Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/ChRH7dBDxb1weLGvVRfQis9Rg3Y.roa
File: ChRH7dBDxb1weLGvVRfQis9Rg3Y.roa (raw, json)
Hash identifier: wO0mTzTihbQlap/EisW3oXQUnWCtN3yf2lFQECPIAtE=
Subject key identifier: 0A:14:47:ED:D0:43:C5:BD:70:78:B1:AF:55:17:D0:8A:CF:51:83:76
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 0196241E5DFB0EBDE595AB4B9E006DDD5EC0
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/ChRH7dBDxb1weLGvVRfQis9Rg3Y.roa
Signing time: Fri 11 Apr 2025 09:11:31 +0000
ROA not before: Fri 11 Apr 2025 09:11:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.109.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:1e:5d:fb:0e:bd:e5:95:ab:4b:9e:00:6d:dd:5e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: Apr 11 09:11:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a1447edd043c5bd7078b1af5517d08acf518376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e1:ce:40:5a:6d:7c:0e:d8:51:03:d8:50:39:
74:ff:c5:26:3f:42:3a:27:76:93:eb:05:93:51:86:
5b:81:8a:64:04:15:98:90:f2:27:39:26:bd:35:68:
5f:7e:73:dc:f4:ee:d1:9d:50:dc:6a:9c:08:ec:3f:
60:d9:3e:d1:f0:e2:ef:24:27:f6:73:04:fe:c5:7d:
54:b7:90:e0:80:82:7b:23:3d:d8:20:3f:1b:fc:b0:
a2:0b:70:4c:d5:e3:8b:07:13:de:7b:fd:6d:fe:d2:
bf:05:14:73:6c:3c:eb:b8:37:ab:36:e9:9c:cb:42:
c4:bd:0d:ef:15:44:ec:28:88:34:63:45:d1:04:70:
09:0e:25:2a:0f:0b:93:6c:60:bd:6b:1c:ee:af:82:
08:fb:6d:63:3d:df:f0:c6:b1:88:d0:16:e1:64:67:
dd:d3:2e:97:a5:0f:4d:c4:9c:33:b3:fd:d0:42:58:
f6:b7:2a:97:6a:f5:0b:89:44:cc:e5:40:89:ad:39:
1f:19:1c:d4:99:13:81:cd:72:a1:d8:70:9e:b9:15:
5d:26:e9:6f:fc:0c:2c:b7:c6:d3:a6:09:5e:48:7d:
b4:9d:99:20:3e:68:da:c9:bf:40:cb:8d:e0:84:d2:
29:b6:28:d7:8b:11:8e:9b:2f:eb:85:13:5f:cd:23:
f4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:14:47:ED:D0:43:C5:BD:70:78:B1:AF:55:17:D0:8A:CF:51:83:76
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/ChRH7dBDxb1weLGvVRfQis9Rg3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.92.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:9a:41:a1:35:d5:d0:3e:6c:3f:f5:96:df:e7:e5:5b:00:25:
74:aa:ca:27:6e:04:48:fb:b7:a8:f7:a3:88:f6:1c:34:d0:00:
ad:a8:d4:2c:f3:ce:89:e3:e3:66:01:89:06:d0:17:ae:6e:88:
d2:4a:30:ce:f8:c2:6e:88:33:37:5d:3f:3f:68:3c:60:38:69:
2c:79:88:bd:b3:3e:72:d3:23:0b:d3:96:a3:60:e8:d3:01:12:
78:f1:e5:c6:68:77:d5:36:21:0a:ea:d0:12:b9:2a:a9:95:34:
7d:8d:3a:aa:fe:fd:88:97:3d:2c:de:ff:a7:fc:be:bc:1d:0c:
bf:83:53:ad:0d:5d:61:42:16:8f:c2:4e:1d:f7:c6:f0:94:96:
28:3a:9d:a9:15:ba:7b:ce:c9:29:4d:a1:3d:7f:e8:af:11:01:
90:11:ff:80:f5:ea:99:5d:0a:8b:0f:61:82:47:7f:05:c9:fd:
a3:dd:bc:0b:63:b4:67:ab:62:fd:6b:1b:32:df:fe:bc:7a:72:
f3:60:1a:6c:c4:8b:a6:68:79:6a:65:01:76:a9:54:ba:c4:ff:
f9:e7:b2:23:24:5e:f5:a9:58:ea:a7:45:ad:b9:48:5c:03:82:
3d:df:0d:49:09:5e:ac:cc:60:b9:00:4d:ab:12:35:71:7f:9e:
81:b6:68:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYkHl37Dr3llatLngBt3V7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjUwNDExMDkxMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE0NDdlZGQwNDNjNWJkNzA3OGIxYWY1NTE3ZDA4YWNmNTE4Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uHOQFptfA7YUQPYUDl0/8UmP0I6
J3aT6wWTUYZbgYpkBBWYkPInOSa9NWhffnPc9O7RnVDcapwI7D9g2T7R8OLvJCf2
cwT+xX1Ut5DggIJ7Iz3YID8b/LCiC3BM1eOLBxPee/1t/tK/BRRzbDzruDerNumc
y0LEvQ3vFUTsKIg0Y0XRBHAJDiUqDwuTbGC9axzur4II+21jPd/wxrGI0BbhZGfd
0y6XpQ9NxJwzs/3QQlj2tyqXavULiUTM5UCJrTkfGRzUmROBzXKh2HCeuRVdJulv
/Awst8bTpgleSH20nZkgPmjayb9Ay43ghNIptijXixGOmy/rhRNfzSP0iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoUR+3QQ8W9cHixr1UX0IrPUYN2MB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvQ2hSSDdkQkR4YjF3ZUxHdlZSZlFpczlSZzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVm1cMA0G
CSqGSIb3DQEBCwUAA4IBAQCumkGhNdXQPmw/9Zbf5+VbACV0qsonbgRI+7eo96OI
9hw00ACtqNQs886J4+NmAYkG0BeubojSSjDO+MJuiDM3XT8/aDxgOGkseYi9sz5y
0yML05ajYOjTARJ48eXGaHfVNiEK6tASuSqplTR9jTqq/v2Ilz0s3v+n/L68HQy/
g1OtDV1hQhaPwk4d98bwlJYoOp2pFbp7zskpTaE9f+ivEQGQEf+A9eqZXQqLD2GC
R38Fyf2j3bwLY7Rnq2L9axsy3/68enLzYBpsxIumaHlqZQF2qVS6xP/557IjJF71
qVjqp0WtuUhcA4I93w1JCV6szGC5AE2rEjVxf56Btmih
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:49 2025 by rpki-client on console.sobornost.net