Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/Gfuw2x_T8yQVyP6ui29Llxbnd0A.roa
File: Gfuw2x_T8yQVyP6ui29Llxbnd0A.roa (raw, json)
Hash identifier: Gjo+1HCWQtVB1KVlZemBlfNk1FD9JNsAIkXhqPnWnlw=
Subject key identifier: 19:FB:B0:DB:1F:D3:F3:24:15:C8:FE:AE:8B:6F:4B:97:16:E7:77:40
Certificate issuer: /CN=d5a085eb95ad55fb3a6b247e9678112a14d81926
Certificate serial: 019427B54109BC2DB7ACC5FDCD12AC349837
Authority key identifier: D5:A0:85:EB:95:AD:55:FB:3A:6B:24:7E:96:78:11:2A:14:D8:19:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/Gfuw2x_T8yQVyP6ui29Llxbnd0A.roa
Signing time: Thu 02 Jan 2025 15:49:37 +0000
ROA not before: Thu 02 Jan 2025 15:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212876
IP address blocks: 185.166.108.0/22 maxlen: 22
2a0c:f880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:41:09:bc:2d:b7:ac:c5:fd:cd:12:ac:34:98:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5a085eb95ad55fb3a6b247e9678112a14d81926
Validity
Not Before: Jan 2 15:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19fbb0db1fd3f32415c8feae8b6f4b9716e77740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:29:92:bd:75:ad:4d:8c:65:8f:0f:28:83:c8:
e1:b9:be:80:dd:2e:4f:b4:d1:b6:d1:f2:55:11:18:
b8:48:a3:b0:62:6f:51:ce:10:ea:ab:76:a2:58:5a:
67:26:2f:08:15:3a:6b:1e:1b:eb:d1:bb:3b:19:c1:
5e:a8:d8:79:6c:89:2e:4d:36:d2:5a:bb:76:3e:3d:
65:6c:e4:2d:18:00:5a:c9:89:16:c6:13:40:5a:e7:
a1:99:d5:cb:9f:c1:0c:98:7b:5b:6c:3e:ca:6a:59:
89:69:7c:56:11:09:b6:6d:e7:ac:ee:95:df:b4:5e:
92:95:01:3c:c1:64:cf:8f:a2:83:01:47:32:ba:8f:
6a:57:98:8f:4f:c9:f4:af:39:0a:95:b1:0d:8a:d6:
be:d3:9c:d8:39:65:ac:33:cf:1d:8f:d2:7f:38:23:
b8:4a:1b:37:70:4e:24:a6:c5:e9:3a:63:10:23:1e:
09:ad:79:8a:ed:14:cb:c3:cc:f7:49:60:61:58:5c:
58:0c:8e:af:c6:e7:8a:74:6f:36:b9:26:2a:db:cc:
84:fe:8c:2a:31:ae:14:3a:86:7b:42:a5:70:58:38:
c3:c9:c8:1f:74:89:cc:09:06:f4:c9:d1:95:c6:13:
77:d5:dd:fd:e5:f7:7a:4e:05:32:69:ee:76:29:eb:
05:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FB:B0:DB:1F:D3:F3:24:15:C8:FE:AE:8B:6F:4B:97:16:E7:77:40
X509v3 Authority Key Identifier:
keyid:D5:A0:85:EB:95:AD:55:FB:3A:6B:24:7E:96:78:11:2A:14:D8:19:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/Gfuw2x_T8yQVyP6ui29Llxbnd0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/1aCF65WtVfs6ayR-lngRKhTYGSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.108.0/22
IPv6:
2a0c:f880::/29
Signature Algorithm: sha256WithRSAEncryption
d9:6d:47:3f:57:93:7b:c4:3f:5a:d4:18:14:1d:38:81:df:de:
74:10:a1:06:1d:6f:d9:48:61:11:d5:74:a3:c8:11:d9:04:e6:
cb:3b:bb:03:a2:5d:f0:17:e2:d3:96:fc:85:a8:d6:c9:32:0a:
6e:b9:a5:4a:1b:d9:eb:b5:dd:66:c0:5a:32:3e:74:55:9c:fd:
17:1a:50:2a:91:e9:3d:72:23:a7:3e:4e:aa:6b:ae:20:89:f9:
72:8b:84:28:b7:bf:14:fc:2d:3e:21:99:c9:2e:97:32:c9:52:
98:02:eb:b7:ba:a6:09:a9:a9:74:c0:dc:f4:30:11:07:23:f3:
72:6f:02:e1:de:6e:a9:24:fb:6f:10:51:aa:12:02:81:fa:25:
53:44:02:3f:d1:43:83:70:7e:e6:6f:63:85:19:2e:2f:a3:50:
8f:51:bb:49:1b:86:f0:cb:67:ab:c2:fc:2d:55:92:33:b9:88:
74:0d:e1:cf:1f:03:58:15:39:b8:c4:28:1c:8a:5b:88:87:5b:
e2:af:2d:4c:e6:af:8b:5c:74:27:8c:56:a1:65:96:db:98:72:
b5:73:1c:8b:2b:ae:66:6a:1f:d6:1a:2c:e8:d0:14:bb:7e:67:
36:65:9a:4c:83:02:3a:79:67:8f:b2:47:c1:d6:f7:cb:16:3c:
7f:90:07:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntUEJvC23rMX9zRKsNJg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YTA4NWViOTVhZDU1ZmIzYTZiMjQ3ZTk2NzgxMTJhMTRk
ODE5MjYwHhcNMjUwMTAyMTU0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZiYjBkYjFmZDNmMzI0MTVjOGZlYWU4YjZmNGI5NzE2ZTc3NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SmSvXWtTYxljw8og8jhub6A3S5P
tNG20fJVERi4SKOwYm9RzhDqq3aiWFpnJi8IFTprHhvr0bs7GcFeqNh5bIkuTTbS
Wrt2Pj1lbOQtGABayYkWxhNAWuehmdXLn8EMmHtbbD7KalmJaXxWEQm2bees7pXf
tF6SlQE8wWTPj6KDAUcyuo9qV5iPT8n0rzkKlbENita+05zYOWWsM88dj9J/OCO4
Shs3cE4kpsXpOmMQIx4JrXmK7RTLw8z3SWBhWFxYDI6vxueKdG82uSYq28yE/owq
Ma4UOoZ7QqVwWDjDycgfdInMCQb0ydGVxhN31d395fd6TgUyae52KesFEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBn7sNsf0/MkFcj+rotvS5cW53dAMB8GA1UdIwQY
MBaAFNWgheuVrVX7OmskfpZ4ESoU2BkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFDRjY1V3RWZnM2YXlSLWxuZ1JLaFRZR1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi85NDU1OGEtMjgwMy00NGMyLWE3NzIt
Zjk0YWRjMWJiZDkwLzEvR2Z1dzJ4X1Q4eVFWeVA2dWkyOUxseGJuZDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi85NDU1OGEtMjgwMy00NGMyLWE3NzItZjk0YWRjMWJiZDkw
LzEvMWFDRjY1V3RWZnM2YXlSLWxuZ1JLaFRZR1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaZsMA0E
AgACMAcDBQMqDPiAMA0GCSqGSIb3DQEBCwUAA4IBAQDZbUc/V5N7xD9a1BgUHTiB
3950EKEGHW/ZSGER1XSjyBHZBObLO7sDol3wF+LTlvyFqNbJMgpuuaVKG9nrtd1m
wFoyPnRVnP0XGlAqkek9ciOnPk6qa64giflyi4Qot78U/C0+IZnJLpcyyVKYAuu3
uqYJqal0wNz0MBEHI/NybwLh3m6pJPtvEFGqEgKB+iVTRAI/0UODcH7mb2OFGS4v
o1CPUbtJG4bwy2erwvwtVZIzuYh0DeHPHwNYFTm4xCgciluIh1viry1M5q+LXHQn
jFahZZbbmHK1cxyLK65mah/WGizo0BS7fmc2ZZpMgwI6eWePskfB1vfLFjx/kAfM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net