Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/2N_bsVB0KvO9RyGjzRLMSxh2whM.roa
File: 2N_bsVB0KvO9RyGjzRLMSxh2whM.roa (raw, json)
Hash identifier: hwDDM8IuPT+bKKqC9g8Bom6jz4+b+lZbDkkn2LwwNsU=
Subject key identifier: D8:DF:DB:B1:50:74:2A:F3:BD:47:21:A3:CD:12:CC:4B:18:76:C2:13
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0194221F90FAC7BEDEE157FE0E300071B923
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/2N_bsVB0KvO9RyGjzRLMSxh2whM.roa
Signing time: Wed 01 Jan 2025 13:48:01 +0000
ROA not before: Wed 01 Jan 2025 13:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20847
IP address blocks: 141.138.168.0/22 maxlen: 24
195.211.72.0/22 maxlen: 24
2a03:3c00::/33 maxlen: 33
2a03:3c00:8000::/34 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:90:fa:c7:be:de:e1:57:fe:0e:30:00:71:b9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Jan 1 13:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8dfdbb150742af3bd4721a3cd12cc4b1876c213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:f6:3a:37:98:87:a4:8f:b4:14:78:94:80:
f8:3a:bc:aa:0e:cc:d9:8e:7a:ca:2e:77:94:d8:e6:
82:dd:02:17:d1:67:85:a8:e5:99:52:b0:12:e3:2f:
bb:09:a4:9c:08:0d:e6:7a:0c:5b:f2:7a:a4:a8:c7:
d5:9f:9f:dd:e7:5b:4c:7e:e8:90:8c:2f:c1:96:d6:
a1:95:40:14:0f:06:47:d8:e9:b9:5c:a1:cf:37:a5:
79:69:15:50:a5:dd:f7:03:ef:1e:f4:f7:f1:c7:d2:
43:4f:7f:ac:3b:c0:2c:4b:49:a9:46:6e:be:90:fb:
a8:63:3d:e7:78:b7:4c:17:31:08:d8:48:c6:a8:79:
c2:52:2f:1b:2c:5e:fc:f0:43:98:d8:d7:64:a7:6a:
0c:ea:d3:f8:30:7e:2a:c5:40:d0:91:7f:97:2f:c2:
cb:c8:1c:dd:29:ce:2e:76:48:e6:2f:b4:5d:96:c8:
3f:7a:15:90:cc:ab:44:e2:c1:7f:03:9e:f4:3c:53:
ee:6e:e8:61:6f:91:fb:5a:92:00:f4:0d:c7:3c:42:
d2:75:ee:89:16:76:7e:08:96:4c:14:12:f6:1c:76:
fd:73:c0:b6:2b:c4:e4:b1:42:ad:54:9d:23:3e:3c:
19:14:54:3c:49:6e:7f:2a:8c:8b:91:cc:1c:ea:55:
ca:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DF:DB:B1:50:74:2A:F3:BD:47:21:A3:CD:12:CC:4B:18:76:C2:13
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/2N_bsVB0KvO9RyGjzRLMSxh2whM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/22
195.211.72.0/22
IPv6:
2a03:3c00::-2a03:3c00:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:e0:f0:bf:fe:79:9d:a0:0a:c3:11:72:51:8d:1d:ba:1a:3e:
c1:df:6b:13:ed:4a:bd:36:e5:e5:d1:92:76:34:d5:db:67:c5:
61:c4:af:48:fb:8b:48:73:ec:99:ba:a8:d7:f4:b9:84:e3:d9:
4b:d1:68:18:6f:dc:21:5d:ee:c0:fc:82:9a:83:fc:9d:3a:f6:
eb:e4:24:31:f5:fa:44:20:31:08:8b:44:ab:13:a4:15:6b:a7:
f8:f5:ee:fe:47:1a:f3:f4:b7:10:28:73:bc:bc:b7:2e:e5:74:
54:f6:ef:45:8f:1f:29:a8:fc:94:6a:7a:4f:b3:d3:0f:c1:81:
7a:14:0a:e2:3b:19:8f:41:b0:46:d2:d5:6e:e6:46:f9:a9:55:
bb:7b:f2:99:cd:e1:36:59:ba:25:fd:53:6e:85:8c:43:4b:94:
fb:85:bf:39:8a:b4:2d:f8:d4:dd:69:e6:5f:18:03:8c:3f:2a:
bd:64:d1:ce:0b:01:24:86:a9:f8:25:fc:5f:2a:0e:1e:0b:17:
12:c7:ab:fc:1a:c6:d4:66:4e:eb:cd:c2:23:5e:89:46:68:24:
da:bc:69:fc:a4:db:70:53:a4:9d:35:e6:05:25:3a:1f:61:97:
18:51:23:95:fb:38:28:df:a4:0c:4a:3b:ff:b5:c9:dc:9f:21:
87:97:36:ca
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiH5D6x77e4Vf+DjAAcbkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjUwMTAxMTM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRmZGJiMTUwNzQyYWYzYmQ0NzIxYTNjZDEyY2M0YjE4NzZjMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7L2OjeYh6SPtBR4lID4OryqDszZ
jnrKLneU2OaC3QIX0WeFqOWZUrAS4y+7CaScCA3megxb8nqkqMfVn5/d51tMfuiQ
jC/BltahlUAUDwZH2Om5XKHPN6V5aRVQpd33A+8e9Pfxx9JDT3+sO8AsS0mpRm6+
kPuoYz3neLdMFzEI2EjGqHnCUi8bLF788EOY2Ndkp2oM6tP4MH4qxUDQkX+XL8LL
yBzdKc4udkjmL7Rdlsg/ehWQzKtE4sF/A570PFPubuhhb5H7WpIA9A3HPELSde6J
FnZ+CJZMFBL2HHb9c8C2K8TksUKtVJ0jPjwZFFQ8SW5/KoyLkcwc6lXKnQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNjf27FQdCrzvUcho80SzEsYdsITMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvMk5fYnNWQjBLdk85UnlHanpSTE1TeGgyd2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCjYqoAwQC
w9NIMBYEAgACMBAwDgMEAioDPAMGBioDPACAMA0GCSqGSIb3DQEBCwUAA4IBAQAn
4PC//nmdoArDEXJRjR26Gj7B32sT7Uq9NuXl0ZJ2NNXbZ8VhxK9I+4tIc+yZuqjX
9LmE49lL0WgYb9whXe7A/IKag/ydOvbr5CQx9fpEIDEIi0SrE6QVa6f49e7+Rxrz
9LcQKHO8vLcu5XRU9u9Fjx8pqPyUanpPs9MPwYF6FAriOxmPQbBG0tVu5kb5qVW7
e/KZzeE2Wbol/VNuhYxDS5T7hb85irQt+NTdaeZfGAOMPyq9ZNHOCwEkhqn4Jfxf
Kg4eCxcSx6v8GsbUZk7rzcIjXolGaCTavGn8pNtwU6SdNeYFJTofYZcYUSOV+zgo
36QMSjv/tcncnyGHlzbK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net