Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/L0_IW031V8glRQi2qCV5oPEf9Ro.roa
File: L0_IW031V8glRQi2qCV5oPEf9Ro.roa (raw, json)
Hash identifier: AA7xAguXYqxswXW6tTMsC/xh3FPMqVeiLIYHUXm73pU=
Subject key identifier: 2F:4F:C8:5B:4D:F5:57:C8:25:45:08:B6:A8:25:79:A0:F1:1F:F5:1A
Certificate issuer: /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Certificate serial: 019420D5F81D12834941324F09936C87E8FE
Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/L0_IW031V8glRQi2qCV5oPEf9Ro.roa
Signing time: Wed 01 Jan 2025 07:48:01 +0000
ROA not before: Wed 01 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1942
IP address blocks: 129.88.0.0/16 maxlen: 16
147.171.0.0/16 maxlen: 16
152.77.0.0/16 maxlen: 16
192.33.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f8:1d:12:83:49:41:32:4f:09:93:6c:87:e8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Validity
Not Before: Jan 1 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f4fc85b4df557c8254508b6a82579a0f11ff51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:fe:f4:0c:f5:ee:23:92:74:40:f6:f0:4a:
07:c0:a8:7d:a0:90:f6:15:db:c5:62:61:48:53:10:
17:7c:3e:97:2d:21:c0:ae:94:65:5b:e1:ac:b6:64:
99:87:00:f4:d0:e7:b2:dd:3c:55:ab:be:be:ee:4f:
6d:37:d8:3d:06:81:17:4e:93:48:af:54:5c:a0:e8:
17:19:e7:29:2a:70:42:4a:0f:95:0a:7d:8b:d1:af:
17:1f:ab:c6:58:ed:82:4e:98:90:bb:ca:7b:1e:a3:
6a:54:86:6c:bf:c8:f1:ea:fd:67:89:74:6e:8b:80:
b1:0b:f7:74:9f:84:08:c1:f0:7f:16:52:62:60:c8:
e0:58:9c:1d:e6:8d:3b:d9:8c:41:d6:d2:81:f5:0c:
59:89:cd:d6:96:81:80:a9:f7:01:a8:57:62:08:96:
0b:57:6d:8a:fa:f3:1c:20:70:00:61:59:2a:c4:32:
81:2c:7e:7c:bb:1c:21:81:81:5a:e6:4a:b1:1c:71:
ac:99:56:68:c6:e2:f5:5b:35:6b:b1:af:7d:73:1b:
37:4d:2a:69:94:8a:d7:84:b9:69:21:9c:30:86:95:
41:4e:9d:57:f2:0a:11:ba:1b:17:c2:80:30:08:e3:
fd:7a:17:b6:6a:48:f9:06:ac:72:ab:9f:3a:a6:94:
fb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4F:C8:5B:4D:F5:57:C8:25:45:08:B6:A8:25:79:A0:F1:1F:F5:1A
X509v3 Authority Key Identifier:
keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/L0_IW031V8glRQi2qCV5oPEf9Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.88.0.0/16
147.171.0.0/16
152.77.0.0/16
192.33.171.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4b:25:5b:4f:af:53:b1:47:4c:35:cd:c4:19:e5:23:89:16:
93:5d:0a:be:dd:0e:e4:01:5b:f3:da:ff:aa:41:a3:7f:0a:cc:
74:68:5c:6a:2f:fb:3d:ef:0d:68:8d:c1:c9:0f:41:60:1a:13:
c8:1b:98:bd:21:53:99:91:a3:4d:c4:68:c5:8c:92:34:e5:67:
3b:38:a4:4c:3f:85:ad:31:69:e6:60:b5:6f:87:93:15:c3:a5:
d7:25:27:a1:31:04:97:70:d4:51:09:01:4f:92:5a:04:dd:97:
9b:dc:c1:1a:27:98:79:e5:57:50:42:ea:23:cb:50:1d:a6:0d:
50:07:46:65:3b:f2:b7:07:43:8f:4d:40:5b:91:36:0a:a0:50:
d0:c7:5f:fd:55:d4:0f:81:f0:1a:e7:16:06:16:b0:6c:aa:8e:
06:3a:68:cb:24:6b:75:2a:76:78:16:50:2d:7b:94:04:55:d2:
4b:e7:dc:8c:01:9a:ec:97:62:c8:91:1b:4b:29:14:22:ae:79:
02:4c:8e:ff:f7:5b:fc:70:71:a9:53:45:85:d0:5a:57:b8:3f:
b4:37:3e:be:96:4a:dd:a7:ef:55:16:fc:c3:93:ed:35:c5:f2:
f7:51:d0:82:3f:c7:65:ea:b7:06:e6:60:7b:72:11:e8:b5:80:
38:dd:cf:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1fgdEoNJQTJPCZNsh+j+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNi
YTg5ZDAwHhcNMjUwMTAxMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRmYzg1YjRkZjU1N2M4MjU0NTA4YjZhODI1NzlhMGYxMWZmNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV3+9Az17iOSdED28EoHwKh9oJD2
FdvFYmFIUxAXfD6XLSHArpRlW+GstmSZhwD00Oey3TxVq76+7k9tN9g9BoEXTpNI
r1RcoOgXGecpKnBCSg+VCn2L0a8XH6vGWO2CTpiQu8p7HqNqVIZsv8jx6v1niXRu
i4CxC/d0n4QIwfB/FlJiYMjgWJwd5o072YxB1tKB9QxZic3WloGAqfcBqFdiCJYL
V22K+vMcIHAAYVkqxDKBLH58uxwhgYFa5kqxHHGsmVZoxuL1WzVrsa99cxs3TSpp
lIrXhLlpIZwwhpVBTp1X8goRuhsXwoAwCOP9ehe2akj5Bqxyq586ppT7iQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC9PyFtN9VfIJUUItqgleaDxH/UaMB8GA1UdIwQY
MBaAFNeepHrhYcuz2u+XeJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMt
M2MzZTUwZGRhNmNjLzEvTDBfSVcwMzFWOGdsUlFpMnFDVjVvUEVmOVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNj
LzEvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAATAVAwMAgVgDAwCT
qwMDAJhNAwQAwCGrMA0GCSqGSIb3DQEBCwUAA4IBAQAMSyVbT69TsUdMNc3EGeUj
iRaTXQq+3Q7kAVvz2v+qQaN/Csx0aFxqL/s97w1ojcHJD0FgGhPIG5i9IVOZkaNN
xGjFjJI05Wc7OKRMP4WtMWnmYLVvh5MVw6XXJSehMQSXcNRRCQFPkloE3Zeb3MEa
J5h55VdQQuojy1Adpg1QB0ZlO/K3B0OPTUBbkTYKoFDQx1/9VdQPgfAa5xYGFrBs
qo4GOmjLJGt1KnZ4FlAte5QEVdJL59yMAZrsl2LIkRtLKRQirnkCTI7/91v8cHGp
U0WF0FpXuD+0Nz6+lkrdp+9VFvzDk+01xfL3UdCCP8dl6rcG5mB7chHotYA43c+5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:09 2025 by rpki-client on console.sobornost.net