Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/PHcuyK5Isl-tObyHXesNd9QiRP0.roa
File: PHcuyK5Isl-tObyHXesNd9QiRP0.roa (raw, json)
Hash identifier: rHdHpG4qGbN9ifhvJU1UvmMnc7kX+7rc9pla/vN3kgc=
Subject key identifier: 3C:77:2E:C8:AE:48:B2:5F:AD:39:BC:87:5D:EB:0D:77:D4:22:44:FD
Certificate issuer: /CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Certificate serial: 01941F8C7C96492D62ED7AAE0540B32E1EB6
Authority key identifier: A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/PHcuyK5Isl-tObyHXesNd9QiRP0.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203216
IP address blocks: 185.137.88.0/22 maxlen: 24
185.137.88.0/24 maxlen: 24
185.137.89.0/24 maxlen: 24
185.137.90.0/24 maxlen: 24
185.137.91.0/24 maxlen: 24
2a07:3300::/29 maxlen: 48
2a07:3300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7c:96:49:2d:62:ed:7a:ae:05:40:b3:2e:1e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c772ec8ae48b25fad39bc875deb0d77d42244fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:50:5b:42:69:ef:f9:4b:36:8a:ad:26:fa:
ba:a5:67:17:56:0c:7d:3f:60:6e:05:f6:da:f8:9f:
39:6c:d6:72:fe:4d:d5:56:71:23:9a:e4:2a:b4:9b:
3e:bb:07:76:5f:1a:a6:b9:a5:45:6d:c9:6f:5d:43:
3b:94:a5:bd:00:cd:68:7a:92:c9:f4:7c:c2:f6:47:
48:4a:33:82:3d:4a:e1:69:92:cd:68:70:3d:ca:99:
39:04:f4:ce:79:a2:fe:9d:40:98:c7:fc:c7:79:4f:
b6:7d:ae:94:96:c0:76:0d:bf:ee:75:78:66:9d:08:
af:c5:b0:ba:87:51:ce:d8:c8:36:4f:a2:29:93:f1:
cb:ce:a0:2c:ac:c9:56:79:36:3e:cf:eb:0a:76:1d:
ff:c8:89:e3:57:de:a0:09:64:fa:66:d7:4c:1f:a2:
e0:06:99:ba:16:3d:f3:a1:68:7a:6e:6e:50:14:68:
70:fe:6c:c2:3f:94:6f:10:f9:91:22:b8:61:c6:f9:
f4:d4:e7:3f:2b:31:87:05:ba:a2:f8:97:38:bc:a5:
93:61:9e:c7:4f:dc:d8:22:d7:18:ab:a4:cb:4e:8d:
a8:13:77:da:aa:e6:1e:7f:ca:1a:1a:32:b6:7e:a9:
04:fc:ff:9b:ef:20:b6:23:16:1d:6b:ca:b5:07:ce:
a7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:77:2E:C8:AE:48:B2:5F:AD:39:BC:87:5D:EB:0D:77:D4:22:44:FD
X509v3 Authority Key Identifier:
keyid:A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/PHcuyK5Isl-tObyHXesNd9QiRP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.88.0/22
IPv6:
2a07:3300::/29
Signature Algorithm: sha256WithRSAEncryption
c8:12:35:7b:aa:b6:d0:f9:94:a0:21:76:37:88:1b:49:52:5c:
dd:0a:7f:9c:1c:65:cb:c0:c9:10:cd:be:1f:a5:7f:a4:d3:d9:
08:59:e4:97:76:b2:5e:e5:d0:c4:cc:6c:19:95:b6:af:56:37:
22:84:be:14:b9:2b:9a:ed:e7:b5:08:fe:fd:b1:80:c5:37:db:
7a:d9:2b:8f:c4:06:9f:c4:aa:79:0c:98:7d:e9:a8:cd:4a:c9:
a8:73:d5:ca:98:46:e3:8f:b8:dc:36:b4:19:18:88:28:77:41:
5d:b3:da:e5:cd:e7:ac:52:0a:bf:44:c7:ac:e3:33:4e:9c:f8:
ac:89:98:3a:5c:7f:e0:ac:8b:4b:8d:8e:3e:11:ef:bd:19:3e:
f7:f2:2d:46:cc:6b:74:ce:86:b5:0b:e0:81:01:23:a1:e2:81:
cf:9f:78:4d:2c:6e:af:b1:ff:87:47:55:be:9b:47:cd:37:65:
c6:c4:eb:c9:28:9c:8d:c4:99:bf:f1:d5:a6:6c:c0:25:41:9b:
5e:c4:24:79:f2:0b:c1:02:eb:fb:0f:18:a1:0a:b9:33:65:7b:
da:89:5d:3d:fc:44:fa:e6:c5:8d:43:85:2f:12:2a:ac:be:7c:
69:d8:e3:e7:96:23:0a:29:e0:00:c3:54:d1:8d:9a:ba:ba:ea:
3a:73:0b:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjHyWSS1i7XquBUCzLh62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODQ0MDllNWMxODNiYmNjMzE1MzVmNGM3ZWVlNDc4MmNk
NjdiZTMwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc3MmVjOGFlNDhiMjVmYWQzOWJjODc1ZGViMGQ3N2Q0MjI0NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e1QW0Jp7/lLNoqtJvq6pWcXVgx9
P2BuBfba+J85bNZy/k3VVnEjmuQqtJs+uwd2XxqmuaVFbclvXUM7lKW9AM1oepLJ
9HzC9kdISjOCPUrhaZLNaHA9ypk5BPTOeaL+nUCYx/zHeU+2fa6UlsB2Db/udXhm
nQivxbC6h1HO2Mg2T6Ipk/HLzqAsrMlWeTY+z+sKdh3/yInjV96gCWT6ZtdMH6Lg
Bpm6Fj3zoWh6bm5QFGhw/mzCP5RvEPmRIrhhxvn01Oc/KzGHBbqi+Jc4vKWTYZ7H
T9zYItcYq6TLTo2oE3faquYef8oaGjK2fqkE/P+b7yC2IxYda8q1B86nlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDx3LsiuSLJfrTm8h13rDXfUIkT9MB8GA1UdIwQY
MBaAFKGEQJ5cGDu8wxU19Mfu5Hgs1nvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2It
YzJiN2NmZjA2NjFjLzEvUEhjdXlLNUlzbC10T2J5SFhlc05kOVFpUlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2ItYzJiN2NmZjA2NjFj
LzEvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYlYMA0E
AgACMAcDBQMqBzMAMA0GCSqGSIb3DQEBCwUAA4IBAQDIEjV7qrbQ+ZSgIXY3iBtJ
UlzdCn+cHGXLwMkQzb4fpX+k09kIWeSXdrJe5dDEzGwZlbavVjcihL4UuSua7ee1
CP79sYDFN9t62SuPxAafxKp5DJh96ajNSsmoc9XKmEbjj7jcNrQZGIgod0Fds9rl
zeesUgq/RMes4zNOnPisiZg6XH/grItLjY4+Ee+9GT738i1GzGt0zoa1C+CBASOh
4oHPn3hNLG6vsf+HR1W+m0fNN2XGxOvJKJyNxJm/8dWmbMAlQZtexCR58gvBAuv7
DxihCrkzZXvaiV09/ET65sWNQ4UvEiqsvnxp2OPnliMKKeAAw1TRjZq6uuo6cwvL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:49 2025 by rpki-client on console.sobornost.net