Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/2dVxZZZj6zlHLdxhcm5JjXaDenM.roa
File: 2dVxZZZj6zlHLdxhcm5JjXaDenM.roa (raw, json)
Hash identifier: rbawjEq/xe3wCEVClyA8U6kAU84cJfL3aa5STA3091s=
Subject key identifier: D9:D5:71:65:96:63:EB:39:47:2D:DC:61:72:6E:49:8D:76:83:7A:73
Certificate issuer: /CN=188fb0985e360c38f8658d56687ca862d9408d90
Certificate serial: 019424B3BF0AD2A453082A2FEA24BFBD1C3B
Authority key identifier: 18:8F:B0:98:5E:36:0C:38:F8:65:8D:56:68:7C:A8:62:D9:40:8D:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/2dVxZZZj6zlHLdxhcm5JjXaDenM.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8868
IP address blocks: 185.120.160.0/23 maxlen: 23
185.120.160.0/24 maxlen: 24
185.120.161.0/24 maxlen: 24
185.120.162.0/24 maxlen: 24
185.120.163.0/24 maxlen: 24
185.174.248.0/23 maxlen: 23
185.174.250.0/24 maxlen: 24
185.174.251.0/24 maxlen: 24
185.194.76.0/23 maxlen: 23
185.194.78.0/24 maxlen: 24
185.194.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:bf:0a:d2:a4:53:08:2a:2f:ea:24:bf:bd:1c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=188fb0985e360c38f8658d56687ca862d9408d90
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9d571659663eb39472ddc61726e498d76837a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:95:99:98:a1:71:42:4d:77:af:f1:16:82:14:
9a:02:ce:c0:af:4b:13:12:d3:a3:de:5c:90:01:db:
19:c2:c0:58:4f:4f:a0:00:0e:25:5d:2c:0f:0b:f8:
cc:22:9a:e6:3b:1c:c9:24:f1:2d:df:35:fd:9e:2d:
24:79:29:7e:a2:16:03:bb:8f:2c:e0:a8:61:1b:97:
75:24:72:4c:3c:3b:74:37:7c:ca:ca:62:6b:6e:60:
17:6f:64:3d:16:c6:09:7b:ea:b9:d8:bb:d5:5a:36:
6e:da:66:c6:21:07:59:d5:40:6c:93:c4:f8:51:d3:
5c:47:5a:8d:cd:7c:b2:47:fb:08:6d:55:9c:1d:e2:
4b:46:df:51:d8:72:2d:fa:07:93:5c:96:d6:fa:3b:
9b:e6:f5:82:d6:86:90:c3:1d:0b:28:21:a5:a0:89:
a6:99:90:9f:27:95:bc:22:ec:a3:a2:c3:34:f4:85:
84:7f:c1:30:82:37:fd:21:b0:d8:1a:c0:8e:86:b4:
ee:bf:ad:8c:11:e2:77:bb:44:bb:e4:7a:2b:5e:8d:
70:5c:24:e2:29:5d:57:fb:51:7b:b6:8c:66:ae:00:
89:95:96:3c:c2:b3:b3:ad:e1:4d:05:6b:4c:33:c5:
5c:21:bf:be:a7:1f:8d:87:f0:79:95:36:ed:d4:4b:
56:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D5:71:65:96:63:EB:39:47:2D:DC:61:72:6E:49:8D:76:83:7A:73
X509v3 Authority Key Identifier:
keyid:18:8F:B0:98:5E:36:0C:38:F8:65:8D:56:68:7C:A8:62:D9:40:8D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/2dVxZZZj6zlHLdxhcm5JjXaDenM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/GI-wmF42DDj4ZY1WaHyoYtlAjZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.160.0/22
185.174.248.0/22
185.194.76.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:22:a9:dc:38:c3:79:a0:be:2f:0b:11:c9:9b:09:30:d1:f4:
de:1f:61:45:0e:86:7b:5d:7a:30:dc:f4:5b:4f:7c:17:af:15:
b2:04:da:81:44:f3:05:86:7b:fd:1c:3a:ac:63:59:26:90:b7:
94:77:35:8a:df:ff:20:3d:ab:9e:d5:4a:de:ea:d5:a0:88:a4:
99:62:31:a3:d4:d8:98:99:8c:5e:48:81:7c:c3:53:3e:64:18:
7f:31:2f:d6:5b:14:7b:db:55:75:f3:04:98:79:e6:f5:d2:e1:
70:d3:52:fa:85:b0:2a:9a:15:e0:38:c9:13:87:32:ca:f1:d7:
98:c4:1f:cc:b1:e0:44:7d:41:f4:0e:bc:53:b9:b3:b9:52:f1:
bf:58:19:66:b2:95:3f:fc:b6:de:ae:5c:15:2d:da:8e:87:b9:
a6:2a:cb:0c:63:a5:a3:bc:af:90:99:b5:ca:c3:98:1d:6a:14:
6c:62:f6:58:f5:1c:ef:ec:b0:83:a5:f8:9a:2e:08:32:98:fd:
7e:b7:74:90:28:ed:a6:16:5a:ea:05:68:c9:5e:93:49:c9:f0:
ab:25:ec:56:d7:79:a4:07:52:b7:cb:75:6f:91:7f:c1:78:85:
57:2a:f9:ff:eb:a2:83:2b:0f:72:bd:6e:8f:f4:00:12:c0:03:
17:a5:71:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks78K0qRTCCov6iS/vRw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OGZiMDk4NWUzNjBjMzhmODY1OGQ1NjY4N2NhODYyZDk0
MDhkOTAwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ1NzE2NTk2NjNlYjM5NDcyZGRjNjE3MjZlNDk4ZDc2ODM3YTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJWZmKFxQk13r/EWghSaAs7Ar0sT
EtOj3lyQAdsZwsBYT0+gAA4lXSwPC/jMIprmOxzJJPEt3zX9ni0keSl+ohYDu48s
4KhhG5d1JHJMPDt0N3zKymJrbmAXb2Q9FsYJe+q52LvVWjZu2mbGIQdZ1UBsk8T4
UdNcR1qNzXyyR/sIbVWcHeJLRt9R2HIt+geTXJbW+jub5vWC1oaQwx0LKCGloImm
mZCfJ5W8IuyjosM09IWEf8Ewgjf9IbDYGsCOhrTuv62MEeJ3u0S75HorXo1wXCTi
KV1X+1F7toxmrgCJlZY8wrOzreFNBWtMM8VcIb++px+Nh/B5lTbt1EtW5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNnVcWWWY+s5Ry3cYXJuSY12g3pzMB8GA1UdIwQY
MBaAFBiPsJheNgw4+GWNVmh8qGLZQI2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0ktd21GNDJERGo0WlkxV2FIeW9ZdGxBalpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82N2JjZTMtZWNiYy00NzhkLTgyMTAt
ZDA3OTA2YTg0YjFkLzEvMmRWeFpaWmo2emxITGR4aGNtNUpqWGFEZW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82N2JjZTMtZWNiYy00NzhkLTgyMTAtZDA3OTA2YTg0YjFk
LzEvR0ktd21GNDJERGo0WlkxV2FIeW9ZdGxBalpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuXigAwQC
ua74AwQCucJMMA0GCSqGSIb3DQEBCwUAA4IBAQAbIqncOMN5oL4vCxHJmwkw0fTe
H2FFDoZ7XXow3PRbT3wXrxWyBNqBRPMFhnv9HDqsY1kmkLeUdzWK3/8gPaue1Ure
6tWgiKSZYjGj1NiYmYxeSIF8w1M+ZBh/MS/WWxR721V18wSYeeb10uFw01L6hbAq
mhXgOMkThzLK8deYxB/MseBEfUH0DrxTubO5UvG/WBlmspU//LberlwVLdqOh7mm
KssMY6WjvK+QmbXKw5gdahRsYvZY9Rzv7LCDpfiaLggymP1+t3SQKO2mFlrqBWjJ
XpNJyfCrJexW13mkB1K3y3VvkX/BeIVXKvn/66KDKw9yvW6P9AASwAMXpXGH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net