Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/3MZjImGng2_TJgQfxQEXoUtKWiw.roa
File: 3MZjImGng2_TJgQfxQEXoUtKWiw.roa (raw, json)
Hash identifier: lYzKLS8Ppt5gW8YVgI20GBdeqEZoir6MkSHCqmVcyNA=
Subject key identifier: DC:C6:63:22:61:A7:83:6F:D3:26:04:1F:C5:01:17:A1:4B:4A:5A:2C
Certificate issuer: /CN=a1646d3f90758d8a3743f155f62bffff1bb6366a
Certificate serial: 019425214B811EA8B50A8A72DA36A833B050
Authority key identifier: A1:64:6D:3F:90:75:8D:8A:37:43:F1:55:F6:2B:FF:FF:1B:B6:36:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWRtP5B1jYo3Q_FV9iv__xu2Nmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/3MZjImGng2_TJgQfxQEXoUtKWiw.roa
Signing time: Thu 02 Jan 2025 03:48:46 +0000
ROA not before: Thu 02 Jan 2025 03:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62250
IP address blocks: 185.209.188.0/22 maxlen: 22
185.209.188.0/24 maxlen: 24
185.209.189.0/24 maxlen: 24
185.209.190.0/24 maxlen: 24
185.209.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:4b:81:1e:a8:b5:0a:8a:72:da:36:a8:33:b0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1646d3f90758d8a3743f155f62bffff1bb6366a
Validity
Not Before: Jan 2 03:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcc6632261a7836fd326041fc50117a14b4a5a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9f:a7:95:11:0b:7b:04:e0:b0:0e:6d:95:da:
03:da:04:e9:b5:51:ce:ba:1e:62:c6:49:be:36:4d:
3d:96:3e:a4:cb:1c:94:cc:6e:b8:3c:da:54:65:de:
79:89:cc:bd:da:70:3b:04:4b:4b:2b:a9:d0:00:af:
74:08:15:a6:59:53:cb:26:96:83:f7:ba:1c:b2:17:
16:75:e9:ae:34:b5:5b:e3:0f:47:eb:93:d0:9f:66:
a8:df:51:b5:4f:a8:a2:41:35:73:11:5b:86:df:d6:
7b:77:05:6c:c3:cc:da:52:03:29:b4:cb:fb:e1:d1:
81:99:e6:7b:5f:42:e7:31:12:12:be:d6:96:82:2e:
68:df:c4:75:a3:5b:51:61:03:7d:87:71:ad:1a:07:
9d:f1:5a:ad:53:ca:31:b5:50:22:05:6b:f9:5b:9c:
09:ee:dd:e2:7b:56:75:2c:89:7b:d6:3a:85:8e:bd:
46:1a:d3:63:fa:b9:60:3d:88:d3:00:5b:be:5c:ba:
0c:e4:97:1d:6b:88:11:dc:f0:41:dd:92:61:3f:2d:
87:ff:b5:57:d3:11:2c:fe:19:53:4e:65:3e:21:16:
2d:d7:df:c1:d4:2f:8e:e5:97:cb:f6:a3:63:b3:cd:
63:12:8f:f1:56:34:db:13:04:ee:31:d9:f1:1b:3b:
e2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C6:63:22:61:A7:83:6F:D3:26:04:1F:C5:01:17:A1:4B:4A:5A:2C
X509v3 Authority Key Identifier:
keyid:A1:64:6D:3F:90:75:8D:8A:37:43:F1:55:F6:2B:FF:FF:1B:B6:36:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWRtP5B1jYo3Q_FV9iv__xu2Nmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/3MZjImGng2_TJgQfxQEXoUtKWiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/oWRtP5B1jYo3Q_FV9iv__xu2Nmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:97:be:9f:d5:b3:df:e7:7f:ce:1f:3e:1b:58:e8:09:02:e6:
f7:8e:91:78:d2:49:28:b4:d5:ce:26:93:58:ff:41:8f:6f:85:
0e:df:27:64:22:73:fc:e1:ce:c9:38:b5:2d:e3:2c:78:13:d6:
8f:a0:61:12:0e:b6:f7:d7:b2:12:14:8b:fa:af:2d:b0:40:68:
8f:ae:5e:c6:ab:f8:55:cf:a8:16:63:9f:1e:d4:34:43:61:a3:
9f:01:55:61:47:6a:f9:1f:76:f4:6c:c1:7b:bb:a9:22:f5:e6:
e3:e6:ac:1d:8e:5b:da:a7:48:c4:58:1a:a4:9c:00:61:c2:2e:
a2:9f:df:97:bb:d8:d2:df:05:5d:cf:f9:9c:f8:d2:ec:11:0b:
98:b9:f7:e2:db:a2:7c:35:7d:04:24:a2:e4:39:68:b7:b4:34:
91:18:a9:d6:7e:1c:99:62:90:93:6b:e2:d5:eb:d1:91:bb:f1:
01:6a:6a:70:01:8d:b0:85:04:09:a6:4a:33:52:96:f9:c7:12:
11:27:1d:77:ad:09:ab:59:03:ff:51:25:87:39:66:ae:71:92:
89:d0:27:8e:e1:4e:a2:8d:fe:a5:fa:f6:79:d0:0f:25:08:e7:
5a:9f:aa:1a:34:b0:2f:f9:25:c8:48:ee:79:7c:e7:55:f2:2b:
75:b0:e4:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIUuBHqi1Copy2jaoM7BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjQ2ZDNmOTA3NThkOGEzNzQzZjE1NWY2MmJmZmZmMWJi
NjM2NmEwHhcNMjUwMTAyMDM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M2NjMyMjYxYTc4MzZmZDMyNjA0MWZjNTAxMTdhMTRiNGE1YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5+nlRELewTgsA5tldoD2gTptVHO
uh5ixkm+Nk09lj6kyxyUzG64PNpUZd55icy92nA7BEtLK6nQAK90CBWmWVPLJpaD
97ocshcWdemuNLVb4w9H65PQn2ao31G1T6iiQTVzEVuG39Z7dwVsw8zaUgMptMv7
4dGBmeZ7X0LnMRISvtaWgi5o38R1o1tRYQN9h3GtGged8VqtU8oxtVAiBWv5W5wJ
7t3ie1Z1LIl71jqFjr1GGtNj+rlgPYjTAFu+XLoM5Jcda4gR3PBB3ZJhPy2H/7VX
0xEs/hlTTmU+IRYt19/B1C+O5ZfL9qNjs81jEo/xVjTbEwTuMdnxGzvi6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzGYyJhp4Nv0yYEH8UBF6FLSlosMB8GA1UdIwQY
MBaAFKFkbT+QdY2KN0PxVfYr//8btjZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dSdFA1QjFqWW8zUV9GVjlpdl9feHUyTm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yYjcwZjAtNGRhMy00YjQ1LWE5NWQt
NDhhMjBlNmU1ZDhiLzEvM01aakltR25nMl9USmdRZnhRRVhvVXRLV2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yYjcwZjAtNGRhMy00YjQ1LWE5NWQtNDhhMjBlNmU1ZDhi
LzEvb1dSdFA1QjFqWW8zUV9GVjlpdl9feHUyTm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudG8MA0G
CSqGSIb3DQEBCwUAA4IBAQBsl76f1bPf53/OHz4bWOgJAub3jpF40kkotNXOJpNY
/0GPb4UO3ydkInP84c7JOLUt4yx4E9aPoGESDrb317ISFIv6ry2wQGiPrl7Gq/hV
z6gWY58e1DRDYaOfAVVhR2r5H3b0bMF7u6ki9ebj5qwdjlvap0jEWBqknABhwi6i
n9+Xu9jS3wVdz/mc+NLsEQuYuffi26J8NX0EJKLkOWi3tDSRGKnWfhyZYpCTa+LV
69GRu/EBampwAY2whQQJpkozUpb5xxIRJx13rQmrWQP/USWHOWaucZKJ0CeO4U6i
jf6l+vZ50A8lCOdan6oaNLAv+SXISO55fOdV8it1sOT5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:09 2025 by rpki-client on console.sobornost.net