Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/cf3WHfeWDYu7TWnELnXzycteCaY.roa
File: cf3WHfeWDYu7TWnELnXzycteCaY.roa (raw, json)
Hash identifier: TcxuwVKWwTiShtI0Unrv/gZ/YwHGK8T1H3ocBzBxMZk=
Subject key identifier: 71:FD:D6:1D:F7:96:0D:8B:BB:4D:69:C4:2E:75:F3:C9:CB:5E:09:A6
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 019527D061C108222F7C62A4BED69A7479E4
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/cf3WHfeWDYu7TWnELnXzycteCaY.roa
Signing time: Fri 21 Feb 2025 09:22:02 +0000
ROA not before: Fri 21 Feb 2025 09:22:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201654
IP address blocks: 185.67.188.0/22 maxlen: 22
185.151.168.0/22 maxlen: 22
2a05:1200::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:d0:61:c1:08:22:2f:7c:62:a4:be:d6:9a:74:79:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Feb 21 09:22:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71fdd61df7960d8bbb4d69c42e75f3c9cb5e09a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:79:a1:d7:ed:2f:44:0c:d0:eb:90:52:47:76:
12:88:79:0b:7a:34:1f:39:6e:e9:0b:4a:46:9e:61:
24:fd:79:12:09:3d:08:e4:da:3d:9c:54:bb:61:fb:
86:2c:41:2c:d7:8e:52:49:e0:5b:f3:ce:0a:1e:bc:
81:19:ea:45:d5:f4:4d:21:24:00:2a:c1:ea:cb:a6:
3d:4b:05:90:c9:e1:bf:bf:82:53:0e:e0:14:7e:3b:
a1:35:fe:04:72:e1:af:aa:60:3f:21:66:d1:d8:78:
3c:36:c8:99:fb:c0:5f:87:94:88:85:a9:a9:36:04:
78:31:07:e0:a9:e8:2c:70:45:0b:8e:24:b0:ab:20:
e7:b8:6a:67:e0:7a:0c:8c:80:ad:78:6f:fb:98:42:
c6:31:1b:a3:1a:39:b0:38:f6:a0:9a:e0:c7:16:0c:
06:a4:c4:12:ec:d0:34:03:79:ff:09:10:b1:e7:39:
66:8e:34:39:ca:9f:9f:03:cb:1b:37:28:f7:63:b1:
bb:11:9a:47:50:7f:c9:98:85:54:c0:11:9e:10:e5:
8e:5a:87:63:55:c1:25:5f:37:9a:8a:29:82:9a:3a:
84:2d:09:3d:bd:02:83:49:76:0f:9c:1a:81:0c:8c:
b7:b9:0b:9e:72:b2:c7:0b:cb:cc:b2:17:f8:35:b9:
ad:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FD:D6:1D:F7:96:0D:8B:BB:4D:69:C4:2E:75:F3:C9:CB:5E:09:A6
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/cf3WHfeWDYu7TWnELnXzycteCaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.188.0/22
185.151.168.0/22
IPv6:
2a05:1200::/30
Signature Algorithm: sha256WithRSAEncryption
8a:83:cb:70:3f:a1:08:e5:0a:85:f7:10:8b:11:3a:2f:ad:c0:
86:b4:01:1e:c7:1a:9f:b2:dd:9f:34:94:72:f7:9d:cb:9e:a4:
3b:95:ee:ea:7b:95:2f:a5:c2:82:5f:6a:ba:1c:f3:ee:6b:56:
78:2a:c6:8f:a2:d4:e2:7d:d5:7b:43:94:ed:bc:2c:55:2f:13:
20:29:b7:d6:fe:dc:3d:65:8f:4f:42:94:f3:a7:ef:3f:ff:b6:
cf:08:f5:65:07:a0:c2:be:3c:47:41:03:4b:fe:4f:9b:a2:92:
64:0c:ad:f7:ce:dc:2b:94:5b:dd:b4:0b:3e:e8:9b:68:53:42:
4d:28:bf:52:4d:b5:6b:2f:87:bc:a0:f6:09:20:e1:44:a6:26:
31:31:eb:ae:c6:f4:58:b8:0a:a9:81:95:3e:94:c6:49:92:cd:
3a:30:bb:83:0c:32:ce:93:27:d3:39:de:51:ed:79:e6:dc:b2:
d7:86:ad:a1:f0:a3:49:5d:ac:38:29:78:02:e5:8e:f4:69:b8:
b9:e6:19:f4:de:b6:87:cb:6f:9f:64:0f:0d:c6:dc:9c:3c:74:
2e:ec:b4:c5:ed:78:62:b9:12:56:42:f0:ab:61:c2:cf:c9:2d:
3d:33:db:2a:e6:aa:5b:30:e4:ab:0d:b6:d4:1e:32:77:98:8e:
d2:da:04:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZUn0GHBCCIvfGKkvtaadHnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjUwMjIxMDkyMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZkZDYxZGY3OTYwZDhiYmI0ZDY5YzQyZTc1ZjNjOWNiNWUwOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nmh1+0vRAzQ65BSR3YSiHkLejQf
OW7pC0pGnmEk/XkSCT0I5No9nFS7YfuGLEEs145SSeBb884KHryBGepF1fRNISQA
KsHqy6Y9SwWQyeG/v4JTDuAUfjuhNf4EcuGvqmA/IWbR2Hg8NsiZ+8Bfh5SIhamp
NgR4MQfgqegscEULjiSwqyDnuGpn4HoMjICteG/7mELGMRujGjmwOPagmuDHFgwG
pMQS7NA0A3n/CRCx5zlmjjQ5yp+fA8sbNyj3Y7G7EZpHUH/JmIVUwBGeEOWOWodj
VcElXzeaiimCmjqELQk9vQKDSXYPnBqBDIy3uQuecrLHC8vMshf4NbmtVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHH91h33lg2Lu01pxC5188nLXgmmMB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvY2YzV0hmZVdEWXU3VFduRUxuWHp5Y3RlQ2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUO8AwQC
uZeoMA0EAgACMAcDBQIqBRIAMA0GCSqGSIb3DQEBCwUAA4IBAQCKg8twP6EI5QqF
9xCLETovrcCGtAEexxqfst2fNJRy953LnqQ7le7qe5UvpcKCX2q6HPPua1Z4KsaP
otTifdV7Q5TtvCxVLxMgKbfW/tw9ZY9PQpTzp+8//7bPCPVlB6DCvjxHQQNL/k+b
opJkDK33ztwrlFvdtAs+6JtoU0JNKL9STbVrL4e8oPYJIOFEpiYxMeuuxvRYuAqp
gZU+lMZJks06MLuDDDLOkyfTOd5R7Xnm3LLXhq2h8KNJXaw4KXgC5Y70abi55hn0
3raHy2+fZA8NxtycPHQu7LTF7XhiuRJWQvCrYcLPyS09M9sq5qpbMOSrDbbUHjJ3
mI7S2gSS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:19 2025 by rpki-client on console.sobornost.net