Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/A-AGhnJX9Bou2rtGJEVxpp70P0k.roa
File: A-AGhnJX9Bou2rtGJEVxpp70P0k.roa (raw, json)
Hash identifier: 8oKZWa78oAwwYr/+i37u8p1ocYsZreiBnXNl6eWkZHg=
Subject key identifier: 03:E0:06:86:72:57:F4:1A:2E:DA:BB:46:24:45:71:A6:9E:F4:3F:49
Certificate issuer: /CN=11f2e35b3c559b6d843667cad5dac674e01b96c3
Certificate serial: 0194228DD42C45071688095B22B095693CE0
Authority key identifier: 11:F2:E3:5B:3C:55:9B:6D:84:36:67:CA:D5:DA:C6:74:E0:1B:96:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EfLjWzxVm22ENmfK1drGdOAblsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/A-AGhnJX9Bou2rtGJEVxpp70P0k.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209438
IP address blocks: 62.68.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d4:2c:45:07:16:88:09:5b:22:b0:95:69:3c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11f2e35b3c559b6d843667cad5dac674e01b96c3
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03e006867257f41a2edabb46244571a69ef43f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4b:ad:60:4e:57:41:49:e5:23:e3:37:15:5d:
6d:97:bd:e3:9e:a4:d4:c7:06:92:b7:85:80:1b:07:
cd:ce:9d:f4:c5:84:92:ab:e8:ad:41:aa:e2:44:18:
6f:64:41:64:39:2d:df:45:93:41:ec:d5:cb:55:ad:
1b:d0:72:bf:7a:2b:a9:b0:c4:a1:65:9f:9d:69:d7:
d7:61:25:c8:29:57:af:af:8f:a2:df:29:a9:60:68:
2a:31:9d:a2:dd:6b:57:1b:3f:9e:fe:89:0b:ce:04:
9a:59:a4:11:c3:cb:40:62:70:ae:33:79:92:f6:77:
26:ae:6e:9e:59:62:f5:fb:0f:f5:34:2f:ae:0c:fc:
df:5a:4a:8a:56:fa:3b:ee:b8:44:f4:5d:cc:08:84:
cd:7d:cc:d8:ae:c3:7b:3e:cd:54:78:2c:64:a7:e9:
57:c7:f0:14:4d:70:3c:90:fe:e9:4a:d1:8c:f7:1a:
0b:d6:10:ae:7e:0e:8a:56:5d:ba:2c:bc:57:4a:ff:
53:b2:8c:79:23:3c:d6:b6:40:89:d9:b3:ac:5e:19:
e9:5f:59:b5:c3:de:b5:80:75:a1:65:01:75:9d:93:
75:92:81:87:c1:37:ac:1d:21:4e:dd:ce:10:95:b5:
bb:d6:44:04:ae:9d:26:e0:35:1a:36:c5:c5:44:7d:
22:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E0:06:86:72:57:F4:1A:2E:DA:BB:46:24:45:71:A6:9E:F4:3F:49
X509v3 Authority Key Identifier:
keyid:11:F2:E3:5B:3C:55:9B:6D:84:36:67:CA:D5:DA:C6:74:E0:1B:96:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EfLjWzxVm22ENmfK1drGdOAblsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/A-AGhnJX9Bou2rtGJEVxpp70P0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/EfLjWzxVm22ENmfK1drGdOAblsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.88.0/24
Signature Algorithm: sha256WithRSAEncryption
74:54:60:74:3c:97:66:77:1d:0f:e7:c2:13:4d:c7:79:0d:d7:
92:d1:20:e8:c9:bc:b2:04:9e:46:e7:6d:cc:0e:21:a5:8e:74:
6b:d6:e3:57:35:4d:dc:30:6f:dd:32:50:c7:ca:45:60:4c:98:
ea:d6:1f:cb:c2:4a:05:be:25:74:96:5f:05:f3:2d:0f:05:08:
0d:c7:b6:04:76:cb:90:00:89:70:e1:4b:87:68:2d:7c:ab:fb:
60:63:dc:96:4e:9e:51:12:06:8d:ea:dc:d1:30:bc:15:f0:9c:
5f:5e:c3:a5:8f:6f:dd:ad:01:74:3d:0a:eb:6c:04:05:76:4d:
70:d8:83:12:90:65:e3:9e:67:f3:30:60:d6:f0:d4:97:b8:35:
42:1e:57:08:28:4b:ac:78:bf:86:b5:c4:13:d4:65:21:c3:01:
c7:59:93:dc:c0:17:5d:23:c8:cd:55:c3:ca:b5:a0:85:ce:10:
90:d9:85:b9:ad:55:bf:4a:62:de:19:06:30:76:6b:ca:ea:60:
6f:31:db:04:a6:5d:64:8c:2d:c1:0e:89:6f:61:62:04:cb:c6:
55:2b:a7:7d:2f:bf:e9:8f:75:21:21:be:26:08:ad:4d:35:88:
e8:05:32:8d:da:7e:c2:4d:5b:ea:07:66:a2:a1:68:87:22:a7:
22:a1:66:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdQsRQcWiAlbIrCVaTzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZjJlMzViM2M1NTliNmQ4NDM2NjdjYWQ1ZGFjNjc0ZTAx
Yjk2YzMwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2UwMDY4NjcyNTdmNDFhMmVkYWJiNDYyNDQ1NzFhNjllZjQzZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EutYE5XQUnlI+M3FV1tl73jnqTU
xwaSt4WAGwfNzp30xYSSq+itQariRBhvZEFkOS3fRZNB7NXLVa0b0HK/eiupsMSh
ZZ+dadfXYSXIKVevr4+i3ympYGgqMZ2i3WtXGz+e/okLzgSaWaQRw8tAYnCuM3mS
9ncmrm6eWWL1+w/1NC+uDPzfWkqKVvo77rhE9F3MCITNfczYrsN7Ps1UeCxkp+lX
x/AUTXA8kP7pStGM9xoL1hCufg6KVl26LLxXSv9Tsox5IzzWtkCJ2bOsXhnpX1m1
w961gHWhZQF1nZN1koGHwTesHSFO3c4QlbW71kQErp0m4DUaNsXFRH0iWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPgBoZyV/QaLtq7RiRFcaae9D9JMB8GA1UdIwQY
MBaAFBHy41s8VZtthDZnytXaxnTgG5bDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWZMald6eFZtMjJFTm1mSzFkckdkT0FibHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85OWQ2OGUtMjdjMy00YjJkLTk1ZjUt
MjUwYTllNjcwOGQwLzEvQS1BR2huSlg5Qm91MnJ0R0pFVnhwcDcwUDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi85OWQ2OGUtMjdjMy00YjJkLTk1ZjUtMjUwYTllNjcwOGQw
LzEvRWZMald6eFZtMjJFTm1mSzFkckdkT0FibHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRYMA0G
CSqGSIb3DQEBCwUAA4IBAQB0VGB0PJdmdx0P58ITTcd5DdeS0SDoybyyBJ5G523M
DiGljnRr1uNXNU3cMG/dMlDHykVgTJjq1h/LwkoFviV0ll8F8y0PBQgNx7YEdsuQ
AIlw4UuHaC18q/tgY9yWTp5REgaN6tzRMLwV8JxfXsOlj2/drQF0PQrrbAQFdk1w
2IMSkGXjnmfzMGDW8NSXuDVCHlcIKEuseL+GtcQT1GUhwwHHWZPcwBddI8jNVcPK
taCFzhCQ2YW5rVW/SmLeGQYwdmvK6mBvMdsEpl1kjC3BDolvYWIEy8ZVK6d9L7/p
j3UhIb4mCK1NNYjoBTKN2n7CTVvqB2aioWiHIqcioWaO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net