Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/Np5gpybgVTbW_JvWDHqz1f_WS8U.roa
File: Np5gpybgVTbW_JvWDHqz1f_WS8U.roa (raw, json)
Hash identifier: K2zfC5C37/DaTKYS6ZCx6tBqzud1Hd12o4z4cr9RIyA=
Subject key identifier: 36:9E:60:A7:26:E0:55:36:D6:FC:9B:D6:0C:7A:B3:D5:FF:D6:4B:C5
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 019423D6C332911204C5B684E40BEC9BDBE0
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/Np5gpybgVTbW_JvWDHqz1f_WS8U.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50818
IP address blocks: 82.196.16.0/22 maxlen: 24
82.196.20.0/22 maxlen: 22
82.196.20.0/24 maxlen: 24
185.9.21.0/24 maxlen: 24
185.20.42.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c3:32:91:12:04:c5:b6:84:e4:0b:ec:9b:db:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=369e60a726e05536d6fc9bd60c7ab3d5ffd64bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:67:1e:3a:33:b7:50:5a:96:e2:0e:e6:a3:bd:
36:b7:1f:ec:0d:6e:7d:41:84:70:d6:ba:1e:73:21:
99:46:84:fc:d1:c5:56:be:9f:ce:5d:24:4f:63:f8:
49:00:ad:2f:0c:2d:f0:f3:24:7b:e6:e0:8d:73:ab:
46:a5:1c:bb:9f:8c:33:2c:89:7e:56:cd:55:68:b3:
e7:dd:e0:6e:ce:c0:34:2a:ad:56:04:ed:cd:b0:da:
5a:b8:ae:42:ec:d3:d8:c0:2a:a9:8f:44:3a:22:a8:
49:14:b4:e3:01:b5:b1:a0:a2:f8:2b:ae:3d:72:28:
53:17:45:ae:06:58:40:a6:18:89:5f:04:10:53:04:
ad:77:ab:61:b0:6d:db:1f:8b:18:c3:de:77:44:d3:
d6:bd:2d:92:1c:37:7e:b7:ef:16:64:42:7c:77:05:
fd:89:e9:f0:12:e4:9a:5d:09:c2:d9:87:d2:77:98:
fa:ba:61:d0:82:7c:6c:36:54:24:71:9e:1b:98:c6:
0a:04:0a:ac:d9:f0:fc:2d:a1:5d:02:cc:2e:20:3d:
00:d9:6e:3b:60:d0:25:ec:8e:90:dc:95:a1:ed:bd:
7a:f1:bd:5d:aa:d0:1e:4a:e8:8f:e4:c7:92:1c:27:
f2:aa:4d:40:72:20:d6:3a:05:75:92:56:d1:6c:a3:
64:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9E:60:A7:26:E0:55:36:D6:FC:9B:D6:0C:7A:B3:D5:FF:D6:4B:C5
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/Np5gpybgVTbW_JvWDHqz1f_WS8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
185.9.21.0/24
185.20.42.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
c5:d4:57:7b:10:4a:fe:2f:72:02:7a:33:da:38:5b:61:e6:86:
c2:f4:19:67:27:7f:0d:1a:c3:a0:3c:cf:f6:2f:bb:a6:77:77:
f3:05:03:22:19:27:78:ec:6f:5a:3e:56:f7:d5:80:d5:65:35:
c6:12:b1:b4:c8:21:1f:03:f2:2e:ae:0e:af:69:b1:0c:8e:84:
36:c2:ef:7c:d0:c0:b1:0b:25:ed:5a:f1:ec:9d:ce:0c:28:04:
fe:0a:19:cd:02:98:d8:22:7e:db:47:a0:ac:3e:20:bc:09:06:
99:bf:aa:5a:09:aa:a7:98:33:00:e0:a8:33:37:65:ef:5c:28:
f7:09:39:cd:7c:08:9c:ec:ec:e4:30:f4:45:5c:5f:78:dc:99:
02:21:67:f5:b5:89:f4:07:e1:d9:65:08:07:4c:d5:ea:9b:e0:
c1:8d:ef:2b:a2:64:fe:69:d2:ff:38:1f:74:c2:ef:0b:95:e6:
eb:e1:b8:94:e2:a4:f1:02:74:9f:ba:e3:48:26:33:4c:24:50:
72:6a:22:c2:0c:41:cc:dc:78:07:d7:74:10:36:c5:26:33:36:
39:3d:cf:87:65:09:1e:fd:5d:17:8d:50:78:ef:d1:45:b6:cb:
03:22:39:0e:83:94:ac:e1:cb:86:96:7c:4e:de:43:72:46:1a:
0c:28:6f:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj1sMykRIExbaE5Avsm9vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjllNjBhNzI2ZTA1NTM2ZDZmYzliZDYwYzdhYjNkNWZmZDY0YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2ceOjO3UFqW4g7mo702tx/sDW59
QYRw1roecyGZRoT80cVWvp/OXSRPY/hJAK0vDC3w8yR75uCNc6tGpRy7n4wzLIl+
Vs1VaLPn3eBuzsA0Kq1WBO3NsNpauK5C7NPYwCqpj0Q6IqhJFLTjAbWxoKL4K649
cihTF0WuBlhAphiJXwQQUwStd6thsG3bH4sYw953RNPWvS2SHDd+t+8WZEJ8dwX9
ienwEuSaXQnC2YfSd5j6umHQgnxsNlQkcZ4bmMYKBAqs2fD8LaFdAswuID0A2W47
YNAl7I6Q3JWh7b168b1dqtAeSuiP5MeSHCfyqk1AciDWOgV1klbRbKNkEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDaeYKcm4FU21vyb1gx6s9X/1kvFMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvTnA1Z3B5YmdWVGJXX0p2V0RIcXoxZl9XUzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDUsQQAwQA
uQkVAwQAuRQqMA0EAgACMAcDBQAqA0LAMA0GCSqGSIb3DQEBCwUAA4IBAQDF1Fd7
EEr+L3ICejPaOFth5obC9BlnJ38NGsOgPM/2L7umd3fzBQMiGSd47G9aPlb31YDV
ZTXGErG0yCEfA/Iurg6vabEMjoQ2wu980MCxCyXtWvHsnc4MKAT+ChnNApjYIn7b
R6CsPiC8CQaZv6paCaqnmDMA4KgzN2XvXCj3CTnNfAic7OzkMPRFXF943JkCIWf1
tYn0B+HZZQgHTNXqm+DBje8romT+adL/OB90wu8Llebr4biU4qTxAnSfuuNIJjNM
JFByaiLCDEHM3HgH13QQNsUmMzY5Pc+HZQke/V0XjVB479FFtssDIjkOg5Ss4cuG
lnxO3kNyRhoMKG+Q
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:12:34 2025 by rpki-client on console.sobornost.net