Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/61cc6e-21f4-4e9c-a381-e7cd18855e2c/1/QkxLvU8YDu4oULS0kxiCVhyfd8E.roa
File: QkxLvU8YDu4oULS0kxiCVhyfd8E.roa (raw, json)
Hash identifier: K9WP596tCXV0nIPIOmpyOTvsvplxAvnAucKosmkCUac=
Subject key identifier: 42:4C:4B:BD:4F:18:0E:EE:28:50:B4:B4:93:18:82:56:1C:9F:77:C1
Certificate issuer: /CN=0b5a5390b8d68021803e7be9fcf5e8e1393ac043
Certificate serial: 0194266B868FEDB98DA65A43B3F0069DF12F
Authority key identifier: 0B:5A:53:90:B8:D6:80:21:80:3E:7B:E9:FC:F5:E8:E1:39:3A:C0:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1pTkLjWgCGAPnvp_PXo4Tk6wEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/61cc6e-21f4-4e9c-a381-e7cd18855e2c/1/QkxLvU8YDu4oULS0kxiCVhyfd8E.roa
Signing time: Thu 02 Jan 2025 09:49:28 +0000
ROA not before: Thu 02 Jan 2025 09:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43066
IP address blocks: 93.184.128.0/20 maxlen: 20
93.184.128.0/24 maxlen: 24
93.184.129.0/24 maxlen: 24
93.184.130.0/24 maxlen: 24
93.184.131.0/24 maxlen: 24
93.184.132.0/23 maxlen: 23
93.184.132.0/24 maxlen: 24
93.184.133.0/24 maxlen: 24
93.184.134.0/24 maxlen: 24
93.184.135.0/24 maxlen: 24
93.184.136.0/24 maxlen: 24
93.184.137.0/24 maxlen: 24
93.184.138.0/24 maxlen: 24
93.184.139.0/24 maxlen: 24
93.184.140.0/24 maxlen: 24
93.184.141.0/24 maxlen: 24
93.184.142.0/24 maxlen: 24
93.184.143.0/24 maxlen: 24
2a05:d880::/30 maxlen: 30
2a05:d880::/48 maxlen: 48
2a05:d880:1::/48 maxlen: 48
2a05:d880:2::/48 maxlen: 48
2a05:d880:3::/48 maxlen: 48
2a05:d880:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:86:8f:ed:b9:8d:a6:5a:43:b3:f0:06:9d:f1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5a5390b8d68021803e7be9fcf5e8e1393ac043
Validity
Not Before: Jan 2 09:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=424c4bbd4f180eee2850b4b4931882561c9f77c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7f:a1:b0:93:0c:05:09:a6:cd:22:f5:7c:aa:
22:f1:15:2a:83:0d:f5:01:0b:f2:ee:0a:20:2d:6b:
d2:b6:99:81:24:cb:45:2b:bf:56:63:87:f5:ac:ce:
7b:d9:e5:73:4e:3c:e7:c9:b4:23:65:c0:06:58:6c:
1e:5b:b8:26:51:27:92:df:07:d7:81:cc:e4:c2:f4:
6c:0b:c6:6d:01:d2:09:6d:98:49:84:e5:96:a8:f7:
93:3d:dc:21:8d:fd:66:7b:c7:2e:20:79:06:77:e8:
8d:01:56:b1:58:ed:7a:2b:93:c7:9a:15:6d:68:8c:
48:e1:50:d8:71:50:41:62:7f:9d:b0:ef:02:77:c6:
fd:eb:f3:9f:e5:7b:86:ba:4b:d9:da:63:de:cd:6b:
3a:01:4a:98:44:6b:02:79:05:e7:2e:5f:73:a1:ce:
64:12:70:f3:37:b8:5a:2c:cb:eb:e6:63:1f:41:40:
21:0c:4b:14:29:5e:e7:ef:89:c8:33:45:1e:0c:56:
c8:8a:95:76:cb:9b:34:6a:30:97:d1:f9:4a:2c:ad:
12:30:c2:21:d5:92:ec:64:c3:3e:8f:8b:8e:ed:ad:
59:97:2b:8a:3f:fc:3b:87:a7:c6:61:7c:c4:97:f4:
a8:0a:82:07:56:97:03:12:b3:2d:6a:58:70:55:23:
73:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4C:4B:BD:4F:18:0E:EE:28:50:B4:B4:93:18:82:56:1C:9F:77:C1
X509v3 Authority Key Identifier:
keyid:0B:5A:53:90:B8:D6:80:21:80:3E:7B:E9:FC:F5:E8:E1:39:3A:C0:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1pTkLjWgCGAPnvp_PXo4Tk6wEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/61cc6e-21f4-4e9c-a381-e7cd18855e2c/1/QkxLvU8YDu4oULS0kxiCVhyfd8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/61cc6e-21f4-4e9c-a381-e7cd18855e2c/1/C1pTkLjWgCGAPnvp_PXo4Tk6wEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.184.128.0/20
IPv6:
2a05:d880::/30
Signature Algorithm: sha256WithRSAEncryption
0d:56:e5:93:c8:2e:0a:91:f1:f5:19:19:e7:3b:88:dc:ea:8c:
98:f3:9d:0f:1e:43:a7:c6:d2:2b:e9:22:b1:c8:98:58:fc:47:
47:37:f8:ac:24:fe:ba:91:df:bb:d2:60:72:f5:ba:83:f6:ce:
8b:af:25:95:0c:57:9b:71:fe:05:0a:4d:ed:9e:70:f2:5f:0b:
fa:0b:dc:1d:8d:4a:83:32:0a:08:50:19:53:38:5a:b2:26:b7:
af:0e:79:4a:dd:95:5f:f9:a9:0c:71:10:44:f6:ed:c8:b0:85:
dd:92:d9:31:90:f5:b9:16:4b:47:45:e6:fb:e9:fb:09:50:d6:
dc:f0:a6:ef:a4:1b:51:53:94:d9:95:ea:45:97:3b:5f:fd:f6:
93:a6:d5:e9:2f:17:1e:50:ee:f7:1e:a5:b6:e9:b0:7d:5a:fd:
7e:b3:78:25:5b:e6:cd:5e:dd:1c:cd:78:80:22:c8:17:6c:8b:
d2:22:d4:78:9e:31:b1:50:ca:28:53:7a:0a:31:6d:40:8f:5d:
7f:fd:fb:44:fc:35:99:92:fb:0e:68:c2:83:6b:eb:a0:c1:d0:
3a:6d:57:05:8f:96:6b:ef:24:4d:84:2c:f2:41:8f:94:bf:67:
c8:44:21:96:76:14:f6:ff:77:12:19:84:91:7d:c5:98:f3:22:
c3:37:1a:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma4aP7bmNplpDs/AGnfEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWE1MzkwYjhkNjgwMjE4MDNlN2JlOWZjZjVlOGUxMzkz
YWMwNDMwHhcNMjUwMTAyMDk0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRjNGJiZDRmMTgwZWVlMjg1MGI0YjQ5MzE4ODI1NjFjOWY3N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H+hsJMMBQmmzSL1fKoi8RUqgw31
AQvy7gogLWvStpmBJMtFK79WY4f1rM572eVzTjznybQjZcAGWGweW7gmUSeS3wfX
gczkwvRsC8ZtAdIJbZhJhOWWqPeTPdwhjf1me8cuIHkGd+iNAVaxWO16K5PHmhVt
aIxI4VDYcVBBYn+dsO8Cd8b96/Of5XuGukvZ2mPezWs6AUqYRGsCeQXnLl9zoc5k
EnDzN7haLMvr5mMfQUAhDEsUKV7n74nIM0UeDFbIipV2y5s0ajCX0flKLK0SMMIh
1ZLsZMM+j4uO7a1ZlyuKP/w7h6fGYXzEl/SoCoIHVpcDErMtalhwVSNzKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJMS71PGA7uKFC0tJMYglYcn3fBMB8GA1UdIwQY
MBaAFAtaU5C41oAhgD576fz16OE5OsBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFwVGtMaldnQ0dBUG52cF9QWG80VGs2d0VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82MWNjNmUtMjFmNC00ZTljLWEzODEt
ZTdjZDE4ODU1ZTJjLzEvUWt4THZVOFlEdTRvVUxTMGt4aUNWaHlmZDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82MWNjNmUtMjFmNC00ZTljLWEzODEtZTdjZDE4ODU1ZTJj
LzEvQzFwVGtMaldnQ0dBUG52cF9QWG80VGs2d0VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXbiAMA0E
AgACMAcDBQIqBdiAMA0GCSqGSIb3DQEBCwUAA4IBAQANVuWTyC4KkfH1GRnnO4jc
6oyY850PHkOnxtIr6SKxyJhY/EdHN/isJP66kd+70mBy9bqD9s6LryWVDFebcf4F
Ck3tnnDyXwv6C9wdjUqDMgoIUBlTOFqyJrevDnlK3ZVf+akMcRBE9u3IsIXdktkx
kPW5FktHReb76fsJUNbc8KbvpBtRU5TZlepFlztf/faTptXpLxceUO73HqW26bB9
Wv1+s3glW+bNXt0czXiAIsgXbIvSItR4njGxUMooU3oKMW1Aj11//ftE/DWZkvsO
aMKDa+ugwdA6bVcFj5Zr7yRNhCzyQY+Uv2fIRCGWdhT2/3cSGYSRfcWY8yLDNxoU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net