Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Q_qTon8MvtRJ7Yc5pdD8eXsue1k.roa
File: Q_qTon8MvtRJ7Yc5pdD8eXsue1k.roa (raw, json)
Hash identifier: tTK7gSyyI93W6RmRW4OEkhpUWe2cbJoZYsLm8Htm4m4=
Subject key identifier: 43:FA:93:A2:7F:0C:BE:D4:49:ED:87:39:A5:D0:FC:79:7B:2E:7B:59
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019613E88DB528ED24D422D882E4FB26B8BE
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Q_qTon8MvtRJ7Yc5pdD8eXsue1k.roa
Signing time: Tue 08 Apr 2025 05:38:49 +0000
ROA not before: Tue 08 Apr 2025 05:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211180
IP address blocks: 152.89.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:13:e8:8d:b5:28:ed:24:d4:22:d8:82:e4:fb:26:b8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Apr 8 05:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43fa93a27f0cbed449ed8739a5d0fc797b2e7b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:60:47:a9:97:b1:e0:18:29:63:22:46:be:
ab:34:c1:4d:e5:6e:f3:91:57:bf:75:dc:26:a4:a7:
42:b7:de:09:ba:a0:4a:70:1b:3f:e1:e0:5d:26:42:
b9:8e:26:87:b2:80:ba:a5:19:a3:02:4b:2c:e4:02:
a2:b7:4f:01:c0:46:9e:f2:bf:47:5d:00:47:22:f5:
c4:2d:71:1e:fb:4e:42:7e:7b:08:c8:de:95:dd:ef:
e5:2d:d9:c6:da:c5:bc:99:3f:fa:57:6d:80:87:dc:
58:8e:98:5c:1e:1f:58:17:de:ad:cf:bb:ec:84:dd:
d7:ce:6f:2f:00:d9:3f:ca:0e:89:4a:13:fd:0d:09:
9f:6e:2b:cf:72:7e:95:b3:7c:52:5a:60:b8:f8:a0:
3c:82:ea:ee:ed:16:d4:ca:e6:f4:17:b9:37:88:f7:
01:ce:00:a4:14:d4:c0:96:8c:72:4b:b1:ed:2c:9f:
94:e2:b6:05:d7:cd:6e:ca:15:23:fe:2a:f9:15:9c:
80:71:74:fc:a7:2b:b2:ac:b3:f6:bd:5b:e8:a0:88:
aa:8c:94:d7:8b:45:77:3e:ea:3b:4c:c9:55:bb:6c:
d3:6e:1c:2b:10:67:be:be:3a:d1:28:e9:fa:46:76:
f2:f8:d0:8c:ca:21:a8:59:7f:69:d7:f2:f5:97:87:
47:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FA:93:A2:7F:0C:BE:D4:49:ED:87:39:A5:D0:FC:79:7B:2E:7B:59
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Q_qTon8MvtRJ7Yc5pdD8eXsue1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.195.0/24
Signature Algorithm: sha256WithRSAEncryption
99:9b:eb:94:b7:8e:fc:74:4f:bf:52:7a:e1:8e:43:3a:49:fb:
2e:53:95:69:a5:bd:b6:9a:91:64:9e:ec:e2:19:b6:53:29:d2:
3c:04:1b:0c:61:c9:f5:13:45:bd:6f:4e:e9:eb:32:40:4a:4b:
fa:ed:11:d4:55:94:56:85:ca:87:6f:03:70:76:ac:5f:d2:83:
9f:6e:4c:77:c2:eb:bf:f1:29:e0:76:89:91:c8:95:1f:ec:16:
18:48:d3:31:e5:db:93:be:02:19:53:cd:4f:c6:a8:20:86:7a:
da:15:58:8c:de:cd:0c:89:19:65:eb:a9:25:67:db:05:18:17:
9c:fa:5a:a3:38:b5:6e:3c:5f:30:9b:50:85:ea:35:81:e8:46:
5d:5b:44:09:ef:8b:a9:3e:26:15:61:23:32:07:af:32:09:6a:
79:0c:e8:b8:bb:3c:b4:ee:af:87:0e:dd:f9:2f:75:6a:c9:f2:
8f:a2:3a:24:d8:0b:8e:67:30:f2:29:ad:f3:e2:31:0f:4b:b1:
7b:39:ac:9d:5f:ab:61:23:db:de:b5:c0:eb:31:25:c2:f9:41:
1e:b4:88:10:59:2a:22:77:c9:0b:61:04:a8:00:7c:1c:17:c6:
0c:be:45:a4:52:af:64:2a:26:96:55:02:2f:4e:52:61:49:54:
fa:57:10:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYT6I21KO0k1CLYguT7Jri+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNDA4MDUzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZhOTNhMjdmMGNiZWQ0NDllZDg3MzlhNWQwZmM3OTdiMmU3YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0lgR6mXseAYKWMiRr6rNMFN5W7z
kVe/ddwmpKdCt94JuqBKcBs/4eBdJkK5jiaHsoC6pRmjAkss5AKit08BwEae8r9H
XQBHIvXELXEe+05CfnsIyN6V3e/lLdnG2sW8mT/6V22Ah9xYjphcHh9YF96tz7vs
hN3Xzm8vANk/yg6JShP9DQmfbivPcn6Vs3xSWmC4+KA8guru7RbUyub0F7k3iPcB
zgCkFNTAloxyS7HtLJ+U4rYF181uyhUj/ir5FZyAcXT8pyuyrLP2vVvooIiqjJTX
i0V3Puo7TMlVu2zTbhwrEGe+vjrRKOn6Rnby+NCMyiGoWX9p1/L1l4dHPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEP6k6J/DL7USe2HOaXQ/Hl7LntZMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvUV9xVG9uOE12dFJKN1ljNXBkRDhlWHN1ZTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnDMA0G
CSqGSIb3DQEBCwUAA4IBAQCZm+uUt478dE+/UnrhjkM6SfsuU5Vppb22mpFknuzi
GbZTKdI8BBsMYcn1E0W9b07p6zJASkv67RHUVZRWhcqHbwNwdqxf0oOfbkx3wuu/
8SngdomRyJUf7BYYSNMx5duTvgIZU81PxqgghnraFViM3s0MiRll66klZ9sFGBec
+lqjOLVuPF8wm1CF6jWB6EZdW0QJ74upPiYVYSMyB68yCWp5DOi4uzy07q+HDt35
L3VqyfKPojok2AuOZzDyKa3z4jEPS7F7OaydX6thI9vetcDrMSXC+UEetIgQWSoi
d8kLYQSoAHwcF8YMvkWkUq9kKiaWVQIvTlJhSVT6VxCM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net