Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/f0mlI3uPHkGxNxppJH1FzET7hkE.roa
File: f0mlI3uPHkGxNxppJH1FzET7hkE.roa (raw, json)
Hash identifier: fzr3RtH6R3YRfxpidUV64dO9I/Erlus13YAGX+wIcwA=
Subject key identifier: 7F:49:A5:23:7B:8F:1E:41:B1:37:1A:69:24:7D:45:CC:44:FB:86:41
Certificate issuer: /CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
Certificate serial: 01942444C420E3C54E3353C314B782F4A758
Authority key identifier: 6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/f0mlI3uPHkGxNxppJH1FzET7hkE.roa
Signing time: Wed 01 Jan 2025 23:47:53 +0000
ROA not before: Wed 01 Jan 2025 23:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51833
IP address blocks: 194.0.21.0/24 maxlen: 24
2001:678:98::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c4:20:e3:c5:4e:33:53:c3:14:b7:82:f4:a7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
Validity
Not Before: Jan 1 23:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f49a5237b8f1e41b1371a69247d45cc44fb8641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:fd:d4:b7:1c:04:10:a1:fe:65:5f:61:87:
3b:1e:53:1e:bf:68:b6:e7:8c:e9:1f:70:d4:3e:9f:
7c:1d:b9:d9:a3:88:cb:f8:77:00:91:ea:8c:7d:50:
b3:e3:f5:c3:29:46:22:3a:7e:ea:53:8f:05:3b:4b:
ca:dd:ab:dd:e1:57:1f:c7:92:dd:e5:7f:fc:00:99:
05:4e:6e:7f:b8:05:57:2a:57:83:05:2f:1d:77:b4:
0b:4c:e3:e3:c0:5a:b4:ec:69:e5:95:28:1b:cf:d5:
ef:ef:6e:42:74:01:4d:4b:13:0b:9d:25:37:0b:e3:
de:a2:c2:7e:50:7a:d7:c1:fc:09:c4:91:1c:26:0f:
20:8c:80:30:c2:20:ba:29:a8:a5:71:27:97:de:14:
fb:3f:f0:28:c4:05:f6:3f:e5:2b:d7:83:e1:a6:ae:
48:55:b2:33:64:28:fc:9d:82:fa:b4:63:d3:dc:40:
1c:d4:22:ba:33:45:8d:e2:c5:73:95:18:9f:dc:5b:
0a:30:d0:5f:42:3c:ff:c2:c8:7e:b4:23:68:3a:19:
71:ad:8c:56:19:50:27:8f:b3:b4:04:9e:42:7f:c9:
21:a7:35:d4:16:d9:ce:2b:67:e0:9f:66:f8:85:07:
60:34:16:d4:fb:f8:a5:76:c1:d0:6a:fc:ec:7c:22:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:49:A5:23:7B:8F:1E:41:B1:37:1A:69:24:7D:45:CC:44:FB:86:41
X509v3 Authority Key Identifier:
keyid:6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/f0mlI3uPHkGxNxppJH1FzET7hkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/bkPVLPXHIWFmOKGrnD2J-pqX3G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.21.0/24
IPv6:
2001:678:98::/48
Signature Algorithm: sha256WithRSAEncryption
b2:2a:80:64:2f:60:29:25:05:64:97:66:97:37:c2:d0:b8:8a:
75:de:5d:5d:3f:8e:fd:63:91:e6:41:d9:55:2f:c8:d7:ba:50:
55:b4:0e:e8:0d:b8:92:fa:c5:ad:0f:f9:61:93:9c:6c:35:f7:
43:a8:e6:e2:18:36:87:d3:fa:33:5e:60:02:1e:38:97:ee:83:
55:14:e1:fd:74:ab:bb:9f:2c:ed:70:74:5d:dc:9b:22:38:db:
47:15:1f:cf:f4:e8:63:43:b5:34:d5:2b:9a:d7:9d:b7:84:16:
a5:8a:e5:ab:1f:dc:c6:94:c1:d8:fc:81:6a:2a:b8:81:4c:ff:
ff:8c:63:95:c8:51:1d:a0:5a:82:3f:12:9e:58:08:d4:96:d5:
26:32:32:95:01:3b:cf:66:ed:fa:ec:8d:12:d7:61:4b:9c:ce:
26:d5:4f:03:f1:77:4a:ef:24:f8:5a:69:1d:e5:b2:f3:85:05:
d3:e0:e9:a8:cf:38:c5:f2:5a:13:98:b4:cf:7a:c6:61:c2:65:
79:b1:c0:74:eb:3b:9f:dc:2d:f2:94:ca:ef:06:c3:9a:bf:d4:
fa:d7:60:1e:fd:db:1e:a8:de:71:4d:56:c2:c1:0e:13:ed:43:
38:84:7a:b1:6a:d1:7b:b2:5f:82:63:10:d5:1a:74:9c:16:ab:
2c:5f:9c:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRMQg48VOM1PDFLeC9KdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDNkNTJjZjVjNzIxNjE2NjM4YTFhYjljM2Q4OWZhOWE5
N2RjNmQwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ5YTUyMzdiOGYxZTQxYjEzNzFhNjkyNDdkNDVjYzQ0ZmI4NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZn91LccBBCh/mVfYYc7HlMev2i2
54zpH3DUPp98HbnZo4jL+HcAkeqMfVCz4/XDKUYiOn7qU48FO0vK3avd4Vcfx5Ld
5X/8AJkFTm5/uAVXKleDBS8dd7QLTOPjwFq07GnllSgbz9Xv725CdAFNSxMLnSU3
C+PeosJ+UHrXwfwJxJEcJg8gjIAwwiC6KailcSeX3hT7P/AoxAX2P+Ur14Phpq5I
VbIzZCj8nYL6tGPT3EAc1CK6M0WN4sVzlRif3FsKMNBfQjz/wsh+tCNoOhlxrYxW
GVAnj7O0BJ5Cf8khpzXUFtnOK2fgn2b4hQdgNBbU+/ildsHQavzsfCJtfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH9JpSN7jx5BsTcaaSR9RcxE+4ZBMB8GA1UdIwQY
MBaAFG5D1Sz1xyFhZjihq5w9ifqal9xtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtQVkxQWEhJV0ZtT0tHcm5EMkotcHFYM0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ZDAzZWEtODcwMi00YjRjLWExMTct
NmIxYzgyY2U3MTZkLzEvZjBtbEkzdVBIa0d4TnhwcEpIMUZ6RVQ3aGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ZDAzZWEtODcwMi00YjRjLWExMTctNmIxYzgyY2U3MTZk
LzEvYmtQVkxQWEhJV0ZtT0tHcm5EMkotcHFYM0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAVMA8E
AgACMAkDBwAgAQZ4AJgwDQYJKoZIhvcNAQELBQADggEBALIqgGQvYCklBWSXZpc3
wtC4inXeXV0/jv1jkeZB2VUvyNe6UFW0DugNuJL6xa0P+WGTnGw190Oo5uIYNofT
+jNeYAIeOJfug1UU4f10q7ufLO1wdF3cmyI420cVH8/06GNDtTTVK5rXnbeEFqWK
5asf3MaUwdj8gWoquIFM//+MY5XIUR2gWoI/Ep5YCNSW1SYyMpUBO89m7frsjRLX
YUuczibVTwPxd0rvJPhaaR3lsvOFBdPg6ajPOMXyWhOYtM96xmHCZXmxwHTrO5/c
LfKUyu8Gw5q/1PrXYB792x6o3nFNVsLBDhPtQziEerFq0XuyX4JjENUadJwWqyxf
nBE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net