Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/6uqfHy5orm23cTKFvyLzjaOscrk.roa
File: 6uqfHy5orm23cTKFvyLzjaOscrk.roa (raw, json)
Hash identifier: eSkR1Rx3FREDyMUFDl/Eczx/rYW2EV6fDcTDwEKXsM0=
Subject key identifier: EA:EA:9F:1F:2E:68:AE:6D:B7:71:32:85:BF:22:F3:8D:A3:AC:72:B9
Certificate issuer: /CN=ffbe256565e1c27c4b26560190e9978286a82b52
Certificate serial: 019421B1C7832CEA1CB4DB305F27AD86FEB0
Authority key identifier: FF:BE:25:65:65:E1:C2:7C:4B:26:56:01:90:E9:97:82:86:A8:2B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_74lZWXhwnxLJlYBkOmXgoaoK1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/6uqfHy5orm23cTKFvyLzjaOscrk.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29608
IP address blocks: 194.146.204.0/24 maxlen: 24
2a14:5500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c7:83:2c:ea:1c:b4:db:30:5f:27:ad:86:fe:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbe256565e1c27c4b26560190e9978286a82b52
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eaea9f1f2e68ae6db7713285bf22f38da3ac72b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:63:52:9a:d9:75:2f:cb:3c:ac:81:1b:0f:
3d:af:5a:4c:0e:4b:e4:cb:2f:80:28:e9:82:de:d4:
ef:a9:ac:2d:d7:bf:e9:93:08:72:9d:20:9d:af:93:
2b:a5:66:3f:a1:7a:d9:4d:ca:9f:04:16:a2:93:5f:
e3:9a:c1:3c:c6:11:a9:c6:c7:68:cf:aa:f6:98:50:
9b:8d:9f:7a:b5:b5:84:6a:b4:6e:13:78:64:54:ce:
ec:05:cc:96:9f:d2:6a:ce:09:44:80:4f:8e:3a:34:
da:2c:98:35:bf:52:0f:e3:5f:da:61:20:aa:58:59:
5a:7b:81:26:2f:d9:c4:28:3c:91:0d:1e:55:60:7a:
3c:e1:97:d0:0c:8b:e3:21:13:17:78:6e:8e:ad:96:
44:0c:40:18:c9:ae:75:5f:5e:fc:ea:fc:14:8e:eb:
ba:a0:8f:e8:de:30:59:6e:26:ac:ac:e7:90:71:a0:
24:72:e6:91:5c:23:89:dd:67:21:4b:f6:77:3b:50:
24:91:b4:df:61:c3:ea:37:d4:fc:59:28:b6:97:ef:
30:8c:70:d8:6e:21:29:14:86:b4:cb:c5:f1:b6:d5:
9e:15:45:d3:5c:28:6b:12:f4:5e:8c:5e:80:15:d3:
00:5d:2f:64:2a:c2:35:f6:52:55:53:ed:a6:0a:67:
79:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:EA:9F:1F:2E:68:AE:6D:B7:71:32:85:BF:22:F3:8D:A3:AC:72:B9
X509v3 Authority Key Identifier:
keyid:FF:BE:25:65:65:E1:C2:7C:4B:26:56:01:90:E9:97:82:86:A8:2B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_74lZWXhwnxLJlYBkOmXgoaoK1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/6uqfHy5orm23cTKFvyLzjaOscrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/27c928-02fe-4052-9d65-b1fc2083c906/1/_74lZWXhwnxLJlYBkOmXgoaoK1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.204.0/24
IPv6:
2a14:5500::/29
Signature Algorithm: sha256WithRSAEncryption
70:c7:56:84:aa:95:84:55:dd:62:ac:55:68:82:3f:f3:ae:25:
7b:4b:e7:58:0d:20:e2:d5:ab:87:75:a8:5d:d5:66:b4:d2:3e:
c3:b8:f7:08:c0:bd:5e:18:62:41:21:0b:f2:4d:d5:56:8b:ca:
98:e5:c5:1b:e8:d9:6e:0f:d3:2b:fe:89:d8:19:6f:8b:e8:b8:
6d:0d:9f:14:44:47:d9:de:32:43:78:01:29:ae:96:41:e9:5f:
51:c2:06:10:1d:9e:8e:72:d8:98:24:e0:8f:ef:62:89:e0:ac:
a2:30:8e:da:5b:30:60:85:59:01:91:d8:52:f1:21:bb:47:43:
d0:e0:f0:4f:15:e0:2c:ce:72:91:69:51:38:d8:40:3a:84:6c:
c3:21:6a:df:bc:00:a6:ae:5c:fd:98:e8:ca:4a:33:12:3c:b5:
8f:70:c5:da:d0:96:95:47:57:f2:d6:16:4b:59:ea:d7:9d:dc:
ab:33:ae:17:b2:ce:7a:cd:39:06:4c:03:77:35:85:83:e6:55:
8a:1d:69:bc:2f:d3:42:24:d1:db:03:8e:08:c1:53:c0:df:1f:
43:8b:aa:54:3c:c0:7c:cf:85:13:cd:ab:bb:6d:16:1f:4c:e3:
69:e2:d4:66:30:c6:63:e2:e5:77:43:bf:27:92:02:4a:82:29:
04:2c:26:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsceDLOoctNswXyethv6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYmUyNTY1NjVlMWMyN2M0YjI2NTYwMTkwZTk5NzgyODZh
ODJiNTIwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWVhOWYxZjJlNjhhZTZkYjc3MTMyODViZjIyZjM4ZGEzYWM3MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWVjUprZdS/LPKyBGw89r1pMDkvk
yy+AKOmC3tTvqawt17/pkwhynSCdr5MrpWY/oXrZTcqfBBaik1/jmsE8xhGpxsdo
z6r2mFCbjZ96tbWEarRuE3hkVM7sBcyWn9JqzglEgE+OOjTaLJg1v1IP41/aYSCq
WFlae4EmL9nEKDyRDR5VYHo84ZfQDIvjIRMXeG6OrZZEDEAYya51X1786vwUjuu6
oI/o3jBZbiasrOeQcaAkcuaRXCOJ3WchS/Z3O1AkkbTfYcPqN9T8WSi2l+8wjHDY
biEpFIa0y8XxttWeFUXTXChrEvRejF6AFdMAXS9kKsI19lJVU+2mCmd58QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOrqnx8uaK5tt3Eyhb8i842jrHK5MB8GA1UdIwQY
MBaAFP++JWVl4cJ8SyZWAZDpl4KGqCtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzc0bFpXWGh3bnhMSmxZQmtPbVhnb2FvSzFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yN2M5MjgtMDJmZS00MDUyLTlkNjUt
YjFmYzIwODNjOTA2LzEvNnVxZkh5NW9ybTIzY1RLRnZ5THpqYU9zY3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yN2M5MjgtMDJmZS00MDUyLTlkNjUtYjFmYzIwODNjOTA2
LzEvXzc0bFpXWGh3bnhMSmxZQmtPbVhnb2FvSzFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpLMMA0E
AgACMAcDBQMqFFUAMA0GCSqGSIb3DQEBCwUAA4IBAQBwx1aEqpWEVd1irFVogj/z
riV7S+dYDSDi1auHdahd1Wa00j7DuPcIwL1eGGJBIQvyTdVWi8qY5cUb6NluD9Mr
/onYGW+L6LhtDZ8UREfZ3jJDeAEprpZB6V9RwgYQHZ6OctiYJOCP72KJ4KyiMI7a
WzBghVkBkdhS8SG7R0PQ4PBPFeAsznKRaVE42EA6hGzDIWrfvACmrlz9mOjKSjMS
PLWPcMXa0JaVR1fy1hZLWerXndyrM64Xss56zTkGTAN3NYWD5lWKHWm8L9NCJNHb
A44IwVPA3x9Di6pUPMB8z4UTzau7bRYfTONp4tRmMMZj4uV3Q78nkgJKgikELCZE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net