Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4630fd-a0ca-48a0-bcab-90a8c6e785c9/1/D_Ap7aX55j2mvnDRbvve0G_OwsM.roa
File: D_Ap7aX55j2mvnDRbvve0G_OwsM.roa (raw, json)
Hash identifier: rFKERfrglcdmlPd1vXc+xLBg8nNvQQZtBdRb9+OODlU=
Subject key identifier: 0F:F0:29:ED:A5:F9:E6:3D:A6:BE:70:D1:6E:FB:DE:D0:6F:CE:C2:C3
Certificate issuer: /CN=ace49763d2fdb90986469403066cb5e6a7825f0c
Certificate serial: 0194FE812041F7AFEDFED8131AF33F4F1A25
Authority key identifier: AC:E4:97:63:D2:FD:B9:09:86:46:94:03:06:6C:B5:E6:A7:82:5F:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rOSXY9L9uQmGRpQDBmy15qeCXww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/4630fd-a0ca-48a0-bcab-90a8c6e785c9/1/D_Ap7aX55j2mvnDRbvve0G_OwsM.roa
Signing time: Thu 13 Feb 2025 08:51:02 +0000
ROA not before: Thu 13 Feb 2025 08:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25521
IP address blocks: 193.0.220.0/23 maxlen: 23
195.20.100.0/24 maxlen: 24
2a13:8f40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:81:20:41:f7:af:ed:fe:d8:13:1a:f3:3f:4f:1a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ace49763d2fdb90986469403066cb5e6a7825f0c
Validity
Not Before: Feb 13 08:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ff029eda5f9e63da6be70d16efbded06fcec2c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0f:89:2e:f0:bd:17:a1:25:ac:2b:cc:dd:c7:
1b:cf:06:ae:20:6b:a1:2e:24:ae:90:98:1a:e1:c6:
b4:78:76:e6:c0:15:80:3c:99:87:1a:e7:bd:75:43:
b9:12:54:49:41:12:1c:cc:08:15:a3:22:54:39:a7:
af:bc:c4:00:2e:e3:96:02:65:43:f1:ca:22:56:2f:
8a:3b:9f:21:7f:e4:5f:50:74:d2:91:40:14:1a:5f:
4c:76:ed:75:9c:5b:dd:9c:e4:48:dc:c0:4b:7e:b2:
a1:40:ae:68:3d:0f:b1:30:25:3f:78:3c:cf:5d:55:
f1:f3:2c:8f:01:19:8f:6a:c2:93:d5:37:1f:12:80:
d1:7c:fe:a8:0b:9b:10:74:6c:8c:54:3f:e3:b6:a8:
eb:62:58:d4:f3:9d:68:91:8d:3e:e8:5e:4d:87:6d:
20:ef:73:02:7f:10:89:47:aa:97:40:d1:3f:43:20:
75:ad:07:53:a5:37:4f:fe:a1:de:19:9b:c6:d5:57:
fc:45:1e:01:e6:5e:12:de:df:9e:f8:69:32:e2:ed:
9a:08:08:20:79:59:18:90:a2:a0:30:d7:de:37:4c:
7c:60:74:38:2f:c0:d2:a8:60:d2:c5:3c:be:30:61:
2d:74:65:64:fa:fc:3d:8a:ae:22:4d:f8:64:bf:ef:
1c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F0:29:ED:A5:F9:E6:3D:A6:BE:70:D1:6E:FB:DE:D0:6F:CE:C2:C3
X509v3 Authority Key Identifier:
keyid:AC:E4:97:63:D2:FD:B9:09:86:46:94:03:06:6C:B5:E6:A7:82:5F:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rOSXY9L9uQmGRpQDBmy15qeCXww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4630fd-a0ca-48a0-bcab-90a8c6e785c9/1/D_Ap7aX55j2mvnDRbvve0G_OwsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4630fd-a0ca-48a0-bcab-90a8c6e785c9/1/rOSXY9L9uQmGRpQDBmy15qeCXww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.220.0/23
195.20.100.0/24
IPv6:
2a13:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
cc:f3:7d:a4:b9:cc:1c:79:04:57:43:98:58:e7:5e:79:40:f3:
4c:7f:7c:87:ec:4a:f1:44:bd:aa:bf:27:95:a5:48:03:52:f1:
3d:59:85:24:b4:47:89:da:64:98:1e:ef:e1:ff:4f:ff:13:8a:
15:1f:a6:23:70:e9:5b:5f:53:d5:bf:31:cd:21:84:18:36:1f:
7e:46:2b:07:4f:5b:3c:ae:20:a3:b8:df:bf:f9:ed:2e:fa:12:
7a:b2:70:fa:a6:36:d0:ff:c1:f3:6c:cb:f8:fb:a7:b5:95:78:
b8:0f:e1:dd:8c:b9:4b:49:31:33:90:1c:7f:c2:3b:78:9f:1d:
b4:49:12:82:8d:21:1d:20:a5:54:18:df:c9:70:b9:22:d0:6d:
2d:18:72:b7:e5:a3:e5:5d:45:c2:ff:ba:d3:ba:a8:b3:c7:a0:
ac:29:11:19:9e:04:7d:f4:02:c4:b6:b0:cd:54:f3:92:6d:f4:
80:fc:f0:dc:9f:c8:43:76:9b:df:12:22:96:e9:44:8d:4d:08:
f9:f2:45:4b:57:a6:db:ca:3b:40:60:b9:30:de:9c:b7:e5:03:
af:e3:af:67:3c:79:54:6f:4d:e9:f1:fe:74:d5:9f:14:0a:f6:
19:27:f9:7e:aa:90:03:01:f7:20:af:8c:fe:12:ff:97:61:64:
e7:26:1d:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZT+gSBB96/t/tgTGvM/TxolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZTQ5NzYzZDJmZGI5MDk4NjQ2OTQwMzA2NmNiNWU2YTc4
MjVmMGMwHhcNMjUwMjEzMDg1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmYwMjllZGE1ZjllNjNkYTZiZTcwZDE2ZWZiZGVkMDZmY2VjMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g+JLvC9F6ElrCvM3ccbzwauIGuh
LiSukJga4ca0eHbmwBWAPJmHGue9dUO5ElRJQRIczAgVoyJUOaevvMQALuOWAmVD
8coiVi+KO58hf+RfUHTSkUAUGl9Mdu11nFvdnORI3MBLfrKhQK5oPQ+xMCU/eDzP
XVXx8yyPARmPasKT1TcfEoDRfP6oC5sQdGyMVD/jtqjrYljU851okY0+6F5Nh20g
73MCfxCJR6qXQNE/QyB1rQdTpTdP/qHeGZvG1Vf8RR4B5l4S3t+e+Gky4u2aCAgg
eVkYkKKgMNfeN0x8YHQ4L8DSqGDSxTy+MGEtdGVk+vw9iq4iTfhkv+8c1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA/wKe2l+eY9pr5w0W773tBvzsLDMB8GA1UdIwQY
MBaAFKzkl2PS/bkJhkaUAwZsteangl8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck9TWFk5TDl1UW1HUnBRREJteTE1cWVDWHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80NjMwZmQtYTBjYS00OGEwLWJjYWIt
OTBhOGM2ZTc4NWM5LzEvRF9BcDdhWDU1ajJtdm5EUmJ2dmUwR19Pd3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80NjMwZmQtYTBjYS00OGEwLWJjYWItOTBhOGM2ZTc4NWM5
LzEvck9TWFk5TDl1UW1HUnBRREJteTE1cWVDWHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwQDcAwQA
wxRkMA0EAgACMAcDBQMqE49AMA0GCSqGSIb3DQEBCwUAA4IBAQDM832kucwceQRX
Q5hY5155QPNMf3yH7ErxRL2qvyeVpUgDUvE9WYUktEeJ2mSYHu/h/0//E4oVH6Yj
cOlbX1PVvzHNIYQYNh9+RisHT1s8riCjuN+/+e0u+hJ6snD6pjbQ/8HzbMv4+6e1
lXi4D+HdjLlLSTEzkBx/wjt4nx20SRKCjSEdIKVUGN/JcLki0G0tGHK35aPlXUXC
/7rTuqizx6CsKREZngR99ALEtrDNVPOSbfSA/PDcn8hDdpvfEiKW6USNTQj58kVL
V6bbyjtAYLkw3py35QOv469nPHlUb03p8f501Z8UCvYZJ/l+qpADAfcgr4z+Ev+X
YWTnJh3C
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:10 2025 by rpki-client on console.sobornost.net