Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/1xdt--r7pLEFi9mXxf_8plnoO9U.roa
File: 1xdt--r7pLEFi9mXxf_8plnoO9U.roa (raw, json)
Hash identifier: uBNn/aL6HR9ZcIyFxzznkQDCk3CxgIi9L2wMoXNB7qk=
Subject key identifier: D7:17:6D:FB:EA:FB:A4:B1:05:8B:D9:97:C5:FF:FC:A6:59:E8:3B:D5
Certificate issuer: /CN=72c293760a734018cdd2a07f1d8bd54f27df680a
Certificate serial: 0194266C10DA078A3DB3AD620388DEBB15BD
Authority key identifier: 72:C2:93:76:0A:73:40:18:CD:D2:A0:7F:1D:8B:D5:4F:27:DF:68:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csKTdgpzQBjN0qB_HYvVTyffaAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/1xdt--r7pLEFi9mXxf_8plnoO9U.roa
Signing time: Thu 02 Jan 2025 09:50:03 +0000
ROA not before: Thu 02 Jan 2025 09:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49014
IP address blocks: 194.107.232.0/21 maxlen: 21
194.107.240.0/21 maxlen: 21
2001:67c:2c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:10:da:07:8a:3d:b3:ad:62:03:88:de:bb:15:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c293760a734018cdd2a07f1d8bd54f27df680a
Validity
Not Before: Jan 2 09:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7176dfbeafba4b1058bd997c5fffca659e83bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:bf:d9:4d:8e:53:eb:8e:00:14:2e:c8:89:
58:5c:2a:74:e3:3d:9b:be:f9:61:77:f0:27:a7:e4:
ca:bc:e9:85:db:9e:f3:ec:c1:a0:f7:19:01:bf:03:
0e:cf:bc:9a:44:79:e3:cf:a3:9b:01:7b:67:c8:59:
c4:a0:81:ba:3c:45:dd:84:d1:3f:63:a0:d5:84:eb:
6a:45:20:6a:7a:d4:82:1b:c0:9d:34:f7:b6:88:eb:
95:8b:6c:d0:1f:1f:4c:ff:14:3d:a6:56:15:c9:7f:
9c:99:97:ef:8f:90:f0:52:b8:18:d3:a5:43:0f:0e:
cd:8b:46:ec:05:4f:41:e6:cf:35:bb:15:8b:d8:14:
56:b7:cf:46:a9:ad:a3:10:62:9d:be:b1:19:fc:38:
1b:ea:a5:4e:b6:98:7b:d4:5d:bd:f0:ab:2b:31:e8:
18:fc:e7:2a:77:ff:ed:d9:84:6a:da:43:c7:d6:20:
fb:a5:d9:94:4e:97:91:e4:b5:3d:58:1c:43:9b:5a:
18:42:09:4d:b3:e7:f0:07:82:fa:22:62:fe:d8:ab:
66:9d:65:be:e3:23:e3:f6:b8:17:2d:f2:2b:86:d0:
f3:93:ce:35:c5:b9:49:e0:e9:7c:62:ec:ed:2b:6d:
d3:07:78:46:6f:6f:5f:49:70:ad:56:fe:c8:a2:d8:
7e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:17:6D:FB:EA:FB:A4:B1:05:8B:D9:97:C5:FF:FC:A6:59:E8:3B:D5
X509v3 Authority Key Identifier:
keyid:72:C2:93:76:0A:73:40:18:CD:D2:A0:7F:1D:8B:D5:4F:27:DF:68:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csKTdgpzQBjN0qB_HYvVTyffaAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/1xdt--r7pLEFi9mXxf_8plnoO9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/csKTdgpzQBjN0qB_HYvVTyffaAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.232.0-194.107.247.255
IPv6:
2001:67c:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
33:c6:88:75:ba:56:00:76:cf:33:f8:92:f9:c4:f4:84:ea:c8:
a8:3c:89:bd:d6:97:62:67:32:d5:20:36:00:a9:c9:03:60:9b:
fd:7e:60:da:f7:94:70:6a:e1:c9:26:68:9c:64:d0:82:34:ef:
f6:67:cd:db:49:a7:a9:2b:87:77:6b:0d:92:4a:ed:e2:a7:12:
49:35:31:66:7e:d9:b3:a7:1f:e2:95:31:e6:33:15:ea:d5:9f:
26:49:8d:4a:e5:b1:54:77:6c:94:4e:bf:fa:c0:64:24:27:c4:
3a:75:ac:63:e3:08:b3:f0:2d:46:41:a7:3f:6b:fb:5c:a8:32:
7b:da:8a:6c:0f:6d:09:aa:f4:4d:b2:2f:5c:6e:cc:f0:2f:26:
bc:6f:0c:cd:04:29:f1:90:04:a2:3a:5f:c8:02:5b:aa:04:98:
40:b3:85:ac:3d:6c:0b:80:55:fe:49:97:5f:87:02:2d:13:1e:
40:8a:e4:25:97:b6:01:9c:b3:6b:c0:e0:f7:4b:bc:1b:d0:fd:
36:13:b9:0f:9e:fe:b7:18:f7:90:cc:bd:e4:43:99:fb:0d:de:
7f:6d:13:d0:61:48:f6:0a:b2:41:39:b3:98:df:ba:ae:31:3d:
7a:24:cd:3d:17:2f:17:6c:94:87:07:3f:61:d7:d7:a8:f0:4e:
0d:9e:f9:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQmbBDaB4o9s61iA4jeuxW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI5Mzc2MGE3MzQwMThjZGQyYTA3ZjFkOGJkNTRmMjdk
ZjY4MGEwHhcNMjUwMTAyMDk1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE3NmRmYmVhZmJhNGIxMDU4YmQ5OTdjNWZmZmNhNjU5ZTgzYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwq/2U2OU+uOABQuyIlYXCp04z2b
vvlhd/Anp+TKvOmF257z7MGg9xkBvwMOz7yaRHnjz6ObAXtnyFnEoIG6PEXdhNE/
Y6DVhOtqRSBqetSCG8CdNPe2iOuVi2zQHx9M/xQ9plYVyX+cmZfvj5DwUrgY06VD
Dw7Ni0bsBU9B5s81uxWL2BRWt89Gqa2jEGKdvrEZ/Dgb6qVOtph71F298KsrMegY
/Ocqd//t2YRq2kPH1iD7pdmUTpeR5LU9WBxDm1oYQglNs+fwB4L6ImL+2KtmnWW+
4yPj9rgXLfIrhtDzk841xblJ4Ol8YuztK23TB3hGb29fSXCtVv7Ioth+KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcXbfvq+6SxBYvZl8X//KZZ6DvVMB8GA1UdIwQY
MBaAFHLCk3YKc0AYzdKgfx2L1U8n32gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NLVGRncHpRQmpOMHFCX0hZdlZUeWZmYUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80NGFhYzQtNDVmNC00ZDE5LThjMTUt
MzYyM2I5YjUwZjk2LzEvMXhkdC0tcjdwTEVGaTltWHhmXzhwbG5vTzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80NGFhYzQtNDVmNC00ZDE5LThjMTUtMzYyM2I5YjUwZjk2
LzEvY3NLVGRncHpRQmpOMHFCX0hZdlZUeWZmYUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAPCa+gD
BAPCa/AwDwQCAAIwCQMHACABBnwCwDANBgkqhkiG9w0BAQsFAAOCAQEAM8aIdbpW
AHbPM/iS+cT0hOrIqDyJvdaXYmcy1SA2AKnJA2Cb/X5g2veUcGrhySZonGTQgjTv
9mfN20mnqSuHd2sNkkrt4qcSSTUxZn7Zs6cf4pUx5jMV6tWfJkmNSuWxVHdslE6/
+sBkJCfEOnWsY+MIs/AtRkGnP2v7XKgye9qKbA9tCar0TbIvXG7M8C8mvG8MzQQp
8ZAEojpfyAJbqgSYQLOFrD1sC4BV/kmXX4cCLRMeQIrkJZe2AZyza8Dg90u8G9D9
NhO5D57+txj3kMy95EOZ+w3ef20T0GFI9gqyQTmzmN+6rjE9eiTNPRcvF2yUhwc/
YdfXqPBODZ75iQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net