Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3da6fd-5f10-4058-bc02-23724bab2227/1/gThiVMzI_emmGwG6yDvtK9WGkHc.roa
File: gThiVMzI_emmGwG6yDvtK9WGkHc.roa (raw, json)
Hash identifier: FwvhQ80j7caNFhnzLvqCK7umTsHEt/iQVSc1TL6IsHk=
Subject key identifier: 81:38:62:54:CC:C8:FD:E9:A6:1B:01:BA:C8:3B:ED:2B:D5:86:90:77
Certificate issuer: /CN=8194ea3ced4f13710d34044cfcb3d1d56c550862
Certificate serial: 019427B59C56EE90FDCACC7D20FEF9D6199C
Authority key identifier: 81:94:EA:3C:ED:4F:13:71:0D:34:04:4C:FC:B3:D1:D5:6C:55:08:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZTqPO1PE3ENNARM_LPR1WxVCGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3da6fd-5f10-4058-bc02-23724bab2227/1/gThiVMzI_emmGwG6yDvtK9WGkHc.roa
Signing time: Thu 02 Jan 2025 15:50:00 +0000
ROA not before: Thu 02 Jan 2025 15:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198760
IP address blocks: 185.208.116.0/22 maxlen: 24
185.236.116.0/22 maxlen: 24
185.241.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:9c:56:ee:90:fd:ca:cc:7d:20:fe:f9:d6:19:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8194ea3ced4f13710d34044cfcb3d1d56c550862
Validity
Not Before: Jan 2 15:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81386254ccc8fde9a61b01bac83bed2bd5869077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9c:79:25:d4:e2:2e:b1:f7:c1:7f:29:ee:ff:
eb:af:76:b6:d9:35:4e:2c:7a:b5:39:a0:f3:87:61:
1a:a4:e6:02:2d:e7:36:8f:97:77:75:7e:e2:47:68:
44:51:22:2a:e8:77:f4:72:f2:66:43:c3:13:ce:d1:
16:88:b4:c5:d3:61:2e:ca:46:c4:a0:e1:b5:24:fd:
21:f8:13:71:7b:83:85:dc:04:65:6b:9a:ed:3d:da:
8e:0c:ec:59:f2:f8:04:eb:49:db:5a:31:85:cf:98:
c4:9d:7d:e4:7e:23:4d:c8:88:91:ba:71:a9:2a:15:
c2:8f:ec:2d:e5:b2:76:29:bb:d2:b1:5c:5f:cb:ac:
96:fe:e6:c2:32:21:c1:f8:3a:da:dc:18:f0:37:7d:
af:20:a1:e2:d1:83:d5:87:a8:e3:a5:78:24:2e:18:
d7:1f:11:87:b8:6a:ca:38:e6:00:d7:6e:70:4c:15:
e1:58:e9:6a:64:6d:d4:bb:a7:73:d8:f7:e7:34:25:
bb:d5:07:61:ee:1c:5f:4a:a6:8f:a6:26:e9:2c:b5:
59:7e:f4:ba:da:d1:fb:43:c4:f4:0a:a0:23:fe:bb:
fc:ac:5f:24:83:fa:ef:da:2d:99:39:4c:38:83:49:
23:94:b6:80:f0:06:8a:0e:3e:81:61:61:a3:69:9f:
33:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:38:62:54:CC:C8:FD:E9:A6:1B:01:BA:C8:3B:ED:2B:D5:86:90:77
X509v3 Authority Key Identifier:
keyid:81:94:EA:3C:ED:4F:13:71:0D:34:04:4C:FC:B3:D1:D5:6C:55:08:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZTqPO1PE3ENNARM_LPR1WxVCGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3da6fd-5f10-4058-bc02-23724bab2227/1/gThiVMzI_emmGwG6yDvtK9WGkHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3da6fd-5f10-4058-bc02-23724bab2227/1/gZTqPO1PE3ENNARM_LPR1WxVCGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.116.0/22
185.236.116.0/22
185.241.88.0/22
Signature Algorithm: sha256WithRSAEncryption
77:fd:3d:56:08:3a:f9:7e:c1:36:9a:cc:9b:5c:11:fa:de:98:
d9:88:81:b3:65:9c:d2:bc:23:d3:4c:1c:da:39:e7:b8:2d:25:
a1:39:c8:34:5f:97:6a:cd:08:3e:ae:cc:5f:27:4a:1a:37:6f:
5e:2a:c7:ca:78:fb:4b:fc:3b:43:c8:80:39:62:03:05:c0:b9:
51:48:29:48:00:7f:5a:56:2b:0b:3e:41:94:8b:b6:7e:b1:35:
74:9e:2c:0b:53:bb:b0:92:e2:94:3a:b1:28:b0:09:a0:da:be:
4e:7e:91:24:66:eb:d3:5e:dd:4c:00:de:be:bb:4f:97:e8:c9:
9e:7c:9b:9e:b1:19:9f:04:89:c7:14:ff:36:50:37:0d:14:1d:
f6:1a:b9:fa:a7:61:e3:04:7a:bd:bf:a5:a5:4a:c2:f3:5a:75:
30:ee:03:02:98:d2:d8:70:34:be:6f:49:f8:68:53:09:30:cb:
61:c6:3b:d6:d0:a7:7e:12:77:ee:12:7d:9b:84:aa:0d:22:6b:
78:8a:dd:e7:5a:41:c7:48:e9:0a:bf:54:35:c2:37:ed:b7:e9:
85:d5:1a:f7:75:ad:a1:84:9a:fb:54:ca:94:67:6e:f4:e1:cf:
db:27:23:3c:38:fa:06:08:58:b3:a2:99:b4:06:0f:f1:3a:f4:
ce:f5:0e:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntZxW7pD9ysx9IP751hmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTRlYTNjZWQ0ZjEzNzEwZDM0MDQ0Y2ZjYjNkMWQ1NmM1
NTA4NjIwHhcNMjUwMTAyMTU1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM4NjI1NGNjYzhmZGU5YTYxYjAxYmFjODNiZWQyYmQ1ODY5MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppx5JdTiLrH3wX8p7v/rr3a22TVO
LHq1OaDzh2EapOYCLec2j5d3dX7iR2hEUSIq6Hf0cvJmQ8MTztEWiLTF02EuykbE
oOG1JP0h+BNxe4OF3ARla5rtPdqODOxZ8vgE60nbWjGFz5jEnX3kfiNNyIiRunGp
KhXCj+wt5bJ2KbvSsVxfy6yW/ubCMiHB+Dra3BjwN32vIKHi0YPVh6jjpXgkLhjX
HxGHuGrKOOYA125wTBXhWOlqZG3Uu6dz2PfnNCW71Qdh7hxfSqaPpibpLLVZfvS6
2tH7Q8T0CqAj/rv8rF8kg/rv2i2ZOUw4g0kjlLaA8AaKDj6BYWGjaZ8zQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIE4YlTMyP3pphsBusg77SvVhpB3MB8GA1UdIwQY
MBaAFIGU6jztTxNxDTQETPyz0dVsVQhiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pUcVBPMVBFM0VOTkFSTV9MUFIxV3hWQ0dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZGE2ZmQtNWYxMC00MDU4LWJjMDIt
MjM3MjRiYWIyMjI3LzEvZ1RoaVZNeklfZW1tR3dHNnlEdnRLOVdHa0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZGE2ZmQtNWYxMC00MDU4LWJjMDItMjM3MjRiYWIyMjI3
LzEvZ1pUcVBPMVBFM0VOTkFSTV9MUFIxV3hWQ0dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCudB0AwQC
uex0AwQCufFYMA0GCSqGSIb3DQEBCwUAA4IBAQB3/T1WCDr5fsE2msybXBH63pjZ
iIGzZZzSvCPTTBzaOee4LSWhOcg0X5dqzQg+rsxfJ0oaN29eKsfKePtL/DtDyIA5
YgMFwLlRSClIAH9aVisLPkGUi7Z+sTV0niwLU7uwkuKUOrEosAmg2r5OfpEkZuvT
Xt1MAN6+u0+X6MmefJuesRmfBInHFP82UDcNFB32Grn6p2HjBHq9v6WlSsLzWnUw
7gMCmNLYcDS+b0n4aFMJMMthxjvW0Kd+EnfuEn2bhKoNImt4it3nWkHHSOkKv1Q1
wjftt+mF1Rr3da2hhJr7VMqUZ2704c/bJyM8OPoGCFizopm0Bg/xOvTO9Q6z
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:53:43 2025 by rpki-client on console.sobornost.net