Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/5DWadFrAs6Y30QAJnkcsxff-5LE.roa
File: 5DWadFrAs6Y30QAJnkcsxff-5LE.roa (raw, json)
Hash identifier: qThJORZvHvPxP713t8D/4ZwGYdh/puYZkTU106tcpQo=
Subject key identifier: E4:35:9A:74:5A:C0:B3:A6:37:D1:00:09:9E:47:2C:C5:F7:FE:E4:B1
Certificate issuer: /CN=38e7f47bb9b91657e5726bfcb2def8aad973e268
Certificate serial: 019421B1BC437EEC85735C5442ED9CFB3ECA
Authority key identifier: 38:E7:F4:7B:B9:B9:16:57:E5:72:6B:FC:B2:DE:F8:AA:D9:73:E2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/5DWadFrAs6Y30QAJnkcsxff-5LE.roa
Signing time: Wed 01 Jan 2025 11:48:03 +0000
ROA not before: Wed 01 Jan 2025 11:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59796
IP address blocks: 193.84.78.0/24 maxlen: 24
193.84.85.0/24 maxlen: 24
193.84.88.0/24 maxlen: 24
193.84.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:bc:43:7e:ec:85:73:5c:54:42:ed:9c:fb:3e:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38e7f47bb9b91657e5726bfcb2def8aad973e268
Validity
Not Before: Jan 1 11:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4359a745ac0b3a637d100099e472cc5f7fee4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:37:38:bf:b6:7c:46:e5:d0:6c:83:fd:7c:ee:
3f:f2:41:f9:ce:4c:52:6d:93:e9:8a:18:91:9b:af:
78:b5:3a:19:e4:0a:15:46:26:92:01:ca:76:64:71:
4c:42:a1:5a:19:76:51:1c:20:29:2b:a0:68:64:1e:
62:a3:0d:e9:9f:a4:7f:66:50:5e:97:d7:7a:e2:8c:
62:08:ad:22:3f:40:6c:bd:43:9c:5b:d2:7b:d1:37:
f2:f4:f6:b2:68:62:22:cb:27:9c:48:d8:fe:3c:af:
22:7c:5e:81:d0:f2:13:9b:16:9d:2d:e0:44:c0:0f:
1a:51:14:83:e9:eb:f5:6d:4f:34:77:6c:41:0b:24:
2d:d2:59:18:91:bf:a5:b7:49:7f:44:5c:ff:3f:46:
53:98:5f:78:49:07:54:f2:71:4f:43:e2:28:51:11:
87:1c:79:23:09:ee:f6:5b:28:08:6c:a3:98:99:a7:
f5:11:89:81:6d:43:14:68:7d:6c:7a:98:a3:98:88:
6d:05:94:80:ef:1e:8a:0d:78:c1:50:6a:48:41:0d:
fb:39:43:56:5e:24:e1:15:41:49:42:93:e7:af:3d:
02:cc:93:1e:08:ee:3a:aa:86:b8:e9:49:5e:52:e5:
b3:39:b9:b8:92:87:88:64:fe:77:48:ef:06:69:6d:
9f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:35:9A:74:5A:C0:B3:A6:37:D1:00:09:9E:47:2C:C5:F7:FE:E4:B1
X509v3 Authority Key Identifier:
keyid:38:E7:F4:7B:B9:B9:16:57:E5:72:6B:FC:B2:DE:F8:AA:D9:73:E2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/5DWadFrAs6Y30QAJnkcsxff-5LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.78.0/24
193.84.85.0/24
193.84.88.0/24
193.84.90.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a8:44:5e:a7:23:bf:c5:c4:15:6d:f5:44:09:0e:b2:bd:46:
ff:20:ca:9e:10:a1:32:94:4f:70:ef:95:f2:b6:dc:bf:83:e3:
42:66:7c:7e:ea:de:66:17:e8:13:7d:dc:fd:2e:18:1c:74:13:
70:39:5e:f2:d8:35:74:32:cb:8e:ee:83:72:3f:ce:49:d5:14:
36:c0:96:51:f1:cc:04:ba:9b:ee:61:d2:a0:ca:76:af:fa:47:
d5:5c:71:57:71:07:e7:d2:b7:5d:ef:b6:c8:b1:2f:a1:cc:82:
e2:7a:06:6c:46:77:8b:35:6e:f2:5b:68:9f:e7:a4:b0:12:63:
44:ee:37:27:b1:1f:22:b4:e0:fe:7c:25:7d:de:64:1e:06:af:
dc:6a:ba:99:7f:79:ad:97:e9:10:0d:e5:0e:a9:86:97:07:1c:
37:cd:a0:25:d7:cd:57:c2:9f:de:9c:02:a9:2e:85:7e:18:11:
9d:a9:c7:28:52:9b:a6:1c:cf:59:34:b9:88:c6:9f:11:fb:c2:
8e:93:c6:5f:ed:76:1f:4d:f1:d7:26:69:57:aa:ca:34:5f:85:
b0:f4:7e:66:f5:cb:32:06:96:d2:71:ef:6b:94:97:61:69:f9:
82:9c:12:6a:2a:e0:eb:b8:f6:fe:e6:f4:d3:dc:58:78:41:13:
d5:72:da:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsbxDfuyFc1xUQu2c+z7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZTdmNDdiYjliOTE2NTdlNTcyNmJmY2IyZGVmOGFhZDk3
M2UyNjgwHhcNMjUwMTAxMTE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM1OWE3NDVhYzBiM2E2MzdkMTAwMDk5ZTQ3MmNjNWY3ZmVlNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Dc4v7Z8RuXQbIP9fO4/8kH5zkxS
bZPpihiRm694tToZ5AoVRiaSAcp2ZHFMQqFaGXZRHCApK6BoZB5iow3pn6R/ZlBe
l9d64oxiCK0iP0BsvUOcW9J70Tfy9PayaGIiyyecSNj+PK8ifF6B0PITmxadLeBE
wA8aURSD6ev1bU80d2xBCyQt0lkYkb+lt0l/RFz/P0ZTmF94SQdU8nFPQ+IoURGH
HHkjCe72WygIbKOYmaf1EYmBbUMUaH1sepijmIhtBZSA7x6KDXjBUGpIQQ37OUNW
XiThFUFJQpPnrz0CzJMeCO46qoa46UleUuWzObm4koeIZP53SO8GaW2fowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQ1mnRawLOmN9EACZ5HLMX3/uSxMB8GA1UdIwQY
MBaAFDjn9Hu5uRZX5XJr/LLe+KrZc+JoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT09mMGU3bTVGbGZsY212OHN0NzRxdGx6NG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iYjBlN2ItMmE4MS00OTcwLWIzYmQt
Njg2ZjBhMDYxNmNjLzEvNURXYWRGckFzNlkzMFFBSm5rY3N4ZmYtNUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iYjBlN2ItMmE4MS00OTcwLWIzYmQtNjg2ZjBhMDYxNmNj
LzEvT09mMGU3bTVGbGZsY212OHN0NzRxdGx6NG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwVROAwQA
wVRVAwQAwVRYAwQAwVRaMA0GCSqGSIb3DQEBCwUAA4IBAQAQqERepyO/xcQVbfVE
CQ6yvUb/IMqeEKEylE9w75Xytty/g+NCZnx+6t5mF+gTfdz9LhgcdBNwOV7y2DV0
MsuO7oNyP85J1RQ2wJZR8cwEupvuYdKgynav+kfVXHFXcQfn0rdd77bIsS+hzILi
egZsRneLNW7yW2if56SwEmNE7jcnsR8itOD+fCV93mQeBq/carqZf3mtl+kQDeUO
qYaXBxw3zaAl181Xwp/enAKpLoV+GBGdqccoUpumHM9ZNLmIxp8R+8KOk8Zf7XYf
TfHXJmlXqso0X4Ww9H5m9csyBpbSce9rlJdhafmCnBJqKuDruPb+5vTT3Fh4QRPV
ctqI
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:49 2025 by rpki-client on console.sobornost.net