Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/cH_DJKgBmzslket3VUx6YX5cgVY.roa
File: cH_DJKgBmzslket3VUx6YX5cgVY.roa (raw, json)
Hash identifier: uLbc4oJP9W2SYmp+K5RveZ5JkK6djDmntWnr1BfZmrA=
Subject key identifier: 70:7F:C3:24:A8:01:9B:3B:25:91:EB:77:55:4C:7A:61:7E:5C:81:56
Certificate issuer: /CN=fb5d3e114fbce2cf0f920431c56a7c73dfda5a7e
Certificate serial: 0194F95F57B79D967DA32E4DE136C65A44B6
Authority key identifier: FB:5D:3E:11:4F:BC:E2:CF:0F:92:04:31:C5:6A:7C:73:DF:DA:5A:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-10-EU-84s8PkgQxxWp8c9_aWn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/cH_DJKgBmzslket3VUx6YX5cgVY.roa
Signing time: Wed 12 Feb 2025 08:56:02 +0000
ROA not before: Wed 12 Feb 2025 08:56:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57032
IP address blocks: 2.57.239.0/24 maxlen: 24
185.119.192.0/22 maxlen: 24
2a12:9bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:5f:57:b7:9d:96:7d:a3:2e:4d:e1:36:c6:5a:44:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb5d3e114fbce2cf0f920431c56a7c73dfda5a7e
Validity
Not Before: Feb 12 08:56:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=707fc324a8019b3b2591eb77554c7a617e5c8156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a3:14:ae:3b:68:28:5c:02:ed:b9:cb:25:bb:
34:6b:41:c3:e7:18:65:96:97:14:7b:cb:f8:f1:c7:
b9:9a:d3:56:ac:eb:74:d8:33:a8:3f:3a:c7:3b:7e:
04:72:20:d3:b7:0f:8e:b7:6f:4b:32:3e:73:94:5e:
c8:74:68:d0:5d:d5:51:2b:14:cf:79:c3:56:db:46:
0e:25:cf:ac:c5:85:4d:65:33:0e:00:de:94:dd:3e:
7b:a9:c3:73:b3:1c:d2:7a:a8:1c:30:15:9e:da:f1:
fe:3e:15:96:64:34:51:2c:28:99:49:60:f1:8b:79:
a1:5f:c6:09:c2:47:64:a3:78:bf:55:8c:02:a4:05:
5f:db:0c:d1:f5:b7:73:c2:ae:ef:59:99:8c:23:6e:
93:0f:72:24:c2:75:87:a0:43:dc:3b:64:5a:e8:27:
54:9e:05:35:d2:5c:66:82:3c:1c:e3:e2:8a:1b:91:
1f:d0:8c:6e:6a:f8:90:33:c5:4b:d5:26:54:a2:76:
0c:9e:7c:ac:6d:a0:2d:4d:e9:82:ee:c9:3b:25:d5:
19:9c:31:79:ec:6d:74:c9:fb:10:8d:3d:27:d7:43:
b0:e2:a5:bc:4e:ad:97:a4:e6:7f:87:e7:bc:b3:1f:
63:2e:7c:53:f7:06:d3:68:bd:5c:73:d3:46:88:43:
fa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7F:C3:24:A8:01:9B:3B:25:91:EB:77:55:4C:7A:61:7E:5C:81:56
X509v3 Authority Key Identifier:
keyid:FB:5D:3E:11:4F:BC:E2:CF:0F:92:04:31:C5:6A:7C:73:DF:DA:5A:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-10-EU-84s8PkgQxxWp8c9_aWn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/cH_DJKgBmzslket3VUx6YX5cgVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/1-10-EU-84s8PkgQxxWp8c9_aWn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.239.0/24
185.119.192.0/22
IPv6:
2a12:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
25:40:b3:0f:a0:88:62:85:21:70:9e:ca:a3:e1:c7:1e:45:77:
7a:f6:86:7f:dd:9a:03:30:99:85:e5:95:79:a2:4c:d4:f2:98:
99:f0:c0:b2:42:41:13:c0:67:d4:d5:e3:25:54:a9:6e:5d:28:
5e:2e:0f:fe:6c:28:27:c9:09:bd:5d:ea:af:e1:97:c9:92:dc:
78:4d:b2:81:79:04:70:b7:de:fb:b4:a8:a2:9e:40:4d:8c:ff:
70:a8:42:13:34:73:77:1f:f2:a0:4c:e2:17:21:62:ec:a4:4a:
d9:2e:9e:2c:48:5a:08:08:e2:71:b7:2c:6a:37:07:14:17:bf:
f7:83:d5:0f:2c:27:33:54:f6:59:ae:6f:6f:ce:25:2e:69:14:
e9:51:91:87:71:64:91:d7:24:8c:e0:be:5d:16:59:69:3f:65:
db:ae:e8:4e:ec:b1:57:0e:6d:b1:49:59:48:5a:7f:4b:e9:db:
c9:9c:a4:2a:9e:51:8c:b0:f0:0b:93:5e:34:52:14:cd:be:2b:
90:f2:24:cc:37:73:24:2c:97:be:f7:fc:08:33:82:e7:a4:ce:
09:a4:3e:b6:ad:fc:c1:1c:80:96:5d:7e:16:3a:9e:66:aa:69:
13:67:10:7a:f4:39:cf:f0:9c:e2:b4:85:66:e6:07:e7:b2:a5:
78:7b:a7:80
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZT5X1e3nZZ9oy5N4TbGWkS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNWQzZTExNGZiY2UyY2YwZjkyMDQzMWM1NmE3YzczZGZk
YTVhN2UwHhcNMjUwMjEyMDg1NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdmYzMyNGE4MDE5YjNiMjU5MWViNzc1NTRjN2E2MTdlNWM4MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aMUrjtoKFwC7bnLJbs0a0HD5xhl
lpcUe8v48ce5mtNWrOt02DOoPzrHO34EciDTtw+Ot29LMj5zlF7IdGjQXdVRKxTP
ecNW20YOJc+sxYVNZTMOAN6U3T57qcNzsxzSeqgcMBWe2vH+PhWWZDRRLCiZSWDx
i3mhX8YJwkdko3i/VYwCpAVf2wzR9bdzwq7vWZmMI26TD3IkwnWHoEPcO2Ra6CdU
ngU10lxmgjwc4+KKG5Ef0IxuaviQM8VL1SZUonYMnnysbaAtTemC7sk7JdUZnDF5
7G10yfsQjT0n10Ow4qW8Tq2XpOZ/h+e8sx9jLnxT9wbTaL1cc9NGiEP61QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHB/wySoAZs7JZHrd1VMemF+XIFWMB8GA1UdIwQY
MBaAFPtdPhFPvOLPD5IEMcVqfHPf2lp+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0xMC1FVS04NHM4UGtnUXh4V3A4YzlfYVduNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvZTcwZDk4LTQyNmUtNDZmZS1hZmFm
LTgyMTM5ZjNiNDMzYy8xL2NIX0RKS2dCbXpzbGtldDNWVXg2WVg1Y2dWWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjIvZTcwZDk4LTQyNmUtNDZmZS1hZmFmLTgyMTM5ZjNiNDMz
Yy8xLzEtMTAtRVUtODRzOFBrZ1F4eFdwOGM5X2FXbjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAACOe8D
BAK5d8AwDQQCAAIwBwMFAyoSm8AwDQYJKoZIhvcNAQELBQADggEBACVAsw+giGKF
IXCeyqPhxx5Fd3r2hn/dmgMwmYXllXmiTNTymJnwwLJCQRPAZ9TV4yVUqW5dKF4u
D/5sKCfJCb1d6q/hl8mS3HhNsoF5BHC33vu0qKKeQE2M/3CoQhM0c3cf8qBM4hch
YuykStkunixIWggI4nG3LGo3BxQXv/eD1Q8sJzNU9lmub2/OJS5pFOlRkYdxZJHX
JIzgvl0WWWk/Zduu6E7ssVcObbFJWUhaf0vp28mcpCqeUYyw8AuTXjRSFM2+K5Dy
JMw3cyQsl773/AgzguekzgmkPrat/MEcgJZdfhY6nmaqaRNnEHr0Oc/wnOK0hWbm
B+eypXh7p4A=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net