Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6a8ad5-21df-4dbb-9abd-d446455dc5ba/1/0ljyTvQ_d8HoyClfNuv9eO2Q5yA.roa
File: 0ljyTvQ_d8HoyClfNuv9eO2Q5yA.roa (raw, json)
Hash identifier: jw6rtBAELKvNPa562NE5b8O7bUsTaNwLwsoxjTQsK7A=
Subject key identifier: D2:58:F2:4E:F4:3F:77:C1:E8:C8:29:5F:36:EB:FD:78:ED:90:E7:20
Certificate issuer: /CN=f14666fbb64c4da8cb8992bf0da97b8b0117eac6
Certificate serial: 0194228DCC266151ECB652F8E1D8FEEC957C
Authority key identifier: F1:46:66:FB:B6:4C:4D:A8:CB:89:92:BF:0D:A9:7B:8B:01:17:EA:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UZm-7ZMTajLiZK_Dal7iwEX6sY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6a8ad5-21df-4dbb-9abd-d446455dc5ba/1/0ljyTvQ_d8HoyClfNuv9eO2Q5yA.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48797
IP address blocks: 95.128.232.0/22 maxlen: 22
95.128.236.0/22 maxlen: 22
185.130.16.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cc:26:61:51:ec:b6:52:f8:e1:d8:fe:ec:95:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14666fbb64c4da8cb8992bf0da97b8b0117eac6
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d258f24ef43f77c1e8c8295f36ebfd78ed90e720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:8f:15:18:dc:8e:0f:cc:b5:7f:80:10:77:
8d:77:d6:e2:37:6d:d4:23:71:eb:ad:8e:12:b9:ef:
23:c1:a6:79:da:83:be:d4:7c:1e:b2:82:de:b0:eb:
56:2e:c1:c6:9b:77:49:d5:99:79:8b:4b:25:b9:19:
9f:e3:d6:5b:f5:51:fb:8e:b3:ea:37:1b:a3:13:70:
d0:37:18:89:2a:c4:76:e3:3e:32:e1:d7:db:b6:6b:
2b:cd:f5:42:67:ca:93:fe:0f:5a:71:5a:25:1a:81:
30:ae:7f:7e:6b:96:69:f4:ed:4c:54:9b:a6:5b:7a:
25:03:8d:f2:22:e2:a9:af:31:6c:89:77:49:3e:1e:
26:c1:e4:3e:55:30:c2:9b:f8:b7:47:08:aa:37:ef:
51:df:3a:3b:71:e2:4a:4b:a4:81:11:98:65:06:09:
d9:9d:e6:d6:6f:ef:e0:76:8f:40:e5:79:80:0d:54:
81:18:d7:6d:f4:a5:59:7b:0b:de:b8:ec:2c:2f:aa:
5d:42:29:01:37:65:6e:9b:0a:de:62:ab:60:0d:b2:
82:8e:48:ff:91:85:67:c3:78:bb:48:ec:dc:4d:48:
03:04:41:7e:01:47:2f:dd:cf:40:ae:ed:56:75:5e:
4c:81:32:10:c2:c8:89:ad:ec:58:d7:35:58:1e:bb:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:58:F2:4E:F4:3F:77:C1:E8:C8:29:5F:36:EB:FD:78:ED:90:E7:20
X509v3 Authority Key Identifier:
keyid:F1:46:66:FB:B6:4C:4D:A8:CB:89:92:BF:0D:A9:7B:8B:01:17:EA:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UZm-7ZMTajLiZK_Dal7iwEX6sY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6a8ad5-21df-4dbb-9abd-d446455dc5ba/1/0ljyTvQ_d8HoyClfNuv9eO2Q5yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6a8ad5-21df-4dbb-9abd-d446455dc5ba/1/8UZm-7ZMTajLiZK_Dal7iwEX6sY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.232.0/21
185.130.16.0/22
Signature Algorithm: sha256WithRSAEncryption
08:e4:b8:e2:43:d9:93:97:f0:7e:65:56:7d:65:98:51:ed:d4:
68:84:2a:6b:d1:7d:13:b5:04:11:b8:71:ac:15:29:b4:71:81:
e7:23:78:8a:65:3c:a6:0f:a6:67:d2:25:0b:ea:13:10:d6:96:
c9:99:7e:33:9d:0b:81:8c:d7:a0:40:f8:35:65:fb:42:fd:62:
d3:79:c9:97:39:08:03:3a:f7:6b:5a:89:ce:02:cc:70:51:52:
df:e7:de:e8:75:24:2c:79:a4:42:98:93:da:e1:73:57:02:97:
c2:4e:52:8f:8a:2e:89:29:48:2b:02:11:54:b9:1a:8d:e3:a6:
15:ad:79:b3:85:47:58:5e:e9:a6:8c:e2:27:cd:4a:f7:be:0d:
b3:e9:b1:9e:4d:ce:14:7c:d0:ab:ea:c8:64:1e:70:49:ae:d7:
1d:f5:70:31:f1:fd:54:20:29:48:29:c0:36:4b:01:87:26:39:
31:71:7e:be:4d:e0:14:36:a8:d0:ed:e1:32:ff:84:03:ec:7f:
f2:d0:35:fb:ce:46:09:85:f4:a9:e1:8f:b9:c4:ce:16:5f:79:
b9:e6:d5:a4:c0:6a:29:55:6b:26:36:c0:99:4b:4c:f1:c4:58:
c3:49:90:83:89:f0:6f:9f:6b:31:3b:f5:dd:e6:85:37:a2:7a:
06:de:d7:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijcwmYVHstlL44dj+7JV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDY2NmZiYjY0YzRkYThjYjg5OTJiZjBkYTk3YjhiMDEx
N2VhYzYwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU4ZjI0ZWY0M2Y3N2MxZThjODI5NWYzNmViZmQ3OGVkOTBlNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg+PFRjcjg/MtX+AEHeNd9biN23U
I3HrrY4Sue8jwaZ52oO+1HwesoLesOtWLsHGm3dJ1Zl5i0sluRmf49Zb9VH7jrPq
NxujE3DQNxiJKsR24z4y4dfbtmsrzfVCZ8qT/g9acVolGoEwrn9+a5Zp9O1MVJum
W3olA43yIuKprzFsiXdJPh4mweQ+VTDCm/i3RwiqN+9R3zo7ceJKS6SBEZhlBgnZ
nebWb+/gdo9A5XmADVSBGNdt9KVZewveuOwsL6pdQikBN2VumwreYqtgDbKCjkj/
kYVnw3i7SOzcTUgDBEF+AUcv3c9Aru1WdV5MgTIQwsiJrexY1zVYHrsrzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNJY8k70P3fB6MgpXzbr/XjtkOcgMB8GA1UdIwQY
MBaAFPFGZvu2TE2oy4mSvw2pe4sBF+rGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVabS03Wk1UYWpMaVpLX0RhbDdpd0VYNnNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82YThhZDUtMjFkZi00ZGJiLTlhYmQt
ZDQ0NjQ1NWRjNWJhLzEvMGxqeVR2UV9kOEhveUNsZk51djllTzJRNXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82YThhZDUtMjFkZi00ZGJiLTlhYmQtZDQ0NjQ1NWRjNWJh
LzEvOFVabS03Wk1UYWpMaVpLX0RhbDdpd0VYNnNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4DoAwQC
uYIQMA0GCSqGSIb3DQEBCwUAA4IBAQAI5LjiQ9mTl/B+ZVZ9ZZhR7dRohCpr0X0T
tQQRuHGsFSm0cYHnI3iKZTymD6Zn0iUL6hMQ1pbJmX4znQuBjNegQPg1ZftC/WLT
ecmXOQgDOvdrWonOAsxwUVLf597odSQseaRCmJPa4XNXApfCTlKPii6JKUgrAhFU
uRqN46YVrXmzhUdYXummjOInzUr3vg2z6bGeTc4UfNCr6shkHnBJrtcd9XAx8f1U
IClIKcA2SwGHJjkxcX6+TeAUNqjQ7eEy/4QD7H/y0DX7zkYJhfSp4Y+5xM4WX3m5
5tWkwGopVWsmNsCZS0zxxFjDSZCDifBvn2sxO/Xd5oU3onoG3td8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:56 2025 by rpki-client on console.sobornost.net