Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f06c79-7c7e-4504-88c0-a8a911a3e2e0/1/8b2MYp-hkoi3xWAERwOdBetyEr0.roa
File: 8b2MYp-hkoi3xWAERwOdBetyEr0.roa (raw, json)
Hash identifier: xdjzN/dKBz+p1uPtY9z1q8M+hEUT4eY7/Ecx7N8LfC8=
Subject key identifier: F1:BD:8C:62:9F:A1:92:88:B7:C5:60:04:47:03:9D:05:EB:72:12:BD
Certificate issuer: /CN=fc239ccf26ea38257a07d4094fa6d70b26969fb9
Certificate serial: 01942825B527A8749C3017BB35A9F00EEF52
Authority key identifier: FC:23:9C:CF:26:EA:38:25:7A:07:D4:09:4F:A6:D7:0B:26:96:9F:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_COczybqOCV6B9QJT6bXCyaWn7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f06c79-7c7e-4504-88c0-a8a911a3e2e0/1/8b2MYp-hkoi3xWAERwOdBetyEr0.roa
Signing time: Thu 02 Jan 2025 17:52:27 +0000
ROA not before: Thu 02 Jan 2025 17:52:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42191
IP address blocks: 195.110.24.0/23 maxlen: 23
195.110.24.0/24 maxlen: 24
195.110.25.0/24 maxlen: 24
2001:67c:14a4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:b5:27:a8:74:9c:30:17:bb:35:a9:f0:0e:ef:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc239ccf26ea38257a07d4094fa6d70b26969fb9
Validity
Not Before: Jan 2 17:52:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1bd8c629fa19288b7c5600447039d05eb7212bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:d4:38:67:26:64:07:c9:c5:7f:ff:93:17:
ec:dc:c0:1e:ac:c5:e0:f9:01:56:c4:db:fb:64:dd:
e2:87:74:15:4e:d6:90:3c:38:3a:99:14:0c:b2:27:
16:a0:0c:94:6d:77:48:c0:b8:73:e2:a0:9a:e9:9b:
84:d8:cb:c1:10:9b:7e:2b:bd:4f:1a:ac:4e:a8:76:
3e:66:bd:6e:c7:5f:e8:7a:43:d0:17:2e:09:fb:c2:
21:9c:ff:f2:ae:db:fc:4e:41:fc:af:ac:64:d7:7c:
18:18:25:c9:b0:dd:e0:8b:d4:41:96:4e:a7:09:be:
c6:ee:72:04:b8:c5:58:f9:f0:ba:f7:91:c7:f0:ae:
d9:e9:dc:95:06:ab:a6:aa:51:24:72:40:9a:20:88:
9d:8a:c0:a4:a4:2a:e4:21:6a:cb:a6:68:51:a4:08:
44:17:58:45:b9:63:d7:82:41:22:50:23:c9:58:f7:
60:80:61:08:4d:fa:4f:02:ad:33:66:dd:d7:71:2b:
3c:8a:4b:32:4a:b8:3d:47:d2:99:d8:81:55:2f:56:
b0:26:a9:78:e6:1d:77:4d:d7:d0:17:70:7d:4e:40:
b4:ef:c2:45:6a:9c:59:8a:56:92:93:41:f1:75:9f:
a7:00:47:69:0d:69:f3:73:c6:31:c2:82:ce:d3:38:
9d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BD:8C:62:9F:A1:92:88:B7:C5:60:04:47:03:9D:05:EB:72:12:BD
X509v3 Authority Key Identifier:
keyid:FC:23:9C:CF:26:EA:38:25:7A:07:D4:09:4F:A6:D7:0B:26:96:9F:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_COczybqOCV6B9QJT6bXCyaWn7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f06c79-7c7e-4504-88c0-a8a911a3e2e0/1/8b2MYp-hkoi3xWAERwOdBetyEr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f06c79-7c7e-4504-88c0-a8a911a3e2e0/1/_COczybqOCV6B9QJT6bXCyaWn7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.24.0/23
IPv6:
2001:67c:14a4::/48
Signature Algorithm: sha256WithRSAEncryption
04:70:73:cd:8a:5a:cd:60:c4:ce:16:6c:55:ac:e5:8c:60:99:
92:9f:a5:23:04:3c:af:87:18:7c:63:ba:3d:c9:98:4c:60:8b:
f5:46:a6:9b:2c:e1:76:09:a2:20:1e:6f:3e:87:53:ac:7f:34:
a5:b3:d7:64:74:f4:71:03:6d:b1:99:a4:c9:33:2d:3c:e1:24:
4e:1a:1b:8b:09:c3:2a:33:b4:3f:6d:86:74:72:c9:81:07:41:
f9:3d:68:3f:61:05:a3:cc:b0:ad:19:50:b0:66:6d:a4:78:e5:
10:ca:6d:5d:cb:8e:66:07:aa:57:14:00:e7:f4:5f:18:3b:65:
ea:09:da:cb:29:23:03:10:1f:32:2e:29:3d:9d:bb:6f:48:d3:
85:27:9e:5c:4b:42:51:9e:48:af:f3:df:8d:3d:c6:b9:30:89:
71:09:c8:fe:e7:a5:1d:18:19:d6:a4:60:4e:f6:ec:6e:7c:64:
10:53:a9:eb:5e:84:f9:c6:18:73:5f:2f:82:b6:5d:9d:a4:09:
e3:af:8a:f8:ab:23:b4:b5:ac:aa:60:51:d5:14:75:d4:1f:94:
5c:81:27:91:7a:53:71:8e:3f:74:f0:5e:49:2f:1d:28:de:ad:
b1:41:d0:36:24:0d:7c:c3:cb:6b:15:75:be:98:06:4f:89:ea:
39:7c:88:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoJbUnqHScMBe7NanwDu9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjM5Y2NmMjZlYTM4MjU3YTA3ZDQwOTRmYTZkNzBiMjY5
NjlmYjkwHhcNMjUwMTAyMTc1MjI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJkOGM2MjlmYTE5Mjg4YjdjNTYwMDQ0NzAzOWQwNWViNzIxMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnzUOGcmZAfJxX//kxfs3MAerMXg
+QFWxNv7ZN3ih3QVTtaQPDg6mRQMsicWoAyUbXdIwLhz4qCa6ZuE2MvBEJt+K71P
GqxOqHY+Zr1ux1/oekPQFy4J+8IhnP/yrtv8TkH8r6xk13wYGCXJsN3gi9RBlk6n
Cb7G7nIEuMVY+fC695HH8K7Z6dyVBqumqlEkckCaIIidisCkpCrkIWrLpmhRpAhE
F1hFuWPXgkEiUCPJWPdggGEITfpPAq0zZt3XcSs8iksySrg9R9KZ2IFVL1awJql4
5h13TdfQF3B9TkC078JFapxZilaSk0HxdZ+nAEdpDWnzc8YxwoLO0zidUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPG9jGKfoZKIt8VgBEcDnQXrchK9MB8GA1UdIwQY
MBaAFPwjnM8m6jglegfUCU+m1wsmlp+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NPY3p5YnFPQ1Y2QjlRSlQ2YlhDeWFXbjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mMDZjNzktN2M3ZS00NTA0LTg4YzAt
YThhOTExYTNlMmUwLzEvOGIyTVlwLWhrb2kzeFdBRVJ3T2RCZXR5RXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mMDZjNzktN2M3ZS00NTA0LTg4YzAtYThhOTExYTNlMmUw
LzEvX0NPY3p5YnFPQ1Y2QjlRSlQ2YlhDeWFXbjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw24YMA8E
AgACMAkDBwAgAQZ8FKQwDQYJKoZIhvcNAQELBQADggEBAARwc82KWs1gxM4WbFWs
5YxgmZKfpSMEPK+HGHxjuj3JmExgi/VGppss4XYJoiAebz6HU6x/NKWz12R09HED
bbGZpMkzLTzhJE4aG4sJwyoztD9thnRyyYEHQfk9aD9hBaPMsK0ZULBmbaR45RDK
bV3LjmYHqlcUAOf0Xxg7ZeoJ2sspIwMQHzIuKT2du29I04UnnlxLQlGeSK/z3409
xrkwiXEJyP7npR0YGdakYE727G58ZBBTqetehPnGGHNfL4K2XZ2kCeOvivirI7S1
rKpgUdUUddQflFyBJ5F6U3GOP3TwXkkvHSjerbFB0DYkDXzDy2sVdb6YBk+J6jl8
iDE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net