Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/kIzUAPC0DdQ_FT2bfHdyL_f4yoU.roa
File: kIzUAPC0DdQ_FT2bfHdyL_f4yoU.roa (raw, json)
Hash identifier: rSGry/QGGACqFb/sa5t28CBZOiur+so7pmuHdYgh5Pk=
Subject key identifier: 90:8C:D4:00:F0:B4:0D:D4:3F:15:3D:9B:7C:77:72:2F:F7:F8:CA:85
Certificate issuer: /CN=d9112e8993b00bda2b4e9c02ac57837400aac404
Certificate serial: 019420D5ABB682DDA6DF40E6002DC8A692CC
Authority key identifier: D9:11:2E:89:93:B0:0B:DA:2B:4E:9C:02:AC:57:83:74:00:AA:C4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2REuiZOwC9orTpwCrFeDdACqxAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/kIzUAPC0DdQ_FT2bfHdyL_f4yoU.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212152
IP address blocks: 198.62.104.0/24 maxlen: 24
198.205.12.0/24 maxlen: 24
198.205.13.0/24 maxlen: 24
198.205.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ab:b6:82:dd:a6:df:40:e6:00:2d:c8:a6:92:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9112e8993b00bda2b4e9c02ac57837400aac404
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=908cd400f0b40dd43f153d9b7c77722ff7f8ca85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:5d:35:56:1a:79:42:63:63:73:40:eb:87:75:
41:0e:14:a0:a6:da:0e:e8:2e:48:f6:75:0f:9c:5c:
00:d6:1a:f8:1a:0d:80:5a:dd:a7:84:86:4c:77:37:
dc:9c:5b:4a:30:e1:00:d2:a5:43:92:75:e6:c5:e5:
ff:fc:fe:c6:ec:cc:f5:84:9d:12:80:97:96:d3:3a:
07:19:a4:56:2b:88:4b:00:05:3f:f5:b5:7a:fa:ca:
e4:7d:34:ec:6e:64:9c:07:cc:42:9e:1f:c0:ac:03:
1d:ea:8d:5d:d4:c7:82:3e:b2:2f:53:68:f5:55:90:
67:c4:0d:d2:9b:aa:39:f5:c6:1d:13:d3:6a:89:c4:
96:d5:34:a8:43:d6:1b:09:a7:b8:5d:a8:7c:fa:64:
2b:de:7f:10:dd:c8:77:a5:d5:7c:c4:7c:2a:20:47:
e7:58:a8:28:f1:ec:50:86:0d:59:46:f7:14:14:c3:
1c:fc:c0:9d:e1:ba:02:e4:19:ba:cf:21:66:83:35:
3c:ff:d4:a1:d7:ee:48:d2:70:b8:39:74:31:68:ff:
5e:ef:c4:5e:63:70:26:b7:af:92:f4:2c:37:54:37:
d6:b3:7f:1a:95:a7:bf:14:dc:93:d7:c1:20:06:03:
07:fc:32:14:79:f7:1e:88:40:1d:e9:4e:19:54:34:
11:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8C:D4:00:F0:B4:0D:D4:3F:15:3D:9B:7C:77:72:2F:F7:F8:CA:85
X509v3 Authority Key Identifier:
keyid:D9:11:2E:89:93:B0:0B:DA:2B:4E:9C:02:AC:57:83:74:00:AA:C4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2REuiZOwC9orTpwCrFeDdACqxAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/kIzUAPC0DdQ_FT2bfHdyL_f4yoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c6f9e8-4b75-44e4-a0d6-517a661ae6bd/1/2REuiZOwC9orTpwCrFeDdACqxAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.62.104.0/24
198.205.12.0-198.205.14.255
Signature Algorithm: sha256WithRSAEncryption
5f:00:d2:3b:ac:90:8f:b1:1e:08:11:d2:ab:e9:c9:ff:38:ca:
e9:ba:8b:c7:36:9e:8c:c6:61:49:e6:58:88:71:8e:d9:2d:55:
63:17:4e:0c:41:cd:e7:ba:8c:30:de:de:53:12:17:53:d2:13:
98:55:cf:d7:3c:19:99:47:77:7c:fe:5d:d0:4f:9c:1e:a7:49:
8a:94:24:6c:46:66:85:e0:62:24:c3:ff:71:71:26:f6:2f:91:
1f:b8:3d:8a:63:08:f6:f2:ae:1f:a8:2c:a2:3c:42:79:a3:e6:
de:e5:87:ee:2c:8a:49:7e:26:84:3a:b3:fb:a8:c8:8d:b4:67:
de:2c:7e:65:33:fd:03:f1:8b:68:11:87:0d:ec:a5:cc:b6:d5:
ea:76:1e:62:90:e4:97:98:22:da:77:80:63:f2:7c:30:ba:8e:
87:d4:04:2c:81:b2:0e:ae:67:9a:8a:b6:83:ac:8f:48:e0:1c:
92:bf:bb:8e:09:2d:ec:6e:7f:0c:36:ea:5f:40:4b:81:14:4f:
7d:a5:ed:d2:92:13:0a:96:40:d5:10:77:09:69:f8:a2:fd:72:
36:ac:c6:1e:29:b1:ef:5c:9f:85:79:af:de:e7:f9:ed:93:84:
1b:49:90:90:c0:68:21:79:1c:1f:13:8a:0d:d8:d9:30:cf:00:
c2:b4:ab:e3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQg1au2gt2m30DmAC3IppLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTEyZTg5OTNiMDBiZGEyYjRlOWMwMmFjNTc4Mzc0MDBh
YWM0MDQwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhjZDQwMGYwYjQwZGQ0M2YxNTNkOWI3Yzc3NzIyZmY3ZjhjYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9l01Vhp5QmNjc0Drh3VBDhSgptoO
6C5I9nUPnFwA1hr4Gg2AWt2nhIZMdzfcnFtKMOEA0qVDknXmxeX//P7G7Mz1hJ0S
gJeW0zoHGaRWK4hLAAU/9bV6+srkfTTsbmScB8xCnh/ArAMd6o1d1MeCPrIvU2j1
VZBnxA3Sm6o59cYdE9NqicSW1TSoQ9YbCae4Xah8+mQr3n8Q3ch3pdV8xHwqIEfn
WKgo8exQhg1ZRvcUFMMc/MCd4boC5Bm6zyFmgzU8/9Sh1+5I0nC4OXQxaP9e78Re
Y3Amt6+S9Cw3VDfWs38alae/FNyT18EgBgMH/DIUefceiEAd6U4ZVDQRbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJCM1ADwtA3UPxU9m3x3ci/3+MqFMB8GA1UdIwQY
MBaAFNkRLomTsAvaK06cAqxXg3QAqsQEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJFdWlaT3dDOW9yVHB3Q3JGZURkQUNxeEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jNmY5ZTgtNGI3NS00NGU0LWEwZDYt
NTE3YTY2MWFlNmJkLzEva0l6VUFQQzBEZFFfRlQyYmZIZHlMX2Y0eW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jNmY5ZTgtNGI3NS00NGU0LWEwZDYtNTE3YTY2MWFlNmJk
LzEvMlJFdWlaT3dDOW9yVHB3Q3JGZURkQUNxeEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAxj5oMAwD
BALGzQwDBADGzQ4wDQYJKoZIhvcNAQELBQADggEBAF8A0juskI+xHggR0qvpyf84
yum6i8c2nozGYUnmWIhxjtktVWMXTgxBzee6jDDe3lMSF1PSE5hVz9c8GZlHd3z+
XdBPnB6nSYqUJGxGZoXgYiTD/3FxJvYvkR+4PYpjCPbyrh+oLKI8Qnmj5t7lh+4s
ikl+JoQ6s/uoyI20Z94sfmUz/QPxi2gRhw3spcy21ep2HmKQ5JeYItp3gGPyfDC6
jofUBCyBsg6uZ5qKtoOsj0jgHJK/u44JLexufww26l9AS4EUT32l7dKSEwqWQNUQ
dwlp+KL9cjasxh4pse9cn4V5r97n+e2ThBtJkJDAaCF5HB8Tig3Y2TDPAMK0q+M=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:05 2025 by rpki-client on console.sobornost.net