Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/E9pk0ZllttDZKXJOg-IRuSUOGuI.roa
File: E9pk0ZllttDZKXJOg-IRuSUOGuI.roa (raw, json)
Hash identifier: iZIfCGoic6nKxXYncNFRzeFxubwStFv6Tsp9EcrF68g=
Subject key identifier: 13:DA:64:D1:99:65:B6:D0:D9:29:72:4E:83:E2:11:B9:25:0E:1A:E2
Certificate issuer: /CN=357c1bbbb216d911304761fa7b31378470cab69c
Certificate serial: 0194221FEBD5F2F9B14230144411DEB46610
Authority key identifier: 35:7C:1B:BB:B2:16:D9:11:30:47:61:FA:7B:31:37:84:70:CA:B6:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NXwbu7IW2REwR2H6ezE3hHDKtpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/E9pk0ZllttDZKXJOg-IRuSUOGuI.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204809
IP address blocks: 185.238.156.0/22 maxlen: 22
2a0c:3080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:eb:d5:f2:f9:b1:42:30:14:44:11:de:b4:66:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=357c1bbbb216d911304761fa7b31378470cab69c
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13da64d19965b6d0d929724e83e211b9250e1ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fd:42:82:ef:87:dd:40:36:c4:8e:24:e4:b4:
7b:98:2b:62:9b:99:ad:18:e2:13:20:29:93:5d:65:
74:e0:fd:ff:cf:c7:a1:d4:5d:9b:e8:b7:40:60:46:
f3:1d:52:c0:32:66:0a:ee:1a:09:95:8e:19:8b:ce:
db:05:bf:a5:95:3d:8f:ec:fb:82:0d:aa:9a:18:51:
fd:98:1a:42:4b:81:9c:a4:ce:0d:b6:9b:55:8f:60:
a1:00:e6:97:00:06:fa:c2:5b:39:d7:1c:0c:7f:c9:
24:05:b0:6f:e7:ac:0a:a7:1e:19:36:20:21:23:2e:
ba:fa:48:fa:f1:c4:b6:49:45:32:b9:9f:54:e4:7f:
47:48:a0:94:92:e6:d5:ba:b7:cc:20:8b:47:5e:db:
ea:74:d9:d0:ae:c2:90:92:d1:f5:62:ba:b8:1c:8a:
ff:81:d8:ee:27:74:28:08:7a:b7:ca:81:fa:99:25:
d6:29:8c:6c:e4:1e:32:62:78:3a:54:3e:a9:91:4f:
03:15:2c:11:6e:dc:f1:c7:8e:c8:59:6b:5f:6e:5b:
58:75:57:e0:2e:50:3a:0d:cf:56:50:18:59:75:8e:
8e:12:44:0c:92:b4:d9:8c:21:84:cc:69:5b:86:66:
0b:10:71:4f:71:3f:5d:38:ab:fb:8a:18:48:d7:a4:
56:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DA:64:D1:99:65:B6:D0:D9:29:72:4E:83:E2:11:B9:25:0E:1A:E2
X509v3 Authority Key Identifier:
keyid:35:7C:1B:BB:B2:16:D9:11:30:47:61:FA:7B:31:37:84:70:CA:B6:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NXwbu7IW2REwR2H6ezE3hHDKtpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/E9pk0ZllttDZKXJOg-IRuSUOGuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/NXwbu7IW2REwR2H6ezE3hHDKtpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.156.0/22
IPv6:
2a0c:3080::/48
Signature Algorithm: sha256WithRSAEncryption
19:99:c4:ac:4f:d2:80:da:bf:39:9e:2e:ad:ad:6d:79:69:2d:
7c:4f:cc:6b:4d:ba:1a:5f:14:3a:29:1c:9c:81:a5:fa:a6:93:
fc:1e:4d:55:7d:22:08:aa:89:d1:15:d3:4d:22:4b:74:5b:fc:
a8:70:af:5c:dd:cb:7b:ba:ef:ef:b0:13:8d:42:6b:65:a7:d3:
c4:99:c3:35:e3:3f:e8:0f:a4:23:d6:e4:fd:06:1c:e2:7a:a3:
3a:81:ba:5c:95:32:d2:97:11:9a:5a:43:9d:68:20:38:91:bd:
14:46:68:29:54:2d:d4:4d:58:e8:4b:35:1c:d9:be:48:79:d4:
25:04:52:fa:27:1b:0b:71:e9:37:44:77:7a:70:fe:d0:04:32:
2b:7d:45:63:44:8d:45:65:c4:b6:9c:85:4c:57:73:89:a4:47:
bb:6f:15:98:d5:c1:d8:10:bf:15:ff:62:ce:f1:ed:c9:03:34:
0e:3f:fa:b5:b6:e0:06:5b:c5:8e:0a:01:ff:78:37:fd:e0:94:
ce:f5:21:53:bb:7a:da:db:ac:40:f4:a9:f3:ee:c6:b5:2b:3d:
16:dc:6b:88:3b:d6:56:44:08:72:c2:2f:8a:70:6e:29:2b:dc:
7c:15:04:24:8b:90:57:7d:c7:27:82:fb:9e:f6:e6:de:a6:12:
9d:70:1b:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiH+vV8vmxQjAURBHetGYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1N2MxYmJiYjIxNmQ5MTEzMDQ3NjFmYTdiMzEzNzg0NzBj
YWI2OWMwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2RhNjRkMTk5NjViNmQwZDkyOTcyNGU4M2UyMTFiOTI1MGUxYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5P1Cgu+H3UA2xI4k5LR7mCtim5mt
GOITICmTXWV04P3/z8eh1F2b6LdAYEbzHVLAMmYK7hoJlY4Zi87bBb+llT2P7PuC
DaqaGFH9mBpCS4GcpM4NtptVj2ChAOaXAAb6wls51xwMf8kkBbBv56wKpx4ZNiAh
Iy66+kj68cS2SUUyuZ9U5H9HSKCUkubVurfMIItHXtvqdNnQrsKQktH1Yrq4HIr/
gdjuJ3QoCHq3yoH6mSXWKYxs5B4yYng6VD6pkU8DFSwRbtzxx47IWWtfbltYdVfg
LlA6Dc9WUBhZdY6OEkQMkrTZjCGEzGlbhmYLEHFPcT9dOKv7ihhI16RWxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBPaZNGZZbbQ2SlyToPiEbklDhriMB8GA1UdIwQY
MBaAFDV8G7uyFtkRMEdh+nsxN4RwyracMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlh3YnU3SVcyUkV3UjJINmV6RTNoSERLdHB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83MmNiYTMtNjA1MS00MjE4LTg4YzIt
NTA4NjFlZWI1ZDVkLzEvRTlwazBabGx0dERaS1hKT2ctSVJ1U1VPR3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83MmNiYTMtNjA1MS00MjE4LTg4YzItNTA4NjFlZWI1ZDVk
LzEvTlh3YnU3SVcyUkV3UjJINmV6RTNoSERLdHB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCue6cMA8E
AgACMAkDBwAqDDCAAAAwDQYJKoZIhvcNAQELBQADggEBABmZxKxP0oDavzmeLq2t
bXlpLXxPzGtNuhpfFDopHJyBpfqmk/weTVV9IgiqidEV000iS3Rb/Khwr1zdy3u6
7++wE41Ca2Wn08SZwzXjP+gPpCPW5P0GHOJ6ozqBulyVMtKXEZpaQ51oIDiRvRRG
aClULdRNWOhLNRzZvkh51CUEUvonGwtx6TdEd3pw/tAEMit9RWNEjUVlxLachUxX
c4mkR7tvFZjVwdgQvxX/Ys7x7ckDNA4/+rW24AZbxY4KAf94N/3glM71IVO7etrb
rED0qfPuxrUrPRbca4g71lZECHLCL4pwbikr3HwVBCSLkFd9xyeC+5725t6mEp1w
G3A=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:19 2025 by rpki-client on console.sobornost.net