Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/49r3EiPqYIwA3FVnQ3pruyaEeaY.roa
File: 49r3EiPqYIwA3FVnQ3pruyaEeaY.roa (raw, json)
Hash identifier: S4fah+Hi++9D/Vhg9/JWPzVOXskqt4CfJ/0z6MaI0ok=
Subject key identifier: E3:DA:F7:12:23:EA:60:8C:00:DC:55:67:43:7A:6B:BB:26:84:79:A6
Certificate issuer: /CN=aa0bd78ca2caa5eb8ff3b9e823774dc1b74debeb
Certificate serial: 019427B61E5A2A72A62D1AC4BD38CFF8CB9D
Authority key identifier: AA:0B:D7:8C:A2:CA:A5:EB:8F:F3:B9:E8:23:77:4D:C1:B7:4D:EB:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qgvXjKLKpeuP87noI3dNwbdN6-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/49r3EiPqYIwA3FVnQ3pruyaEeaY.roa
Signing time: Thu 02 Jan 2025 15:50:34 +0000
ROA not before: Thu 02 Jan 2025 15:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61998
IP address blocks: 194.36.124.0/24 maxlen: 24
194.36.125.0/24 maxlen: 24
194.36.126.0/24 maxlen: 24
194.36.127.0/24 maxlen: 24
2a0c:bfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1e:5a:2a:72:a6:2d:1a:c4:bd:38:cf:f8:cb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa0bd78ca2caa5eb8ff3b9e823774dc1b74debeb
Validity
Not Before: Jan 2 15:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3daf71223ea608c00dc5567437a6bbb268479a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9f:91:34:a4:a9:4d:fe:a2:61:c2:dc:90:88:
2d:43:4b:63:7f:7c:2a:b5:06:84:1f:3e:8e:64:86:
df:c7:28:b9:06:f8:79:7d:85:e8:2e:9d:bb:78:cf:
1a:b7:4b:66:47:be:4e:3c:d3:f1:ab:05:b4:60:c0:
bc:b4:1a:59:1a:4a:ed:6b:05:3d:30:41:7f:ff:a4:
f4:04:c9:9a:d3:9c:d6:af:fe:0d:7e:3e:6e:02:88:
4b:52:84:26:62:67:22:57:56:e0:e1:5b:1c:c1:81:
db:8b:0c:73:95:d0:8d:12:da:7b:42:41:ab:b9:8f:
44:a4:c8:01:f8:79:a8:57:10:ff:35:c9:12:7f:f0:
df:82:44:5b:54:36:53:34:bc:7a:66:d3:f3:85:ba:
6c:1b:9d:8f:f7:95:b3:7c:64:66:5e:4c:49:d3:11:
5f:d7:ba:a5:7d:d4:ec:12:03:31:7c:53:51:15:7f:
14:1a:54:60:ae:1d:60:c7:34:33:9f:7b:53:1f:bd:
d4:61:39:71:68:ee:87:ee:c5:aa:90:74:e2:f1:db:
74:cd:ac:01:5f:05:9e:66:ca:af:63:7a:d3:16:e1:
81:bf:89:b5:7f:06:33:69:30:79:c1:7e:3e:ab:ea:
80:b5:3e:08:1c:08:e2:f0:3b:aa:70:8c:9b:96:ab:
ac:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DA:F7:12:23:EA:60:8C:00:DC:55:67:43:7A:6B:BB:26:84:79:A6
X509v3 Authority Key Identifier:
keyid:AA:0B:D7:8C:A2:CA:A5:EB:8F:F3:B9:E8:23:77:4D:C1:B7:4D:EB:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qgvXjKLKpeuP87noI3dNwbdN6-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/49r3EiPqYIwA3FVnQ3pruyaEeaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/qgvXjKLKpeuP87noI3dNwbdN6-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.124.0/22
IPv6:
2a0c:bfc0::/29
Signature Algorithm: sha256WithRSAEncryption
27:b7:44:96:f5:cb:6e:21:e4:da:e5:ec:f3:57:ba:60:55:ae:
37:d1:bb:00:92:af:98:53:ad:7d:73:fa:dd:51:da:92:14:0d:
17:35:08:14:ab:d4:ff:53:9f:34:ac:4c:28:79:7c:93:c9:42:
9f:70:93:c6:28:6d:bf:3e:94:bf:6e:67:16:66:b8:c4:1a:fa:
00:5c:f7:e2:d1:b4:d9:4a:7c:e9:3f:19:44:b4:c1:7e:93:d9:
2d:34:01:35:40:6d:cb:c7:39:65:85:81:8a:5a:4b:f9:b6:af:
6c:21:23:b4:f1:a6:5a:0d:ae:e5:75:0a:04:2e:c7:2d:32:09:
48:bc:75:65:96:60:f1:62:6c:02:4d:5c:ad:cd:66:a8:62:ef:
90:1f:27:63:92:90:43:a0:6a:cc:9d:31:1d:d6:0f:e2:8a:a7:
75:6d:50:44:1b:0f:76:0d:35:6e:c2:2a:96:22:47:d1:ae:f9:
6b:a0:04:04:2c:fa:db:33:e6:a7:2f:0e:ff:4e:54:66:04:6e:
de:45:cd:fe:34:e6:e3:aa:55:de:d1:42:3a:18:97:0f:17:0d:
51:88:e0:bd:b7:69:27:b7:f9:20:cc:6a:70:51:62:57:58:35:
45:75:f1:bd:13:ea:7e:a1:01:5f:88:25:3d:5d:6b:fd:21:12:
da:d3:37:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnth5aKnKmLRrEvTjP+MudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMGJkNzhjYTJjYWE1ZWI4ZmYzYjllODIzNzc0ZGMxYjc0
ZGViZWIwHhcNMjUwMTAyMTU1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RhZjcxMjIzZWE2MDhjMDBkYzU1Njc0MzdhNmJiYjI2ODQ3OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ+RNKSpTf6iYcLckIgtQ0tjf3wq
tQaEHz6OZIbfxyi5Bvh5fYXoLp27eM8at0tmR75OPNPxqwW0YMC8tBpZGkrtawU9
MEF//6T0BMma05zWr/4Nfj5uAohLUoQmYmciV1bg4VscwYHbiwxzldCNEtp7QkGr
uY9EpMgB+HmoVxD/NckSf/DfgkRbVDZTNLx6ZtPzhbpsG52P95WzfGRmXkxJ0xFf
17qlfdTsEgMxfFNRFX8UGlRgrh1gxzQzn3tTH73UYTlxaO6H7sWqkHTi8dt0zawB
XwWeZsqvY3rTFuGBv4m1fwYzaTB5wX4+q+qAtT4IHAji8DuqcIyblqusUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOPa9xIj6mCMANxVZ0N6a7smhHmmMB8GA1UdIwQY
MBaAFKoL14yiyqXrj/O56CN3TcG3TevrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWd2WGpLTEtwZXVQODdub0kzZE53YmRONi1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85Nzg4MzctMTAyMy00YjM5LTliMzct
YTEwOGRiZTBmZDFmLzEvNDlyM0VpUHFZSXdBM0ZWblEzcHJ1eWFFZWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85Nzg4MzctMTAyMy00YjM5LTliMzctYTEwOGRiZTBmZDFm
LzEvcWd2WGpLTEtwZXVQODdub0kzZE53YmRONi1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiR8MA0E
AgACMAcDBQMqDL/AMA0GCSqGSIb3DQEBCwUAA4IBAQAnt0SW9ctuIeTa5ezzV7pg
Va430bsAkq+YU619c/rdUdqSFA0XNQgUq9T/U580rEwoeXyTyUKfcJPGKG2/PpS/
bmcWZrjEGvoAXPfi0bTZSnzpPxlEtMF+k9ktNAE1QG3LxzllhYGKWkv5tq9sISO0
8aZaDa7ldQoELsctMglIvHVllmDxYmwCTVytzWaoYu+QHydjkpBDoGrMnTEd1g/i
iqd1bVBEGw92DTVuwiqWIkfRrvlroAQELPrbM+anLw7/TlRmBG7eRc3+NObjqlXe
0UI6GJcPFw1RiOC9t2knt/kgzGpwUWJXWDVFdfG9E+p+oQFfiCU9XWv9IRLa0zdc
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net