Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/0bnoilJqdREsxptDb-ivl7D9RO8.roa
File: 0bnoilJqdREsxptDb-ivl7D9RO8.roa (raw, json)
Hash identifier: xwj9p29IkVHnJneRSxNDQqnx9KWrH7LG11fEPkl1kbA=
Subject key identifier: D1:B9:E8:8A:52:6A:75:11:2C:C6:9B:43:6F:E8:AF:97:B0:FD:44:EF
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 019422FC4E2F3294EA975C87E571B4183912
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/0bnoilJqdREsxptDb-ivl7D9RO8.roa
Signing time: Wed 01 Jan 2025 17:49:07 +0000
ROA not before: Wed 01 Jan 2025 17:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 109.234.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:4e:2f:32:94:ea:97:5c:87:e5:71:b4:18:39:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 1 17:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1b9e88a526a75112cc69b436fe8af97b0fd44ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:04:53:4a:34:83:48:14:50:e5:80:24:d0:
41:35:96:dc:58:69:92:77:cc:92:65:c1:4e:4c:a9:
44:61:05:4c:bd:fe:4f:ac:6c:ec:3c:1e:ab:bc:99:
92:52:87:3b:ca:80:35:07:20:e8:40:36:24:42:59:
63:75:92:62:ee:2b:e9:58:c7:e9:10:44:83:d2:c3:
c0:af:d3:0a:39:6a:30:e6:30:0f:ee:78:b6:8a:c3:
20:d9:62:da:7f:ae:c9:2a:d8:10:31:85:0b:76:23:
8f:a6:e4:8a:b1:fe:0b:9a:b0:4a:3b:71:00:6b:81:
d3:b9:a0:e8:d2:3e:e4:97:ee:ed:00:5a:34:96:ec:
d7:bc:7b:0b:83:81:84:f7:c2:9d:9e:4e:32:51:e8:
f0:bd:26:c0:0c:2b:a0:52:9a:1f:13:42:72:f8:32:
22:51:44:2c:b7:a4:a3:bb:dc:33:75:a1:09:16:f4:
44:13:51:ae:6a:d8:e7:fb:81:2b:16:96:83:d8:a6:
9b:9b:de:0b:fd:3e:ff:66:cd:ef:b4:5e:7e:e3:4b:
5d:e3:dd:76:c3:99:f4:d0:71:2a:35:bb:b4:1d:0e:
45:3e:6b:49:a8:a4:7f:54:2a:4f:f4:86:f9:ef:d5:
6f:c3:b0:c5:47:ef:9c:9c:4f:f2:26:fe:90:81:7b:
56:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B9:E8:8A:52:6A:75:11:2C:C6:9B:43:6F:E8:AF:97:B0:FD:44:EF
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/0bnoilJqdREsxptDb-ivl7D9RO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.74.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:cf:7d:30:ad:cd:83:82:41:23:34:57:d0:4f:c6:2e:46:da:
58:3a:14:8a:af:ad:0c:ec:5e:28:02:27:83:95:11:89:4c:1a:
d4:35:a5:ea:55:db:ae:02:8b:14:17:27:0f:40:ef:d9:28:1d:
76:8e:34:b6:df:85:3f:76:88:04:82:fb:be:db:93:ee:d5:81:
46:a8:5e:31:69:13:c3:52:be:31:33:3b:23:ac:62:03:d0:75:
a9:90:3e:2f:45:3e:40:af:67:9c:8c:ee:2a:fd:c4:c0:5b:f1:
db:c0:49:95:ba:6c:d9:76:a9:8b:1a:ff:20:9d:e3:f3:be:45:
96:26:fe:cb:3d:94:c0:87:d5:ac:f2:a4:49:b0:1a:5d:14:d1:
39:84:85:b3:d3:ea:9d:49:57:d1:80:cb:63:4a:ec:b5:f8:f4:
b9:c6:1c:bd:63:f1:bc:1f:90:fb:89:62:73:89:0c:ba:a4:df:
f3:2e:fc:69:21:f0:05:c4:2e:78:ce:5a:aa:38:aa:3d:ba:bf:
7a:63:f6:94:cb:9d:1b:0e:76:44:3e:13:7c:30:76:1b:ae:76:
5c:45:be:fd:d3:db:eb:6e:3e:3a:6d:91:f4:a9:f5:41:f5:e3:
47:08:29:3b:2d:4a:bc:b3:9a:91:fe:46:ae:4d:fc:26:be:94:
e3:e5:54:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/E4vMpTql1yH5XG0GDkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMTAxMTc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI5ZTg4YTUyNmE3NTExMmNjNjliNDM2ZmU4YWY5N2IwZmQ0NGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsccEU0o0g0gUUOWAJNBBNZbcWGmS
d8ySZcFOTKlEYQVMvf5PrGzsPB6rvJmSUoc7yoA1ByDoQDYkQlljdZJi7ivpWMfp
EESD0sPAr9MKOWow5jAP7ni2isMg2WLaf67JKtgQMYULdiOPpuSKsf4LmrBKO3EA
a4HTuaDo0j7kl+7tAFo0luzXvHsLg4GE98Kdnk4yUejwvSbADCugUpofE0Jy+DIi
UUQst6Sju9wzdaEJFvREE1Guatjn+4ErFpaD2Kabm94L/T7/Zs3vtF5+40td4912
w5n00HEqNbu0HQ5FPmtJqKR/VCpP9Ib579Vvw7DFR++cnE/yJv6QgXtWUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG56IpSanURLMabQ2/or5ew/UTvMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvMGJub2lsSnFkUkVzeHB0RGItaXZsN0Q5Uk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbepKMA0G
CSqGSIb3DQEBCwUAA4IBAQCkz30wrc2DgkEjNFfQT8YuRtpYOhSKr60M7F4oAieD
lRGJTBrUNaXqVduuAosUFycPQO/ZKB12jjS234U/dogEgvu+25Pu1YFGqF4xaRPD
Ur4xMzsjrGID0HWpkD4vRT5Ar2ecjO4q/cTAW/HbwEmVumzZdqmLGv8gnePzvkWW
Jv7LPZTAh9Ws8qRJsBpdFNE5hIWz0+qdSVfRgMtjSuy1+PS5xhy9Y/G8H5D7iWJz
iQy6pN/zLvxpIfAFxC54zlqqOKo9ur96Y/aUy50bDnZEPhN8MHYbrnZcRb7909vr
bj46bZH0qfVB9eNHCCk7LUq8s5qR/kauTfwmvpTj5VQk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:41 2025 by rpki-client on console.sobornost.net