Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/sK4MVj-U3ZeJw_G8vJOASStIhLU.roa
File: sK4MVj-U3ZeJw_G8vJOASStIhLU.roa (raw, json)
Hash identifier: P1pOOJUZXPKz7U3FDlVYBqiKqi99iCrUEDzB8rKKbR0=
Subject key identifier: B0:AE:0C:56:3F:94:DD:97:89:C3:F1:BC:BC:93:80:49:2B:48:84:B5
Certificate issuer: /CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Certificate serial: 01942067F5250D8A0EB272101E5FEE9E0D94
Authority key identifier: 20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/sK4MVj-U3ZeJw_G8vJOASStIhLU.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212763
IP address blocks: 185.165.0.0/22 maxlen: 24
185.165.0.0/23 maxlen: 23
185.165.0.0/24 maxlen: 24
185.165.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f5:25:0d:8a:0e:b2:72:10:1e:5f:ee:9e:0d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0ae0c563f94dd9789c3f1bcbc9380492b4884b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3c:23:97:36:e0:5d:dc:5c:6f:df:9d:29:52:
a0:28:4e:45:a0:68:de:61:41:26:7b:81:02:1b:2d:
62:af:44:c6:9c:35:c0:98:17:7f:f2:dd:ba:46:65:
29:22:e2:07:95:e5:4a:48:6c:8b:00:7a:af:bb:e6:
e1:be:e1:66:95:ca:c0:25:de:8b:ed:49:d0:b0:5e:
5b:48:fa:1d:92:40:6c:b5:df:67:b0:99:70:ca:c6:
e2:fa:2d:3d:46:c1:0c:26:f7:19:43:87:bf:71:15:
cf:70:b4:d4:c3:78:a2:8c:9b:af:2e:bb:c9:c1:56:
9e:cf:e7:3b:4b:69:29:67:30:a9:b9:19:5b:ea:4a:
84:6c:d9:d4:fb:1c:95:6d:e5:3e:89:f0:34:19:35:
0b:cb:b7:61:9c:0f:12:ca:2d:66:df:fa:bd:99:99:
4c:f0:df:25:a1:c8:d5:ff:5d:4e:7b:e6:3a:06:3a:
28:9e:1c:a9:15:de:8f:96:d0:5b:cd:b7:5a:0b:e8:
8b:2f:d2:14:d8:74:a6:db:b9:c0:07:0e:d1:fe:72:
c9:ad:2a:14:f5:51:8b:44:15:29:c4:ea:a8:03:bd:
68:29:ce:38:79:f7:34:06:1d:45:4c:42:6c:e9:b2:
80:cb:4b:2d:97:4f:ef:d8:75:db:82:49:a4:16:6c:
cf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AE:0C:56:3F:94:DD:97:89:C3:F1:BC:BC:93:80:49:2B:48:84:B5
X509v3 Authority Key Identifier:
keyid:20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/sK4MVj-U3ZeJw_G8vJOASStIhLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:38:8a:8c:19:49:78:97:85:30:33:01:be:a3:6c:43:84:04:
b4:62:e5:70:96:25:20:22:56:6b:86:81:b6:80:e9:ed:ad:b1:
2d:e7:8b:17:e2:93:29:db:19:79:fe:cb:1d:cb:75:a5:f4:b9:
d2:21:d5:11:2e:e1:a6:8b:92:6b:b1:d0:d0:92:62:8a:71:a5:
a8:9d:1a:03:d0:fb:75:d4:84:3a:fa:db:d4:8f:8a:9c:7c:2f:
ba:d0:78:6a:2e:65:08:78:eb:e4:7a:eb:26:f9:ec:bd:aa:ce:
fb:d2:77:6f:2e:83:de:42:e4:75:c2:23:7b:d8:13:c6:c9:dc:
3a:38:9c:4a:be:e1:e3:7d:3d:17:a7:1b:5d:0b:a4:cc:3b:31:
76:b5:97:c2:2d:23:44:79:eb:9b:41:04:75:6a:63:28:1c:ab:
26:35:4d:07:47:25:06:bf:74:37:eb:a0:8b:d3:d0:d4:96:fc:
6f:00:b4:f9:84:e9:b2:2e:c0:05:b8:f0:1b:05:6d:de:16:30:
ac:37:3c:3d:bb:ed:b9:68:a4:ed:9a:53:48:98:09:5b:dd:17:
62:15:9d:dc:77:84:94:4f:9a:f6:33:ae:94:70:61:cb:9f:c5:
d7:81:c5:4d:5f:40:73:fa:f5:ca:ab:e0:c8:85:e7:f4:12:b9:
c5:92:ae:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ/UlDYoOsnIQHl/ung2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGM3MGQzNmUwMTNiMDdlNGU2ZDhlYzNlYTRlZTQxM2I0
YWFhOTgwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFlMGM1NjNmOTRkZDk3ODljM2YxYmNiYzkzODA0OTJiNDg4NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDwjlzbgXdxcb9+dKVKgKE5FoGje
YUEme4ECGy1ir0TGnDXAmBd/8t26RmUpIuIHleVKSGyLAHqvu+bhvuFmlcrAJd6L
7UnQsF5bSPodkkBstd9nsJlwysbi+i09RsEMJvcZQ4e/cRXPcLTUw3iijJuvLrvJ
wVaez+c7S2kpZzCpuRlb6kqEbNnU+xyVbeU+ifA0GTULy7dhnA8Syi1m3/q9mZlM
8N8locjV/11Oe+Y6BjoonhypFd6PltBbzbdaC+iLL9IU2HSm27nABw7R/nLJrSoU
9VGLRBUpxOqoA71oKc44efc0Bh1FTEJs6bKAy0stl0/v2HXbgkmkFmzPZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLCuDFY/lN2XicPxvLyTgEkrSIS1MB8GA1UdIwQY
MBaAFCAMcNNuATsH5ObY7D6k7kE7SqqYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUt
MTU4MDNmZmIxNzQ2LzEvc0s0TVZqLVUzWmVKd19HOHZKT0FTU3RJaExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUtMTU4MDNmZmIxNzQ2
LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaUAMA0G
CSqGSIb3DQEBCwUAA4IBAQA8OIqMGUl4l4UwMwG+o2xDhAS0YuVwliUgIlZrhoG2
gOntrbEt54sX4pMp2xl5/ssdy3Wl9LnSIdURLuGmi5JrsdDQkmKKcaWonRoD0Pt1
1IQ6+tvUj4qcfC+60HhqLmUIeOvkeusm+ey9qs770ndvLoPeQuR1wiN72BPGydw6
OJxKvuHjfT0XpxtdC6TMOzF2tZfCLSNEeeubQQR1amMoHKsmNU0HRyUGv3Q366CL
09DUlvxvALT5hOmyLsAFuPAbBW3eFjCsNzw9u+25aKTtmlNImAlb3RdiFZ3cd4SU
T5r2M66UcGHLn8XXgcVNX0Bz+vXKq+DIhef0ErnFkq5w
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:51:35 2025 by rpki-client on console.sobornost.net