Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/mD7Z7YeNOfK8jp-WeYlQt4uS5Qk.roa
File: mD7Z7YeNOfK8jp-WeYlQt4uS5Qk.roa (raw, json)
Hash identifier: foJEvw+8/1mri1uVePD4Fo8lgGoj9wOcsREdvsruLoI=
Subject key identifier: 98:3E:D9:ED:87:8D:39:F2:BC:8E:9F:96:79:89:50:B7:8B:92:E5:09
Certificate issuer: /CN=b3a758904c75856e3585a4433ae5ec57fef1a3c7
Certificate serial: 019421B17F1EDFD7C46EA6C6E77827D2C66A
Authority key identifier: B3:A7:58:90:4C:75:85:6E:35:85:A4:43:3A:E5:EC:57:FE:F1:A3:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6dYkEx1hW41haRDOuXsV_7xo8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/mD7Z7YeNOfK8jp-WeYlQt4uS5Qk.roa
Signing time: Wed 01 Jan 2025 11:47:47 +0000
ROA not before: Wed 01 Jan 2025 11:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12662
IP address blocks: 192.162.132.0/22 maxlen: 22
192.162.132.0/23 maxlen: 23
192.162.132.0/24 maxlen: 24
192.162.133.0/24 maxlen: 24
192.162.134.0/23 maxlen: 23
192.162.134.0/24 maxlen: 24
192.162.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:7f:1e:df:d7:c4:6e:a6:c6:e7:78:27:d2:c6:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a758904c75856e3585a4433ae5ec57fef1a3c7
Validity
Not Before: Jan 1 11:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=983ed9ed878d39f2bc8e9f96798950b78b92e509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:53:87:c2:7c:3d:08:f2:b3:e3:d0:d9:63:3d:
75:3f:61:70:6d:a7:34:a6:6f:f5:8a:7f:a3:90:bb:
99:41:2c:5f:71:f7:c5:58:1a:b8:9a:2a:46:a7:ff:
8b:d3:c2:1e:f6:c6:21:d3:49:1a:f0:7a:e7:e6:64:
e2:7a:ec:fd:4f:cc:39:2e:6f:79:4b:c9:6d:70:c8:
c0:4e:61:16:fb:20:a3:47:e4:85:00:7d:11:ae:6e:
a2:37:37:4a:ac:9f:cd:4b:22:46:9f:f8:2f:68:fa:
84:b1:3e:09:dc:4f:91:51:58:96:fd:38:e4:a0:db:
70:bf:2d:40:74:81:97:ef:87:84:d5:df:65:4a:36:
24:0c:45:df:38:e6:41:85:90:da:c4:20:b3:8c:e5:
d0:6f:2b:5e:c8:3c:18:87:8f:2c:27:62:b7:53:62:
3b:35:37:a0:f5:7e:7b:a2:10:43:10:ce:f7:08:5a:
b9:d9:08:e7:8a:e1:71:24:5a:a9:b9:a2:0d:f4:ff:
dc:57:c9:e5:72:f2:13:a6:b9:50:7a:3d:4d:68:1e:
92:a7:3d:74:60:35:72:63:23:4f:6e:ff:c4:54:b7:
72:33:a8:f2:c0:c7:07:1d:60:4d:e4:38:fc:0d:6d:
81:f5:28:f3:d4:43:93:6f:06:4c:7b:c7:d0:0a:c7:
8a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3E:D9:ED:87:8D:39:F2:BC:8E:9F:96:79:89:50:B7:8B:92:E5:09
X509v3 Authority Key Identifier:
keyid:B3:A7:58:90:4C:75:85:6E:35:85:A4:43:3A:E5:EC:57:FE:F1:A3:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6dYkEx1hW41haRDOuXsV_7xo8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/mD7Z7YeNOfK8jp-WeYlQt4uS5Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/s6dYkEx1hW41haRDOuXsV_7xo8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.132.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:ec:4f:49:d6:27:86:66:6c:46:4e:f8:4f:08:7e:00:75:19:
03:01:44:38:11:88:e6:66:58:14:1f:35:94:23:e5:f2:83:72:
da:b5:48:7f:9f:73:6d:42:03:f8:8e:26:2b:e2:11:27:bc:c5:
96:97:1c:ba:d4:45:2f:fb:76:33:a2:b3:9c:9d:39:1e:c7:91:
63:6f:99:05:fc:37:3b:08:8a:85:50:73:d3:a6:e2:2a:f7:ed:
96:af:22:5f:5a:28:e1:a9:28:79:68:ab:58:ff:f4:f2:1d:0e:
7e:15:7c:37:af:12:d3:05:49:60:d5:d6:7a:19:c7:87:21:36:
82:02:23:27:95:d1:19:a4:19:b0:60:dd:46:1c:3e:33:5c:4b:
04:01:89:ea:03:58:04:4a:84:59:d0:f8:2b:78:99:0c:6f:f7:
9c:aa:f8:86:6b:f6:b3:4e:4a:c0:50:24:d7:74:e4:bd:a0:9f:
6a:4f:d4:e5:47:45:c0:36:dc:5f:86:8a:b6:14:bd:3f:18:1f:
af:1b:6d:c7:da:fe:d5:35:da:3e:9a:37:2f:cb:e4:a7:fb:10:
fb:6f:f3:dd:80:f3:62:27:be:a4:20:9a:85:78:fc:04:f9:1f:
34:81:46:06:3b:23:29:41:46:1f:39:81:4e:3f:a6:33:e3:77:
cd:66:f2:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsX8e39fEbqbG53gn0sZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTc1ODkwNGM3NTg1NmUzNTg1YTQ0MzNhZTVlYzU3ZmVm
MWEzYzcwHhcNMjUwMTAxMTE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNlZDllZDg3OGQzOWYyYmM4ZTlmOTY3OTg5NTBiNzhiOTJlNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylOHwnw9CPKz49DZYz11P2Fwbac0
pm/1in+jkLuZQSxfcffFWBq4mipGp/+L08Ie9sYh00ka8Hrn5mTieuz9T8w5Lm95
S8ltcMjATmEW+yCjR+SFAH0Rrm6iNzdKrJ/NSyJGn/gvaPqEsT4J3E+RUViW/Tjk
oNtwvy1AdIGX74eE1d9lSjYkDEXfOOZBhZDaxCCzjOXQbyteyDwYh48sJ2K3U2I7
NTeg9X57ohBDEM73CFq52QjniuFxJFqpuaIN9P/cV8nlcvITprlQej1NaB6Spz10
YDVyYyNPbv/EVLdyM6jywMcHHWBN5Dj8DW2B9Sjz1EOTbwZMe8fQCseKEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJg+2e2HjTnyvI6flnmJULeLkuUJMB8GA1UdIwQY
MBaAFLOnWJBMdYVuNYWkQzrl7Ff+8aPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZkWWtFeDFoVzQxaGFSRE91WHNWXzd4bzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8xNDljMDEtODQwZC00NWY2LTgyM2Yt
ZTJmMGUxYzI2MTA1LzEvbUQ3WjdZZU5PZks4anAtV2VZbFF0NHVTNVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8xNDljMDEtODQwZC00NWY2LTgyM2YtZTJmMGUxYzI2MTA1
LzEvczZkWWtFeDFoVzQxaGFSRE91WHNWXzd4bzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKKEMA0G
CSqGSIb3DQEBCwUAA4IBAQC57E9J1ieGZmxGTvhPCH4AdRkDAUQ4EYjmZlgUHzWU
I+Xyg3LatUh/n3NtQgP4jiYr4hEnvMWWlxy61EUv+3YzorOcnTkex5Fjb5kF/Dc7
CIqFUHPTpuIq9+2WryJfWijhqSh5aKtY//TyHQ5+FXw3rxLTBUlg1dZ6GceHITaC
AiMnldEZpBmwYN1GHD4zXEsEAYnqA1gESoRZ0PgreJkMb/ecqviGa/azTkrAUCTX
dOS9oJ9qT9TlR0XANtxfhoq2FL0/GB+vG23H2v7VNdo+mjcvy+Sn+xD7b/PdgPNi
J76kIJqFePwE+R80gUYGOyMpQUYfOYFOP6Yz43fNZvIn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:30 2025 by rpki-client on console.sobornost.net