Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/ejRJ31S7gTZphcMPp--rX-fthA4.roa
File: ejRJ31S7gTZphcMPp--rX-fthA4.roa (raw, json)
Hash identifier: K6orC9qH9AXgz/q6yHBYuSENvrxco32U8VdUBQRxDgA=
Subject key identifier: 7A:34:49:DF:54:BB:81:36:69:85:C3:0F:A7:EF:AB:5F:E7:ED:84:0E
Certificate issuer: /CN=90afdcff7de3a65947631f92c67e272767194478
Certificate serial: 01950062B1120408A49D16D5644348208568
Authority key identifier: 90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/ejRJ31S7gTZphcMPp--rX-fthA4.roa
Signing time: Thu 13 Feb 2025 17:37:02 +0000
ROA not before: Thu 13 Feb 2025 17:37:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199441
IP address blocks: 185.14.128.0/22 maxlen: 22
185.14.128.0/23 maxlen: 24
185.14.130.0/24 maxlen: 24
185.14.131.0/24 maxlen: 24
195.192.236.0/22 maxlen: 24
2a03:a240::/44 maxlen: 44
2a03:a240::/47 maxlen: 48
2a03:a240:2::/48 maxlen: 48
2a03:a240:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:62:b1:12:04:08:a4:9d:16:d5:64:43:48:20:85:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90afdcff7de3a65947631f92c67e272767194478
Validity
Not Before: Feb 13 17:37:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a3449df54bb81366985c30fa7efab5fe7ed840e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6b:e2:99:ae:aa:f3:3c:eb:a1:98:50:d4:a8:
fe:a9:b6:bd:f9:fa:09:57:45:c5:5a:23:b2:e7:7c:
48:40:6d:9f:e6:02:7d:68:4e:a5:21:df:cf:0c:c5:
cd:d4:1f:2e:22:35:cc:e1:3c:47:b3:da:9c:66:cb:
09:1e:0f:f0:55:d2:73:06:09:66:9d:87:7f:ac:b1:
71:fb:fa:8c:47:37:fc:f3:f1:9a:6b:c5:b5:17:e0:
a2:cb:4f:06:e9:71:ac:2c:ce:e2:66:48:62:76:12:
95:c2:71:f7:46:c3:21:08:00:7a:03:e7:6a:a4:b2:
f3:b0:e5:fa:79:1a:d1:04:a1:45:8a:25:da:0a:ab:
bf:f4:5d:62:da:68:fd:13:36:01:fe:6e:f1:88:a1:
a5:32:83:62:fb:c7:e3:a3:6e:d5:e1:02:bb:e0:7b:
39:ce:cf:60:64:b6:fc:51:32:e2:d2:b2:37:f0:39:
c1:1d:3f:47:eb:0a:2f:40:f6:4f:47:4c:93:11:ac:
da:2f:ac:92:c9:a2:35:f1:73:6e:f4:ea:f8:29:49:
29:da:ec:bd:46:d4:f7:ac:7d:10:90:ed:a7:ce:d0:
3a:4f:bf:ad:d6:e5:9d:de:9c:12:50:c5:97:12:7e:
cc:1a:a9:60:fc:ff:a7:c8:05:e4:66:24:c3:d2:b9:
32:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:34:49:DF:54:BB:81:36:69:85:C3:0F:A7:EF:AB:5F:E7:ED:84:0E
X509v3 Authority Key Identifier:
keyid:90:AF:DC:FF:7D:E3:A6:59:47:63:1F:92:C6:7E:27:27:67:19:44:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK_c_33jpllHYx-Sxn4nJ2cZRHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/ejRJ31S7gTZphcMPp--rX-fthA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/e00d1e-4a18-4956-82a4-190a5c8d9d95/1/kK_c_33jpllHYx-Sxn4nJ2cZRHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.128.0/22
195.192.236.0/22
IPv6:
2a03:a240::/44
Signature Algorithm: sha256WithRSAEncryption
13:4d:24:d0:cd:46:26:55:8d:07:ad:0d:30:1b:db:f7:af:9f:
42:b1:ab:14:fd:89:1b:0c:4f:81:cc:7e:58:46:4f:45:89:39:
da:3e:e0:f9:fb:7a:a1:be:62:d8:20:7c:c0:d3:f4:38:00:1f:
a0:01:68:6c:32:83:67:24:ce:eb:5f:4c:54:99:92:89:81:30:
bf:ab:70:55:71:82:b3:99:3a:1d:27:a7:43:4b:91:59:0e:27:
b8:66:bd:dd:98:c0:6d:8f:d7:a0:d9:5d:99:95:3f:db:e0:ee:
09:00:47:b2:3d:90:38:3e:a0:c8:a3:27:20:44:5f:74:76:59:
07:91:8a:52:58:db:f3:6c:bc:b3:45:b0:d9:3e:2e:f2:6e:21:
39:d0:6f:cf:02:4b:6d:52:46:43:c9:9e:d8:9a:f5:de:fb:ee:
f9:d2:bd:84:eb:95:ba:2e:1e:8c:92:66:63:72:84:9b:d8:b4:
1c:bf:6f:2e:b2:4b:25:dd:d1:f9:77:7f:d4:66:1e:00:4f:a5:
a2:46:7a:03:3c:2e:5a:e1:02:23:99:65:43:0e:65:92:ae:0d:
d1:ba:c3:25:95:31:45:97:81:20:d0:69:c7:0b:2f:d4:a8:4d:
76:93:56:7a:85:fc:08:f6:b7:7a:04:0e:29:da:94:c4:f4:9a:
fd:b8:08:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZUAYrESBAiknRbVZENIIIVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWZkY2ZmN2RlM2E2NTk0NzYzMWY5MmM2N2UyNzI3Njcx
OTQ0NzgwHhcNMjUwMjEzMTczNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM0NDlkZjU0YmI4MTM2Njk4NWMzMGZhN2VmYWI1ZmU3ZWQ4NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWvima6q8zzroZhQ1Kj+qba9+foJ
V0XFWiOy53xIQG2f5gJ9aE6lId/PDMXN1B8uIjXM4TxHs9qcZssJHg/wVdJzBglm
nYd/rLFx+/qMRzf88/Gaa8W1F+Ciy08G6XGsLM7iZkhidhKVwnH3RsMhCAB6A+dq
pLLzsOX6eRrRBKFFiiXaCqu/9F1i2mj9EzYB/m7xiKGlMoNi+8fjo27V4QK74Hs5
zs9gZLb8UTLi0rI38DnBHT9H6wovQPZPR0yTEazaL6ySyaI18XNu9Or4KUkp2uy9
RtT3rH0QkO2nztA6T7+t1uWd3pwSUMWXEn7MGqlg/P+nyAXkZiTD0rky+wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHo0Sd9Uu4E2aYXDD6fvq1/n7YQOMB8GA1UdIwQY
MBaAFJCv3P9946ZZR2MfksZ+JydnGUR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tfY18zM2pwbGxIWXgtU3huNG5KMmNaUkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lMDBkMWUtNGExOC00OTU2LTgyYTQt
MTkwYTVjOGQ5ZDk1LzEvZWpSSjMxUzdnVFpwaGNNUHAtLXJYLWZ0aEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lMDBkMWUtNGExOC00OTU2LTgyYTQtMTkwYTVjOGQ5ZDk1
LzEva0tfY18zM2pwbGxIWXgtU3huNG5KMmNaUkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuQ6AAwQC
w8DsMA8EAgACMAkDBwQqA6JAAAAwDQYJKoZIhvcNAQELBQADggEBABNNJNDNRiZV
jQetDTAb2/evn0KxqxT9iRsMT4HMflhGT0WJOdo+4Pn7eqG+YtggfMDT9DgAH6AB
aGwyg2ckzutfTFSZkomBML+rcFVxgrOZOh0np0NLkVkOJ7hmvd2YwG2P16DZXZmV
P9vg7gkAR7I9kDg+oMijJyBEX3R2WQeRilJY2/NsvLNFsNk+LvJuITnQb88CS21S
RkPJntia9d777vnSvYTrlbouHoySZmNyhJvYtBy/by6ySyXd0fl3f9RmHgBPpaJG
egM8LlrhAiOZZUMOZZKuDdG6wyWVMUWXgSDQaccLL9SoTXaTVnqF/Aj2t3oEDina
lMT0mv24CNQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net