Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/h9zvvPI2dBY4jNWQKpPxUoE047A.roa
File: h9zvvPI2dBY4jNWQKpPxUoE047A.roa (raw, json)
Hash identifier: PkWglafHXDxF9KIzM61BgLg1omYPGots3ZThAKgjHP4=
Subject key identifier: 87:DC:EF:BC:F2:36:74:16:38:8C:D5:90:2A:93:F1:52:81:34:E3:B0
Certificate issuer: /CN=6d2203ec1e5a6c266cca39b9af1abe2cb20b195a
Certificate serial: 0194252160B55B45182EAAC8107EF620AA5A
Authority key identifier: 6D:22:03:EC:1E:5A:6C:26:6C:CA:39:B9:AF:1A:BE:2C:B2:0B:19:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/h9zvvPI2dBY4jNWQKpPxUoE047A.roa
Signing time: Thu 02 Jan 2025 03:48:51 +0000
ROA not before: Thu 02 Jan 2025 03:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203200
IP address blocks: 185.122.76.0/22 maxlen: 24
2a10:d340:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:60:b5:5b:45:18:2e:aa:c8:10:7e:f6:20:aa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d2203ec1e5a6c266cca39b9af1abe2cb20b195a
Validity
Not Before: Jan 2 03:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87dcefbcf2367416388cd5902a93f1528134e3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6a:8a:ce:48:e3:59:ad:b9:68:fc:45:19:08:
8b:cd:99:28:ef:5c:3f:08:2a:c9:36:64:74:92:99:
95:59:56:7b:ff:df:6d:79:2d:c2:d9:25:68:04:e1:
70:97:b5:df:a6:14:a0:e3:03:4d:5c:53:64:d2:98:
2d:c0:c6:d4:ca:29:e3:e3:0e:57:5b:fc:61:39:5b:
17:bb:dd:fa:80:5e:0c:c8:3b:05:23:da:61:a1:17:
f5:61:af:78:c4:7e:69:9a:83:54:71:9c:ac:93:49:
b2:35:2f:94:fb:6d:a5:55:f4:6c:6a:2f:b2:f3:7d:
25:bd:10:48:23:b3:0e:0c:13:ec:31:c3:50:5b:68:
ea:4e:3c:a1:ef:42:0c:73:be:c5:ed:5f:ee:f8:df:
da:62:91:14:fc:08:bd:c7:ad:e1:60:e6:7a:9a:e2:
52:f5:e4:20:97:1e:ca:b6:10:61:90:6f:4b:0c:93:
e9:e3:37:de:fe:cb:94:ad:2c:d3:30:a6:8f:d3:9e:
df:10:cb:d2:c8:da:e5:84:30:01:8a:e3:14:31:5d:
50:5a:b4:a4:4c:3f:ac:9c:64:1a:87:78:14:1f:64:
d0:2c:16:83:bb:08:51:25:72:7d:53:85:ee:b7:84:
26:9a:25:84:c9:ad:41:cd:f9:1e:5c:b8:5c:32:ce:
e8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DC:EF:BC:F2:36:74:16:38:8C:D5:90:2A:93:F1:52:81:34:E3:B0
X509v3 Authority Key Identifier:
keyid:6D:22:03:EC:1E:5A:6C:26:6C:CA:39:B9:AF:1A:BE:2C:B2:0B:19:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/h9zvvPI2dBY4jNWQKpPxUoE047A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.76.0/22
IPv6:
2a10:d340:1::/48
Signature Algorithm: sha256WithRSAEncryption
65:f3:33:4e:fa:a3:9c:3b:6b:14:3f:10:4b:91:47:5f:a3:1c:
e7:a3:4a:db:b9:f0:dc:ee:cf:b3:41:42:89:74:fe:b8:dd:7c:
30:35:d5:6e:8f:be:84:d4:13:36:ee:ac:f4:e3:36:02:22:4e:
1f:01:9a:02:bd:70:69:7d:48:c1:a0:ae:31:d8:37:ef:f2:07:
0e:e8:1c:3b:af:65:e9:21:d6:7f:08:ea:db:a0:65:28:44:b6:
58:f6:80:97:2c:c0:e6:cb:04:13:9c:16:08:df:8a:13:02:cc:
e8:7f:de:02:59:1a:df:b5:76:32:32:f4:bf:a3:13:89:19:2e:
c2:69:e7:24:61:7b:5c:21:4b:a3:57:3e:c3:2d:6e:fa:09:4a:
2c:69:13:d0:07:a1:39:b1:8d:94:af:1d:39:40:04:db:32:3c:
5b:bf:9c:46:17:01:26:7e:dd:27:d7:f2:dc:a3:c6:f4:76:fc:
d9:94:70:9c:92:95:47:1d:03:08:9e:56:4d:14:ce:80:10:0d:
78:a3:d6:93:2a:eb:aa:c9:58:27:b9:31:e9:07:c1:38:88:f8:
14:ce:c7:51:98:e8:01:78:3a:d9:40:5d:ec:13:70:b1:d4:8f:
05:40:1f:51:1b:16:2b:6d:58:5f:1b:17:a6:a5:26:14:11:d4:
6f:9e:91:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIWC1W0UYLqrIEH72IKpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjIwM2VjMWU1YTZjMjY2Y2NhMzliOWFmMWFiZTJjYjIw
YjE5NWEwHhcNMjUwMTAyMDM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2RjZWZiY2YyMzY3NDE2Mzg4Y2Q1OTAyYTkzZjE1MjgxMzRlM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGqKzkjjWa25aPxFGQiLzZko71w/
CCrJNmR0kpmVWVZ7/99teS3C2SVoBOFwl7XfphSg4wNNXFNk0pgtwMbUyinj4w5X
W/xhOVsXu936gF4MyDsFI9phoRf1Ya94xH5pmoNUcZysk0myNS+U+22lVfRsai+y
830lvRBII7MODBPsMcNQW2jqTjyh70IMc77F7V/u+N/aYpEU/Ai9x63hYOZ6muJS
9eQglx7KthBhkG9LDJPp4zfe/suUrSzTMKaP057fEMvSyNrlhDABiuMUMV1QWrSk
TD+snGQah3gUH2TQLBaDuwhRJXJ9U4Xut4QmmiWEya1BzfkeXLhcMs7odwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIfc77zyNnQWOIzVkCqT8VKBNOOwMB8GA1UdIwQY
MBaAFG0iA+weWmwmbMo5ua8aviyyCxlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mYzUyMmYtYjIwZi00N2FmLTgwYzYt
MWE5Nzk0NGM5MWNhLzEvaDl6dnZQSTJkQlk0ak5XUUtwUHhVb0UwNDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9mYzUyMmYtYjIwZi00N2FmLTgwYzYtMWE5Nzk0NGM5MWNh
LzEvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXpMMA8E
AgACMAkDBwAqENNAAAEwDQYJKoZIhvcNAQELBQADggEBAGXzM076o5w7axQ/EEuR
R1+jHOejStu58Nzuz7NBQol0/rjdfDA11W6PvoTUEzburPTjNgIiTh8BmgK9cGl9
SMGgrjHYN+/yBw7oHDuvZekh1n8I6tugZShEtlj2gJcswObLBBOcFgjfihMCzOh/
3gJZGt+1djIy9L+jE4kZLsJp5yRhe1whS6NXPsMtbvoJSixpE9AHoTmxjZSvHTlA
BNsyPFu/nEYXASZ+3SfX8tyjxvR2/NmUcJySlUcdAwieVk0UzoAQDXij1pMq66rJ
WCe5MekHwTiI+BTOx1GY6AF4OtlAXewTcLHUjwVAH1EbFittWF8bF6alJhQR1G+e
kTk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net