Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8npCOUEyo8GY673Eh8o8PHNm9MY.roa
File: 8npCOUEyo8GY673Eh8o8PHNm9MY.roa (raw, json)
Hash identifier: 9FmElduT1ruDbGPf7xJGF+hyNP1d+K77nTqDUrtpBr4=
Subject key identifier: F2:7A:42:39:41:32:A3:C1:98:EB:BD:C4:87:CA:3C:3C:73:66:F4:C6
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 01942748157A56E61779BAD864051B92CE9E
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8npCOUEyo8GY673Eh8o8PHNm9MY.roa
Signing time: Thu 02 Jan 2025 13:50:22 +0000
ROA not before: Thu 02 Jan 2025 13:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58181
IP address blocks: 109.202.105.0/24 maxlen: 24
213.152.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:15:7a:56:e6:17:79:ba:d8:64:05:1b:92:ce:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Jan 2 13:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27a42394132a3c198ebbdc487ca3c3c7366f4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:39:42:b4:4d:8c:4b:67:b1:6f:1d:a6:97:ab:
97:92:11:dc:b9:76:09:ac:d7:8e:f5:52:92:99:3f:
ca:0c:3b:de:c9:a6:28:80:51:44:60:a9:d7:bd:58:
60:12:c3:39:9f:85:4e:d3:79:f3:af:bd:6e:b5:ab:
16:f8:98:c5:7e:6b:e4:25:00:e2:c5:34:e6:66:e7:
07:15:37:ec:11:e3:cd:ba:b1:27:be:74:75:61:e8:
7a:dd:90:18:31:7b:48:6c:7b:4d:03:35:67:4f:e3:
9f:9a:0f:27:64:85:98:a8:3d:a7:14:2e:bc:d2:de:
64:55:f8:cf:ec:b9:dc:f7:89:7d:6f:8f:66:2f:e9:
a2:91:f7:a9:7c:a9:1c:2f:df:4c:81:2b:98:94:0c:
07:c2:af:88:8a:9b:53:1a:d6:6f:ab:44:d5:e1:5d:
8a:4c:9a:0d:10:c3:d7:39:d2:61:b0:c7:9d:35:00:
38:a7:85:9f:cb:17:12:17:14:21:65:4d:1d:73:ea:
15:c3:40:43:56:d4:85:46:b0:9d:73:25:1f:7b:55:
0b:b1:e9:85:68:ce:ee:5a:75:b8:f1:c3:21:92:10:
6a:1d:e2:cd:5a:47:a5:7b:a1:08:cb:40:6f:13:d4:
7f:8d:cb:38:22:ef:7c:37:d1:6f:df:8b:45:ff:01:
69:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7A:42:39:41:32:A3:C1:98:EB:BD:C4:87:CA:3C:3C:73:66:F4:C6
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8npCOUEyo8GY673Eh8o8PHNm9MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.105.0/24
213.152.175.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5e:15:b6:92:9c:53:f2:47:ac:c4:fa:03:9e:2c:f3:a0:91:
0f:93:b6:53:87:bc:fa:07:17:54:e4:3e:33:62:9c:0b:94:fe:
21:19:57:57:7b:12:73:91:16:90:9f:16:15:1b:5a:73:f3:72:
7c:fb:19:f2:ce:ba:2c:67:9b:c6:d7:99:24:57:28:ac:29:49:
28:03:df:23:a5:95:3e:8f:c3:6a:7c:1b:4d:85:07:cd:5c:1f:
21:05:cf:d4:15:2f:d7:16:6f:f4:d5:b8:53:1c:0a:9d:35:cc:
86:71:15:37:35:56:be:00:27:0a:95:62:af:53:b5:18:af:9a:
9c:40:f0:39:84:95:37:1f:4b:30:20:66:97:4f:ab:1a:ba:79:
5f:da:6b:36:4f:32:4d:8c:36:15:76:8f:81:15:98:42:4f:f8:
65:20:93:39:7f:eb:e1:bf:16:8d:0b:97:4e:2a:8f:c2:c1:46:
58:a3:6c:32:73:84:3b:43:6c:9f:6a:7f:52:82:e1:f0:02:86:
7e:20:8f:b0:d7:81:c0:30:76:c4:44:1f:08:ce:4b:95:e3:78:
60:81:95:ef:27:70:f2:e2:14:00:07:5d:ce:da:88:9d:89:3b:
dd:ca:02:f2:0a:40:54:9f:78:e9:84:b0:ac:b5:8f:c0:c3:77:
95:dd:86:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSBV6VuYXebrYZAUbks6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjUwMTAyMTM1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdhNDIzOTQxMzJhM2MxOThlYmJkYzQ4N2NhM2MzYzczNjZmNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjlCtE2MS2exbx2ml6uXkhHcuXYJ
rNeO9VKSmT/KDDveyaYogFFEYKnXvVhgEsM5n4VO03nzr71utasW+JjFfmvkJQDi
xTTmZucHFTfsEePNurEnvnR1Yeh63ZAYMXtIbHtNAzVnT+Ofmg8nZIWYqD2nFC68
0t5kVfjP7Lnc94l9b49mL+mikfepfKkcL99MgSuYlAwHwq+IiptTGtZvq0TV4V2K
TJoNEMPXOdJhsMedNQA4p4WfyxcSFxQhZU0dc+oVw0BDVtSFRrCdcyUfe1ULsemF
aM7uWnW48cMhkhBqHeLNWkele6EIy0BvE9R/jcs4Iu98N9Fv34tF/wFpoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJ6QjlBMqPBmOu9xIfKPDxzZvTGMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvOG5wQ09VRXlvOEdZNjczRWg4bzhQSE5tOU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbcppAwQA
1ZivMA0GCSqGSIb3DQEBCwUAA4IBAQBUXhW2kpxT8kesxPoDnizzoJEPk7ZTh7z6
BxdU5D4zYpwLlP4hGVdXexJzkRaQnxYVG1pz83J8+xnyzrosZ5vG15kkVyisKUko
A98jpZU+j8NqfBtNhQfNXB8hBc/UFS/XFm/01bhTHAqdNcyGcRU3NVa+ACcKlWKv
U7UYr5qcQPA5hJU3H0swIGaXT6saunlf2ms2TzJNjDYVdo+BFZhCT/hlIJM5f+vh
vxaNC5dOKo/CwUZYo2wyc4Q7Q2yfan9SguHwAoZ+II+w14HAMHbERB8IzkuV43hg
gZXvJ3Dy4hQAB13O2oidiTvdygLyCkBUn3jphLCstY/Aw3eV3Yay
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:40 2025 by rpki-client on console.sobornost.net