Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/1-1kKr9VJ8bw_SUqQcMUBecH1TKg.roa
File: 1-1kKr9VJ8bw_SUqQcMUBecH1TKg.roa (raw, json)
Hash identifier: 3o6hb5np+9u5Gu9cp0jYxsJnhLz7Y1oIDpNf2dIi2oE=
Subject key identifier: FB:59:0A:AF:D5:49:F1:BC:3F:49:4A:90:70:C5:01:79:C1:F5:4C:A8
Certificate issuer: /CN=77bc91f78a3350bacbbfbe376f8813212d149931
Certificate serial: 019426D9C5967182CD39D27A3562EAD3F7CE
Authority key identifier: 77:BC:91:F7:8A:33:50:BA:CB:BF:BE:37:6F:88:13:21:2D:14:99:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/1-1kKr9VJ8bw_SUqQcMUBecH1TKg.roa
Signing time: Thu 02 Jan 2025 11:49:53 +0000
ROA not before: Thu 02 Jan 2025 11:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203223
IP address blocks: 146.0.208.0/22 maxlen: 22
185.141.184.0/22 maxlen: 22
185.153.12.0/22 maxlen: 22
212.15.64.0/20 maxlen: 20
2a07:2580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c5:96:71:82:cd:39:d2:7a:35:62:ea:d3:f7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bc91f78a3350bacbbfbe376f8813212d149931
Validity
Not Before: Jan 2 11:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb590aafd549f1bc3f494a9070c50179c1f54ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:33:7a:8d:42:31:f9:fc:c0:77:6b:25:1a:
22:f5:b7:62:db:e1:cf:e7:1b:6f:25:b2:77:bc:d1:
55:8a:b2:0a:62:c0:44:a7:89:a5:80:f7:1a:90:07:
3b:4a:0b:fb:25:1e:db:53:3a:cb:b0:11:d0:dc:3c:
45:e2:3f:da:15:12:b3:8f:07:be:d1:02:ee:b1:07:
f5:80:15:3d:0a:b9:46:dc:d4:92:e8:d4:1d:da:d5:
8b:57:ec:92:cd:7a:a0:64:de:1c:62:2a:a3:1c:5c:
49:21:91:42:f8:a0:24:95:81:cc:10:4a:73:e0:fd:
b6:df:77:0f:a4:0f:f1:26:09:77:b0:7c:71:92:ea:
54:01:64:22:63:5b:09:e1:71:ca:05:f9:7c:2f:34:
91:7b:d7:3e:87:49:fe:6b:a9:0f:ec:01:7e:3c:e3:
34:d7:09:f9:26:d8:86:91:43:37:69:ec:73:30:c4:
9e:e0:f0:a1:9d:ee:55:7c:1d:f2:6e:93:72:7e:21:
a8:53:5c:2f:44:18:a2:3a:c2:17:61:63:5f:c6:ab:
07:6f:40:7d:88:e1:f1:d9:d9:d7:4e:40:ae:ca:98:
e8:4e:78:ad:bc:4b:f1:dc:77:db:45:f1:4f:5b:91:
42:33:77:d6:b9:61:d7:c3:d9:3c:af:18:58:fe:cd:
0b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:59:0A:AF:D5:49:F1:BC:3F:49:4A:90:70:C5:01:79:C1:F5:4C:A8
X509v3 Authority Key Identifier:
keyid:77:BC:91:F7:8A:33:50:BA:CB:BF:BE:37:6F:88:13:21:2D:14:99:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/1-1kKr9VJ8bw_SUqQcMUBecH1TKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/d7yR94ozULrLv743b4gTIS0UmTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.208.0/22
185.141.184.0/22
185.153.12.0/22
212.15.64.0/20
IPv6:
2a07:2580::/29
Signature Algorithm: sha256WithRSAEncryption
17:e3:a2:71:9b:68:ae:ab:4a:1d:37:3f:99:90:13:54:db:a8:
77:d6:ec:d2:58:1b:90:e8:1d:ee:99:ea:42:9a:9d:27:85:48:
3b:ad:be:5c:58:1d:d5:99:2a:8b:6a:35:fe:7d:f0:14:68:6b:
53:32:0c:37:12:cb:fe:e4:49:14:ec:8c:fc:2f:ab:a8:3f:32:
96:74:d8:71:18:61:34:1c:61:c5:de:ff:f0:60:f9:5b:b4:44:
fe:34:1a:b1:04:99:00:ee:a9:0d:06:1a:69:44:46:63:4f:8e:
a4:d4:69:78:f4:fe:85:93:d3:8c:5a:4c:90:fa:6b:02:75:5b:
d9:62:5f:71:cd:ae:bc:e4:b8:71:71:ee:e7:7d:8f:16:2a:03:
88:f1:33:b0:80:d6:55:f4:6f:1a:17:97:ba:78:6b:56:b6:17:
5e:2e:16:1d:e6:96:e6:ac:10:c8:12:17:7a:36:7a:4f:dd:cd:
07:3f:37:fb:33:ed:3c:c9:1d:57:bc:54:e1:14:98:6b:09:28:
8e:02:e6:b0:dc:78:89:89:0a:be:21:5d:03:31:6c:ba:40:53:
47:a2:46:44:2d:18:33:1c:b0:6e:e4:9e:0e:a9:30:26:76:cd:
e1:f2:8a:61:28:62:44:6d:46:e0:c1:7a:65:ad:e5:86:97:4d:
d3:ca:e6:81
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQm2cWWcYLNOdJ6NWLq0/fOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmM5MWY3OGEzMzUwYmFjYmJmYmUzNzZmODgxMzIxMmQx
NDk5MzEwHhcNMjUwMTAyMTE0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjU5MGFhZmQ1NDlmMWJjM2Y0OTRhOTA3MGM1MDE3OWMxZjU0Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cwzeo1CMfn8wHdrJRoi9bdi2+HP
5xtvJbJ3vNFVirIKYsBEp4mlgPcakAc7Sgv7JR7bUzrLsBHQ3DxF4j/aFRKzjwe+
0QLusQf1gBU9CrlG3NSS6NQd2tWLV+ySzXqgZN4cYiqjHFxJIZFC+KAklYHMEEpz
4P2233cPpA/xJgl3sHxxkupUAWQiY1sJ4XHKBfl8LzSRe9c+h0n+a6kP7AF+POM0
1wn5JtiGkUM3aexzMMSe4PChne5VfB3ybpNyfiGoU1wvRBiiOsIXYWNfxqsHb0B9
iOHx2dnXTkCuypjoTnitvEvx3HfbRfFPW5FCM3fWuWHXw9k8rxhY/s0LbwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPtZCq/VSfG8P0lKkHDFAXnB9UyoMB8GA1UdIwQY
MBaAFHe8kfeKM1C6y7++N2+IEyEtFJkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd5Ujk0b3pVTHJMdjc0M2I0Z1RJUzBVbVRFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mOTJiOWYtNDc1OC00NDI4LWEyMmMt
OWRiNTdjM2ZlNDFkLzEvMS0xa0tyOVZKOGJ3X1NVcVFjTVVCZWNIMVRLZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZjkyYjlmLTQ3NTgtNDQyOC1hMjJjLTlkYjU3YzNmZTQx
ZC8xL2Q3eVI5NG96VUxyTHY3NDNiNGdUSVMwVW1URS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEApIA0AME
ArmNuAMEArmZDAMEBNQPQDANBAIAAjAHAwUDKgclgDANBgkqhkiG9w0BAQsFAAOC
AQEAF+OicZtorqtKHTc/mZATVNuod9bs0lgbkOgd7pnqQpqdJ4VIO62+XFgd1Zkq
i2o1/n3wFGhrUzIMNxLL/uRJFOyM/C+rqD8ylnTYcRhhNBxhxd7/8GD5W7RE/jQa
sQSZAO6pDQYaaURGY0+OpNRpePT+hZPTjFpMkPprAnVb2WJfcc2uvOS4cXHu532P
FioDiPEzsIDWVfRvGheXunhrVrYXXi4WHeaW5qwQyBIXejZ6T93NBz83+zPtPMkd
V7xU4RSYawkojgLmsNx4iYkKviFdAzFsukBTR6JGRC0YMxywbuSeDqkwJnbN4fKK
YShiRG1G4MF6Za3lhpdN08rmgQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net