Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/7b2f20-49ad-4712-9c3e-b1d4f8a86d09/1/evKF7Ghixw06TsX8m9WS1kttuTQ.roa
File: evKF7Ghixw06TsX8m9WS1kttuTQ.roa (raw, json)
Hash identifier: C0t0ubGvyf/fMEfN+yYg9iML6okU33nNE7cYDrXAdGg=
Subject key identifier: 7A:F2:85:EC:68:62:C7:0D:3A:4E:C5:FC:9B:D5:92:D6:4B:6D:B9:34
Certificate issuer: /CN=bdfc8ddfb841879f0e530dce3b7f85827f0c193f
Certificate serial: 019425218D19628AA555730509377ECBF576
Authority key identifier: BD:FC:8D:DF:B8:41:87:9F:0E:53:0D:CE:3B:7F:85:82:7F:0C:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfyN37hBh58OUw3OO3-Fgn8MGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/7b2f20-49ad-4712-9c3e-b1d4f8a86d09/1/evKF7Ghixw06TsX8m9WS1kttuTQ.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29410
IP address blocks: 192.118.0.0/24 maxlen: 24
192.118.1.0/24 maxlen: 24
192.118.2.0/24 maxlen: 24
192.118.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8d:19:62:8a:a5:55:73:05:09:37:7e:cb:f5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfc8ddfb841879f0e530dce3b7f85827f0c193f
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7af285ec6862c70d3a4ec5fc9bd592d64b6db934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:de:59:bb:13:fe:29:83:f7:4f:4a:35:78:86:
f8:b3:5e:f4:ad:80:9b:ae:23:51:d7:ca:8d:0f:f3:
3a:53:bf:22:eb:5e:f8:7d:d5:2f:df:85:5b:1b:bc:
c2:89:6b:61:70:9b:2e:4e:e7:b0:d8:d9:6e:84:cc:
c7:fd:cc:7a:f7:37:97:00:78:f8:1d:03:21:35:5d:
9c:46:07:95:24:61:77:06:53:5e:ca:f5:c2:a9:93:
77:2e:49:f0:20:6e:62:b2:3d:f7:38:e7:89:ff:49:
58:e2:24:e4:94:a1:49:4f:0a:7b:95:80:da:de:f7:
95:f4:c4:c3:7f:ca:69:9c:7a:40:ea:bf:ad:70:4d:
8e:ac:59:fe:d7:36:d0:5e:89:da:1e:24:7b:6b:da:
a4:6f:1b:f2:e7:4f:1d:69:7b:9f:53:d3:be:2b:54:
64:95:a3:6c:c6:60:9a:a7:93:07:6c:8a:f2:48:f8:
4a:e3:af:5c:95:b8:a4:ff:04:bb:a2:a3:3e:86:aa:
c0:3b:71:fd:6f:75:29:82:af:f4:fc:3b:90:9e:4b:
dc:ab:2b:9b:66:d7:cf:14:a0:aa:9c:a8:94:c9:f3:
c7:5b:31:36:78:be:a5:9b:4e:95:65:1d:45:4b:56:
f4:b1:4a:70:40:41:7c:32:8c:d3:a6:b4:5a:9e:d9:
c3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F2:85:EC:68:62:C7:0D:3A:4E:C5:FC:9B:D5:92:D6:4B:6D:B9:34
X509v3 Authority Key Identifier:
keyid:BD:FC:8D:DF:B8:41:87:9F:0E:53:0D:CE:3B:7F:85:82:7F:0C:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfyN37hBh58OUw3OO3-Fgn8MGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/7b2f20-49ad-4712-9c3e-b1d4f8a86d09/1/evKF7Ghixw06TsX8m9WS1kttuTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/7b2f20-49ad-4712-9c3e-b1d4f8a86d09/1/vfyN37hBh58OUw3OO3-Fgn8MGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.118.0.0/22
Signature Algorithm: sha256WithRSAEncryption
90:d8:14:27:84:63:26:ec:32:fd:3a:a0:c0:f4:33:af:c3:1a:
64:31:fd:4c:89:f0:d6:6f:a2:9a:14:95:89:85:e9:9a:19:8b:
9c:f4:15:1c:cc:bf:90:ea:48:bc:80:b2:a2:54:8e:ba:ca:1b:
2c:00:2b:0c:37:94:65:93:4f:b4:c8:5c:3d:28:b9:95:1c:33:
3b:56:dc:75:da:d1:00:6e:cb:6e:db:53:8c:2f:8f:3d:2d:70:
b7:b6:37:82:60:f4:a7:2a:37:38:93:fa:e3:17:7d:7f:0c:d9:
6a:9d:9b:77:38:2f:17:3a:7a:72:32:c2:2b:1e:df:ea:5e:f2:
1a:8b:5a:ed:01:c1:58:77:a2:d4:33:1e:e8:42:86:0b:d1:ba:
f5:2a:6d:4c:ff:5f:b5:56:54:96:ac:2f:fa:de:cf:15:50:87:
9d:cb:36:23:7d:77:2c:09:5f:33:10:a4:b6:b2:e0:38:c4:8a:
57:84:40:8f:f4:46:c0:b9:8f:47:e6:6a:02:a3:90:8a:94:4c:
4d:48:d6:5d:b3:be:e4:ba:9e:60:57:2f:79:69:58:47:77:b2:
33:98:bc:8a:97:28:bd:94:ce:cc:7c:9b:57:96:c8:ae:b4:09:
b8:2e:58:87:33:fd:4e:c4:5f:b2:0d:57:fa:a5:70:92:fe:dc:
bf:8e:96:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIY0ZYoqlVXMFCTd+y/V2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmM4ZGRmYjg0MTg3OWYwZTUzMGRjZTNiN2Y4NTgyN2Yw
YzE5M2YwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWYyODVlYzY4NjJjNzBkM2E0ZWM1ZmM5YmQ1OTJkNjRiNmRiOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd5ZuxP+KYP3T0o1eIb4s170rYCb
riNR18qND/M6U78i6174fdUv34VbG7zCiWthcJsuTuew2NluhMzH/cx69zeXAHj4
HQMhNV2cRgeVJGF3BlNeyvXCqZN3LknwIG5isj33OOeJ/0lY4iTklKFJTwp7lYDa
3veV9MTDf8ppnHpA6r+tcE2OrFn+1zbQXonaHiR7a9qkbxvy508daXufU9O+K1Rk
laNsxmCap5MHbIrySPhK469clbik/wS7oqM+hqrAO3H9b3Upgq/0/DuQnkvcqyub
ZtfPFKCqnKiUyfPHWzE2eL6lm06VZR1FS1b0sUpwQEF8MozTprRantnDAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHryhexoYscNOk7F/JvVktZLbbk0MB8GA1UdIwQY
MBaAFL38jd+4QYefDlMNzjt/hYJ/DBk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZ5TjM3aEJoNThPVXczT08zLUZnbjhNR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83YjJmMjAtNDlhZC00NzEyLTljM2Ut
YjFkNGY4YTg2ZDA5LzEvZXZLRjdHaGl4dzA2VHNYOG05V1Mxa3R0dVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83YjJmMjAtNDlhZC00NzEyLTljM2UtYjFkNGY4YTg2ZDA5
LzEvdmZ5TjM3aEJoNThPVXczT08zLUZnbjhNR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwHYAMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ2BQnhGMm7DL9OqDA9DOvwxpkMf1MifDWb6KaFJWJ
hemaGYuc9BUczL+Q6ki8gLKiVI66yhssACsMN5Rlk0+0yFw9KLmVHDM7Vtx12tEA
bstu21OML489LXC3tjeCYPSnKjc4k/rjF31/DNlqnZt3OC8XOnpyMsIrHt/qXvIa
i1rtAcFYd6LUMx7oQoYL0br1Km1M/1+1VlSWrC/63s8VUIedyzYjfXcsCV8zEKS2
suA4xIpXhECP9EbAuY9H5moCo5CKlExNSNZds77kup5gVy95aVhHd7IzmLyKlyi9
lM7MfJtXlsiutAm4LliHM/1OxF+yDVf6pXCS/ty/jpZG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net