Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/pSWgXuERRm1Au1teAh3DmpY14k0.roa
File: pSWgXuERRm1Au1teAh3DmpY14k0.roa (raw, json)
Hash identifier: EnWqTAmFjlN0INK78CFEhUf7qBxCnt1KXQVV4wR/100=
Subject key identifier: A5:25:A0:5E:E1:11:46:6D:40:BB:5B:5E:02:1D:C3:9A:96:35:E2:4D
Certificate issuer: /CN=500db1715052253bf523f140b9f5637a11d5e9af
Certificate serial: 01942143B6AFC7EB9DE1C39D836FDC7F6548
Authority key identifier: 50:0D:B1:71:50:52:25:3B:F5:23:F1:40:B9:F5:63:7A:11:D5:E9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UA2xcVBSJTv1I_FAufVjehHV6a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/pSWgXuERRm1Au1teAh3DmpY14k0.roa
Signing time: Wed 01 Jan 2025 09:47:53 +0000
ROA not before: Wed 01 Jan 2025 09:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29326
IP address blocks: 176.67.88.0/21 maxlen: 21
185.103.64.0/22 maxlen: 22
2a00:89c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b6:af:c7:eb:9d:e1:c3:9d:83:6f:dc:7f:65:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=500db1715052253bf523f140b9f5637a11d5e9af
Validity
Not Before: Jan 1 09:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a525a05ee111466d40bb5b5e021dc39a9635e24d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ce:22:c9:0d:f9:87:d2:b5:43:13:15:7b:de:
24:fc:37:16:a3:47:87:5d:ae:30:d1:fd:04:dc:07:
8d:a0:eb:ab:72:db:ec:4e:06:6d:45:a4:01:b4:f8:
0d:ac:b1:ea:53:66:4f:62:f7:81:0a:f0:c1:4e:fc:
6d:87:21:0b:e0:8b:41:e0:3c:6d:f8:94:dd:7d:89:
3a:cb:56:f2:3f:2a:7f:bd:de:1a:a8:47:23:50:67:
4f:34:d0:ac:5d:1a:11:52:86:8a:25:0e:59:5a:ef:
13:13:c1:ee:01:fa:4c:8a:59:29:20:f4:9b:b9:1d:
cd:75:74:6f:3f:e7:f9:9c:5e:62:ea:f6:cf:cc:01:
cc:c0:c9:48:31:c7:7b:22:da:c9:d5:8f:27:30:a7:
15:ff:22:5f:af:0e:cc:b7:25:c8:89:9d:2e:f9:63:
79:30:3f:1c:42:07:a5:a8:2b:7f:55:2c:14:68:06:
41:9e:ba:aa:94:f2:84:78:40:e2:35:d9:05:78:30:
46:96:43:08:b0:fd:1c:55:79:5c:9d:99:32:f7:25:
6e:de:07:a3:e3:1d:64:31:63:a8:a4:8e:58:49:2e:
b1:cc:69:51:67:cd:32:9b:56:03:00:31:5d:91:22:
f6:27:3b:12:bb:7c:40:6f:b2:fe:2f:d9:04:3b:2c:
a5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:25:A0:5E:E1:11:46:6D:40:BB:5B:5E:02:1D:C3:9A:96:35:E2:4D
X509v3 Authority Key Identifier:
keyid:50:0D:B1:71:50:52:25:3B:F5:23:F1:40:B9:F5:63:7A:11:D5:E9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UA2xcVBSJTv1I_FAufVjehHV6a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/pSWgXuERRm1Au1teAh3DmpY14k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/UA2xcVBSJTv1I_FAufVjehHV6a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.88.0/21
185.103.64.0/22
IPv6:
2a00:89c0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:9a:a7:dc:9e:9c:66:b8:1f:f5:39:f3:bd:85:0d:1d:a2:6e:
27:11:72:98:07:5f:cb:fe:76:47:7d:1c:88:26:fb:bf:ec:af:
ac:1a:65:0d:d7:a0:d2:ba:ce:5e:a6:34:72:84:6c:6a:e2:88:
e2:81:ad:85:52:f7:af:e8:ce:6c:8f:9a:58:e5:6a:06:43:69:
c5:09:d2:00:d8:14:16:f0:f7:46:4f:11:b0:c7:aa:9a:02:59:
5a:66:f3:b6:46:98:b3:8d:31:bc:e2:0a:2b:f2:da:cf:30:34:
23:70:6d:d3:c4:1a:ae:37:7b:32:e8:9c:c7:c7:6f:b1:95:2e:
a1:2d:86:3c:8b:de:e6:e5:07:14:2c:1e:41:d5:1f:4c:d5:0b:
6d:a5:d7:bf:8e:71:ce:e2:ff:4f:de:e3:d0:e7:e0:35:58:8f:
66:53:b0:a8:7c:78:2a:5b:7c:39:c8:fa:d6:58:c4:16:1c:e2:
3a:8b:d7:1a:c7:7a:51:31:6e:f6:7e:2a:4b:85:0c:b1:2b:51:
dc:17:76:3c:e8:ff:54:62:cc:d8:df:1c:8b:ee:4c:51:c3:5a:
f2:92:0b:da:f0:69:31:e8:bf:64:b0:3f:6f:60:7f:6a:9c:22:
26:94:bf:a3:f2:53:b4:85:b7:9e:d3:67:45:61:13:0b:09:e1:
b9:43:5f:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhQ7avx+ud4cOdg2/cf2VIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMGRiMTcxNTA1MjI1M2JmNTIzZjE0MGI5ZjU2MzdhMTFk
NWU5YWYwHhcNMjUwMTAxMDk0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI1YTA1ZWUxMTE0NjZkNDBiYjViNWUwMjFkYzM5YTk2MzVlMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc4iyQ35h9K1QxMVe94k/DcWo0eH
Xa4w0f0E3AeNoOurctvsTgZtRaQBtPgNrLHqU2ZPYveBCvDBTvxthyEL4ItB4Dxt
+JTdfYk6y1byPyp/vd4aqEcjUGdPNNCsXRoRUoaKJQ5ZWu8TE8HuAfpMilkpIPSb
uR3NdXRvP+f5nF5i6vbPzAHMwMlIMcd7ItrJ1Y8nMKcV/yJfrw7MtyXIiZ0u+WN5
MD8cQgelqCt/VSwUaAZBnrqqlPKEeEDiNdkFeDBGlkMIsP0cVXlcnZky9yVu3gej
4x1kMWOopI5YSS6xzGlRZ80ym1YDADFdkSL2JzsSu3xAb7L+L9kEOyylnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUloF7hEUZtQLtbXgIdw5qWNeJNMB8GA1UdIwQY
MBaAFFANsXFQUiU79SPxQLn1Y3oR1emvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUEyeGNWQlNKVHYxSV9GQXVmVmplaEhWNmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xZjdiYWQtZTVkZC00ZTUyLWIwZDQt
OGY1Yzk4NjdlOTk4LzEvcFNXZ1h1RVJSbTFBdTF0ZUFoM0RtcFkxNGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xZjdiYWQtZTVkZC00ZTUyLWIwZDQtOGY1Yzk4NjdlOTk4
LzEvVUEyeGNWQlNKVHYxSV9GQXVmVmplaEhWNmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsENYAwQC
uWdAMA0EAgACMAcDBQAqAInAMA0GCSqGSIb3DQEBCwUAA4IBAQAfmqfcnpxmuB/1
OfO9hQ0dom4nEXKYB1/L/nZHfRyIJvu/7K+sGmUN16DSus5epjRyhGxq4ojiga2F
Uvev6M5sj5pY5WoGQ2nFCdIA2BQW8PdGTxGwx6qaAllaZvO2RpizjTG84gor8trP
MDQjcG3TxBquN3sy6JzHx2+xlS6hLYY8i97m5QcULB5B1R9M1Qttpde/jnHO4v9P
3uPQ5+A1WI9mU7CofHgqW3w5yPrWWMQWHOI6i9cax3pRMW72fipLhQyxK1HcF3Y8
6P9UYszY3xyL7kxRw1rykgva8Gkx6L9ksD9vYH9qnCImlL+j8lO0hbee02dFYRML
CeG5Q1+K
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:46 2025 by rpki-client on console.sobornost.net