Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/ivVRenlAkxSye3NC_DyoAxqoj6M.roa
File: ivVRenlAkxSye3NC_DyoAxqoj6M.roa (raw, json)
Hash identifier: tMvkuqfZVs7G8eRqzF/eWUmt5tCQ8iMBN+34AAtvEYo=
Subject key identifier: 8A:F5:51:7A:79:40:93:14:B2:7B:73:42:FC:3C:A8:03:1A:A8:8F:A3
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 019426D9956B6AF36A218BC0932623E6E694
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/ivVRenlAkxSye3NC_DyoAxqoj6M.roa
Signing time: Thu 02 Jan 2025 11:49:41 +0000
ROA not before: Thu 02 Jan 2025 11:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57738
IP address blocks: 185.17.12.0/22 maxlen: 24
185.128.244.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
2a06:d180::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:95:6b:6a:f3:6a:21:8b:c0:93:26:23:e6:e6:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 2 11:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8af5517a79409314b27b7342fc3ca8031aa88fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:28:76:c6:4d:43:c2:ea:fb:ac:09:19:20:
9b:89:5c:91:a1:9e:ae:0e:2b:f4:c3:26:8f:47:97:
74:ca:70:3d:f6:73:f5:34:30:1d:53:0b:34:77:cf:
32:12:30:29:53:a2:8a:20:9d:08:e3:d7:57:8f:aa:
4a:d4:40:33:fe:d7:b2:73:15:40:bf:dd:8e:e7:c2:
02:ea:a5:d2:cb:9d:64:c1:74:af:81:97:7f:44:f2:
59:86:5b:55:77:7b:7b:f3:79:5c:db:2a:0e:d4:d3:
91:fe:7b:9e:81:40:7c:d3:a7:ce:e4:10:ab:8b:55:
d7:2e:10:3d:d2:2f:c3:1d:44:af:94:54:c4:c1:ae:
06:5a:b1:b8:96:02:cb:a1:99:ca:15:2b:93:27:8c:
90:1c:2c:2f:3b:a0:94:3e:9b:6c:ab:55:9a:12:9c:
21:0c:87:5f:40:d5:4e:62:82:1e:10:2a:08:8f:50:
0b:d6:3e:4b:31:e7:99:d3:6a:03:04:fc:af:73:ed:
56:04:ba:ab:ce:71:ca:1d:4e:f1:da:47:f6:a1:e6:
ba:66:cb:09:83:96:9c:2b:00:89:b2:bf:fa:b8:e2:
93:32:9c:10:e1:e8:5c:46:3d:70:20:9c:5e:9a:e3:
05:9e:e7:4c:6e:e8:b4:75:0d:a7:7e:98:d8:b7:5c:
4d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F5:51:7A:79:40:93:14:B2:7B:73:42:FC:3C:A8:03:1A:A8:8F:A3
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/ivVRenlAkxSye3NC_DyoAxqoj6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.12.0/22
185.128.244.0/22
185.129.172.0/22
IPv6:
2a06:d180::/29
Signature Algorithm: sha256WithRSAEncryption
27:a2:dc:c1:65:34:28:6b:ee:d7:2d:62:ba:da:2c:70:b6:a1:
1c:4e:89:6c:f1:0a:48:47:bc:5e:7a:8f:ec:d6:92:b7:cf:9d:
b0:d0:74:bc:49:fa:c6:8a:06:60:70:3f:20:8e:c7:98:50:d9:
3a:ca:ca:15:2e:ec:bd:4a:b1:9f:76:89:2a:5f:f6:c6:41:a5:
38:0a:0e:9b:28:22:ca:db:a6:e4:04:08:d9:75:14:ee:0e:49:
87:96:75:16:a3:fe:d2:87:60:98:0c:22:c9:f3:85:75:da:e5:
c7:c1:18:c3:6f:6f:35:33:f3:26:7f:1b:cc:2b:71:46:d5:f8:
91:d8:87:33:67:14:d9:16:80:38:ce:e7:70:32:58:74:22:6c:
76:59:c9:a8:be:aa:b1:46:1a:0b:54:8b:95:05:65:d3:c3:09:
34:e5:f0:52:03:36:e0:aa:2a:fb:69:2b:d2:a1:87:04:1e:fd:
95:58:0c:18:e1:e0:e4:af:da:36:20:0a:e9:62:af:c4:2e:9d:
53:a0:fc:01:d3:e2:a4:ca:23:72:5c:43:26:09:cb:28:c9:ba:
8f:9e:55:31:59:15:d9:1a:48:f0:2d:b8:8e:7f:43:5e:d4:c8:
51:72:03:8e:8d:92:a5:a9:f4:7f:2f:af:95:25:87:e0:fb:7d:
00:5c:64:d8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2ZVravNqIYvAkyYj5uaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzcwMTNlNDg4YTA5YzcwOWI2MzIyNDZkOTQwNWRhNDU4
YzU1MzgwHhcNMjUwMTAyMTE0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY1NTE3YTc5NDA5MzE0YjI3YjczNDJmYzNjYTgwMzFhYTg4ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4AodsZNQ8Lq+6wJGSCbiVyRoZ6u
Div0wyaPR5d0ynA99nP1NDAdUws0d88yEjApU6KKIJ0I49dXj6pK1EAz/teycxVA
v92O58IC6qXSy51kwXSvgZd/RPJZhltVd3t783lc2yoO1NOR/nuegUB806fO5BCr
i1XXLhA90i/DHUSvlFTEwa4GWrG4lgLLoZnKFSuTJ4yQHCwvO6CUPptsq1WaEpwh
DIdfQNVOYoIeECoIj1AL1j5LMeeZ02oDBPyvc+1WBLqrznHKHU7x2kf2oea6ZssJ
g5acKwCJsr/6uOKTMpwQ4ehcRj1wIJxemuMFnudMbui0dQ2nfpjYt1xN8QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIr1UXp5QJMUsntzQvw8qAMaqI+jMB8GA1UdIwQY
MBaAFIx3AT5IignHCbYyJG2UBdpFjFU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgt
MDIxMjk1MzNhMzNkLzEvaXZWUmVubEFreFN5ZTNOQ19EeW9BeHFvajZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgtMDIxMjk1MzNhMzNk
LzEvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuREMAwQC
uYD0AwQCuYGsMA0EAgACMAcDBQMqBtGAMA0GCSqGSIb3DQEBCwUAA4IBAQAnotzB
ZTQoa+7XLWK62ixwtqEcTols8QpIR7xeeo/s1pK3z52w0HS8SfrGigZgcD8gjseY
UNk6ysoVLuy9SrGfdokqX/bGQaU4Cg6bKCLK26bkBAjZdRTuDkmHlnUWo/7Sh2CY
DCLJ84V12uXHwRjDb281M/MmfxvMK3FG1fiR2IczZxTZFoA4zudwMlh0Imx2Wcmo
vqqxRhoLVIuVBWXTwwk05fBSAzbgqir7aSvSoYcEHv2VWAwY4eDkr9o2IArpYq/E
Lp1ToPwB0+KkyiNyXEMmCcsoybqPnlUxWRXZGkjwLbiOf0Ne1MhRcgOOjZKlqfR/
L6+VJYfg+30AXGTY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net