Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/1-OuknPy_I73ZJ_OK7-eydsH6EGQ.roa
File: 1-OuknPy_I73ZJ_OK7-eydsH6EGQ.roa (raw, json)
Hash identifier: 1km3bnZmBhTCtJX0A5W/ri14NfTFKPNRu0kBcpb2/R8=
Subject key identifier: F8:EB:A4:9C:FC:BF:23:BD:D9:27:F3:8A:EF:E7:B2:76:C1:FA:10:64
Certificate issuer: /CN=ce00e112c03f695f9f25d3b72bb23a4c34ed2138
Certificate serial: 0194228DEA594ADA249DB298ACC7264C9059
Authority key identifier: CE:00:E1:12:C0:3F:69:5F:9F:25:D3:B7:2B:B2:3A:4C:34:ED:21:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/1-OuknPy_I73ZJ_OK7-eydsH6EGQ.roa
Signing time: Wed 01 Jan 2025 15:48:33 +0000
ROA not before: Wed 01 Jan 2025 15:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9021
IP address blocks: 185.237.68.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ea:59:4a:da:24:9d:b2:98:ac:c7:26:4c:90:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce00e112c03f695f9f25d3b72bb23a4c34ed2138
Validity
Not Before: Jan 1 15:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8eba49cfcbf23bdd927f38aefe7b276c1fa1064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a7:2b:fd:43:b0:3a:95:ae:68:52:51:f1:eb:
8a:29:a0:61:df:d0:bf:b2:02:18:3b:11:2e:2c:57:
29:87:37:d0:c8:71:54:e1:f1:07:31:da:2e:e5:39:
57:2b:f6:33:df:bc:41:b1:e3:3b:09:ee:8b:ac:c4:
84:2c:d1:27:cd:0f:26:f0:b5:15:d2:c2:2a:61:37:
66:5a:7a:e3:6f:02:2a:1b:99:70:cd:dc:62:08:0c:
1c:22:a6:11:32:54:e2:0c:19:1e:05:18:07:ff:90:
95:08:09:1d:46:00:76:e1:2c:e4:55:61:1e:25:3d:
4d:2a:ed:c2:08:08:d0:5a:2f:a4:35:90:ed:b7:35:
6c:54:93:1a:26:77:a3:17:22:b4:13:97:1a:25:e4:
84:a6:6a:09:f4:b5:80:44:31:a1:24:a9:cd:45:66:
ac:7d:6e:48:34:34:7e:99:0d:f9:7a:a1:14:8a:84:
9c:47:93:25:24:74:0f:9c:5f:cb:5e:f6:45:50:d2:
08:d0:f6:1c:6e:fc:8c:9b:37:9c:14:fa:80:fa:dc:
a2:2a:c7:86:0f:b7:1a:17:ec:4c:45:16:27:3e:93:
32:d5:37:61:02:3d:71:e6:dc:cb:e6:97:85:e1:80:
0a:dc:0c:2a:94:c5:8e:73:42:83:64:f2:11:f1:9e:
09:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EB:A4:9C:FC:BF:23:BD:D9:27:F3:8A:EF:E7:B2:76:C1:FA:10:64
X509v3 Authority Key Identifier:
keyid:CE:00:E1:12:C0:3F:69:5F:9F:25:D3:B7:2B:B2:3A:4C:34:ED:21:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/1-OuknPy_I73ZJ_OK7-eydsH6EGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/zgDhEsA_aV-fJdO3K7I6TDTtITg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.68.0/22
Signature Algorithm: sha256WithRSAEncryption
38:40:88:4f:58:01:50:a6:2b:b2:83:32:78:fa:49:f7:55:67:
d7:37:52:c6:24:4d:60:d3:fa:b1:9f:9a:c0:e5:7c:cc:14:95:
37:81:58:31:51:12:02:36:04:4c:b5:d8:a3:4a:04:49:54:65:
21:bd:99:57:65:0c:f4:5a:7d:33:73:80:3c:c9:10:56:69:c2:
89:d2:50:ca:d4:48:a5:2f:41:72:13:27:cb:56:64:17:93:f0:
61:0f:62:5f:dc:50:26:9a:e5:d9:b3:c3:83:f5:9b:1d:55:39:
c9:c0:f7:64:46:a3:ea:ba:e9:b0:b8:08:c1:78:cd:36:5a:04:
ca:e1:8c:62:00:18:b7:cf:ee:c8:e0:8b:6c:b7:1d:6a:d8:6c:
a9:b3:76:86:8c:9f:ff:b2:2f:2b:db:58:81:be:72:6d:ff:42:
a0:33:eb:0b:9c:fa:4b:0a:ab:bd:42:36:c4:e8:72:ac:7a:73:
ce:3c:dd:43:3a:4e:d6:84:05:ea:96:01:29:03:78:62:ad:8b:
94:2f:89:05:2e:5a:e9:ef:60:6d:c3:c3:80:f3:23:f5:a3:e1:
ce:46:57:4a:af:5b:95:19:da:e1:06:d9:6e:47:45:18:f4:1e:
36:87:7e:64:5f:c3:db:90:e1:1a:e5:f4:bf:d8:ba:7a:c2:85:
3d:9e:3e:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQijepZStoknbKYrMcmTJBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDBlMTEyYzAzZjY5NWY5ZjI1ZDNiNzJiYjIzYTRjMzRl
ZDIxMzgwHhcNMjUwMTAxMTU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGViYTQ5Y2ZjYmYyM2JkZDkyN2YzOGFlZmU3YjI3NmMxZmExMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKcr/UOwOpWuaFJR8euKKaBh39C/
sgIYOxEuLFcphzfQyHFU4fEHMdou5TlXK/Yz37xBseM7Ce6LrMSELNEnzQ8m8LUV
0sIqYTdmWnrjbwIqG5lwzdxiCAwcIqYRMlTiDBkeBRgH/5CVCAkdRgB24SzkVWEe
JT1NKu3CCAjQWi+kNZDttzVsVJMaJnejFyK0E5caJeSEpmoJ9LWARDGhJKnNRWas
fW5INDR+mQ35eqEUioScR5MlJHQPnF/LXvZFUNII0PYcbvyMmzecFPqA+tyiKseG
D7caF+xMRRYnPpMy1TdhAj1x5tzL5peF4YAK3AwqlMWOc0KDZPIR8Z4JVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjrpJz8vyO92Sfziu/nsnbB+hBkMB8GA1UdIwQY
MBaAFM4A4RLAP2lfnyXTtyuyOkw07SE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdEaEVzQV9hVi1mSmRPM0s3STZURFR0SVRnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xMDBjMjUtZTAyNS00NWVmLTkwYTkt
ZjM0NjNmYzcyY2I1LzEvMS1PdWtuUHlfSTczWkpfT0s3LWV5ZHNINkVHUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTkvMTAwYzI1LWUwMjUtNDVlZi05MGE5LWYzNDYzZmM3MmNi
NS8xL3pnRGhFc0FfYVYtZkpkTzNLN0k2VERUdElUZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArntRDAN
BgkqhkiG9w0BAQsFAAOCAQEAOECIT1gBUKYrsoMyePpJ91Vn1zdSxiRNYNP6sZ+a
wOV8zBSVN4FYMVESAjYETLXYo0oESVRlIb2ZV2UM9Fp9M3OAPMkQVmnCidJQytRI
pS9BchMny1ZkF5PwYQ9iX9xQJprl2bPDg/WbHVU5ycD3ZEaj6rrpsLgIwXjNNloE
yuGMYgAYt8/uyOCLbLcdathsqbN2hoyf/7IvK9tYgb5ybf9CoDPrC5z6SwqrvUI2
xOhyrHpzzjzdQzpO1oQF6pYBKQN4Yq2LlC+JBS5a6e9gbcPDgPMj9aPhzkZXSq9b
lRna4QbZbkdFGPQeNod+ZF/D25DhGuX0v9i6esKFPZ4+/Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:08 2025 by rpki-client on console.sobornost.net