Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/CEOAcQGoF-M49o3FqEoqpthBq7c.roa
File: CEOAcQGoF-M49o3FqEoqpthBq7c.roa (raw, json)
Hash identifier: o7aWAwYKfU3X1B2JaQq/PQb9tN2IBMnSaEyBCSBzIfk=
Subject key identifier: 08:43:80:71:01:A8:17:E3:38:F6:8D:C5:A8:4A:2A:A6:D8:41:AB:B7
Certificate issuer: /CN=f52f20d0d3b2efc5bc97a47b775bd8ba1794f9e5
Certificate serial: 019420681BA1B3A20B78925593FCC85D840C
Authority key identifier: F5:2F:20:D0:D3:B2:EF:C5:BC:97:A4:7B:77:5B:D8:BA:17:94:F9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9S8g0NOy78W8l6R7d1vYuheU-eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/CEOAcQGoF-M49o3FqEoqpthBq7c.roa
Signing time: Wed 01 Jan 2025 05:48:01 +0000
ROA not before: Wed 01 Jan 2025 05:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208018
IP address blocks: 185.172.204.0/22 maxlen: 22
185.172.204.0/23 maxlen: 23
185.172.206.0/23 maxlen: 23
185.172.207.0/24 maxlen: 24
2a0f:1dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1b:a1:b3:a2:0b:78:92:55:93:fc:c8:5d:84:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f52f20d0d3b2efc5bc97a47b775bd8ba1794f9e5
Validity
Not Before: Jan 1 05:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0843807101a817e338f68dc5a84a2aa6d841abb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:8b:27:23:67:19:e5:ec:87:e0:61:e7:c2:
0e:ac:db:62:73:64:70:bd:6c:3f:05:bf:9c:25:26:
11:2b:7a:38:2f:d8:93:7d:83:0c:c3:7c:f0:73:d2:
57:65:48:f3:6c:78:32:13:ea:4c:f5:6e:40:97:90:
8e:40:c4:46:39:24:b4:3b:ca:2b:34:b5:17:70:a9:
99:56:09:52:e1:e3:08:a4:35:79:cb:9d:58:04:27:
e1:65:ab:ff:2b:59:75:78:27:3e:a2:74:6e:03:f9:
a3:95:5f:10:76:ba:19:df:bf:ee:ac:f4:38:e0:48:
b4:51:83:c9:43:a7:b0:13:5a:ab:d2:54:fb:5a:47:
dd:97:c8:47:e5:8b:52:4c:fb:c6:48:86:2f:fb:5c:
23:9b:8b:a3:d3:06:7b:b1:22:13:23:3e:f2:0a:69:
56:76:af:12:3a:b9:50:b3:f1:a9:b5:91:18:78:a9:
44:41:ef:6d:8c:8d:f8:64:4a:e6:08:e8:8f:02:5b:
b6:8c:03:4e:99:32:fe:6e:02:73:6f:92:f2:2f:89:
e0:04:03:16:ed:cf:d3:d4:61:65:86:dd:5d:77:ee:
92:02:80:0e:99:ed:5d:7f:08:ae:20:83:68:b0:4e:
a7:e7:fe:0c:95:c0:29:4f:70:96:ec:eb:ca:d3:59:
b2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:43:80:71:01:A8:17:E3:38:F6:8D:C5:A8:4A:2A:A6:D8:41:AB:B7
X509v3 Authority Key Identifier:
keyid:F5:2F:20:D0:D3:B2:EF:C5:BC:97:A4:7B:77:5B:D8:BA:17:94:F9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9S8g0NOy78W8l6R7d1vYuheU-eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/CEOAcQGoF-M49o3FqEoqpthBq7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/9S8g0NOy78W8l6R7d1vYuheU-eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.204.0/22
IPv6:
2a0f:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:27:54:7f:69:9e:3c:e4:22:5e:07:55:61:35:52:53:ad:2e:
f3:89:81:ae:0d:5e:95:5e:17:5b:5b:72:7e:03:ef:c7:21:81:
29:86:cb:18:d8:3c:8d:e9:19:ce:88:83:ab:1b:48:8b:77:40:
12:39:28:35:bd:73:8c:70:13:c2:fc:fa:a4:ff:2b:e9:1e:40:
8f:ca:35:15:56:a9:83:0d:c4:6f:e0:c1:66:c0:09:2f:8b:81:
5f:3b:bd:39:0f:d9:e6:02:32:5a:e6:e1:ef:15:7d:d9:09:0d:
87:ac:34:35:ff:23:6b:24:2d:24:10:7b:2e:ab:53:e1:d7:37:
6d:94:95:4f:09:6d:42:54:ce:da:1d:66:23:7d:07:c1:43:68:
64:fe:a4:91:5c:48:bc:b1:ab:1b:5a:16:c9:0a:74:57:ad:09:
0f:65:96:ab:05:93:bc:0d:98:7b:d8:9c:12:71:e0:fb:f0:91:
a6:2d:6c:10:7a:38:c9:40:76:ad:a3:d7:6a:fc:c3:d5:b9:96:
51:f2:d6:99:31:67:40:cb:93:01:aa:a7:95:db:02:d4:f7:42:
83:6f:7c:f7:74:e4:15:a0:97:17:b9:16:7b:c3:79:87:5a:a5:
61:5a:bd:53:be:7a:c7:a2:74:45:7a:1c:90:dd:41:37:7e:39:
84:cd:00:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaBuhs6ILeJJVk/zIXYQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MmYyMGQwZDNiMmVmYzViYzk3YTQ3Yjc3NWJkOGJhMTc5
NGY5ZTUwHhcNMjUwMTAxMDU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQzODA3MTAxYTgxN2UzMzhmNjhkYzVhODRhMmFhNmQ4NDFhYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQOLJyNnGeXsh+Bh58IOrNtic2Rw
vWw/Bb+cJSYRK3o4L9iTfYMMw3zwc9JXZUjzbHgyE+pM9W5Al5COQMRGOSS0O8or
NLUXcKmZVglS4eMIpDV5y51YBCfhZav/K1l1eCc+onRuA/mjlV8QdroZ37/urPQ4
4Ei0UYPJQ6ewE1qr0lT7Wkfdl8hH5YtSTPvGSIYv+1wjm4uj0wZ7sSITIz7yCmlW
dq8SOrlQs/GptZEYeKlEQe9tjI34ZErmCOiPAlu2jANOmTL+bgJzb5LyL4ngBAMW
7c/T1GFlht1dd+6SAoAOme1dfwiuIINosE6n5/4MlcApT3CW7OvK01my1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhDgHEBqBfjOPaNxahKKqbYQau3MB8GA1UdIwQY
MBaAFPUvINDTsu/FvJeke3db2LoXlPnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVM4ZzBOT3k3OFc4bDZSN2Qxdll1aGVVLWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jNmVjNjgtMjI1Zi00ZDk1LTkzNDAt
YTFmNzQ1ODYzODdiLzEvQ0VPQWNRR29GLU00OW8zRnFFb3FwdGhCcTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jNmVjNjgtMjI1Zi00ZDk1LTkzNDAtYTFmNzQ1ODYzODdi
LzEvOVM4ZzBOT3k3OFc4bDZSN2Qxdll1aGVVLWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazMMA0E
AgACMAcDBQMqDx3AMA0GCSqGSIb3DQEBCwUAA4IBAQCwJ1R/aZ485CJeB1VhNVJT
rS7ziYGuDV6VXhdbW3J+A+/HIYEphssY2DyN6RnOiIOrG0iLd0ASOSg1vXOMcBPC
/Pqk/yvpHkCPyjUVVqmDDcRv4MFmwAkvi4FfO705D9nmAjJa5uHvFX3ZCQ2HrDQ1
/yNrJC0kEHsuq1Ph1zdtlJVPCW1CVM7aHWYjfQfBQ2hk/qSRXEi8sasbWhbJCnRX
rQkPZZarBZO8DZh72JwSceD78JGmLWwQejjJQHato9dq/MPVuZZR8taZMWdAy5MB
qqeV2wLU90KDb3z3dOQVoJcXuRZ7w3mHWqVhWr1TvnrHonRFehyQ3UE3fjmEzQDc
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net