Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/dQBlElXfO8pSdNwEKXjKZ-O9USg.roa
File: dQBlElXfO8pSdNwEKXjKZ-O9USg.roa (raw, json)
Hash identifier: S1t1SaIMwKXjVRHsk1Cwo0eWHwRLwztBGFQg3vgYpOA=
Subject key identifier: 75:00:65:12:55:DF:3B:CA:52:74:DC:04:29:78:CA:67:E3:BD:51:28
Certificate issuer: /CN=d33a620b2acc8fc30b8c4d518f9297e3f7c9a60a
Certificate serial: 01941FFA03FF6261CB0F3D62521F437D59A4
Authority key identifier: D3:3A:62:0B:2A:CC:8F:C3:0B:8C:4D:51:8F:92:97:E3:F7:C9:A6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zpiCyrMj8MLjE1Rj5KX4_fJpgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/dQBlElXfO8pSdNwEKXjKZ-O9USg.roa
Signing time: Wed 01 Jan 2025 03:47:46 +0000
ROA not before: Wed 01 Jan 2025 03:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198061
IP address blocks: 194.0.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:03:ff:62:61:cb:0f:3d:62:52:1f:43:7d:59:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d33a620b2acc8fc30b8c4d518f9297e3f7c9a60a
Validity
Not Before: Jan 1 03:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7500651255df3bca5274dc042978ca67e3bd5128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:13:d7:f8:f0:26:83:5b:71:75:9b:4d:dd:5d:
f5:99:7a:d5:9f:2b:4e:b2:ea:b5:91:d5:eb:38:9b:
d2:4d:7b:35:1e:b9:cd:ba:dd:59:c1:f4:bf:92:ff:
52:3d:f0:fc:f4:0a:6b:c7:47:2b:df:d8:7f:d2:b0:
11:0e:f5:c8:ec:fe:ac:8f:bc:73:d9:05:7e:19:fb:
b5:bd:86:6a:f9:fe:1d:dd:61:c6:f0:95:6f:fc:86:
fc:80:f9:28:98:0c:b9:85:73:e4:94:a5:11:ae:6d:
7b:60:bb:54:20:dc:d3:bc:da:55:9b:87:e7:8e:44:
a2:e7:db:09:81:69:89:92:b1:2a:70:ca:51:17:cc:
fa:eb:fc:52:5c:45:bd:08:90:74:ca:00:a3:5a:88:
56:78:28:dd:fc:6e:0d:d8:17:3f:fe:b0:42:ee:f9:
e2:90:28:f4:2d:94:e5:dc:72:a2:30:61:23:15:f9:
ce:62:6a:5a:9f:ad:85:67:d2:9d:77:e1:92:08:97:
b6:09:ef:ac:e1:01:1d:82:75:5f:cc:2d:d8:bd:ed:
bd:7a:9f:2b:3d:e3:c9:8f:17:3c:8e:e5:b3:41:7f:
87:22:a6:5b:4a:1e:54:64:10:b7:e3:05:f9:85:b0:
cf:03:6c:eb:39:be:ea:61:d5:8a:5d:b2:0e:b0:e5:
c8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:00:65:12:55:DF:3B:CA:52:74:DC:04:29:78:CA:67:E3:BD:51:28
X509v3 Authority Key Identifier:
keyid:D3:3A:62:0B:2A:CC:8F:C3:0B:8C:4D:51:8F:92:97:E3:F7:C9:A6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zpiCyrMj8MLjE1Rj5KX4_fJpgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/dQBlElXfO8pSdNwEKXjKZ-O9USg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/0zpiCyrMj8MLjE1Rj5KX4_fJpgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.191.0/24
Signature Algorithm: sha256WithRSAEncryption
31:df:31:ef:02:73:a0:06:35:18:fd:6f:aa:6c:ac:ae:2e:7b:
fd:12:34:97:ae:5b:a3:28:84:69:c8:f3:0e:52:2b:14:a4:83:
ae:9a:40:7d:ea:71:6b:60:fb:f6:bd:d8:c5:b2:1e:9e:93:62:
af:6e:59:22:88:7b:54:87:bf:c0:6c:55:66:a6:4e:63:40:24:
16:f6:82:13:db:d0:6b:ea:76:11:69:ef:96:87:43:ee:c8:40:
07:03:ab:00:d6:89:68:3a:40:b4:9d:c0:01:d6:ac:35:c2:8b:
74:49:7c:94:43:76:f5:a1:c4:d8:bd:9f:26:c6:d4:67:de:2b:
2e:56:bc:27:72:1c:ee:51:c6:bf:9c:e6:d0:4c:59:aa:ec:e2:
5a:b9:39:e2:43:76:0e:d7:73:5a:94:27:ad:96:91:aa:d5:af:
80:d5:da:35:98:4f:20:62:56:da:6a:d5:c2:67:6d:1a:80:86:
37:75:35:51:b2:b1:79:1b:d8:35:cb:98:7c:4f:c3:a6:3d:3a:
af:aa:81:cf:d8:ed:31:1c:08:a8:62:d1:4f:ae:ae:34:4f:f5:
b5:4a:3f:f3:5e:40:e6:a2:55:a9:d9:9d:4a:76:13:87:d5:2b:
3d:67:d3:eb:d0:a4:09:e0:c0:13:07:b6:44:0b:90:fb:dc:79:
64:32:13:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gP/YmHLDz1iUh9DfVmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzM2E2MjBiMmFjYzhmYzMwYjhjNGQ1MThmOTI5N2UzZjdj
OWE2MGEwHhcNMjUwMTAxMDM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTAwNjUxMjU1ZGYzYmNhNTI3NGRjMDQyOTc4Y2E2N2UzYmQ1MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRPX+PAmg1txdZtN3V31mXrVnytO
suq1kdXrOJvSTXs1HrnNut1ZwfS/kv9SPfD89Aprx0cr39h/0rARDvXI7P6sj7xz
2QV+Gfu1vYZq+f4d3WHG8JVv/Ib8gPkomAy5hXPklKURrm17YLtUINzTvNpVm4fn
jkSi59sJgWmJkrEqcMpRF8z66/xSXEW9CJB0ygCjWohWeCjd/G4N2Bc//rBC7vni
kCj0LZTl3HKiMGEjFfnOYmpan62FZ9Kdd+GSCJe2Ce+s4QEdgnVfzC3Yve29ep8r
PePJjxc8juWzQX+HIqZbSh5UZBC34wX5hbDPA2zrOb7qYdWKXbIOsOXIlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUAZRJV3zvKUnTcBCl4ymfjvVEoMB8GA1UdIwQY
MBaAFNM6YgsqzI/DC4xNUY+Sl+P3yaYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpwaUN5ck1qOE1MakUxUmo1S1g0X2ZKcGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8yYTRlZTMtZDc2ZC00OGJlLWFkZDYt
NzhmOTkyNDc1ZTFmLzEvZFFCbEVsWGZPOHBTZE53RUtYaktaLU85VVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8yYTRlZTMtZDc2ZC00OGJlLWFkZDYtNzhmOTkyNDc1ZTFm
LzEvMHpwaUN5ck1qOE1MakUxUmo1S1g0X2ZKcGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgC/MA0G
CSqGSIb3DQEBCwUAA4IBAQAx3zHvAnOgBjUY/W+qbKyuLnv9EjSXrlujKIRpyPMO
UisUpIOumkB96nFrYPv2vdjFsh6ek2KvblkiiHtUh7/AbFVmpk5jQCQW9oIT29Br
6nYRae+Wh0PuyEAHA6sA1oloOkC0ncAB1qw1wot0SXyUQ3b1ocTYvZ8mxtRn3isu
VrwnchzuUca/nObQTFmq7OJauTniQ3YO13NalCetlpGq1a+A1do1mE8gYlbaatXC
Z20agIY3dTVRsrF5G9g1y5h8T8OmPTqvqoHP2O0xHAioYtFPrq40T/W1Sj/zXkDm
olWp2Z1KdhOH1Ss9Z9Pr0KQJ4MATB7ZEC5D73HlkMhMw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net