Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/skrjh8vU8jaJCC6pww50--Gwi_E.roa
File: skrjh8vU8jaJCC6pww50--Gwi_E.roa (raw, json)
Hash identifier: IBLvSAtT1vJYWWr7WSZngELwsQVmN4u8iMon5vqo4Fs=
Subject key identifier: B2:4A:E3:87:CB:D4:F2:36:89:08:2E:A9:C3:0E:74:FB:E1:B0:8B:F1
Certificate issuer: /CN=ef8455d40c2e3dbcb24446fcc97a09ed4badedc3
Certificate serial: 0194892BA54F682CE9BF78F32E91EA35A7A0
Authority key identifier: EF:84:55:D4:0C:2E:3D:BC:B2:44:46:FC:C9:7A:09:ED:4B:AD:ED:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/skrjh8vU8jaJCC6pww50--Gwi_E.roa
Signing time: Tue 21 Jan 2025 14:02:06 +0000
ROA not before: Tue 21 Jan 2025 14:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198050
IP address blocks: 64.190.43.0/24 maxlen: 24
91.231.70.0/23 maxlen: 23
91.231.80.0/22 maxlen: 22
176.97.24.0/21 maxlen: 21
2a0f:1700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:2b:a5:4f:68:2c:e9:bf:78:f3:2e:91:ea:35:a7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8455d40c2e3dbcb24446fcc97a09ed4badedc3
Validity
Not Before: Jan 21 14:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b24ae387cbd4f23689082ea9c30e74fbe1b08bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:a3:44:d0:fa:ef:4a:46:34:6e:6d:52:da:
37:00:0a:a7:4b:19:1a:91:e5:b6:cc:92:3b:74:73:
5a:37:79:d4:ea:26:d9:5d:dd:b5:42:90:0b:d6:f8:
88:76:d2:96:49:69:7a:32:6f:90:1f:db:6c:ab:9a:
8b:0b:6a:d2:66:6f:a1:5e:7d:b6:7f:1c:ff:c3:71:
1f:48:f6:9d:1a:68:2f:50:02:b4:20:c4:f2:9b:de:
f8:4d:7e:7e:2d:47:ab:5f:7d:7e:52:b9:85:84:e0:
57:12:7d:7f:17:e3:16:e2:c3:62:6f:f7:ed:4b:1b:
dc:a7:1e:84:78:ef:be:26:b5:ce:73:d5:1e:f5:39:
bf:e3:9e:3d:38:50:da:75:5b:cd:20:b7:71:7a:af:
d8:1e:04:01:49:73:6a:71:85:48:ef:d1:bc:4e:36:
36:e3:a9:2b:e5:b4:bb:5c:df:cd:2c:da:ca:42:81:
6e:1f:0e:fc:b0:03:fb:cd:22:5f:ca:66:0e:d2:9f:
02:98:34:12:21:22:55:6a:95:df:eb:73:5f:02:1d:
94:61:ea:37:84:1d:c0:7e:41:71:86:85:70:ec:c5:
ff:2f:81:4e:28:9a:d5:d6:5b:ab:27:4f:0e:1a:8b:
8d:26:64:cc:21:12:b2:eb:fb:46:cf:ac:b9:c5:c3:
2a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:4A:E3:87:CB:D4:F2:36:89:08:2E:A9:C3:0E:74:FB:E1:B0:8B:F1
X509v3 Authority Key Identifier:
keyid:EF:84:55:D4:0C:2E:3D:BC:B2:44:46:FC:C9:7A:09:ED:4B:AD:ED:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/skrjh8vU8jaJCC6pww50--Gwi_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/74RV1AwuPbyyREb8yXoJ7Uut7cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.43.0/24
91.231.70.0/23
91.231.80.0/22
176.97.24.0/21
IPv6:
2a0f:1700::/29
Signature Algorithm: sha256WithRSAEncryption
19:2b:56:d5:8f:5e:ca:b2:42:89:94:69:c5:f1:7d:4d:26:bf:
46:d6:a6:57:9d:5c:0f:57:32:4d:4d:78:6c:2a:66:23:25:69:
c0:b3:c5:11:e0:c6:0b:0f:f3:57:3b:3d:17:7f:84:61:58:66:
8e:91:2f:3d:66:36:62:3f:af:d5:ad:05:e0:1b:81:8c:76:b7:
45:c0:d0:95:c4:37:b1:8b:e5:10:9b:fd:0d:cb:ad:91:cb:cf:
30:76:c2:03:16:04:93:5d:22:7f:b7:cf:6f:b1:a7:76:9c:c8:
49:46:d4:80:71:8c:48:e5:3d:da:bc:d7:78:c7:33:94:73:45:
c0:3d:b2:0e:42:ec:89:aa:41:60:5a:dc:5e:64:04:f2:06:5f:
68:af:e7:85:f0:fa:e2:e9:23:e0:80:96:b8:ec:d2:39:45:46:
a9:85:f1:77:37:c3:9b:08:77:b3:97:f9:7c:71:d3:8c:1f:cc:
41:5e:47:3c:24:06:b9:7b:97:ab:5b:a8:37:2e:0b:b5:f3:9f:
d7:81:da:92:d4:03:50:5e:93:c4:bd:4a:ab:19:cd:5f:dd:ba:
49:a5:8a:fd:96:49:1f:b0:7a:81:bf:1a:48:81:90:6f:d6:44:
1d:7b:0c:c9:d6:be:f2:b8:af:22:99:29:e2:9a:da:4e:c6:c2:
2a:03:92:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZSJK6VPaCzpv3jzLpHqNaegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODQ1NWQ0MGMyZTNkYmNiMjQ0NDZmY2M5N2EwOWVkNGJh
ZGVkYzMwHhcNMjUwMTIxMTQwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjRhZTM4N2NiZDRmMjM2ODkwODJlYTljMzBlNzRmYmUxYjA4YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxijRND670pGNG5tUto3AAqnSxka
keW2zJI7dHNaN3nU6ibZXd21QpAL1viIdtKWSWl6Mm+QH9tsq5qLC2rSZm+hXn22
fxz/w3EfSPadGmgvUAK0IMTym974TX5+LUerX31+UrmFhOBXEn1/F+MW4sNib/ft
Sxvcpx6EeO++JrXOc9Ue9Tm/4549OFDadVvNILdxeq/YHgQBSXNqcYVI79G8TjY2
46kr5bS7XN/NLNrKQoFuHw78sAP7zSJfymYO0p8CmDQSISJVapXf63NfAh2UYeo3
hB3AfkFxhoVw7MX/L4FOKJrV1lurJ08OGouNJmTMIRKy6/tGz6y5xcMq0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLJK44fL1PI2iQguqcMOdPvhsIvxMB8GA1UdIwQY
MBaAFO+EVdQMLj28skRG/Ml6Ce1Lre3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRSVjFBd3VQYnl5UkViOHlYb0o3VXV0N2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZTQ4OGYtMTgwZC00YzhhLWE0NTIt
NGM3NGJiNTljNTk0LzEvc2tyamg4dlU4amFKQ0M2cHd3NTAtLUd3aV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZTQ4OGYtMTgwZC00YzhhLWE0NTItNGM3NGJiNTljNTk0
LzEvNzRSVjFBd3VQYnl5UkViOHlYb0o3VXV0N2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAQL4rAwQB
W+dGAwQCW+dQAwQDsGEYMA0EAgACMAcDBQMqDxcAMA0GCSqGSIb3DQEBCwUAA4IB
AQAZK1bVj17KskKJlGnF8X1NJr9G1qZXnVwPVzJNTXhsKmYjJWnAs8UR4MYLD/NX
Oz0Xf4RhWGaOkS89ZjZiP6/VrQXgG4GMdrdFwNCVxDexi+UQm/0Ny62Ry88wdsID
FgSTXSJ/t89vsad2nMhJRtSAcYxI5T3avNd4xzOUc0XAPbIOQuyJqkFgWtxeZATy
Bl9or+eF8Pri6SPggJa47NI5RUaphfF3N8ObCHezl/l8cdOMH8xBXkc8JAa5e5er
W6g3Lgu185/XgdqS1ANQXpPEvUqrGc1f3bpJpYr9lkkfsHqBvxpIgZBv1kQdewzJ
1r7yuK8imSnimtpOxsIqA5Ll
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:10 2025 by rpki-client on console.sobornost.net