Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/6aa017-2fe8-4cd8-8a7d-3a8a61006a4f/1/A95nvExRv6jB5eSZJpOw7UhU9Cs.roa
File: A95nvExRv6jB5eSZJpOw7UhU9Cs.roa (raw, json)
Hash identifier: 377020JWmLx/vMoWlq0LLQD0jueSe9bNRdwFbBb8JvY=
Subject key identifier: 03:DE:67:BC:4C:51:BF:A8:C1:E5:E4:99:26:93:B0:ED:48:54:F4:2B
Certificate issuer: /CN=68d1ef163a661cce5bc62117ec763758b1b5bb89
Certificate serial: 019425217FC2FBBF51EEE6F06479E69DF3C0
Authority key identifier: 68:D1:EF:16:3A:66:1C:CE:5B:C6:21:17:EC:76:37:58:B1:B5:BB:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNHvFjpmHM5bxiEX7HY3WLG1u4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/6aa017-2fe8-4cd8-8a7d-3a8a61006a4f/1/A95nvExRv6jB5eSZJpOw7UhU9Cs.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212947
IP address blocks: 93.157.187.0/24 maxlen: 24
206.204.104.0/24 maxlen: 24
206.204.105.0/24 maxlen: 24
206.204.106.0/24 maxlen: 24
206.204.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7f:c2:fb:bf:51:ee:e6:f0:64:79:e6:9d:f3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d1ef163a661cce5bc62117ec763758b1b5bb89
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03de67bc4c51bfa8c1e5e4992693b0ed4854f42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:b3:91:f9:69:42:b8:66:50:01:68:ff:cd:
6b:ad:75:b5:74:21:39:e6:aa:6a:5b:89:36:7a:b3:
75:75:90:ae:77:9b:4c:21:b0:4b:59:44:25:43:2e:
61:c2:0c:03:c0:5a:00:44:bf:e7:83:4e:30:00:af:
a9:d3:2f:20:63:0f:f9:0d:84:ea:b6:96:65:ce:df:
bc:e0:2a:67:12:8c:9b:66:3e:d4:3f:c3:99:49:0b:
62:29:ea:3f:cb:ef:71:cd:1c:41:73:c5:32:9c:c6:
d6:6f:d9:a7:a4:5f:8f:1a:cf:0a:a0:dd:25:c0:f3:
7d:4c:be:c9:ab:c2:e9:59:ec:c4:5a:71:76:53:04:
8f:58:32:8f:51:7f:6c:ec:23:42:9a:6b:90:00:96:
ca:1b:f2:3e:82:be:00:54:31:a4:09:6c:be:a7:d2:
30:ea:52:78:3b:19:33:14:7e:47:f0:a9:50:2c:52:
eb:66:bb:52:b9:ad:31:f4:67:5b:a2:2b:94:40:5e:
97:63:00:00:a9:51:de:37:2c:d3:e3:55:9b:57:a6:
6e:9e:0e:16:3f:dd:c1:6e:6d:ad:16:da:39:44:ee:
77:81:f2:13:04:49:36:fa:7d:c5:40:5e:46:46:8b:
71:dc:fc:ff:40:fa:5c:05:ce:9d:7a:26:da:00:31:
24:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DE:67:BC:4C:51:BF:A8:C1:E5:E4:99:26:93:B0:ED:48:54:F4:2B
X509v3 Authority Key Identifier:
keyid:68:D1:EF:16:3A:66:1C:CE:5B:C6:21:17:EC:76:37:58:B1:B5:BB:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNHvFjpmHM5bxiEX7HY3WLG1u4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6aa017-2fe8-4cd8-8a7d-3a8a61006a4f/1/A95nvExRv6jB5eSZJpOw7UhU9Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6aa017-2fe8-4cd8-8a7d-3a8a61006a4f/1/aNHvFjpmHM5bxiEX7HY3WLG1u4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.187.0/24
206.204.104.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:e5:9f:06:1e:c3:b8:89:68:39:48:77:9d:d1:8e:97:f9:8b:
bb:ce:e9:3e:28:83:5a:f0:f9:db:0b:f4:05:20:ce:f8:68:3d:
39:c2:68:c1:04:07:53:0d:10:ce:d0:66:be:c4:9a:9c:01:fb:
48:f7:94:b3:b2:97:8c:b8:89:9a:cc:60:7c:8b:32:ff:ef:fd:
79:ce:4a:86:f5:84:67:9c:78:c2:e9:7d:cc:f5:de:9c:76:21:
4d:d1:59:da:78:13:89:96:5b:f9:b7:a0:97:a3:2e:34:66:01:
9e:97:7b:7e:4a:51:ae:5a:f4:76:10:89:2d:7f:09:88:62:4b:
56:99:49:0f:e5:fa:0d:bd:a0:ee:91:a9:37:65:03:82:d8:66:
88:b7:ab:0e:31:56:d9:61:66:10:b2:c2:78:1d:85:66:82:19:
3c:e0:b9:55:74:86:32:44:f1:6a:6a:54:88:5b:9d:75:7c:d4:
03:ea:34:23:95:ee:67:e3:30:bc:08:ae:e7:e6:bd:3f:cd:71:
0d:9d:39:51:ef:f0:87:96:54:ea:99:a4:8e:08:b5:ac:27:f2:
d1:81:f5:63:88:cf:4b:a0:37:31:6a:a0:e9:82:25:1b:27:1f:
ea:f8:a5:d2:c7:f3:bd:7d:d6:f8:e2:f9:08:ea:2c:f1:2b:57:
9a:d9:23:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIX/C+79R7ubwZHnmnfPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDFlZjE2M2E2NjFjY2U1YmM2MjExN2VjNzYzNzU4YjFi
NWJiODkwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RlNjdiYzRjNTFiZmE4YzFlNWU0OTkyNjkzYjBlZDQ4NTRmNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxKzkflpQrhmUAFo/81rrXW1dCE5
5qpqW4k2erN1dZCud5tMIbBLWUQlQy5hwgwDwFoARL/ng04wAK+p0y8gYw/5DYTq
tpZlzt+84CpnEoybZj7UP8OZSQtiKeo/y+9xzRxBc8UynMbWb9mnpF+PGs8KoN0l
wPN9TL7Jq8LpWezEWnF2UwSPWDKPUX9s7CNCmmuQAJbKG/I+gr4AVDGkCWy+p9Iw
6lJ4OxkzFH5H8KlQLFLrZrtSua0x9GdboiuUQF6XYwAAqVHeNyzT41WbV6Zung4W
P93Bbm2tFto5RO53gfITBEk2+n3FQF5GRotx3Pz/QPpcBc6deibaADEkAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAPeZ7xMUb+oweXkmSaTsO1IVPQrMB8GA1UdIwQY
MBaAFGjR7xY6ZhzOW8YhF+x2N1ixtbuJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5IdkZqcG1ITTVieGlFWDdIWTNXTEcxdTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82YWEwMTctMmZlOC00Y2Q4LThhN2Qt
M2E4YTYxMDA2YTRmLzEvQTk1bnZFeFJ2NmpCNWVTWkpwT3c3VWhVOUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82YWEwMTctMmZlOC00Y2Q4LThhN2QtM2E4YTYxMDA2YTRm
LzEvYU5IdkZqcG1ITTVieGlFWDdIWTNXTEcxdTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXZ27AwQC
zsxoMA0GCSqGSIb3DQEBCwUAA4IBAQAd5Z8GHsO4iWg5SHed0Y6X+Yu7zuk+KINa
8PnbC/QFIM74aD05wmjBBAdTDRDO0Ga+xJqcAftI95SzspeMuImazGB8izL/7/15
zkqG9YRnnHjC6X3M9d6cdiFN0VnaeBOJllv5t6CXoy40ZgGel3t+SlGuWvR2EIkt
fwmIYktWmUkP5foNvaDukak3ZQOC2GaIt6sOMVbZYWYQssJ4HYVmghk84LlVdIYy
RPFqalSIW511fNQD6jQjle5n4zC8CK7n5r0/zXENnTlR7/CHllTqmaSOCLWsJ/LR
gfVjiM9LoDcxaqDpgiUbJx/q+KXSx/O9fdb44vkI6izxK1ea2SPv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:59 2025 by rpki-client on console.sobornost.net