Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/def10a-bd53-4793-b1a8-604b47261476/1/p2sBhjkKrSOlFMpQrw-wv6_TqKg.roa
File: p2sBhjkKrSOlFMpQrw-wv6_TqKg.roa (raw, json)
Hash identifier: ldQS4P3nrNFNOkVsta5Vmi47wIthwLabohDFSWJ5xpU=
Subject key identifier: A7:6B:01:86:39:0A:AD:23:A5:14:CA:50:AF:0F:B0:BF:AF:D3:A8:A8
Certificate issuer: /CN=a38bf8a526da0056d53c729fbcfedb8af1f4849b
Certificate serial: 01941F8C1D3A65B308960ACF00A29ED97937
Authority key identifier: A3:8B:F8:A5:26:DA:00:56:D5:3C:72:9F:BC:FE:DB:8A:F1:F4:84:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4v4pSbaAFbVPHKfvP7bivH0hJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/def10a-bd53-4793-b1a8-604b47261476/1/p2sBhjkKrSOlFMpQrw-wv6_TqKg.roa
Signing time: Wed 01 Jan 2025 01:47:43 +0000
ROA not before: Wed 01 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207324
IP address blocks: 195.85.248.0/24 maxlen: 24
195.88.181.0/24 maxlen: 24
195.95.128.0/24 maxlen: 24
195.95.130.0/24 maxlen: 24
2a10:6c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1d:3a:65:b3:08:96:0a:cf:00:a2:9e:d9:79:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a38bf8a526da0056d53c729fbcfedb8af1f4849b
Validity
Not Before: Jan 1 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a76b0186390aad23a514ca50af0fb0bfafd3a8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:86:90:0a:89:b1:df:10:42:5f:97:62:69:db:
de:8d:63:cf:3a:a5:c8:e7:5f:f4:59:4d:48:c0:9a:
a5:c0:92:63:77:88:af:ad:61:da:bc:3d:bd:81:e3:
ed:ee:75:63:08:23:22:5d:a8:92:c2:01:43:c9:21:
8c:ab:cd:58:3a:31:84:2d:80:b8:80:fc:66:28:8b:
ce:c6:5f:d7:0e:ba:6b:b6:05:82:20:0d:1a:0c:83:
9a:f2:90:7a:34:38:60:e3:47:4b:e3:a6:20:a0:f5:
fc:5c:d7:8e:c4:b6:5f:98:a1:1d:fc:aa:0c:80:c9:
6e:ae:97:a0:44:ab:06:57:b0:7f:02:30:9d:d9:17:
f2:c3:48:fa:90:bf:e4:62:b6:ab:c0:16:7a:46:a5:
01:38:2e:20:ea:1f:25:d9:8c:a4:20:c8:1c:ea:eb:
f6:62:7a:37:b5:13:7a:1f:7b:a1:47:2a:b3:68:09:
a7:39:d6:e8:e2:b5:84:27:36:ba:df:5b:e9:97:9d:
9d:f1:99:b5:cd:db:f5:2f:62:e5:d0:ad:7b:ee:22:
ce:41:fa:42:77:18:0f:ec:fa:cb:b4:93:16:f9:ea:
f1:6d:0d:1b:7c:90:f3:9c:42:99:aa:d7:92:e3:f3:
b2:79:0f:4f:7d:56:a2:c6:8a:b6:91:20:e0:c7:a7:
fc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6B:01:86:39:0A:AD:23:A5:14:CA:50:AF:0F:B0:BF:AF:D3:A8:A8
X509v3 Authority Key Identifier:
keyid:A3:8B:F8:A5:26:DA:00:56:D5:3C:72:9F:BC:FE:DB:8A:F1:F4:84:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4v4pSbaAFbVPHKfvP7bivH0hJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/def10a-bd53-4793-b1a8-604b47261476/1/p2sBhjkKrSOlFMpQrw-wv6_TqKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/def10a-bd53-4793-b1a8-604b47261476/1/o4v4pSbaAFbVPHKfvP7bivH0hJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.248.0/24
195.88.181.0/24
195.95.128.0/24
195.95.130.0/24
IPv6:
2a10:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:e4:22:99:74:7d:4a:73:42:1d:6f:a5:ac:93:1b:ff:65:2a:
dc:0e:22:ce:05:b9:c1:28:3d:08:b6:0f:e6:82:47:80:07:5b:
76:40:e2:25:a5:e5:42:df:8e:44:e4:2a:4a:28:b7:8b:bd:15:
4b:1b:a8:20:ce:3e:ac:80:97:54:05:9b:0d:d7:7e:c9:0e:70:
8b:0f:11:eb:ed:b3:33:2d:75:78:54:88:1d:7b:63:d9:0d:f0:
e6:2b:cf:78:71:e5:23:d4:7c:56:b5:fd:a7:ae:e0:4f:a7:85:
7a:eb:67:7c:48:9e:64:85:01:2e:12:1c:48:a7:f5:c8:1f:25:
68:b5:db:68:eb:c2:11:59:44:5f:fd:3b:6d:b9:40:ce:8b:88:
c3:34:17:40:59:52:8c:e4:f5:e5:9d:aa:1b:0c:17:8e:2a:83:
82:ec:b2:92:ae:40:4a:d6:b1:14:5d:a1:eb:51:94:2b:a4:2c:
75:e3:10:cd:fb:dc:82:d7:b6:3c:c9:9a:10:80:85:6b:9b:48:
1c:a9:76:48:20:87:43:52:7d:8b:62:14:bb:dd:f4:a4:36:69:
e0:a5:1e:52:ee:b3:fa:37:d5:ae:bc:a2:30:4e:82:78:44:d5:
ae:4a:08:32:c9:8e:14:aa:81:05:af:54:f6:58:ea:49:0e:76:
1c:23:a8:ed
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjB06ZbMIlgrPAKKe2Xk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOGJmOGE1MjZkYTAwNTZkNTNjNzI5ZmJjZmVkYjhhZjFm
NDg0OWIwHhcNMjUwMTAxMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzZiMDE4NjM5MGFhZDIzYTUxNGNhNTBhZjBmYjBiZmFmZDNhOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYaQComx3xBCX5diadvejWPPOqXI
51/0WU1IwJqlwJJjd4ivrWHavD29gePt7nVjCCMiXaiSwgFDySGMq81YOjGELYC4
gPxmKIvOxl/XDrprtgWCIA0aDIOa8pB6NDhg40dL46YgoPX8XNeOxLZfmKEd/KoM
gMlurpegRKsGV7B/AjCd2Rfyw0j6kL/kYrarwBZ6RqUBOC4g6h8l2YykIMgc6uv2
Yno3tRN6H3uhRyqzaAmnOdbo4rWEJza631vpl52d8Zm1zdv1L2Ll0K177iLOQfpC
dxgP7PrLtJMW+erxbQ0bfJDznEKZqteS4/OyeQ9PfVaixoq2kSDgx6f8PQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKdrAYY5Cq0jpRTKUK8PsL+v06ioMB8GA1UdIwQY
MBaAFKOL+KUm2gBW1Txyn7z+24rx9ISbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzR2NHBTYmFBRmJWUEhLZnZQN2JpdkgwaEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kZWYxMGEtYmQ1My00NzkzLWIxYTgt
NjA0YjQ3MjYxNDc2LzEvcDJzQmhqa0tyU09sRk1wUXJ3LXd2Nl9UcUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kZWYxMGEtYmQ1My00NzkzLWIxYTgtNjA0YjQ3MjYxNDc2
LzEvbzR2NHBTYmFBRmJWUEhLZnZQN2JpdkgwaEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAw1X4AwQA
w1i1AwQAw1+AAwQAw1+CMA0EAgACMAcDBQMqEAbAMA0GCSqGSIb3DQEBCwUAA4IB
AQAP5CKZdH1Kc0Idb6Wskxv/ZSrcDiLOBbnBKD0Itg/mgkeAB1t2QOIlpeVC345E
5CpKKLeLvRVLG6ggzj6sgJdUBZsN137JDnCLDxHr7bMzLXV4VIgde2PZDfDmK894
ceUj1HxWtf2nruBPp4V662d8SJ5khQEuEhxIp/XIHyVotdto68IRWURf/TttuUDO
i4jDNBdAWVKM5PXlnaobDBeOKoOC7LKSrkBK1rEUXaHrUZQrpCx14xDN+9yC17Y8
yZoQgIVrm0gcqXZIIIdDUn2LYhS73fSkNmngpR5S7rP6N9WuvKIwToJ4RNWuSggy
yY4UqoEFr1T2WOpJDnYcI6jt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net