Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/igBGcaK6I-04bslxB8dvdsYLHhw.roa
File: igBGcaK6I-04bslxB8dvdsYLHhw.roa (raw, json)
Hash identifier: FBSMg/oDiupeLPZD+Uq2Nknq3gqPFPRMj+3j0Pt7jOU=
Subject key identifier: 8A:00:46:71:A2:BA:23:ED:38:6E:C9:71:07:C7:6F:76:C6:0B:1E:1C
Certificate issuer: /CN=fb02bac7b79a3109e9be3dfe4f06d585bb9f9051
Certificate serial: 019420D5DAF25F9D5E95A821CDCC03C588FE
Authority key identifier: FB:02:BA:C7:B7:9A:31:09:E9:BE:3D:FE:4F:06:D5:85:BB:9F:90:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/igBGcaK6I-04bslxB8dvdsYLHhw.roa
Signing time: Wed 01 Jan 2025 07:47:53 +0000
ROA not before: Wed 01 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212321
IP address blocks: 185.217.142.0/24 maxlen: 24
2a10:cd00::/32 maxlen: 32
2a10:cd01::/32 maxlen: 32
2a10:cd02::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:da:f2:5f:9d:5e:95:a8:21:cd:cc:03:c5:88:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb02bac7b79a3109e9be3dfe4f06d585bb9f9051
Validity
Not Before: Jan 1 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a004671a2ba23ed386ec97107c76f76c60b1e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:38:5b:27:14:2f:f0:92:17:e9:b6:d8:51:
e9:2a:c2:12:79:1d:e0:25:10:54:b3:00:c5:53:4c:
84:99:6d:27:d3:6c:5f:45:9f:05:09:8d:7e:2f:a0:
53:02:a7:e9:bb:c9:12:a6:c6:55:2f:26:a6:5e:17:
1c:1a:48:ba:d5:8e:e4:fd:b3:1a:f1:ee:ce:91:d1:
5b:25:47:8d:2e:36:a5:f9:26:46:23:bd:98:12:43:
93:d2:61:bb:e5:64:60:89:ce:eb:28:39:ba:cc:9d:
77:08:da:aa:de:a5:11:c3:3b:1d:8f:96:9c:48:6f:
ac:cd:b7:45:04:09:68:c2:de:94:01:84:15:2e:89:
64:99:04:1f:49:d1:6b:0c:5e:ab:42:ab:d4:49:1a:
c3:eb:7f:47:8a:ab:87:96:9e:bf:7e:dc:f0:7e:da:
cc:1e:17:ab:3f:67:ac:b7:7e:20:8e:ff:8c:d3:f6:
4b:c8:cf:05:27:63:94:6c:cc:84:db:6a:4f:bd:4c:
8c:b2:9c:13:9b:83:ba:b8:6a:0e:1c:fd:aa:8c:1e:
78:eb:63:05:c1:84:e0:76:0f:f5:32:d8:6b:9e:af:
8c:b3:7a:83:dc:54:ef:f2:f9:31:00:9b:42:80:a4:
84:ed:8c:02:63:c6:12:55:fa:bc:a7:21:13:4c:85:
41:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:00:46:71:A2:BA:23:ED:38:6E:C9:71:07:C7:6F:76:C6:0B:1E:1C
X509v3 Authority Key Identifier:
keyid:FB:02:BA:C7:B7:9A:31:09:E9:BE:3D:FE:4F:06:D5:85:BB:9F:90:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/igBGcaK6I-04bslxB8dvdsYLHhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/1-wK6x7eaMQnpvj3-TwbVhbufkFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.142.0/24
IPv6:
2a10:cd00::-2a10:cd02:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:10:84:8b:d3:64:1b:ea:90:5b:2e:ed:5c:dc:c1:76:de:4a:
f7:7b:77:5d:17:3b:29:07:d0:38:78:76:c4:62:8c:17:3d:e9:
d6:8b:e8:0a:c8:20:3c:66:96:7a:da:d2:15:c4:8c:48:7a:f4:
78:20:6a:7e:8d:e1:a7:b3:15:0a:2e:c8:47:26:54:83:f2:ee:
47:1d:b0:81:3c:ee:9f:fa:21:77:6c:51:fe:78:35:0c:e6:50:
28:d3:83:fa:90:a5:f5:84:fd:73:78:e1:a5:a0:40:95:a5:80:
98:2d:72:58:6a:66:53:6e:1b:52:93:bd:fd:0e:ce:e3:f4:ac:
b3:14:7a:a4:e7:30:8c:ba:d6:29:7b:93:4c:23:2d:ce:9c:ae:
74:b5:91:96:a9:d7:87:19:d6:10:ff:d9:79:c0:ff:b0:a8:20:
fa:5f:80:c1:ac:a3:a8:0a:72:f9:82:af:8b:c7:6d:71:18:75:
fb:48:7b:e6:00:ea:72:b6:e8:c0:cf:e3:08:30:7a:34:a8:2e:
38:bb:85:27:db:ba:83:6b:d2:0e:5e:c3:d8:f2:dc:e8:4a:86:
18:88:1b:51:02:14:7e:b0:ba:c1:5f:d7:0b:35:3f:8c:7a:11:
66:2b:b6:b2:31:50:cf:4a:90:c5:84:bb:05:4d:62:a0:a3:6d:
68:32:7b:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQg1dryX51elaghzcwDxYj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDJiYWM3Yjc5YTMxMDllOWJlM2RmZTRmMDZkNTg1YmI5
ZjkwNTEwHhcNMjUwMTAxMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTAwNDY3MWEyYmEyM2VkMzg2ZWM5NzEwN2M3NmY3NmM2MGIxZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMk4WycUL/CSF+m22FHpKsISeR3g
JRBUswDFU0yEmW0n02xfRZ8FCY1+L6BTAqfpu8kSpsZVLyamXhccGki61Y7k/bMa
8e7OkdFbJUeNLjal+SZGI72YEkOT0mG75WRgic7rKDm6zJ13CNqq3qURwzsdj5ac
SG+szbdFBAlowt6UAYQVLolkmQQfSdFrDF6rQqvUSRrD639HiquHlp6/ftzwftrM
HherP2est34gjv+M0/ZLyM8FJ2OUbMyE22pPvUyMspwTm4O6uGoOHP2qjB5462MF
wYTgdg/1Mthrnq+Ms3qD3FTv8vkxAJtCgKSE7YwCY8YSVfq8pyETTIVBLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoARnGiuiPtOG7JcQfHb3bGCx4cMB8GA1UdIwQY
MBaAFPsCuse3mjEJ6b49/k8G1YW7n5BRMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13SzZ4N2VhTVFucHZqMy1Ud2JWaGJ1ZmtGRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvMjAwZTJiLWQzYTQtNDU1Ny05NzM1
LTQ5NTBmODZjYmI1Yi8xL2lnQkdjYUs2SS0wNGJzbHhCOGR2ZHNZTEhody5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWQvMjAwZTJiLWQzYTQtNDU1Ny05NzM1LTQ5NTBmODZjYmI1
Yi8xLzEtd0s2eDdlYU1RbnB2ajMtVHdiVmhidWZrRkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMAwEAgABMAYDBAC52Y4w
FQQCAAIwDzANAwQAKhDNAwUAKhDNAjANBgkqhkiG9w0BAQsFAAOCAQEAPBCEi9Nk
G+qQWy7tXNzBdt5K93t3XRc7KQfQOHh2xGKMFz3p1ovoCsggPGaWetrSFcSMSHr0
eCBqfo3hp7MVCi7IRyZUg/LuRx2wgTzun/ohd2xR/ng1DOZQKNOD+pCl9YT9c3jh
paBAlaWAmC1yWGpmU24bUpO9/Q7O4/SssxR6pOcwjLrWKXuTTCMtzpyudLWRlqnX
hxnWEP/ZecD/sKgg+l+AwayjqApy+YKvi8dtcRh1+0h75gDqcrbowM/jCDB6NKgu
OLuFJ9u6g2vSDl7D2PLc6EqGGIgbUQIUfrC6wV/XCzU/jHoRZiu2sjFQz0qQxYS7
BU1ioKNtaDJ7jg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net