Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/2S36hALNEuA4FHD_a934872Co8w.roa
File: 2S36hALNEuA4FHD_a934872Co8w.roa (raw, json)
Hash identifier: 7vbdkC8QrVhET/DTmD2itapsbG53efZ5NYts2gI1WdE=
Subject key identifier: D9:2D:FA:84:02:CD:12:E0:38:14:70:FF:6B:DD:F8:F3:BD:82:A3:CC
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 019427B60D99545178C99B0E1B0C6C3768CE
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/2S36hALNEuA4FHD_a934872Co8w.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39143
IP address blocks: 89.188.162.0/24 maxlen: 24
185.211.240.0/22 maxlen: 23
185.211.241.0/24 maxlen: 24
2a03:8641::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0d:99:54:51:78:c9:9b:0e:1b:0c:6c:37:68:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d92dfa8402cd12e0381470ff6bddf8f3bd82a3cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a7:13:9d:1a:fa:48:de:4d:43:f0:5e:40:50:
e1:d6:66:5a:0f:43:e6:1d:0e:ff:91:16:95:bd:e3:
fc:f5:73:5f:d3:86:72:82:9e:a2:7f:a2:31:61:a1:
cb:07:99:0b:71:f3:11:96:23:04:bb:94:11:70:84:
66:85:37:91:e4:a4:c8:9d:8b:d9:f9:aa:dd:11:e2:
23:3b:ed:b7:94:1b:b3:15:69:f7:86:bf:02:1e:fa:
7c:f0:bb:48:a5:11:eb:6f:cd:93:20:c2:a7:5b:03:
f8:d6:d2:fa:64:8f:96:92:92:59:87:02:d3:e2:7e:
ea:ac:91:ec:9e:6c:e1:76:67:91:1f:7d:02:06:f2:
d2:29:fa:a9:ac:f7:ed:cb:8e:51:ee:73:f1:0b:30:
64:81:af:0a:25:83:0e:f4:0b:42:4a:83:87:e5:03:
20:af:bf:e9:db:ec:43:b8:17:5f:72:66:5e:5e:7d:
3f:13:a5:d9:a9:16:23:d8:ed:d5:61:14:78:60:93:
17:54:02:a0:0f:72:a8:48:ca:2e:d7:d6:14:2a:3f:
05:56:b6:5b:88:dd:15:96:78:64:02:74:38:2e:dd:
e5:7f:a2:cf:d1:4e:bb:8e:3b:29:ea:f9:8f:c5:70:
39:7e:c0:a1:3a:27:01:6f:ed:6a:62:b1:e2:85:70:
42:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2D:FA:84:02:CD:12:E0:38:14:70:FF:6B:DD:F8:F3:BD:82:A3:CC
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/2S36hALNEuA4FHD_a934872Co8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.162.0/24
185.211.240.0/22
IPv6:
2a03:8641::/32
Signature Algorithm: sha256WithRSAEncryption
18:17:40:01:af:b0:e5:4b:9c:8e:1f:1d:56:5b:3a:b6:87:95:
6e:e9:f7:be:aa:3f:8c:66:41:22:7a:a8:d3:ac:65:54:3b:3d:
c6:83:07:23:a4:e5:85:99:aa:7c:31:b0:f8:34:fc:6e:49:d9:
03:4b:85:f9:e1:f9:70:0f:0c:5f:23:71:5e:3d:8e:01:55:89:
de:3a:05:1b:7e:2f:c5:e3:3a:5f:1f:d0:90:0a:f7:9f:28:86:
6c:5c:50:77:78:f6:ca:c0:9e:a5:d4:fb:26:ac:3f:02:58:f2:
a4:e0:ca:9a:dc:25:45:69:e0:9b:41:1a:d9:21:5b:72:1a:a4:
ea:1a:68:cb:75:e6:2c:6d:7c:2a:ce:3f:7c:70:9a:fa:79:56:
17:78:d7:00:6f:a8:15:4e:1e:06:b0:b4:d3:ff:a5:dc:9f:79:
7a:d8:3d:6c:1b:87:ff:ac:c9:3e:f7:7e:3c:0a:ea:9f:aa:70:
5e:47:e0:c6:4d:bb:2b:07:0c:95:34:2c:79:46:d7:52:24:52:
12:80:7a:3f:dd:cf:73:aa:67:8b:1a:05:34:6b:0e:18:0b:5b:
9f:37:74:d5:d9:b8:8e:07:25:2b:87:e0:6f:50:e8:43:2f:84:
0e:1a:f0:99:a6:e3:0a:8d:c9:4a:39:d0:d1:fa:71:b9:14:ea:
01:72:9a:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntg2ZVFF4yZsOGwxsN2jOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJkZmE4NDAyY2QxMmUwMzgxNDcwZmY2YmRkZjhmM2JkODJhM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qcTnRr6SN5NQ/BeQFDh1mZaD0Pm
HQ7/kRaVveP89XNf04Zygp6if6IxYaHLB5kLcfMRliMEu5QRcIRmhTeR5KTInYvZ
+ardEeIjO+23lBuzFWn3hr8CHvp88LtIpRHrb82TIMKnWwP41tL6ZI+WkpJZhwLT
4n7qrJHsnmzhdmeRH30CBvLSKfqprPfty45R7nPxCzBkga8KJYMO9AtCSoOH5QMg
r7/p2+xDuBdfcmZeXn0/E6XZqRYj2O3VYRR4YJMXVAKgD3KoSMou19YUKj8FVrZb
iN0VlnhkAnQ4Lt3lf6LP0U67jjsp6vmPxXA5fsChOicBb+1qYrHihXBC0QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNkt+oQCzRLgOBRw/2vd+PO9gqPMMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvMlMzNmhBTE5FdUE0RkhEX2E5MzQ4NzJDbzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWbyiAwQC
udPwMA0EAgACMAcDBQAqA4ZBMA0GCSqGSIb3DQEBCwUAA4IBAQAYF0ABr7DlS5yO
Hx1WWzq2h5Vu6fe+qj+MZkEieqjTrGVUOz3GgwcjpOWFmap8MbD4NPxuSdkDS4X5
4flwDwxfI3FePY4BVYneOgUbfi/F4zpfH9CQCvefKIZsXFB3ePbKwJ6l1PsmrD8C
WPKk4Mqa3CVFaeCbQRrZIVtyGqTqGmjLdeYsbXwqzj98cJr6eVYXeNcAb6gVTh4G
sLTT/6Xcn3l62D1sG4f/rMk+9348CuqfqnBeR+DGTbsrBwyVNCx5RtdSJFISgHo/
3c9zqmeLGgU0aw4YC1ufN3TV2biOByUrh+BvUOhDL4QOGvCZpuMKjclKOdDR+nG5
FOoBcprC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net