Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/W1sV2SXycnhhhyOvaUwWx8t1ifs.roa
File: W1sV2SXycnhhhyOvaUwWx8t1ifs.roa (raw, json)
Hash identifier: HcxcuKRHaI2x0IIJ12wkt3W53ioexeV4UAL0OsdORr4=
Subject key identifier: 5B:5B:15:D9:25:F2:72:78:61:87:23:AF:69:4C:16:C7:CB:75:89:FB
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 019424456C1C0946245819BAF4275CF63AAA
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/W1sV2SXycnhhhyOvaUwWx8t1ifs.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202499
IP address blocks: 185.71.168.0/22 maxlen: 24
185.71.168.0/24 maxlen: 24
185.71.169.0/24 maxlen: 24
185.71.170.0/24 maxlen: 24
185.71.171.0/24 maxlen: 24
185.228.240.0/24 maxlen: 24
185.228.241.0/24 maxlen: 24
185.228.242.0/24 maxlen: 24
185.239.64.0/22 maxlen: 24
185.239.64.0/24 maxlen: 24
185.239.65.0/24 maxlen: 24
185.239.66.0/24 maxlen: 24
185.239.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6c:1c:09:46:24:58:19:ba:f4:27:5c:f6:3a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b5b15d925f27278618723af694c16c7cb7589fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:db:1d:bf:22:91:7b:7b:84:55:2f:b4:b6:23:
3c:4a:6d:2c:98:0a:42:14:8c:15:ca:1a:0c:b4:8a:
12:c7:52:a6:c4:e1:35:b2:2a:83:d5:5e:d5:fd:e7:
28:bf:93:f1:11:b5:e2:8c:a9:cd:82:a8:b2:be:c7:
b4:ac:f2:60:8d:e8:08:0b:8b:73:70:23:e2:5c:10:
dc:85:9c:bb:f0:98:9e:31:60:95:74:e3:db:72:81:
38:4e:53:67:da:12:9c:6c:88:80:8e:fa:60:25:6a:
c6:2e:5b:85:61:cb:47:e1:37:d2:0c:26:9f:0c:f6:
82:07:87:15:8f:f7:c9:c7:f2:39:5d:60:18:39:e2:
2c:74:29:75:c4:cd:80:b3:f2:58:b0:1c:a8:01:e8:
de:32:c9:88:d6:0c:c6:5c:bd:29:19:41:3f:00:ea:
26:2b:2d:a2:59:f1:1d:a1:60:7c:87:6b:20:1f:aa:
c9:1d:e2:0b:9f:e4:09:9c:16:c9:6b:2e:f6:24:38:
d2:bc:47:2f:b3:74:21:e7:fb:92:47:5a:32:20:f1:
c0:df:cf:64:36:db:73:96:54:22:32:dc:42:c6:69:
a4:56:bd:c5:c8:63:fc:91:2e:a0:a3:9f:ce:c4:09:
52:eb:71:00:7d:c5:fe:b0:0f:f8:1e:98:79:37:47:
9a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5B:15:D9:25:F2:72:78:61:87:23:AF:69:4C:16:C7:CB:75:89:FB
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/W1sV2SXycnhhhyOvaUwWx8t1ifs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.168.0/22
185.228.240.0-185.228.242.255
185.239.64.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:87:b9:e5:3d:68:e9:e9:b9:2c:fd:df:35:4b:c5:3f:7a:90:
55:1c:65:b1:06:30:5a:a8:69:51:c1:8f:6a:78:84:e1:75:e6:
19:91:9a:36:7b:d8:fb:44:08:c2:1d:27:36:b8:e6:11:6a:3d:
e0:e8:f3:8f:21:3e:8c:b6:e3:98:23:f7:75:24:f8:43:33:7b:
9a:bf:d0:1d:b9:88:93:ea:ae:ad:ca:a3:28:f8:43:bb:f3:94:
1c:9f:ea:0e:a9:00:31:a0:34:1e:3d:fc:d6:cc:5e:96:af:36:
df:f2:aa:23:ad:90:e3:e8:1d:0c:1f:57:66:24:d9:62:4f:cd:
5f:68:b2:41:e0:c8:58:96:ff:64:cf:69:07:6a:b6:38:7b:6d:
f1:62:1e:89:bc:08:c2:29:ed:7d:d7:79:36:6a:3e:22:68:19:
a4:0b:7a:83:42:3f:22:0c:c0:ee:4c:60:64:ec:94:12:6c:7a:
6e:5f:93:25:bb:b3:21:bb:be:e9:07:f3:6f:7e:18:78:2b:8c:
4d:8c:70:42:71:76:c8:68:72:c2:75:24:b8:89:20:55:bb:97:
b2:47:53:35:4f:56:34:45:c7:cc:5c:39:76:32:c5:fb:7f:7c:
80:3a:ab:bd:24:62:35:2a:dd:e5:0d:71:6d:ca:8e:86:29:10:
12:8c:fe:23
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQkRWwcCUYkWBm69Cdc9jqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjViMTVkOTI1ZjI3Mjc4NjE4NzIzYWY2OTRjMTZjN2NiNzU4OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9sdvyKRe3uEVS+0tiM8Sm0smApC
FIwVyhoMtIoSx1KmxOE1siqD1V7V/ecov5PxEbXijKnNgqiyvse0rPJgjegIC4tz
cCPiXBDchZy78JieMWCVdOPbcoE4TlNn2hKcbIiAjvpgJWrGLluFYctH4TfSDCaf
DPaCB4cVj/fJx/I5XWAYOeIsdCl1xM2As/JYsByoAejeMsmI1gzGXL0pGUE/AOom
Ky2iWfEdoWB8h2sgH6rJHeILn+QJnBbJay72JDjSvEcvs3Qh5/uSR1oyIPHA389k
NttzllQiMtxCxmmkVr3FyGP8kS6go5/OxAlS63EAfcX+sA/4Hph5N0eaOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFtbFdkl8nJ4YYcjr2lMFsfLdYn7MB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvVzFzVjJTWHljbmhoaHlPdmFVd1d4OHQxaWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuUeoMAwD
BAS55PADBAC55PIDBAK570AwDQYJKoZIhvcNAQELBQADggEBACuHueU9aOnpuSz9
3zVLxT96kFUcZbEGMFqoaVHBj2p4hOF15hmRmjZ72PtECMIdJza45hFqPeDo848h
Poy245gj93Uk+EMze5q/0B25iJPqrq3Koyj4Q7vzlByf6g6pADGgNB49/NbMXpav
Nt/yqiOtkOPoHQwfV2Yk2WJPzV9oskHgyFiW/2TPaQdqtjh7bfFiHom8CMIp7X3X
eTZqPiJoGaQLeoNCPyIMwO5MYGTslBJsem5fkyW7syG7vukH829+GHgrjE2McEJx
dshocsJ1JLiJIFW7l7JHUzVPVjRFx8xcOXYyxft/fIA6q70kYjUq3eUNcW3KjoYp
EBKM/iM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net