Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/P9bs-w5DkWpu1aBuTV3PHAzvH6Q.roa
File: P9bs-w5DkWpu1aBuTV3PHAzvH6Q.roa (raw, json)
Hash identifier: oAepJ4+j0gmtz7XxqoB+yGPsz6tmKuFLhq6h9fcVyTY=
Subject key identifier: 3F:D6:EC:FB:0E:43:91:6A:6E:D5:A0:6E:4D:5D:CF:1C:0C:EF:1F:A4
Certificate issuer: /CN=5577b4b87ab86aca577e56e38d5b8a5813cccc3d
Certificate serial: 019422FC2A7EDF2F469D51D76347E8859972
Authority key identifier: 55:77:B4:B8:7A:B8:6A:CA:57:7E:56:E3:8D:5B:8A:58:13:CC:CC:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/P9bs-w5DkWpu1aBuTV3PHAzvH6Q.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211458
IP address blocks: 185.23.110.0/24 maxlen: 24
2a10:df40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2a:7e:df:2f:46:9d:51:d7:63:47:e8:85:99:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5577b4b87ab86aca577e56e38d5b8a5813cccc3d
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fd6ecfb0e43916a6ed5a06e4d5dcf1c0cef1fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:53:c8:44:64:8c:93:5a:7a:7c:65:71:bd:bd:
c7:36:7d:73:e5:1f:f8:bd:5a:c4:df:e9:6f:ea:22:
fa:fd:eb:08:2b:92:13:83:73:2c:20:48:e4:38:24:
07:07:11:96:a1:60:5d:5d:5d:b6:e2:43:78:b4:aa:
2d:8d:1f:e5:d4:28:78:5d:84:c8:bd:b1:c4:26:4a:
0c:7e:67:60:db:b8:9a:97:f5:7a:3b:ef:6b:6d:a5:
59:ae:09:b7:c7:57:1a:86:3b:33:d9:e3:d4:4a:3d:
ec:c6:3c:b4:7b:71:23:01:90:06:76:28:6c:8d:40:
69:82:c3:74:9f:aa:5b:a9:38:8c:dd:41:a9:c8:20:
bb:a7:4c:f5:24:f1:5a:9b:f7:d7:0e:2f:bb:36:fc:
e3:24:f4:d0:92:de:8f:e9:4d:08:38:a4:73:bc:1d:
49:fe:92:bd:ef:91:75:e4:6f:3b:e0:5d:72:4b:b2:
f2:81:c5:3a:14:9e:b4:8c:e0:57:59:d6:24:2f:1c:
d8:ed:c4:c6:04:5a:bb:68:03:51:18:c9:6a:fd:6c:
4a:cc:79:bf:64:1c:27:18:7b:13:73:a8:9d:0a:16:
52:f2:9c:35:21:97:ea:b6:5a:d2:d7:38:5c:0e:a2:
37:44:d4:cb:56:71:8a:b8:11:85:a9:37:f6:9b:15:
41:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D6:EC:FB:0E:43:91:6A:6E:D5:A0:6E:4D:5D:CF:1C:0C:EF:1F:A4
X509v3 Authority Key Identifier:
keyid:55:77:B4:B8:7A:B8:6A:CA:57:7E:56:E3:8D:5B:8A:58:13:CC:CC:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/P9bs-w5DkWpu1aBuTV3PHAzvH6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.110.0/24
IPv6:
2a10:df40::/29
Signature Algorithm: sha256WithRSAEncryption
31:66:bf:a7:72:22:31:6b:58:ab:ad:b4:1f:63:f8:34:24:8b:
3a:0f:f0:61:2b:34:8e:55:d9:13:c0:b4:c8:0e:96:ed:87:ea:
d5:84:38:9f:6b:fa:13:21:d5:3f:33:6b:df:a8:b2:8e:43:0d:
7b:a0:0d:af:3d:e0:f9:1c:a1:01:4d:3f:0e:c2:65:d8:cb:0b:
a4:ba:fa:a4:5d:cd:63:be:c6:e6:0a:de:ae:bd:da:db:2c:50:
c9:43:fb:ba:32:c5:e2:32:2d:75:eb:76:73:10:4f:83:36:4b:
97:b9:db:2e:74:8f:00:d0:e9:0e:b3:c6:aa:a3:ad:cf:f8:70:
9e:87:cc:c4:f2:77:82:dd:70:d2:20:1f:9e:61:88:d5:27:ed:
c6:49:3b:f1:f3:d2:b4:82:24:90:5c:93:d4:32:69:93:8e:57:
0e:75:ef:f3:6b:02:3a:50:69:18:41:f0:e1:08:63:26:0d:86:
1d:3f:2b:ff:80:3c:7b:7c:1b:fc:56:ef:08:21:12:4d:ea:a7:
0f:2f:96:8e:50:0f:12:60:68:c3:c8:d6:39:02:bb:87:5a:05:
9e:3e:7c:23:7c:d8:d8:be:92:ae:80:0f:6e:80:bf:c2:5e:17:
da:2e:18:7d:9f:bc:c7:5c:f1:d7:6e:60:88:20:51:80:62:af:
25:62:42:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/Cp+3y9GnVHXY0fohZlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NzdiNGI4N2FiODZhY2E1NzdlNTZlMzhkNWI4YTU4MTNj
Y2NjM2QwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQ2ZWNmYjBlNDM5MTZhNmVkNWEwNmU0ZDVkY2YxYzBjZWYxZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVPIRGSMk1p6fGVxvb3HNn1z5R/4
vVrE3+lv6iL6/esIK5ITg3MsIEjkOCQHBxGWoWBdXV224kN4tKotjR/l1Ch4XYTI
vbHEJkoMfmdg27ial/V6O+9rbaVZrgm3x1cahjsz2ePUSj3sxjy0e3EjAZAGdihs
jUBpgsN0n6pbqTiM3UGpyCC7p0z1JPFam/fXDi+7NvzjJPTQkt6P6U0IOKRzvB1J
/pK975F15G874F1yS7LygcU6FJ60jOBXWdYkLxzY7cTGBFq7aANRGMlq/WxKzHm/
ZBwnGHsTc6idChZS8pw1IZfqtlrS1zhcDqI3RNTLVnGKuBGFqTf2mxVBswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD/W7PsOQ5FqbtWgbk1dzxwM7x+kMB8GA1UdIwQY
MBaAFFV3tLh6uGrKV35W441bilgTzMw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kMTU4ZTEtNTEyYi00NDg2LWFmODct
YjQ5MGE2ZDZiZTI1LzEvUDlicy13NURrV3B1MWFCdVRWM1BIQXp2SDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kMTU4ZTEtNTEyYi00NDg2LWFmODctYjQ5MGE2ZDZiZTI1
LzEvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRduMA0E
AgACMAcDBQMqEN9AMA0GCSqGSIb3DQEBCwUAA4IBAQAxZr+nciIxa1irrbQfY/g0
JIs6D/BhKzSOVdkTwLTIDpbth+rVhDifa/oTIdU/M2vfqLKOQw17oA2vPeD5HKEB
TT8OwmXYywukuvqkXc1jvsbmCt6uvdrbLFDJQ/u6MsXiMi1163ZzEE+DNkuXudsu
dI8A0OkOs8aqo63P+HCeh8zE8neC3XDSIB+eYYjVJ+3GSTvx89K0giSQXJPUMmmT
jlcOde/zawI6UGkYQfDhCGMmDYYdPyv/gDx7fBv8Vu8IIRJN6qcPL5aOUA8SYGjD
yNY5AruHWgWePnwjfNjYvpKugA9ugL/CXhfaLhh9n7zHXPHXbmCIIFGAYq8lYkJW
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net