Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/SP28_jHb7HdpL8kRSdHAOjsksdQ.roa
File: SP28_jHb7HdpL8kRSdHAOjsksdQ.roa (raw, json)
Hash identifier: shbtIyWj/7CAGUDTVci46Qe4RvbogwsB7nMKRvAKHhM=
Subject key identifier: 48:FD:BC:FE:31:DB:EC:77:69:2F:C9:11:49:D1:C0:3A:3B:24:B1:D4
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB38791419D28CF029954CBEE12703
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/SP28_jHb7HdpL8kRSdHAOjsksdQ.roa
Signing time: Wed 01 Jan 2025 17:47:56 +0000
ROA not before: Wed 01 Jan 2025 17:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:38:79:14:19:d2:8c:f0:29:95:4c:be:e1:27:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48fdbcfe31dbec77692fc91149d1c03a3b24b1d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ac:cb:df:b1:46:41:08:c9:c8:b7:e7:72:1b:
a4:80:e9:6f:7c:89:2b:4d:33:90:ea:ee:4a:8f:d8:
23:5f:50:a7:91:b5:f8:f8:51:d4:39:c8:d0:e9:0e:
7f:96:b9:dd:0a:22:73:f7:30:f2:87:0e:c2:a8:95:
ab:c9:e0:36:11:12:ce:db:e0:51:74:60:f7:fe:61:
13:b3:2c:d7:38:d5:29:38:e5:ec:96:27:43:6c:7e:
05:a2:f0:ea:01:03:0a:6e:01:51:05:30:8a:8b:87:
c9:22:76:4b:ad:48:da:53:6b:a9:42:ac:88:c9:bb:
c7:df:46:d2:6a:d2:af:4f:ea:14:6d:a3:e6:33:f6:
99:a8:8b:11:8a:c8:7c:9d:b4:c8:8b:1e:84:ad:86:
c5:af:ab:69:53:ab:74:d1:2b:e1:41:6b:1e:f5:de:
3d:4d:b3:4b:9b:88:1f:72:cd:88:3c:bd:b9:0a:ae:
3b:62:e6:73:99:47:19:6f:2e:ec:8e:f1:13:ae:81:
c2:5b:f3:27:c9:62:80:79:59:4e:fd:99:72:60:a2:
a0:bc:34:29:f1:45:19:02:19:96:71:bb:66:36:49:
e0:fe:dd:84:9e:31:0d:14:cc:28:05:c1:d1:16:fb:
4d:da:a7:5b:d7:fc:bc:e9:01:ec:08:20:63:6f:38:
d8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FD:BC:FE:31:DB:EC:77:69:2F:C9:11:49:D1:C0:3A:3B:24:B1:D4
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/SP28_jHb7HdpL8kRSdHAOjsksdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:54:5d:19:90:a1:d7:a7:8e:32:81:7b:62:5b:ac:43:35:e7:
c0:42:30:c9:98:64:97:e4:3b:d9:3b:16:a0:e7:58:da:ba:13:
40:2a:07:77:2e:57:78:74:b0:fd:83:cc:4d:25:1c:f9:a2:d8:
a9:64:f1:d2:10:d5:32:7f:0a:27:2f:6e:e3:ad:71:60:b6:e6:
10:7e:ed:a6:aa:42:09:fc:5a:a5:2c:1d:bd:e1:c0:31:6d:04:
8f:4a:41:80:f7:4d:69:10:07:a9:23:ba:42:d5:e6:fb:10:bf:
f1:23:b2:9b:d4:fe:07:d1:45:0e:8a:09:cc:8e:27:c1:7d:b9:
1e:30:83:bd:71:e9:07:b5:55:bf:46:6a:17:70:09:04:37:2b:
7f:a3:48:8f:f0:bd:10:ed:eb:8c:44:3b:53:bf:e5:b1:0b:d3:
e7:53:f8:bc:5d:78:60:eb:22:c8:1d:b0:38:1c:a8:2d:33:ae:
14:fc:18:f0:b3:af:c1:62:f2:c8:6f:d5:2a:91:ca:02:ec:7f:
26:09:ed:f2:bc:9f:6d:5e:a2:a7:4a:51:dc:a9:38:80:1b:31:
c2:a1:be:4e:a6:03:fa:fd:ad:d7:34:3a:1f:89:ad:41:d7:16:
a9:0e:b2:d8:39:2d:8f:da:38:63:22:15:5b:56:87:80:bc:e3:
70:75:40:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zh5FBnSjPAplUy+4ScDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZkYmNmZTMxZGJlYzc3NjkyZmM5MTE0OWQxYzAzYTNiMjRiMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhazL37FGQQjJyLfnchukgOlvfIkr
TTOQ6u5Kj9gjX1CnkbX4+FHUOcjQ6Q5/lrndCiJz9zDyhw7CqJWryeA2ERLO2+BR
dGD3/mETsyzXONUpOOXslidDbH4FovDqAQMKbgFRBTCKi4fJInZLrUjaU2upQqyI
ybvH30bSatKvT+oUbaPmM/aZqIsRish8nbTIix6ErYbFr6tpU6t00SvhQWse9d49
TbNLm4gfcs2IPL25Cq47YuZzmUcZby7sjvETroHCW/MnyWKAeVlO/ZlyYKKgvDQp
8UUZAhmWcbtmNkng/t2EnjENFMwoBcHRFvtN2qdb1/y86QHsCCBjbzjY7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEj9vP4x2+x3aS/JEUnRwDo7JLHUMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvU1AyOF9qSGI3SGRwTDhrUlNkSEFPanNrc2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3IMA0G
CSqGSIb3DQEBCwUAA4IBAQCMVF0ZkKHXp44ygXtiW6xDNefAQjDJmGSX5DvZOxag
51jauhNAKgd3Lld4dLD9g8xNJRz5otipZPHSENUyfwonL27jrXFgtuYQfu2mqkIJ
/FqlLB294cAxbQSPSkGA901pEAepI7pC1eb7EL/xI7Kb1P4H0UUOignMjifBfbke
MIO9cekHtVW/RmoXcAkENyt/o0iP8L0Q7euMRDtTv+WxC9PnU/i8XXhg6yLIHbA4
HKgtM64U/Bjws6/BYvLIb9UqkcoC7H8mCe3yvJ9tXqKnSlHcqTiAGzHCob5OpgP6
/a3XNDofia1B1xapDrLYOS2P2jhjIhVbVoeAvONwdUAd
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:25:05 2025 by rpki-client on console.sobornost.net