Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/U7DbhF1x3gp_yB_uvm-ZnLT56oc.roa
File: U7DbhF1x3gp_yB_uvm-ZnLT56oc.roa (raw, json)
Hash identifier: BgWurSq7ETy/ZjmZQYeAZmnnu0X5jrDz9abGJjfRlMg=
Subject key identifier: 53:B0:DB:84:5D:71:DE:0A:7F:C8:1F:EE:BE:6F:99:9C:B4:F9:EA:87
Certificate issuer: /CN=d81c7962433c2fe0bf62b8c388392995f942b14c
Certificate serial: 019422FBBC2B9D89659D3CD13E030797471E
Authority key identifier: D8:1C:79:62:43:3C:2F:E0:BF:62:B8:C3:88:39:29:95:F9:42:B1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Bx5YkM8L-C_YrjDiDkplflCsUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/U7DbhF1x3gp_yB_uvm-ZnLT56oc.roa
Signing time: Wed 01 Jan 2025 17:48:30 +0000
ROA not before: Wed 01 Jan 2025 17:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51588
IP address blocks: 194.56.92.0/22 maxlen: 22
194.56.92.0/23 maxlen: 23
194.56.92.0/24 maxlen: 24
194.56.94.0/23 maxlen: 23
194.56.94.0/24 maxlen: 24
194.56.95.0/24 maxlen: 24
2a06:3100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bc:2b:9d:89:65:9d:3c:d1:3e:03:07:97:47:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81c7962433c2fe0bf62b8c388392995f942b14c
Validity
Not Before: Jan 1 17:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53b0db845d71de0a7fc81feebe6f999cb4f9ea87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b9:f4:3a:20:5c:f0:d7:5f:0b:34:f8:d1:5a:
eb:58:91:03:9e:67:65:d2:76:16:e3:b8:6a:eb:b3:
df:3e:de:ba:6e:2f:60:b4:f4:e1:8b:75:cc:45:f4:
f4:1a:72:a9:de:4f:e1:bc:dd:24:8e:6f:e7:ca:47:
34:bc:da:e1:b8:89:d0:5e:a6:96:60:94:45:8c:83:
44:20:e4:81:7c:0f:be:e4:88:58:c8:a1:fd:63:0a:
d9:7e:22:d0:9e:14:7f:31:2d:7d:46:e6:74:04:fd:
c3:09:9a:82:1e:0c:bc:b3:35:46:e8:60:7f:e6:05:
37:13:ed:c7:81:d5:91:b0:0f:45:41:e8:b1:5d:db:
78:39:58:00:c8:88:f7:51:b2:b2:77:09:ec:9c:fb:
22:01:77:c7:2e:97:26:7d:8c:e7:fd:6e:65:23:3f:
df:49:66:bf:02:a6:9f:c7:61:f0:f3:40:de:4e:f5:
f1:0e:0e:cb:e3:bb:7e:f8:cc:68:09:be:63:cd:72:
ab:f3:f2:f0:44:fa:bd:12:af:c0:07:53:7f:46:b6:
67:e0:48:7d:6a:56:ab:5a:26:1d:86:47:46:9c:f5:
fe:75:e8:96:75:44:b8:52:76:f6:69:6d:a3:07:3d:
1c:45:fc:20:cb:17:1c:f8:9b:9b:d9:83:9d:10:b7:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B0:DB:84:5D:71:DE:0A:7F:C8:1F:EE:BE:6F:99:9C:B4:F9:EA:87
X509v3 Authority Key Identifier:
keyid:D8:1C:79:62:43:3C:2F:E0:BF:62:B8:C3:88:39:29:95:F9:42:B1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bx5YkM8L-C_YrjDiDkplflCsUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/U7DbhF1x3gp_yB_uvm-ZnLT56oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/2Bx5YkM8L-C_YrjDiDkplflCsUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.92.0/22
IPv6:
2a06:3100::/29
Signature Algorithm: sha256WithRSAEncryption
19:2d:63:f5:24:70:5b:b7:e2:98:af:e5:83:35:2c:bb:0d:0b:
99:02:94:0a:e9:64:c9:04:c3:88:21:a1:bb:10:da:80:d8:33:
93:bd:1f:b3:6b:1a:41:d1:bd:83:db:41:91:52:d1:93:fa:d3:
b4:fa:8e:7a:76:6f:13:d6:6f:9c:c1:cc:98:0f:be:b1:be:13:
2e:9f:7e:e6:69:87:1b:c9:95:12:b5:01:e3:46:28:c4:48:c5:
6b:7f:20:c5:4a:22:ea:85:a6:46:19:9f:53:93:91:20:61:75:
d0:3e:07:9c:0e:7a:be:0e:a5:40:d6:f9:aa:bf:9f:42:e5:28:
14:46:f8:ec:6e:58:99:68:c7:30:e9:b3:6c:49:7e:1b:6d:ed:
68:21:0b:c5:2f:f5:f7:bd:26:6c:ba:b8:cd:8f:2f:e4:50:ef:
23:1e:29:da:91:f8:bf:0d:47:a2:ba:3c:2e:bc:f0:8d:73:43:
4d:0a:26:ff:8e:de:79:e6:79:f5:cc:3f:74:40:54:40:a0:cb:
28:b4:1c:10:a3:bc:22:e0:7e:9e:d3:69:39:e2:93:4a:ba:dd:
d4:ac:e0:b0:2d:42:3e:94:46:ee:2b:71:fc:2d:83:28:e7:c4:
5a:46:5d:a0:76:d4:7a:2d:c7:82:d0:48:db:0c:4b:9d:0a:2d:
ef:3e:7f:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+7wrnYllnTzRPgMHl0ceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWM3OTYyNDMzYzJmZTBiZjYyYjhjMzg4MzkyOTk1Zjk0
MmIxNGMwHhcNMjUwMTAxMTc0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2IwZGI4NDVkNzFkZTBhN2ZjODFmZWViZTZmOTk5Y2I0ZjllYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrn0OiBc8NdfCzT40VrrWJEDnmdl
0nYW47hq67PfPt66bi9gtPThi3XMRfT0GnKp3k/hvN0kjm/nykc0vNrhuInQXqaW
YJRFjINEIOSBfA++5IhYyKH9YwrZfiLQnhR/MS19RuZ0BP3DCZqCHgy8szVG6GB/
5gU3E+3HgdWRsA9FQeixXdt4OVgAyIj3UbKydwnsnPsiAXfHLpcmfYzn/W5lIz/f
SWa/Aqafx2Hw80DeTvXxDg7L47t++MxoCb5jzXKr8/LwRPq9Eq/AB1N/RrZn4Eh9
alarWiYdhkdGnPX+deiWdUS4Unb2aW2jBz0cRfwgyxcc+Jub2YOdELfKNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFOw24Rdcd4Kf8gf7r5vmZy0+eqHMB8GA1UdIwQY
MBaAFNgceWJDPC/gv2K4w4g5KZX5QrFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ4NVlrTThMLUNfWXJqRGlEa3BsZmxDc1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84ZWE3MGMtZjVmNi00YjI3LTk0Y2Et
M2QzNDRjOWMyNmI2LzEvVTdEYmhGMXgzZ3BfeUJfdXZtLVpuTFQ1Nm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84ZWE3MGMtZjVmNi00YjI3LTk0Y2EtM2QzNDRjOWMyNmI2
LzEvMkJ4NVlrTThMLUNfWXJqRGlEa3BsZmxDc1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwjhcMA0E
AgACMAcDBQMqBjEAMA0GCSqGSIb3DQEBCwUAA4IBAQAZLWP1JHBbt+KYr+WDNSy7
DQuZApQK6WTJBMOIIaG7ENqA2DOTvR+zaxpB0b2D20GRUtGT+tO0+o56dm8T1m+c
wcyYD76xvhMun37maYcbyZUStQHjRijESMVrfyDFSiLqhaZGGZ9Tk5EgYXXQPgec
Dnq+DqVA1vmqv59C5SgURvjsbliZaMcw6bNsSX4bbe1oIQvFL/X3vSZsurjNjy/k
UO8jHinakfi/DUeiujwuvPCNc0NNCib/jt555nn1zD90QFRAoMsotBwQo7wi4H6e
02k54pNKut3UrOCwLUI+lEbuK3H8LYMo58RaRl2gdtR6LceC0EjbDEudCi3vPn9p
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net