Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a32b1c-f841-4f5a-9ce4-e734993f11ac/1/5lkgevE67JqLPCJiuIVDQvx8C9s.roa
File: 5lkgevE67JqLPCJiuIVDQvx8C9s.roa (raw, json)
Hash identifier: TbV0l1n+K1FvkmmG4RWk4U+vij9oLV2Tx8NUa3IQ8as=
Subject key identifier: E6:59:20:7A:F1:3A:EC:9A:8B:3C:22:62:B8:85:43:42:FC:7C:0B:DB
Certificate issuer: /CN=a8e5148b399b53ba52fd68eabdbdf6ad99cc71f4
Certificate serial: 0194DA5CDCF835C1C6CE8AD9B239671D2ED3
Authority key identifier: A8:E5:14:8B:39:9B:53:BA:52:FD:68:EA:BD:BD:F6:AD:99:CC:71:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOUUizmbU7pS_Wjqvb32rZnMcfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a32b1c-f841-4f5a-9ce4-e734993f11ac/1/5lkgevE67JqLPCJiuIVDQvx8C9s.roa
Signing time: Thu 06 Feb 2025 08:25:06 +0000
ROA not before: Thu 06 Feb 2025 08:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214267
IP address blocks: 185.37.102.0/24 maxlen: 24
2a14:5a80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:5c:dc:f8:35:c1:c6:ce:8a:d9:b2:39:67:1d:2e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e5148b399b53ba52fd68eabdbdf6ad99cc71f4
Validity
Not Before: Feb 6 08:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e659207af13aec9a8b3c2262b8854342fc7c0bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:36:74:66:f1:9e:7a:32:92:82:99:4a:65:68:
d7:3e:7b:08:ab:6f:ba:88:a8:88:6b:53:81:65:b2:
0f:21:25:3d:e8:16:78:59:39:fe:1d:e0:0d:2f:8c:
3d:19:92:01:a1:cb:19:bd:62:48:d0:7c:31:23:70:
13:2f:a8:8e:7f:a5:de:e6:9d:a6:69:a5:eb:00:f6:
8d:e6:1c:f3:69:a5:9e:93:08:88:78:f5:6f:18:15:
7e:52:3b:0f:c6:82:b9:ab:83:6e:cf:2a:30:f3:49:
b7:79:40:00:ac:da:5c:9d:2b:47:96:df:bf:ae:92:
15:d4:a8:f5:fa:cf:db:b9:41:c5:c2:ce:a4:ad:3e:
57:42:74:65:4f:04:1a:d0:e6:8a:50:68:22:72:1b:
e8:f7:ab:8a:a3:ad:a9:3a:43:84:35:4f:34:91:15:
ca:5d:cd:42:a2:39:43:73:3f:cf:18:5a:54:d0:8e:
d4:4b:7b:ea:4b:ba:3c:1c:c5:e8:bc:06:28:5d:34:
54:5a:5c:00:50:c3:bb:5e:fd:f3:55:3f:47:39:5f:
cc:f7:39:a7:27:de:be:67:58:6f:c5:0c:84:d4:e8:
0e:2f:e0:15:6d:00:63:7c:f9:50:73:83:66:5e:09:
87:bd:a9:ac:3f:b1:e4:5f:63:67:2b:7c:ff:a6:4a:
f4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:59:20:7A:F1:3A:EC:9A:8B:3C:22:62:B8:85:43:42:FC:7C:0B:DB
X509v3 Authority Key Identifier:
keyid:A8:E5:14:8B:39:9B:53:BA:52:FD:68:EA:BD:BD:F6:AD:99:CC:71:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOUUizmbU7pS_Wjqvb32rZnMcfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a32b1c-f841-4f5a-9ce4-e734993f11ac/1/5lkgevE67JqLPCJiuIVDQvx8C9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a32b1c-f841-4f5a-9ce4-e734993f11ac/1/qOUUizmbU7pS_Wjqvb32rZnMcfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.102.0/24
IPv6:
2a14:5a80::/29
Signature Algorithm: sha256WithRSAEncryption
a8:8e:fb:02:11:5f:43:3e:cd:fb:f3:ce:29:b0:f2:7e:6b:a0:
00:b1:3b:f9:8f:42:d6:ce:58:a7:8a:03:a5:0e:f4:8c:08:a2:
da:23:1c:3b:4a:6f:4f:cd:a6:bc:e6:a1:0d:fe:ad:56:5e:b7:
f8:2c:88:5c:b7:37:37:92:76:dc:89:8c:3c:e6:19:dd:55:c0:
31:c4:07:6a:55:7b:9b:d3:89:a7:43:54:02:1d:8f:18:9a:5d:
11:b4:f9:d7:23:fc:67:83:f8:66:1a:65:f0:42:0d:0b:1c:23:
fb:c4:34:db:27:9f:2e:0c:52:d7:4e:e8:96:47:d4:bb:ad:45:
1f:23:64:f3:2a:1b:3a:02:12:d3:ce:c9:3a:c4:14:f0:00:a6:
56:80:bb:a3:36:cc:9d:31:60:ff:92:c9:39:89:aa:36:c4:51:
07:5c:a7:44:ab:bc:11:57:20:54:46:e7:e3:f5:e9:76:59:14:
76:24:ef:50:bf:44:9c:9c:61:40:44:0b:4e:58:bc:83:32:a5:
62:12:b2:4f:5a:72:40:96:12:94:65:5d:e8:06:93:1b:5a:98:
5a:5f:85:6e:ac:40:ad:de:f0:ce:4d:3c:a9:7a:79:be:46:8f:
27:12:7b:b3:68:c7:46:16:13:15:00:2f:18:66:56:d5:ef:fc:
e9:12:6f:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZTaXNz4NcHGzorZsjlnHS7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTUxNDhiMzk5YjUzYmE1MmZkNjhlYWJkYmRmNmFkOTlj
YzcxZjQwHhcNMjUwMjA2MDgyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU5MjA3YWYxM2FlYzlhOGIzYzIyNjJiODg1NDM0MmZjN2MwYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jZ0ZvGeejKSgplKZWjXPnsIq2+6
iKiIa1OBZbIPISU96BZ4WTn+HeANL4w9GZIBocsZvWJI0HwxI3ATL6iOf6Xe5p2m
aaXrAPaN5hzzaaWekwiIePVvGBV+UjsPxoK5q4Nuzyow80m3eUAArNpcnStHlt+/
rpIV1Kj1+s/buUHFws6krT5XQnRlTwQa0OaKUGgichvo96uKo62pOkOENU80kRXK
Xc1CojlDcz/PGFpU0I7US3vqS7o8HMXovAYoXTRUWlwAUMO7Xv3zVT9HOV/M9zmn
J96+Z1hvxQyE1OgOL+AVbQBjfPlQc4NmXgmHvamsP7HkX2NnK3z/pkr0MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOZZIHrxOuyaizwiYriFQ0L8fAvbMB8GA1UdIwQY
MBaAFKjlFIs5m1O6Uv1o6r299q2ZzHH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9VVWl6bWJVN3BTX1dqcXZiMzJyWm5NY2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hMzJiMWMtZjg0MS00ZjVhLTljZTQt
ZTczNDk5M2YxMWFjLzEvNWxrZ2V2RTY3SnFMUENKaXVJVkRRdng4QzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hMzJiMWMtZjg0MS00ZjVhLTljZTQtZTczNDk5M2YxMWFj
LzEvcU9VVWl6bWJVN3BTX1dqcXZiMzJyWm5NY2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSVmMA0E
AgACMAcDBQMqFFqAMA0GCSqGSIb3DQEBCwUAA4IBAQCojvsCEV9DPs37884psPJ+
a6AAsTv5j0LWzlinigOlDvSMCKLaIxw7Sm9Pzaa85qEN/q1WXrf4LIhctzc3knbc
iYw85hndVcAxxAdqVXub04mnQ1QCHY8Yml0RtPnXI/xng/hmGmXwQg0LHCP7xDTb
J58uDFLXTuiWR9S7rUUfI2TzKhs6AhLTzsk6xBTwAKZWgLujNsydMWD/ksk5iao2
xFEHXKdEq7wRVyBURufj9el2WRR2JO9Qv0ScnGFARAtOWLyDMqViErJPWnJAlhKU
ZV3oBpMbWphaX4VurECt3vDOTTypenm+Ro8nEnuzaMdGFhMVAC8YZlbV7/zpEm9H
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net