Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/O5ilAJzp4Fiady6OzW8y6F-h2tk.roa
File: O5ilAJzp4Fiady6OzW8y6F-h2tk.roa (raw, json)
Hash identifier: 5NXhQBooraxn6sup0YPIQ8njZP6A7m2bDKaKDs+Nqts=
Subject key identifier: 3B:98:A5:00:9C:E9:E0:58:9A:77:2E:8E:CD:6F:32:E8:5F:A1:DA:D9
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 01941F8C4F6892F639C36F5A79C18F03707A
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/O5ilAJzp4Fiady6OzW8y6F-h2tk.roa
Signing time: Wed 01 Jan 2025 01:47:56 +0000
ROA not before: Wed 01 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48934
IP address blocks: 185.170.20.0/22 maxlen: 22
185.178.248.0/24 maxlen: 24
185.178.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4f:68:92:f6:39:c3:6f:5a:79:c1:8f:03:70:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: Jan 1 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b98a5009ce9e0589a772e8ecd6f32e85fa1dad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:cc:e2:fc:79:77:68:3a:bd:45:d9:19:f9:fe:
52:e0:f7:04:57:cb:ff:e2:ed:16:1b:e1:ef:b3:67:
26:29:b5:98:70:25:c2:c0:e6:45:27:89:3b:ad:eb:
ab:bf:1d:de:63:8c:63:86:8d:46:12:e7:69:d7:8f:
26:e7:d5:47:7c:60:2b:a2:1f:3f:d2:2e:2c:06:20:
fc:2b:32:1c:ce:ce:4d:5e:b0:e8:e8:3f:ba:a3:25:
e2:1f:29:c0:63:ad:7c:08:05:1c:4d:43:fe:4a:ea:
10:fd:52:d1:a2:d0:d7:2b:a8:b1:c9:7a:e2:86:c2:
15:1f:09:9e:7b:d5:96:1c:d3:28:f1:23:de:e6:54:
e0:0d:62:b4:81:97:b7:22:1a:a3:70:db:0b:30:98:
27:c8:c0:03:e1:32:cb:b3:82:db:4e:36:04:7e:bb:
51:1f:81:f2:06:95:a4:0d:26:b3:4b:3f:57:70:a5:
2e:4c:32:0b:bd:31:55:c5:6d:64:c7:26:10:3a:6e:
ca:d1:f7:fc:f0:5d:6f:f0:9c:2c:91:5d:c2:bc:51:
39:27:ff:ad:9e:3e:2b:8a:44:a3:bb:b6:c4:16:0a:
9d:2d:70:a4:38:c5:26:09:df:aa:d8:76:31:97:61:
51:96:52:84:07:f5:84:12:cb:3d:db:69:42:ef:e3:
dc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:98:A5:00:9C:E9:E0:58:9A:77:2E:8E:CD:6F:32:E8:5F:A1:DA:D9
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/O5ilAJzp4Fiady6OzW8y6F-h2tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.20.0/22
185.178.248.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:6a:c2:0d:3d:1e:7b:ff:29:f9:8b:41:21:83:fa:53:84:4f:
3e:ab:a8:28:1a:cc:5d:78:4f:50:bb:c6:31:18:db:e6:0f:24:
98:ce:e4:f4:67:bc:4e:6a:7d:da:ba:76:30:b1:7b:2b:ca:69:
71:ca:d1:07:3c:11:76:9a:54:b0:8d:b1:d5:ed:03:17:a4:3e:
d8:9e:0c:46:b9:7e:4e:57:01:60:ae:52:4a:6d:fa:bb:d1:d2:
ff:ce:e9:f7:07:36:19:3d:a1:3e:96:e9:c6:07:6a:a2:2d:67:
3d:49:aa:27:7a:bd:90:a5:9a:a2:52:38:ee:59:c0:49:eb:43:
c5:e8:6a:ae:2a:f9:bf:34:c5:cb:35:ab:be:bd:94:3d:a0:7b:
2f:ff:3d:a5:2f:b4:c4:51:9a:5f:e9:8c:4f:0e:43:0d:8b:82:
50:91:34:19:d6:63:3a:78:4f:43:fe:f6:20:4a:1f:bd:92:e0:
f9:29:52:b9:2d:18:6e:7b:5f:47:ca:2a:6f:fc:bc:dc:71:41:
6b:e8:db:2e:91:20:81:dc:23:26:26:15:06:91:57:08:db:86:
73:d0:ce:89:ac:d3:54:97:b2:58:71:69:c4:52:7b:27:36:ff:
85:7e:44:3f:6e:8c:81:1b:c9:35:b5:61:e2:48:0b:6c:e6:16:
be:54:d3:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjE9okvY5w29aecGPA3B6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjUwMTAxMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk4YTUwMDljZTllMDU4OWE3NzJlOGVjZDZmMzJlODVmYTFkYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mzi/Hl3aDq9RdkZ+f5S4PcEV8v/
4u0WG+Hvs2cmKbWYcCXCwOZFJ4k7reurvx3eY4xjho1GEudp148m59VHfGAroh8/
0i4sBiD8KzIczs5NXrDo6D+6oyXiHynAY618CAUcTUP+SuoQ/VLRotDXK6ixyXri
hsIVHwmee9WWHNMo8SPe5lTgDWK0gZe3IhqjcNsLMJgnyMAD4TLLs4LbTjYEfrtR
H4HyBpWkDSazSz9XcKUuTDILvTFVxW1kxyYQOm7K0ff88F1v8JwskV3CvFE5J/+t
nj4rikSju7bEFgqdLXCkOMUmCd+q2HYxl2FRllKEB/WEEss922lC7+PcFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuYpQCc6eBYmncujs1vMuhfodrZMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvTzVpbEFKenA0RmlhZHk2T3pXOHk2Ri1oMnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaoUAwQB
ubL4MA0GCSqGSIb3DQEBCwUAA4IBAQAuasINPR57/yn5i0Ehg/pThE8+q6goGsxd
eE9Qu8YxGNvmDySYzuT0Z7xOan3aunYwsXsrymlxytEHPBF2mlSwjbHV7QMXpD7Y
ngxGuX5OVwFgrlJKbfq70dL/zun3BzYZPaE+lunGB2qiLWc9Saoner2QpZqiUjju
WcBJ60PF6GquKvm/NMXLNau+vZQ9oHsv/z2lL7TEUZpf6YxPDkMNi4JQkTQZ1mM6
eE9D/vYgSh+9kuD5KVK5LRhue19Hyipv/LzccUFr6NsukSCB3CMmJhUGkVcI24Zz
0M6JrNNUl7JYcWnEUnsnNv+FfkQ/boyBG8k1tWHiSAts5ha+VNP1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:08 2025 by rpki-client on console.sobornost.net