Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/qMZm8Udrq7vD5T2yYBAeB18Ev8A.roa
File: qMZm8Udrq7vD5T2yYBAeB18Ev8A.roa (raw, json)
Hash identifier: z2089CzZPnbakpAVa3XOh5ZgRIHqWKGPuJw64Jno6FU=
Subject key identifier: A8:C6:66:F1:47:6B:AB:BB:C3:E5:3D:B2:60:10:1E:07:5F:04:BF:C0
Certificate issuer: /CN=b8fada87a76f29f82e25a3179e7a38cf0c6b0300
Certificate serial: 01942444DB25092433A8634B06BE56A01603
Authority key identifier: B8:FA:DA:87:A7:6F:29:F8:2E:25:A3:17:9E:7A:38:CF:0C:6B:03:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uPrah6dvKfguJaMXnno4zwxrAwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/qMZm8Udrq7vD5T2yYBAeB18Ev8A.roa
Signing time: Wed 01 Jan 2025 23:47:59 +0000
ROA not before: Wed 01 Jan 2025 23:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207271
IP address blocks: 192.145.60.0/22 maxlen: 24
2a10:a40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:db:25:09:24:33:a8:63:4b:06:be:56:a0:16:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8fada87a76f29f82e25a3179e7a38cf0c6b0300
Validity
Not Before: Jan 1 23:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8c666f1476babbbc3e53db260101e075f04bfc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:33:6c:88:42:e6:3e:38:75:8b:d7:d2:63:
80:8e:83:a7:eb:86:d8:9d:b0:1a:01:1f:bc:eb:95:
d6:1c:44:e2:fc:a7:5d:f1:5f:53:3c:f9:d3:4a:bb:
53:2b:32:fb:64:a6:cf:69:f0:77:d3:1b:bb:2f:e5:
10:e2:3b:78:9d:d4:43:eb:1b:41:1c:a4:66:80:78:
59:8d:5c:19:bc:de:7f:b6:9f:74:e7:cf:1f:2c:f3:
b1:7e:34:13:7c:1a:9d:d2:8c:20:0a:fd:67:e5:2d:
53:7b:b5:fd:d8:98:7e:17:23:60:ed:6c:33:2b:47:
89:5e:38:68:87:0d:f3:23:7e:50:4b:54:66:4e:ac:
8e:02:80:47:59:2d:d3:f6:5f:4f:d5:1c:b9:5a:8f:
a2:18:c4:05:65:75:91:25:44:b8:09:1e:e0:ac:1f:
c7:d0:94:ca:b6:fd:57:39:d6:7b:ba:39:98:f1:a6:
c5:58:53:ec:f4:66:b2:6a:1d:00:c8:5e:6c:7f:58:
82:d9:ad:6a:88:58:e9:9d:29:25:f7:1a:7d:fa:7b:
b4:18:9d:ed:f6:3f:df:ed:5b:2f:e5:91:cd:d0:d8:
3b:ce:92:f4:30:48:ea:64:3e:d9:ba:a4:36:ad:b9:
56:b5:b6:4d:8a:16:31:79:c0:cc:df:4c:6a:1a:f0:
23:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C6:66:F1:47:6B:AB:BB:C3:E5:3D:B2:60:10:1E:07:5F:04:BF:C0
X509v3 Authority Key Identifier:
keyid:B8:FA:DA:87:A7:6F:29:F8:2E:25:A3:17:9E:7A:38:CF:0C:6B:03:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uPrah6dvKfguJaMXnno4zwxrAwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/qMZm8Udrq7vD5T2yYBAeB18Ev8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.60.0/22
IPv6:
2a10:a40::/32
Signature Algorithm: sha256WithRSAEncryption
8d:a7:9b:f1:6a:16:db:fd:b0:d0:a8:22:c7:e1:23:0a:5a:1f:
6b:bb:79:03:d5:ed:ab:47:13:08:26:3a:0d:e4:10:4c:2d:a0:
8f:4f:61:4f:2d:67:d6:5e:7e:56:0c:1d:24:ef:64:ec:bc:de:
f5:07:41:2e:1a:52:c3:b4:a8:c6:bc:2e:2a:5e:d0:5d:9a:9f:
cc:05:24:b5:b1:05:19:a5:35:85:f8:e1:2e:98:76:5f:dd:e3:
e1:5d:fe:20:bc:0d:81:8b:10:6c:e7:a4:df:4e:4d:ef:23:e8:
38:ff:22:fd:e6:2e:19:59:24:bb:65:7f:a5:88:60:1b:c0:e3:
77:2d:16:d3:af:6f:e5:cd:26:26:16:72:3b:42:3e:a1:e6:16:
43:64:fa:97:9e:25:35:12:0e:c7:bc:dc:1c:29:94:9b:56:63:
1e:28:51:9a:9c:2a:27:14:f8:e6:0b:db:05:8c:8c:a8:d4:5c:
5d:ae:c5:1d:c1:33:8d:ca:89:e8:ab:20:ec:cd:60:35:f9:3f:
1b:30:93:e6:20:c3:5e:e5:ee:52:0d:33:e0:cd:0d:21:b2:6c:
22:e7:c7:07:17:98:cd:6d:c4:04:8f:c3:28:c1:a9:a7:df:f6:
2b:8b:8a:02:f4:f5:0b:17:56:64:54:f3:b5:77:d7:ba:0e:9d:
d0:fd:af:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRNslCSQzqGNLBr5WoBYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZmFkYTg3YTc2ZjI5ZjgyZTI1YTMxNzllN2EzOGNmMGM2
YjAzMDAwHhcNMjUwMTAxMjM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM2NjZmMTQ3NmJhYmJiYzNlNTNkYjI2MDEwMWUwNzVmMDRiZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLwzbIhC5j44dYvX0mOAjoOn64bY
nbAaAR+865XWHETi/Kdd8V9TPPnTSrtTKzL7ZKbPafB30xu7L+UQ4jt4ndRD6xtB
HKRmgHhZjVwZvN5/tp90588fLPOxfjQTfBqd0owgCv1n5S1Te7X92Jh+FyNg7Wwz
K0eJXjhohw3zI35QS1RmTqyOAoBHWS3T9l9P1Ry5Wo+iGMQFZXWRJUS4CR7grB/H
0JTKtv1XOdZ7ujmY8abFWFPs9Gayah0AyF5sf1iC2a1qiFjpnSkl9xp9+nu0GJ3t
9j/f7Vsv5ZHN0Ng7zpL0MEjqZD7ZuqQ2rblWtbZNihYxecDM30xqGvAjFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKjGZvFHa6u7w+U9smAQHgdfBL/AMB8GA1UdIwQY
MBaAFLj62oenbyn4LiWjF556OM8MawMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVByYWg2ZHZLZmd1SmFNWG5ubzR6d3hyQXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hNTZiMmQtZjc5NS00OTVkLTljNDgt
NmY2N2I2NDc3MjJkLzEvcU1abThVZHJxN3ZENVQyeVlCQWVCMThFdjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hNTZiMmQtZjc5NS00OTVkLTljNDgtNmY2N2I2NDc3MjJk
LzEvdVByYWg2ZHZLZmd1SmFNWG5ubzR6d3hyQXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwJE8MA0E
AgACMAcDBQAqEApAMA0GCSqGSIb3DQEBCwUAA4IBAQCNp5vxahbb/bDQqCLH4SMK
Wh9ru3kD1e2rRxMIJjoN5BBMLaCPT2FPLWfWXn5WDB0k72TsvN71B0EuGlLDtKjG
vC4qXtBdmp/MBSS1sQUZpTWF+OEumHZf3ePhXf4gvA2BixBs56TfTk3vI+g4/yL9
5i4ZWSS7ZX+liGAbwON3LRbTr2/lzSYmFnI7Qj6h5hZDZPqXniU1Eg7HvNwcKZSb
VmMeKFGanConFPjmC9sFjIyo1FxdrsUdwTONyonoqyDszWA1+T8bMJPmIMNe5e5S
DTPgzQ0hsmwi58cHF5jNbcQEj8Mowamn3/Yri4oC9PULF1ZkVPO1d9e6Dp3Q/a89
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:06 2025 by rpki-client on console.sobornost.net