Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/n6MPRl4HeV2oslQVZjQ3r5EuRXY.roa
File: n6MPRl4HeV2oslQVZjQ3r5EuRXY.roa (raw, json)
Hash identifier: J3QEJ4pfKQHu+ZNIZ1/n5cXEVM04vV1h4Czaen0IJhE=
Subject key identifier: 9F:A3:0F:46:5E:07:79:5D:A8:B2:54:15:66:34:37:AF:91:2E:45:76
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 019427B5517BF412339068612A1DBA4F34B2
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/n6MPRl4HeV2oslQVZjQ3r5EuRXY.roa
Signing time: Thu 02 Jan 2025 15:49:41 +0000
ROA not before: Thu 02 Jan 2025 15:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201352
IP address blocks: 185.71.244.0/24 maxlen: 24
185.71.245.0/24 maxlen: 24
185.71.246.0/24 maxlen: 24
185.71.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:51:7b:f4:12:33:90:68:61:2a:1d:ba:4f:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Jan 2 15:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fa30f465e07795da8b25415663437af912e4576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:ea:a2:15:5c:75:a8:63:71:e1:cf:38:b8:
eb:31:4c:cd:f9:e7:58:ad:79:ec:ba:43:e6:99:5c:
d4:64:70:ad:11:f8:3c:1c:fe:fa:ab:a2:47:41:18:
65:8f:9c:02:4c:e3:34:a2:03:bc:85:13:e4:dc:41:
9c:f0:27:98:06:33:37:40:a5:5b:9a:70:f7:bd:9e:
ca:be:da:73:e5:3d:34:d9:54:83:26:b7:31:62:f2:
f6:63:c3:13:22:c8:25:fb:48:74:f7:32:00:bc:89:
be:ea:a9:fb:89:fb:50:08:67:38:35:03:28:74:20:
d7:1a:e5:a1:49:8e:80:b3:55:bb:f4:d8:01:18:32:
e2:dc:43:13:71:9d:64:b7:c7:64:d1:6a:f4:e5:14:
d0:7f:fa:70:3e:65:c0:f0:08:fd:24:33:48:53:84:
d4:91:9e:92:66:3f:6d:97:93:06:18:7e:b7:be:03:
63:62:a2:16:52:2f:09:20:ff:8b:f7:d7:92:04:a0:
bb:12:43:4c:b7:8f:8c:8e:62:fc:48:e3:4c:aa:b1:
b3:62:26:b3:a8:1d:64:db:5d:4a:77:49:fb:f6:af:
ed:20:91:0e:c0:31:e8:93:9a:4b:8d:d5:85:f6:20:
ad:78:1b:b2:d5:53:49:b3:ed:42:49:e1:96:04:18:
6e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A3:0F:46:5E:07:79:5D:A8:B2:54:15:66:34:37:AF:91:2E:45:76
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/n6MPRl4HeV2oslQVZjQ3r5EuRXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.244.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:da:e3:3c:1d:a9:1a:bf:6c:4e:36:ab:d6:f7:f1:1d:a0:f7:
9c:27:12:11:fa:8a:c2:ed:4f:58:f9:57:36:f4:4b:b1:12:d5:
d9:02:39:80:31:85:32:ff:69:99:68:46:d0:e5:78:0c:52:bd:
8f:0c:57:84:37:53:c7:65:b4:08:b2:6e:94:9c:1a:7b:05:ba:
86:ae:db:0c:da:3c:4e:12:3c:b0:50:2f:e9:07:ef:fe:08:1e:
a9:dd:a8:3e:84:f8:cf:65:ca:2e:d7:0f:49:64:de:66:71:77:
bf:bf:12:08:94:65:37:54:96:0d:fd:84:4d:23:13:05:3f:43:
66:bc:95:c1:d5:31:58:58:50:f3:05:73:20:c9:e8:e5:33:23:
6e:87:9a:18:e2:c5:55:f6:07:c2:ef:09:ab:f2:58:c2:f4:30:
17:f0:8f:ad:1a:1a:1e:5f:0e:c1:40:8b:65:2e:00:28:7e:a1:
df:0d:db:a5:78:ad:5c:c5:4a:e2:2c:80:13:52:d1:3e:61:83:
55:4e:b3:da:c6:67:0d:cd:fa:75:e6:59:ac:d7:b3:c1:b5:30:
26:1f:13:ad:1b:be:0a:5d:77:77:e5:e1:85:3a:d9:ab:8d:e8:
b2:c0:e0:97:cf:b3:33:72:2d:09:03:1d:f5:6f:83:9f:6a:3c:
c7:68:93:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntVF79BIzkGhhKh26TzSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjUwMTAyMTU0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmEzMGY0NjVlMDc3OTVkYThiMjU0MTU2NjM0MzdhZjkxMmU0NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC7qohVcdahjceHPOLjrMUzN+edY
rXnsukPmmVzUZHCtEfg8HP76q6JHQRhlj5wCTOM0ogO8hRPk3EGc8CeYBjM3QKVb
mnD3vZ7Kvtpz5T002VSDJrcxYvL2Y8MTIsgl+0h09zIAvIm+6qn7iftQCGc4NQMo
dCDXGuWhSY6As1W79NgBGDLi3EMTcZ1kt8dk0Wr05RTQf/pwPmXA8Aj9JDNIU4TU
kZ6SZj9tl5MGGH63vgNjYqIWUi8JIP+L99eSBKC7EkNMt4+MjmL8SONMqrGzYiaz
qB1k211Kd0n79q/tIJEOwDHok5pLjdWF9iCteBuy1VNJs+1CSeGWBBhuWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+jD0ZeB3ldqLJUFWY0N6+RLkV2MB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvbjZNUFJsNEhlVjJvc2xRVlpqUTNyNUV1UlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUf0MA0G
CSqGSIb3DQEBCwUAA4IBAQCe2uM8Hakav2xONqvW9/EdoPecJxIR+orC7U9Y+Vc2
9EuxEtXZAjmAMYUy/2mZaEbQ5XgMUr2PDFeEN1PHZbQIsm6UnBp7BbqGrtsM2jxO
EjywUC/pB+/+CB6p3ag+hPjPZcou1w9JZN5mcXe/vxIIlGU3VJYN/YRNIxMFP0Nm
vJXB1TFYWFDzBXMgyejlMyNuh5oY4sVV9gfC7wmr8ljC9DAX8I+tGhoeXw7BQItl
LgAofqHfDduleK1cxUriLIATUtE+YYNVTrPaxmcNzfp15lms17PBtTAmHxOtG74K
XXd35eGFOtmrjeiywOCXz7Mzci0JAx31b4OfajzHaJNe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:36 2025 by rpki-client on console.sobornost.net