Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/J8ocfDucYOz1VMSwyoOUgA7bURQ.roa
File: J8ocfDucYOz1VMSwyoOUgA7bURQ.roa (raw, json)
Hash identifier: 0LgKF+X2hpfhBTpNW2fTwMBm/B3MJkvlI1FoopslTw8=
Subject key identifier: 27:CA:1C:7C:3B:9C:60:EC:F5:54:C4:B0:CA:83:94:80:0E:DB:51:14
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 0194274841A43D23B299CD6B44E526F6DD67
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/J8ocfDucYOz1VMSwyoOUgA7bURQ.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203828
IP address blocks: 78.159.89.0/24 maxlen: 24
78.159.90.0/24 maxlen: 24
78.159.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:41:a4:3d:23:b2:99:cd:6b:44:e5:26:f6:dd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27ca1c7c3b9c60ecf554c4b0ca8394800edb5114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b3:0d:36:67:a2:90:d5:ba:05:de:a4:e6:15:
ae:03:f8:b4:ba:48:26:cd:8b:38:53:c0:a4:fa:55:
e4:f6:a6:07:69:0c:20:a7:6b:11:75:b5:c0:2d:06:
f3:05:da:16:04:ff:d1:94:0b:a8:45:8d:c0:2f:7f:
de:37:1d:08:64:67:a5:6b:c7:d5:ae:88:f2:2f:cd:
53:db:a1:f5:06:65:0a:dc:ca:b2:65:8c:98:15:aa:
4f:58:02:a3:01:69:3a:11:13:b3:23:62:f2:d1:4a:
b0:cb:be:15:d4:2d:b1:b5:ed:24:55:db:3b:14:6e:
44:ff:23:78:f4:f8:24:41:ec:37:25:bc:0a:ff:a5:
b4:06:46:19:d9:b9:2c:db:56:64:f6:07:6d:3d:1a:
ac:af:60:91:3c:66:13:8e:60:c5:83:2d:0c:8b:3e:
4c:29:a8:97:95:a8:9e:a0:c6:d9:5e:46:c9:f2:70:
de:cb:89:60:d3:f4:69:e7:7c:e5:8b:01:55:ef:98:
f1:36:ed:b0:97:33:6c:0c:ec:a6:5c:57:3e:b5:d3:
46:3d:fc:4d:1f:55:7a:33:4a:b8:09:50:f5:9a:b7:
33:f8:4c:b2:f2:69:bc:6a:bc:31:04:bb:43:32:28:
96:08:f8:b5:68:7e:ba:f1:1d:ab:f5:bb:70:8d:76:
0d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CA:1C:7C:3B:9C:60:EC:F5:54:C4:B0:CA:83:94:80:0E:DB:51:14
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/J8ocfDucYOz1VMSwyoOUgA7bURQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.89.0-78.159.91.255
Signature Algorithm: sha256WithRSAEncryption
a3:ef:ec:98:98:e1:e5:2e:37:6c:05:ed:da:7b:eb:42:32:46:
db:7d:d3:90:9d:f3:0b:49:e5:bf:6b:1c:f3:e1:53:6e:4d:a7:
f2:9b:fb:da:fb:04:cb:26:0a:03:aa:3c:ac:ea:51:36:b9:81:
81:c2:5d:eb:0b:89:1c:23:1c:06:eb:4d:e8:1b:c7:94:d3:05:
16:02:1d:1b:44:6c:1a:11:b6:ff:c9:ac:18:9d:90:fb:06:7c:
0f:91:3b:79:40:ed:29:46:a8:19:7a:03:46:ac:62:0a:ad:4d:
cd:a8:25:6c:da:77:91:3c:06:a9:9e:34:58:53:88:6b:b4:5a:
d9:eb:c0:0a:da:0a:3a:22:05:08:6c:4c:f7:ec:3a:2a:11:4e:
4c:c6:77:eb:ed:81:d1:53:63:e8:2b:17:61:8c:79:db:25:68:
1d:77:82:4d:22:d1:8d:c8:f9:24:55:d3:7a:8d:fc:76:74:2f:
92:26:6e:63:cb:d5:bd:73:f3:fa:64:e9:a1:97:b6:97:f0:48:
20:af:7d:54:d0:e3:c0:1f:7a:12:d3:49:e6:ec:d8:47:92:9b:
02:58:4e:57:6e:bd:a6:16:f6:85:d4:77:a9:36:52:12:f5:8f:
5c:22:67:6f:d9:5e:69:41:27:0d:ed:18:c6:c6:d5:ef:20:f8:
bc:9a:6d:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQnSEGkPSOymc1rROUm9t1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NhMWM3YzNiOWM2MGVjZjU1NGM0YjBjYTgzOTQ4MDBlZGI1MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbMNNmeikNW6Bd6k5hWuA/i0ukgm
zYs4U8Ck+lXk9qYHaQwgp2sRdbXALQbzBdoWBP/RlAuoRY3AL3/eNx0IZGela8fV
rojyL81T26H1BmUK3MqyZYyYFapPWAKjAWk6EROzI2Ly0Uqwy74V1C2xte0kVds7
FG5E/yN49PgkQew3JbwK/6W0BkYZ2bks21Zk9gdtPRqsr2CRPGYTjmDFgy0Miz5M
KaiXlaieoMbZXkbJ8nDey4lg0/Rp53zliwFV75jxNu2wlzNsDOymXFc+tdNGPfxN
H1V6M0q4CVD1mrcz+Eyy8mm8arwxBLtDMiiWCPi1aH668R2r9btwjXYN4wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCfKHHw7nGDs9VTEsMqDlIAO21EUMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvSjhvY2ZEdWNZT3oxVk1Td3lvT1VnQTdiVVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABOn1kD
BAJOn1gwDQYJKoZIhvcNAQELBQADggEBAKPv7JiY4eUuN2wF7dp760IyRtt905Cd
8wtJ5b9rHPPhU25Np/Kb+9r7BMsmCgOqPKzqUTa5gYHCXesLiRwjHAbrTegbx5TT
BRYCHRtEbBoRtv/JrBidkPsGfA+RO3lA7SlGqBl6A0asYgqtTc2oJWzad5E8Bqme
NFhTiGu0WtnrwAraCjoiBQhsTPfsOioRTkzGd+vtgdFTY+grF2GMedslaB13gk0i
0Y3I+SRV03qN/HZ0L5ImbmPL1b1z8/pk6aGXtpfwSCCvfVTQ48AfehLTSebs2EeS
mwJYTlduvaYW9oXUd6k2UhL1j1wiZ2/ZXmlBJw3tGMbG1e8g+LyabZc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net