Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/Cg7qlLFT5Tw2Rj89YI6LNGMAVC8.roa
File: Cg7qlLFT5Tw2Rj89YI6LNGMAVC8.roa (raw, json)
Hash identifier: RUt6pQHc+8RuyWicYb+I1y3SWfel5InfTPhk0ybD+Y4=
Subject key identifier: 0A:0E:EA:94:B1:53:E5:3C:36:46:3F:3D:60:8E:8B:34:63:00:54:2F
Certificate issuer: /CN=d4e4e015ec01da6ae7d84916fd1ad4caa904dc4e
Certificate serial: 019422FC1179FD3DD25B6C964E950FAF26DF
Authority key identifier: D4:E4:E0:15:EC:01:DA:6A:E7:D8:49:16:FD:1A:D4:CA:A9:04:DC:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OTgFewB2mrn2EkW_RrUyqkE3E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/Cg7qlLFT5Tw2Rj89YI6LNGMAVC8.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205797
IP address blocks: 185.205.88.0/22 maxlen: 22
185.205.88.0/24 maxlen: 24
185.205.89.0/24 maxlen: 24
185.205.90.0/24 maxlen: 24
185.205.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:11:79:fd:3d:d2:5b:6c:96:4e:95:0f:af:26:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e4e015ec01da6ae7d84916fd1ad4caa904dc4e
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a0eea94b153e53c36463f3d608e8b346300542f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:17:86:a0:17:fe:da:20:ed:3e:6a:e1:6c:
0e:76:ac:e2:b1:0f:33:ca:d2:4d:fa:0f:97:9e:c2:
26:1d:eb:95:36:58:b3:cc:f3:20:74:f0:1b:48:8d:
99:40:d5:79:79:4f:2a:5e:d7:ae:c6:a9:7a:7b:7d:
1b:0a:26:cb:2f:96:e5:eb:89:d3:33:e9:1c:0c:e9:
59:7b:a6:e3:e5:60:8f:96:22:24:8b:4f:cd:ca:04:
29:c0:27:14:76:cd:72:2e:df:fc:2a:37:09:ea:14:
40:66:2f:78:a7:86:ff:26:08:57:84:40:73:c4:0e:
56:bb:e7:88:fa:a5:ce:e6:02:fd:dc:2b:34:7a:d3:
f4:7a:64:08:af:cd:86:f9:7c:ea:de:cb:5b:74:a2:
f2:1c:b0:91:d4:52:47:63:17:c6:9a:b1:fd:86:31:
0b:35:96:fe:b2:28:e6:ec:65:9f:1b:a3:b6:56:50:
71:05:7b:02:44:3b:21:da:93:5a:8c:1a:a7:87:91:
94:46:9f:fb:1b:78:cf:b4:c9:c0:7d:1c:33:61:9e:
8e:1e:18:56:71:4e:dd:59:fe:b2:3f:f0:2b:21:fa:
52:50:98:2e:3a:36:24:87:73:5c:a4:4b:9a:97:4e:
a0:70:41:93:2e:a7:ee:44:f4:93:cc:dc:b0:f7:c2:
98:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:0E:EA:94:B1:53:E5:3C:36:46:3F:3D:60:8E:8B:34:63:00:54:2F
X509v3 Authority Key Identifier:
keyid:D4:E4:E0:15:EC:01:DA:6A:E7:D8:49:16:FD:1A:D4:CA:A9:04:DC:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OTgFewB2mrn2EkW_RrUyqkE3E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/Cg7qlLFT5Tw2Rj89YI6LNGMAVC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/1OTgFewB2mrn2EkW_RrUyqkE3E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:2c:5c:e2:c4:12:49:1c:7f:61:e1:02:4f:68:c5:fb:d6:f5:
f3:f2:49:44:ea:7f:d3:df:c8:2f:6c:1e:c4:04:77:6e:a2:11:
0b:80:d2:16:91:c2:03:9d:d6:c7:66:b2:05:58:01:e4:1f:94:
6c:67:d3:54:ee:fe:71:1e:73:88:a0:42:05:51:d3:7b:55:87:
41:1e:7c:a9:18:52:02:40:30:40:3f:ca:b4:bc:4a:0e:f7:e7:
97:f6:75:62:7b:07:2f:3e:d9:85:b9:8d:62:c3:0b:5e:eb:5a:
59:2b:c7:6b:20:9b:10:df:27:59:d3:7a:21:e9:26:5f:ab:02:
ea:e0:68:40:65:4f:aa:58:d9:b9:ab:51:0f:4f:9d:2f:26:70:
df:d0:eb:7d:a1:e6:39:e2:b5:ae:cb:4e:44:31:92:e6:cf:54:
03:71:f8:b3:96:0c:cd:29:ec:0e:46:ec:47:c5:60:1a:ef:14:
2f:19:0e:c1:11:36:e4:c0:92:c4:25:95:12:ca:4e:d6:77:bc:
9e:f6:c3:cd:5f:49:44:79:2c:cc:5f:db:b7:7b:06:7e:5a:24:
9a:88:75:5a:85:e2:e0:a7:9f:3c:4b:0d:0f:0a:d4:cd:70:e8:
a6:1b:f3:b2:e9:4c:10:63:78:7a:34:c0:67:96:6c:f7:7d:73:
2c:10:5f:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BF5/T3SW2yWTpUPrybfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTRlMDE1ZWMwMWRhNmFlN2Q4NDkxNmZkMWFkNGNhYTkw
NGRjNGUwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTBlZWE5NGIxNTNlNTNjMzY0NjNmM2Q2MDhlOGIzNDYzMDA1NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4MXhqAX/tog7T5q4WwOdqzisQ8z
ytJN+g+XnsImHeuVNlizzPMgdPAbSI2ZQNV5eU8qXteuxql6e30bCibLL5bl64nT
M+kcDOlZe6bj5WCPliIki0/NygQpwCcUds1yLt/8KjcJ6hRAZi94p4b/JghXhEBz
xA5Wu+eI+qXO5gL93Cs0etP0emQIr82G+Xzq3stbdKLyHLCR1FJHYxfGmrH9hjEL
NZb+sijm7GWfG6O2VlBxBXsCRDsh2pNajBqnh5GURp/7G3jPtMnAfRwzYZ6OHhhW
cU7dWf6yP/ArIfpSUJguOjYkh3NcpEual06gcEGTLqfuRPSTzNyw98KYWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoO6pSxU+U8NkY/PWCOizRjAFQvMB8GA1UdIwQY
MBaAFNTk4BXsAdpq59hJFv0a1MqpBNxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9UZ0Zld0IybXJuMkVrV19SclV5cWtFM0U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iZGQ4N2MtYTZkOS00YmMyLTlkODct
MGE4MTJiYjE4ZjM1LzEvQ2c3cWxMRlQ1VHcyUmo4OVlJNkxOR01BVkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iZGQ4N2MtYTZkOS00YmMyLTlkODctMGE4MTJiYjE4ZjM1
LzEvMU9UZ0Zld0IybXJuMkVrV19SclV5cWtFM0U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc1YMA0G
CSqGSIb3DQEBCwUAA4IBAQCwLFzixBJJHH9h4QJPaMX71vXz8klE6n/T38gvbB7E
BHduohELgNIWkcIDndbHZrIFWAHkH5RsZ9NU7v5xHnOIoEIFUdN7VYdBHnypGFIC
QDBAP8q0vEoO9+eX9nViewcvPtmFuY1iwwte61pZK8drIJsQ3ydZ03oh6SZfqwLq
4GhAZU+qWNm5q1EPT50vJnDf0Ot9oeY54rWuy05EMZLmz1QDcfizlgzNKewORuxH
xWAa7xQvGQ7BETbkwJLEJZUSyk7Wd7ye9sPNX0lEeSzMX9u3ewZ+WiSaiHVaheLg
p588Sw0PCtTNcOimG/Oy6UwQY3h6NMBnlmz3fXMsEF++
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net