Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/rUM43ISndw5pYAQLWf2KHIAwsfw.roa
File: rUM43ISndw5pYAQLWf2KHIAwsfw.roa (raw, json)
Hash identifier: KeqCps5BUoZfWz/djUGV6w2EVQtKO+PPXxPc78g2vTo=
Subject key identifier: AD:43:38:DC:84:A7:77:0E:69:60:04:0B:59:FD:8A:1C:80:30:B1:FC
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 019425FDA478059977953A512846F2F87E71
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/rUM43ISndw5pYAQLWf2KHIAwsfw.roa
Signing time: Thu 02 Jan 2025 07:49:27 +0000
ROA not before: Thu 02 Jan 2025 07:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207974
IP address blocks: 185.214.168.0/22 maxlen: 22
185.214.168.0/24 maxlen: 24
185.214.169.0/24 maxlen: 24
185.214.170.0/24 maxlen: 24
2a0a:3b40::/36 maxlen: 36
2a0a:3b40:1000::/36 maxlen: 36
2a0a:3b40:2000::/36 maxlen: 36
2a0a:3b40:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a4:78:05:99:77:95:3a:51:28:46:f2:f8:7e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jan 2 07:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad4338dc84a7770e6960040b59fd8a1c8030b1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4e:80:99:a3:d7:aa:77:80:e3:e4:c7:0a:2b:
68:04:d0:5c:05:c6:dc:12:0e:54:71:45:65:b4:ee:
37:2d:20:78:35:3a:c4:78:45:13:08:a1:0e:5e:44:
c3:76:c1:32:c6:a7:a6:a6:64:25:42:46:aa:43:43:
6a:d6:fe:93:62:e1:45:46:80:ff:15:15:19:22:f6:
53:49:eb:fb:8d:e9:84:3c:6b:4d:55:f2:01:95:25:
b4:f2:6e:3f:8f:21:64:19:94:7d:a7:93:40:a8:89:
49:d2:97:09:f7:54:36:b6:01:54:ba:36:02:3e:1c:
8a:cf:12:22:b5:73:8e:24:e6:ca:cc:24:2c:11:07:
9d:77:a6:a2:c4:24:e1:ab:98:ba:35:a3:98:20:cf:
5b:6c:14:59:1b:53:1f:a3:4e:0e:c4:a2:e7:4e:3d:
22:4d:98:a8:2c:cb:81:35:7c:3a:8d:a0:b8:15:94:
4a:ea:73:e6:62:18:97:25:50:80:67:56:a5:f5:47:
97:27:0d:4d:1b:95:4b:c9:03:9c:30:a0:10:56:31:
e9:70:dc:87:57:90:3f:3a:de:0f:da:ab:ce:7b:62:
fb:06:50:50:49:0c:dc:fb:b1:51:7a:a9:6b:a0:32:
e3:b3:50:3c:7e:a0:ec:e6:37:54:95:a9:02:87:28:
2c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:43:38:DC:84:A7:77:0E:69:60:04:0B:59:FD:8A:1C:80:30:B1:FC
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/rUM43ISndw5pYAQLWf2KHIAwsfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.168.0/22
IPv6:
2a0a:3b40::/34
Signature Algorithm: sha256WithRSAEncryption
66:57:47:70:f3:21:6b:be:42:53:fd:56:89:a4:f4:fe:c1:9c:
21:aa:3c:4a:66:d7:78:7f:a7:35:5d:58:ff:61:05:27:18:c2:
1e:2b:ed:1e:b6:6c:8c:c9:16:2c:6f:3b:bb:05:48:7c:da:6d:
ed:01:df:1e:fe:69:ad:a3:e1:33:ab:41:14:0e:a3:33:90:91:
9b:4b:9e:1d:cf:5d:03:81:67:de:f5:a2:e4:4d:8c:0b:d5:e1:
0a:f0:d1:03:ff:c4:57:90:da:5b:28:a1:85:89:77:09:5d:95:
07:fd:7a:7a:71:75:5b:37:6f:59:9a:f6:af:f6:39:b3:52:7b:
64:37:2b:af:e6:75:39:5f:5d:01:25:02:d9:9d:3d:38:ac:1d:
81:ca:6e:5e:38:ca:db:d7:17:d3:df:73:48:45:3b:1b:b5:62:
b8:78:fb:ad:99:69:2b:5b:6b:4d:2e:3a:0a:9c:c0:2e:1c:0f:
8e:f4:59:55:52:dd:e9:54:4b:4d:27:6c:76:87:dd:a5:6e:af:
a1:36:c5:ee:5f:69:3e:9c:24:6b:77:14:ec:83:3a:00:72:5a:
b4:de:f4:c3:e9:61:c8:48:64:79:5a:42:4a:00:4d:ec:c5:4e:
97:89:33:ea:8e:da:ad:4e:a5:64:aa:66:c7:74:be:54:bf:96:
a0:3b:f3:6a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQl/aR4BZl3lTpRKEby+H5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjUwMTAyMDc0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQzMzhkYzg0YTc3NzBlNjk2MDA0MGI1OWZkOGExYzgwMzBiMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8U6AmaPXqneA4+THCitoBNBcBcbc
Eg5UcUVltO43LSB4NTrEeEUTCKEOXkTDdsEyxqempmQlQkaqQ0Nq1v6TYuFFRoD/
FRUZIvZTSev7jemEPGtNVfIBlSW08m4/jyFkGZR9p5NAqIlJ0pcJ91Q2tgFUujYC
PhyKzxIitXOOJObKzCQsEQedd6aixCThq5i6NaOYIM9bbBRZG1Mfo04OxKLnTj0i
TZioLMuBNXw6jaC4FZRK6nPmYhiXJVCAZ1al9UeXJw1NG5VLyQOcMKAQVjHpcNyH
V5A/Ot4P2qvOe2L7BlBQSQzc+7FReqlroDLjs1A8fqDs5jdUlakChygsJwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFK1DONyEp3cOaWAEC1n9ihyAMLH8MB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvclVNNDNJU25kdzVwWUFRTFdmMktISUF3c2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCudaoMA4E
AgACMAgDBgYqCjtAADANBgkqhkiG9w0BAQsFAAOCAQEAZldHcPMha75CU/1WiaT0
/sGcIao8SmbXeH+nNV1Y/2EFJxjCHivtHrZsjMkWLG87uwVIfNpt7QHfHv5praPh
M6tBFA6jM5CRm0ueHc9dA4Fn3vWi5E2MC9XhCvDRA//EV5DaWyihhYl3CV2VB/16
enF1WzdvWZr2r/Y5s1J7ZDcrr+Z1OV9dASUC2Z09OKwdgcpuXjjK29cX099zSEU7
G7ViuHj7rZlpK1trTS46CpzALhwPjvRZVVLd6VRLTSdsdofdpW6voTbF7l9pPpwk
a3cU7IM6AHJatN70w+lhyEhkeVpCSgBN7MVOl4kz6o7arU6lZKpmx3S+VL+WoDvz
ag==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net