:ea:14:
81:d0:d9:63:5e:7e:5e:2a:6d:89:74:22:2e:9d:4f:2c:7a:5e:
77:50:d5:18:4a:c3:6b:bb:dd:98:3d:51:08:1f:e6:36:a3:91:
09:3f:83:9b:3e:02:46:f9:98:78:f3:4a:c2:da:fe:99:99:81:
53:de:2b:bb:ad:3d:05:a8:3f:78:9a:61:8e:94:23:75:57:4e:
59:8a:a0:42:ae:e5:74:11:48:42:5b:97:72:d2:bd:f5:0b:1b:
ff:9c:25:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWJ/FNRrDt86Ieb1t5q0dK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDNlZDU3OTUzNDhhMDRlN2VjZDE3MmQ3NjQyZmE5NjIw
OTcyODcwHhcNMjUwMzEyMTA1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDdhYzEwY2IyNWMzZDNiMjcwYWIxYmM2ZjA0ZmNiNzUxZTAwNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZc/JIuOf/udWstntX1/PktR8yII
nycW1cleD/114GM/xSWOqHB/ErF37Ju6s0nE0mY7Swp7jjOvzCcU9k/MRJZkrl45
jYzBPhaPsY8FBauU2Um5fNlnh6HOZ3itWgwxAKZ5dzWdRRdOubVARpc6PbNB0Gqd
2wTDO1LZptJY78QIHFZiFxxt3h5wfv5MXlsoETilazKGZUQ6jXTQs/r/P1Eb59Mi
XMO8BSaZgxA0OZMNZdfH2suqu6gcZP6qt5aWpW075syyM0uK1eS+Ks5pKRIGN6cr
JIfxpQ+GOPF5yYus0XKQ7uPwFKWXQyNaU29dwo4ZoNTbqpVrZQauQ4EB6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCR6wQyyXD07JwqxvG8E/LdR4AXLMB8GA1UdIwQY
MBaAFKDT7VeVNIoE5+zRctdkL6liCXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUt
NzkwYmM5MWE1OWU2LzEvSkhyQkRMSmNQVHNuQ3JHOGJ3VDh0MUhnQmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUtNzkwYmM5MWE1OWU2
LzEvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwqRsMA0G
CSqGSIb3DQEBCwUAA4IBAQCy8W4cnnNw0K3WqwfwW3Vi86XnwMTxSyQGvlEDeWwd
wjoVgMxSDKewLjQP2QkXskJwhDfAZmXYvlbkzF5aAIx3iFmkhfJaxwztq2nL722x
0BVM8y7pKfHxV+c1e4NN2UHbspRpED8zQInqp2SrN1ZInvyzlqquu4KpH2ADlvn6
E4z5fdlFD3mnF/t/vKok1uqxgBaQbcOQQPaMYRnjkmvF6hSB0NljXn5eKm2JdCIu
nU8sel53UNUYSsNru92YPVEIH+Y2o5EJP4ObPgJG+Zh480rC2v6ZmYFT3iu7rT0F
qD94mmGOlCN1V05ZiqBCruV0EUhCW5dy0r31Cxv/nCWg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net