Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/iZdS2-tNGexZgQ6b60_nSgwLQyg.roa
File: iZdS2-tNGexZgQ6b60_nSgwLQyg.roa (raw, json)
Hash identifier: fu8S/yGRbl5J7FTMShuPVuIAZ577VH2m1tV/BoybOg4=
Subject key identifier: 89:97:52:DB:EB:4D:19:EC:59:81:0E:9B:EB:4F:E7:4A:0C:0B:43:28
Certificate issuer: /CN=403f08bbaffa4161843203a8a757ab6e9546b0ce
Certificate serial: 0194266C4607B47C62044BFCE0C922002C64
Authority key identifier: 40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/iZdS2-tNGexZgQ6b60_nSgwLQyg.roa
Signing time: Thu 02 Jan 2025 09:50:17 +0000
ROA not before: Thu 02 Jan 2025 09:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213295
IP address blocks: 195.200.234.0/24 maxlen: 24
2a10:d0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:46:07:b4:7c:62:04:4b:fc:e0:c9:22:00:2c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=403f08bbaffa4161843203a8a757ab6e9546b0ce
Validity
Not Before: Jan 2 09:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=899752dbeb4d19ec59810e9beb4fe74a0c0b4328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:8c:a6:01:54:0f:b7:5b:9b:33:a0:d6:85:
94:34:ea:2a:b6:62:d8:be:79:5e:69:51:16:2b:ce:
f4:8c:f4:3e:f6:e6:16:93:2b:a2:3f:fa:a6:63:cf:
95:be:35:17:38:60:aa:46:7e:f0:cb:d0:ad:f9:10:
4d:3b:3c:61:ef:94:bc:3f:e1:12:52:48:ef:4b:2f:
50:ad:f6:3e:3e:7f:ed:62:f6:58:f4:d6:cc:a1:bb:
98:21:ec:c1:d5:d4:d5:d3:d1:8c:5a:c3:1e:d9:44:
93:96:7a:6d:5a:83:7d:4e:51:20:df:55:58:55:28:
ba:4c:1d:da:ee:a3:ec:6d:95:ff:9c:96:55:3b:b0:
71:92:83:b0:30:53:8c:8f:d1:3d:26:91:dd:c1:6f:
4c:d3:09:ac:f0:09:a9:b9:40:3a:31:ad:1d:b3:d3:
8b:b2:ef:b3:c4:9f:c1:0e:02:e1:6a:e5:fe:76:75:
54:ea:db:60:3a:a6:d5:09:9f:00:33:34:2c:cc:a1:
35:75:b1:a3:5b:be:a6:4f:24:2a:b7:88:8d:ce:57:
0b:e0:2f:b0:a5:6f:a8:4c:18:ef:3b:8c:e5:bb:42:
0a:c1:07:69:db:66:de:dc:c0:ee:1a:7d:4a:12:4f:
df:32:ae:af:20:22:4c:cc:d2:ee:06:3e:5f:04:e4:
f9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:97:52:DB:EB:4D:19:EC:59:81:0E:9B:EB:4F:E7:4A:0C:0B:43:28
X509v3 Authority Key Identifier:
keyid:40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/iZdS2-tNGexZgQ6b60_nSgwLQyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.234.0/24
IPv6:
2a10:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:13:e6:d6:57:5e:f2:53:84:b1:02:b8:27:38:20:34:82:13:
f4:cf:f5:ff:c3:d0:d3:f5:39:96:49:73:c1:5f:d1:87:68:9b:
73:ed:d4:ed:e0:76:9d:34:3b:0d:af:71:bf:7c:1e:c4:88:ef:
f4:c4:29:45:4a:e1:ef:06:bd:e4:02:88:0e:f7:a4:1f:00:7b:
ee:9e:d2:64:9e:8d:04:d8:10:c8:5b:94:0f:6f:7b:c5:18:60:
b8:1a:3e:8d:ba:60:4f:45:eb:dc:c7:38:64:fc:f4:cd:c5:58:
d0:9c:15:0f:19:58:85:e0:df:6d:6d:d8:bd:90:5e:96:a2:8e:
d9:8b:e4:a9:01:5e:3c:b5:55:e9:38:2c:84:1e:1e:67:6f:0d:
c0:a4:c1:de:81:b8:52:04:c8:70:26:3d:31:0f:7e:4b:ba:a0:
0b:16:c9:ae:31:f2:5a:c3:71:11:6e:7d:20:b1:f1:57:f9:65:
8f:bb:64:80:4f:c2:b0:1a:1f:5d:4f:32:74:e6:a1:02:81:0a:
28:1a:84:f3:8a:5f:47:47:0d:04:fb:d2:9e:5f:f0:c0:f2:04:
dc:1b:57:a3:ff:a1:58:4c:68:c7:d1:81:29:67:7f:d9:2d:00:
84:ee:35:26:ea:d7:ff:ee:e9:14:f9:59:3e:d8:49:5b:0e:05:
64:ba:65:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbEYHtHxiBEv84MkiACxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwM2YwOGJiYWZmYTQxNjE4NDMyMDNhOGE3NTdhYjZlOTU0
NmIwY2UwHhcNMjUwMTAyMDk1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk3NTJkYmViNGQxOWVjNTk4MTBlOWJlYjRmZTc0YTBjMGI0MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBqMpgFUD7dbmzOg1oWUNOoqtmLY
vnleaVEWK870jPQ+9uYWkyuiP/qmY8+VvjUXOGCqRn7wy9Ct+RBNOzxh75S8P+ES
UkjvSy9QrfY+Pn/tYvZY9NbMobuYIezB1dTV09GMWsMe2USTlnptWoN9TlEg31VY
VSi6TB3a7qPsbZX/nJZVO7BxkoOwMFOMj9E9JpHdwW9M0wms8AmpuUA6Ma0ds9OL
su+zxJ/BDgLhauX+dnVU6ttgOqbVCZ8AMzQszKE1dbGjW76mTyQqt4iNzlcL4C+w
pW+oTBjvO4zlu0IKwQdp22be3MDuGn1KEk/fMq6vICJMzNLuBj5fBOT5aQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFImXUtvrTRnsWYEOm+tP50oMC0MoMB8GA1UdIwQY
MBaAFEA/CLuv+kFhhDIDqKdXq26VRrDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5Yjgt
MzhkOGE3OGE0ODYyLzEvaVpkUzItdE5HZXhaZ1E2YjYwX25TZ3dMUXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5YjgtMzhkOGE3OGE0ODYy
LzEvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw8jqMA0E
AgACMAcDBQMqENDAMA0GCSqGSIb3DQEBCwUAA4IBAQCpE+bWV17yU4SxArgnOCA0
ghP0z/X/w9DT9TmWSXPBX9GHaJtz7dTt4HadNDsNr3G/fB7EiO/0xClFSuHvBr3k
AogO96QfAHvuntJkno0E2BDIW5QPb3vFGGC4Gj6NumBPRevcxzhk/PTNxVjQnBUP
GViF4N9tbdi9kF6Woo7Zi+SpAV48tVXpOCyEHh5nbw3ApMHegbhSBMhwJj0xD35L
uqALFsmuMfJaw3ERbn0gsfFX+WWPu2SAT8KwGh9dTzJ05qECgQooGoTzil9HRw0E
+9KeX/DA8gTcG1ej/6FYTGjH0YEpZ3/ZLQCE7jUm6tf/7ukU+Vk+2ElbDgVkumWR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:55 2025 by rpki-client on console.sobornost.net