Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/a1c15f-8993-478d-a66d-1281823422e8/1/0pwnY_zDC9QWuxHCJb384vINSgc.roa
File: 0pwnY_zDC9QWuxHCJb384vINSgc.roa (raw, json)
Hash identifier: iyfLOVIaAFsrU/Z056f31w+yxIsX4BAawgP2n7uo+bc=
Subject key identifier: D2:9C:27:63:FC:C3:0B:D4:16:BB:11:C2:25:BD:FC:E2:F2:0D:4A:07
Certificate issuer: /CN=a3cff0b9e872f975cca3b23b20911cf678fff4be
Certificate serial: 01942236E5B853F269D7946571C08CA5BBE4
Authority key identifier: A3:CF:F0:B9:E8:72:F9:75:CC:A3:B2:3B:20:91:1C:F6:78:FF:F4:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8_wuehy-XXMo7I7IJEc9nj_9L4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/a1c15f-8993-478d-a66d-1281823422e8/1/0pwnY_zDC9QWuxHCJb384vINSgc.roa
Signing time: Wed 01 Jan 2025 14:13:30 +0000
ROA not before: Wed 01 Jan 2025 14:13:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48551
IP address blocks: 185.229.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:36:e5:b8:53:f2:69:d7:94:65:71:c0:8c:a5:bb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3cff0b9e872f975cca3b23b20911cf678fff4be
Validity
Not Before: Jan 1 14:13:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d29c2763fcc30bd416bb11c225bdfce2f20d4a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f0:54:28:4c:2e:63:ca:ba:3b:52:3c:13:3c:
25:30:77:9c:84:36:65:7a:12:d0:3b:14:25:e0:16:
4a:03:88:13:b7:d9:08:0a:8d:a4:0d:ac:dc:a8:3f:
b7:d9:3e:b8:6e:6f:14:86:6f:d3:2b:a4:69:a1:71:
f1:3a:c1:a9:fc:52:79:11:92:8b:85:b3:14:e1:b9:
3d:e4:a4:36:69:67:1b:bb:f9:77:3a:f4:b6:fa:a8:
0e:7b:d0:02:d9:1b:9a:dc:e3:25:79:6a:fa:44:1f:
07:ad:55:67:c8:23:01:d2:41:54:39:29:55:08:48:
e3:26:ab:bd:75:b5:9f:af:66:fe:b6:4f:64:9a:52:
66:f4:f1:f7:40:34:cf:80:bc:a6:85:7b:63:e5:d5:
bf:c5:20:9c:da:a1:f7:f5:f6:3d:8b:bb:d5:ca:0b:
fb:a2:c6:25:88:3c:a7:e6:ef:0f:bf:35:0c:49:c7:
44:60:3a:3f:d0:b4:e1:71:28:22:66:cf:92:64:20:
c8:cf:79:7f:4b:ca:fc:28:89:5a:19:c4:fc:9c:46:
a7:9e:0e:f6:bf:cb:3b:74:c4:28:db:5b:3a:6b:26:
e0:af:67:ab:f7:7b:7e:d7:86:8e:d0:88:44:ce:23:
2b:62:2f:64:9e:e1:ec:90:de:19:fc:13:72:07:a3:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9C:27:63:FC:C3:0B:D4:16:BB:11:C2:25:BD:FC:E2:F2:0D:4A:07
X509v3 Authority Key Identifier:
keyid:A3:CF:F0:B9:E8:72:F9:75:CC:A3:B2:3B:20:91:1C:F6:78:FF:F4:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8_wuehy-XXMo7I7IJEc9nj_9L4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/a1c15f-8993-478d-a66d-1281823422e8/1/0pwnY_zDC9QWuxHCJb384vINSgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/a1c15f-8993-478d-a66d-1281823422e8/1/o8_wuehy-XXMo7I7IJEc9nj_9L4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.134.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:1b:83:98:58:47:a3:66:48:1f:14:25:70:6e:6a:5f:99:8b:
02:bf:df:c1:f4:b0:f6:4f:96:44:30:1c:64:94:4c:bf:4b:09:
7a:46:7c:0e:97:0d:80:bb:51:f7:39:3c:74:e8:c2:a3:08:dc:
c5:a8:ae:21:04:7a:24:50:78:39:ab:84:39:d8:f4:77:4f:b7:
e4:04:de:b0:3a:96:0e:82:77:80:58:03:90:db:6c:5a:6a:8c:
ac:94:b1:d3:b7:9c:8a:87:db:94:b2:4d:56:79:d1:bb:11:f7:
a1:aa:e5:72:8b:f1:d0:cc:8b:3d:04:ab:6e:08:0e:d2:16:65:
e0:e3:de:5b:bf:d3:39:47:83:17:0c:36:ad:93:8c:98:47:63:
9c:00:a9:b2:48:1b:45:5a:2b:a4:d9:f7:54:4b:8d:1e:c2:27:
61:95:2e:e6:80:14:5e:6c:2d:35:65:81:89:ab:b2:d2:2a:1f:
7d:70:f2:47:74:06:bd:af:4c:3b:78:02:2d:00:24:f8:3a:6f:
5c:cc:20:04:ba:e4:f6:bf:a2:68:88:bc:66:bc:42:93:0b:94:
d1:29:c4:54:22:ab:2e:3a:8e:41:0d:48:f9:ed:dc:6c:f8:b2:
7c:86:47:68:24:2f:b2:bc:16:c0:28:13:7b:a6:a2:24:ff:28:
f8:be:80:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiNuW4U/Jp15RlccCMpbvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzY2ZmMGI5ZTg3MmY5NzVjY2EzYjIzYjIwOTExY2Y2Nzhm
ZmY0YmUwHhcNMjUwMTAxMTQxMzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjljMjc2M2ZjYzMwYmQ0MTZiYjExYzIyNWJkZmNlMmYyMGQ0YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPBUKEwuY8q6O1I8EzwlMHechDZl
ehLQOxQl4BZKA4gTt9kICo2kDazcqD+32T64bm8Uhm/TK6RpoXHxOsGp/FJ5EZKL
hbMU4bk95KQ2aWcbu/l3OvS2+qgOe9AC2Rua3OMleWr6RB8HrVVnyCMB0kFUOSlV
CEjjJqu9dbWfr2b+tk9kmlJm9PH3QDTPgLymhXtj5dW/xSCc2qH39fY9i7vVygv7
osYliDyn5u8PvzUMScdEYDo/0LThcSgiZs+SZCDIz3l/S8r8KIlaGcT8nEanng72
v8s7dMQo21s6aybgr2er93t+14aO0IhEziMrYi9knuHskN4Z/BNyB6NEGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKcJ2P8wwvUFrsRwiW9/OLyDUoHMB8GA1UdIwQY
MBaAFKPP8Lnocvl1zKOyOyCRHPZ4//S+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhfd3VlaHktWFhNbzdJN0lKRWM5bmpfOUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9hMWMxNWYtODk5My00NzhkLWE2NmQt
MTI4MTgyMzQyMmU4LzEvMHB3bllfekRDOVFXdXhIQ0piMzg0dklOU2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9hMWMxNWYtODk5My00NzhkLWE2NmQtMTI4MTgyMzQyMmU4
LzEvbzhfd3VlaHktWFhNbzdJN0lKRWM5bmpfOUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueWGMA0G
CSqGSIb3DQEBCwUAA4IBAQCNG4OYWEejZkgfFCVwbmpfmYsCv9/B9LD2T5ZEMBxk
lEy/Swl6RnwOlw2Au1H3OTx06MKjCNzFqK4hBHokUHg5q4Q52PR3T7fkBN6wOpYO
gneAWAOQ22xaaoyslLHTt5yKh9uUsk1WedG7EfehquVyi/HQzIs9BKtuCA7SFmXg
495bv9M5R4MXDDatk4yYR2OcAKmySBtFWiuk2fdUS40ewidhlS7mgBRebC01ZYGJ
q7LSKh99cPJHdAa9r0w7eAItACT4Om9czCAEuuT2v6JoiLxmvEKTC5TRKcRUIqsu
Oo5BDUj57dxs+LJ8hkdoJC+yvBbAKBN7pqIk/yj4voDv
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:49:10 2025 by rpki-client on console.sobornost.net