Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/pbhnhbhAo7f81mspcf47i1RiwC4.roa
File: pbhnhbhAo7f81mspcf47i1RiwC4.roa (raw, json)
Hash identifier: cy6NBeCA9q+KpxmPFPQqLF3HwYWfNZwADzV/UaXEKik=
Subject key identifier: A5:B8:67:85:B8:40:A3:B7:FC:D6:6B:29:71:FE:3B:8B:54:62:C0:2E
Certificate issuer: /CN=9d581ff8954a8978b34d849101546cce61c4afa3
Certificate serial: 019434FF1183AAB823E4C2B0A0FAF6F6C10B
Authority key identifier: 9D:58:1F:F8:95:4A:89:78:B3:4D:84:91:01:54:6C:CE:61:C4:AF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVgf-JVKiXizTYSRAVRszmHEr6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/pbhnhbhAo7f81mspcf47i1RiwC4.roa
Signing time: Sun 05 Jan 2025 05:45:18 +0000
ROA not before: Sun 05 Jan 2025 05:45:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203087
IP address blocks: 185.120.76.0/24 maxlen: 24
185.120.77.0/24 maxlen: 24
185.120.78.0/24 maxlen: 24
185.120.79.0/24 maxlen: 24
2a0d:c6c0::/31 maxlen: 31
2a0d:c6c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:34:ff:11:83:aa:b8:23:e4:c2:b0:a0:fa:f6:f6:c1:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d581ff8954a8978b34d849101546cce61c4afa3
Validity
Not Before: Jan 5 05:45:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5b86785b840a3b7fcd66b2971fe3b8b5462c02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:8b:f3:dc:db:53:5e:37:c6:fb:d8:06:7e:
8f:ca:a4:7d:8e:6f:b3:f1:50:28:46:7b:02:c2:c5:
a1:9b:67:e1:43:3a:7d:3b:5b:27:5c:a1:43:1f:1d:
65:f8:5c:4b:c7:a9:fc:5b:da:ad:3b:f4:cb:ad:16:
11:7d:f5:1b:40:a6:42:96:e5:2c:f9:ee:e5:5b:be:
1d:e3:17:eb:50:0b:d2:2d:f5:38:25:af:f8:70:a3:
33:4a:7f:78:98:e5:b0:c6:14:35:7b:97:04:26:f5:
a9:a4:29:d2:d3:f2:c6:a1:bf:bf:c5:f4:a7:22:c2:
54:40:c8:c6:76:75:47:95:6c:c1:f5:67:e3:86:d9:
06:b0:98:8a:3c:3e:38:da:9e:3d:58:63:a3:fa:ba:
f4:f0:06:a8:11:b6:af:ed:98:13:05:a7:65:80:aa:
0e:39:b4:4d:ea:9b:42:9c:56:c0:96:db:5e:66:87:
e0:45:61:cd:af:72:c4:16:8b:1a:03:58:e1:c8:fc:
48:46:c5:d1:b3:a7:8b:db:cc:8e:84:c4:60:8e:4e:
b8:93:3a:1f:39:9d:b4:33:af:49:85:ab:2c:05:c8:
fe:2e:0f:af:8f:c3:65:7b:12:ae:f7:17:cb:65:6e:
51:db:10:07:05:45:92:ed:b4:4a:ca:11:48:42:e5:
bc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B8:67:85:B8:40:A3:B7:FC:D6:6B:29:71:FE:3B:8B:54:62:C0:2E
X509v3 Authority Key Identifier:
keyid:9D:58:1F:F8:95:4A:89:78:B3:4D:84:91:01:54:6C:CE:61:C4:AF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVgf-JVKiXizTYSRAVRszmHEr6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/pbhnhbhAo7f81mspcf47i1RiwC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/nVgf-JVKiXizTYSRAVRszmHEr6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.76.0/22
IPv6:
2a0d:c6c0::/31
Signature Algorithm: sha256WithRSAEncryption
5d:c4:e9:9f:17:2c:4c:fd:ff:82:e7:68:49:4f:50:f5:f5:17:
38:ed:fc:d0:6c:30:cc:2a:6e:29:67:c6:f3:75:4c:79:fb:02:
0d:a2:91:ea:b0:aa:71:11:e4:1c:9c:3e:04:f8:52:68:5b:b5:
7d:8e:aa:f1:61:14:a2:91:6b:5d:cd:2f:03:8a:52:e7:a4:9d:
7f:57:fc:d8:bf:e9:cd:01:f1:c6:00:1e:19:01:6f:5b:b5:d8:
32:b3:4c:42:d3:15:f4:1d:96:f6:96:6a:e7:be:0a:ef:13:bc:
20:00:2a:80:f3:f0:58:58:35:aa:d8:e7:c8:11:fe:94:cc:b3:
d6:f6:33:14:66:33:d8:c4:44:f9:35:2a:f4:8f:0b:93:d7:27:
a1:7b:c9:c7:e5:4d:f4:0f:60:be:1f:cb:f2:26:09:fa:ad:b5:
ae:d7:6e:52:49:1f:0b:63:3e:a1:c1:e3:f8:92:be:f5:df:b3:
02:38:cb:f3:d2:80:50:3e:e3:61:a5:10:db:09:ce:d9:83:70:
67:f1:ec:b4:f2:45:71:32:ee:92:be:26:e6:60:9f:d5:52:75:
6d:83:95:c7:ef:89:bd:6c:9f:3c:c4:7e:41:38:1b:5d:ca:72:
11:61:0a:1f:6f:0f:66:db:f2:24:79:f6:ff:f4:d0:80:a7:cf:
4d:ee:44:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQ0/xGDqrgj5MKwoPr29sELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTgxZmY4OTU0YTg5NzhiMzRkODQ5MTAxNTQ2Y2NlNjFj
NGFmYTMwHhcNMjUwMTA1MDU0NTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI4Njc4NWI4NDBhM2I3ZmNkNjZiMjk3MWZlM2I4YjU0NjJjMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzGL89zbU143xvvYBn6PyqR9jm+z
8VAoRnsCwsWhm2fhQzp9O1snXKFDHx1l+FxLx6n8W9qtO/TLrRYRffUbQKZCluUs
+e7lW74d4xfrUAvSLfU4Ja/4cKMzSn94mOWwxhQ1e5cEJvWppCnS0/LGob+/xfSn
IsJUQMjGdnVHlWzB9WfjhtkGsJiKPD442p49WGOj+rr08AaoEbav7ZgTBadlgKoO
ObRN6ptCnFbAltteZofgRWHNr3LEFosaA1jhyPxIRsXRs6eL28yOhMRgjk64kzof
OZ20M69JhassBcj+Lg+vj8NlexKu9xfLZW5R2xAHBUWS7bRKyhFIQuW8QwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKW4Z4W4QKO3/NZrKXH+O4tUYsAuMB8GA1UdIwQY
MBaAFJ1YH/iVSol4s02EkQFUbM5hxK+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZnZi1KVktpWGl6VFlTUkFWUnN6bUhFcjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yYjNmMmYtMTRhZS00NjRiLTliN2Mt
Nzk4MGEyZTIzMDA3LzEvcGJobmhiaEFvN2Y4MW1zcGNmNDdpMVJpd0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yYjNmMmYtMTRhZS00NjRiLTliN2MtNzk4MGEyZTIzMDA3
LzEvblZnZi1KVktpWGl6VFlTUkFWUnN6bUhFcjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXhMMA0E
AgACMAcDBQEqDcbAMA0GCSqGSIb3DQEBCwUAA4IBAQBdxOmfFyxM/f+C52hJT1D1
9Rc47fzQbDDMKm4pZ8bzdUx5+wINopHqsKpxEeQcnD4E+FJoW7V9jqrxYRSikWtd
zS8DilLnpJ1/V/zYv+nNAfHGAB4ZAW9btdgys0xC0xX0HZb2lmrnvgrvE7wgACqA
8/BYWDWq2OfIEf6UzLPW9jMUZjPYxET5NSr0jwuT1yehe8nH5U30D2C+H8vyJgn6
rbWu125SSR8LYz6hweP4kr7137MCOMvz0oBQPuNhpRDbCc7Zg3Bn8ey08kVxMu6S
vibmYJ/VUnVtg5XH74m9bJ88xH5BOBtdynIRYQofbw9m2/Ikefb/9NCAp89N7kSQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net