Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/jokJ4cI7eIPzST9EcLtOSM-xX_8.roa
File: jokJ4cI7eIPzST9EcLtOSM-xX_8.roa (raw, json)
Hash identifier: TCebbhEEB8T5cCXDYMCJ8S4mvXhrW2F1v0Z6DU/4YuE=
Subject key identifier: 8E:89:09:E1:C2:3B:78:83:F3:49:3F:44:70:BB:4E:48:CF:B1:5F:FF
Certificate issuer: /CN=5fa4d80464978f6ebfba95f745a3305726f72d93
Certificate serial: 019427B525DE25F0B3759907FD2505B1F07E
Authority key identifier: 5F:A4:D8:04:64:97:8F:6E:BF:BA:95:F7:45:A3:30:57:26:F7:2D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X6TYBGSXj26_upX3RaMwVyb3LZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/jokJ4cI7eIPzST9EcLtOSM-xX_8.roa
Signing time: Thu 02 Jan 2025 15:49:30 +0000
ROA not before: Thu 02 Jan 2025 15:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5542
IP address blocks: 185.123.208.0/22 maxlen: 22
185.123.208.0/24 maxlen: 24
185.123.209.0/24 maxlen: 24
185.123.210.0/24 maxlen: 24
185.123.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:25:de:25:f0:b3:75:99:07:fd:25:05:b1:f0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fa4d80464978f6ebfba95f745a3305726f72d93
Validity
Not Before: Jan 2 15:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e8909e1c23b7883f3493f4470bb4e48cfb15fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:18:e4:91:47:8f:a0:68:1b:08:cf:bb:39:8e:
5a:36:31:f1:1e:22:fc:70:ba:b0:ca:da:b7:c9:a5:
dd:b2:ea:17:73:f9:68:b8:97:11:69:fa:03:4c:33:
7a:6b:93:d6:86:fd:e3:bb:93:60:ca:a2:49:58:5a:
67:e0:e4:64:b4:77:b4:82:03:9a:b0:4c:16:da:af:
7c:67:b6:fc:3a:24:ca:f9:d5:03:0f:ab:7a:8a:af:
76:2d:fc:d6:96:d3:1f:d3:b4:f0:43:1b:ce:56:2b:
cc:58:eb:6f:30:62:0f:4c:57:65:34:c8:d9:93:7b:
6c:15:68:dd:d2:31:6a:4c:f4:d2:83:d7:25:66:db:
7d:1f:d4:ab:b5:4a:01:6d:bd:af:8b:03:c4:78:2e:
96:5c:e6:bd:e1:b2:e6:5a:be:0a:a5:3f:c3:5f:c9:
1f:6a:71:79:f5:7a:6d:71:41:7b:3e:15:d1:81:7b:
54:fc:e7:6e:61:68:16:03:8a:70:60:2d:4d:a9:db:
50:f5:c3:39:5a:c2:47:10:67:d7:e7:80:44:97:f0:
60:9b:b4:fa:0b:9e:eb:34:10:2c:4d:1d:af:66:ff:
5d:73:12:74:4d:b2:a2:df:d2:3a:c1:53:46:79:3c:
ee:83:89:a8:db:56:48:e1:58:99:00:49:d4:ad:58:
f8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:89:09:E1:C2:3B:78:83:F3:49:3F:44:70:BB:4E:48:CF:B1:5F:FF
X509v3 Authority Key Identifier:
keyid:5F:A4:D8:04:64:97:8F:6E:BF:BA:95:F7:45:A3:30:57:26:F7:2D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X6TYBGSXj26_upX3RaMwVyb3LZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/jokJ4cI7eIPzST9EcLtOSM-xX_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e050b4-9ba0-4e85-9d76-4fa6242b8a3a/1/X6TYBGSXj26_upX3RaMwVyb3LZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:14:d5:fd:84:b1:13:72:f9:af:20:9d:83:d4:32:5f:3d:1c:
1b:c3:72:03:9e:ed:00:be:d6:3d:c2:9c:31:eb:de:83:f9:f5:
9a:1e:bf:b6:e4:fa:df:1d:e5:02:7f:ba:63:42:a7:c8:c2:f1:
e6:e2:e7:c0:6f:60:d3:b2:0e:29:7c:b7:4e:3a:56:4d:02:b9:
5d:09:c7:a2:9f:8a:de:31:24:34:45:da:29:54:4b:f0:64:b8:
21:6e:5c:5c:66:b3:e3:28:9f:eb:ec:49:d2:b2:c9:9e:2c:7e:
57:ed:28:02:fc:d4:63:88:73:26:85:9f:0e:f8:cd:78:dc:bb:
b2:e6:92:62:78:ca:38:59:ec:83:40:95:5c:4c:c6:d3:35:10:
94:04:fd:4d:a1:19:86:1a:f2:01:b0:e2:07:74:5c:9b:be:14:
3e:c3:2b:56:1c:82:be:43:89:af:d4:bd:f9:93:1e:d0:9e:47:
16:29:10:d5:08:84:59:62:43:a4:c1:54:11:cc:a5:92:55:b3:
14:d5:a8:65:58:11:3c:92:a5:ac:c7:da:01:46:df:0c:d5:91:
6a:a9:bb:ca:fd:5c:13:a6:a6:4e:a2:9a:b5:b2:5e:17:14:a5:
ad:76:0a:d7:a3:a2:e8:b8:58:69:64:bf:5a:a7:b5:40:38:e1:
90:00:b3:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntSXeJfCzdZkH/SUFsfB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYTRkODA0NjQ5NzhmNmViZmJhOTVmNzQ1YTMzMDU3MjZm
NzJkOTMwHhcNMjUwMTAyMTU0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg5MDllMWMyM2I3ODgzZjM0OTNmNDQ3MGJiNGU0OGNmYjE1ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxjkkUePoGgbCM+7OY5aNjHxHiL8
cLqwytq3yaXdsuoXc/louJcRafoDTDN6a5PWhv3ju5NgyqJJWFpn4ORktHe0ggOa
sEwW2q98Z7b8OiTK+dUDD6t6iq92LfzWltMf07TwQxvOVivMWOtvMGIPTFdlNMjZ
k3tsFWjd0jFqTPTSg9clZtt9H9SrtUoBbb2viwPEeC6WXOa94bLmWr4KpT/DX8kf
anF59XptcUF7PhXRgXtU/OduYWgWA4pwYC1NqdtQ9cM5WsJHEGfX54BEl/Bgm7T6
C57rNBAsTR2vZv9dcxJ0TbKi39I6wVNGeTzug4mo21ZI4ViZAEnUrVj4WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6JCeHCO3iD80k/RHC7TkjPsV//MB8GA1UdIwQY
MBaAFF+k2ARkl49uv7qV90WjMFcm9y2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDZUWUJHU1hqMjZfdXBYM1JhTXdWeWIzTFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMDUwYjQtOWJhMC00ZTg1LTlkNzYt
NGZhNjI0MmI4YTNhLzEvam9rSjRjSTdlSVB6U1Q5RWNMdE9TTS14WF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMDUwYjQtOWJhMC00ZTg1LTlkNzYtNGZhNjI0MmI4YTNh
LzEvWDZUWUJHU1hqMjZfdXBYM1JhTXdWeWIzTFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXvQMA0G
CSqGSIb3DQEBCwUAA4IBAQC5FNX9hLETcvmvIJ2D1DJfPRwbw3IDnu0AvtY9wpwx
696D+fWaHr+25PrfHeUCf7pjQqfIwvHm4ufAb2DTsg4pfLdOOlZNArldCcein4re
MSQ0RdopVEvwZLghblxcZrPjKJ/r7EnSssmeLH5X7SgC/NRjiHMmhZ8O+M143Luy
5pJieMo4WeyDQJVcTMbTNRCUBP1NoRmGGvIBsOIHdFybvhQ+wytWHIK+Q4mv1L35
kx7QnkcWKRDVCIRZYkOkwVQRzKWSVbMU1ahlWBE8kqWsx9oBRt8M1ZFqqbvK/VwT
pqZOopq1sl4XFKWtdgrXo6LouFhpZL9ap7VAOOGQALMT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:30 2025 by rpki-client on console.sobornost.net