Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/eaa4d0-8d1d-4cc1-8b22-450395fb88fa/1/If4EKlwd9K1sFMswbVmwiqIL9EU.roa
File: If4EKlwd9K1sFMswbVmwiqIL9EU.roa (raw, json)
Hash identifier: Xi+2lm3juwWtv3l4CgI611xVpcAT1z+T6D2yne87CLU=
Subject key identifier: 21:FE:04:2A:5C:1D:F4:AD:6C:14:CB:30:6D:59:B0:8A:A2:0B:F4:45
Certificate issuer: /CN=9c92aa53d3290aa80379935335db9fcc3ffd29aa
Certificate serial: 019421445390C942A3BA7CE2A08D242D1600
Authority key identifier: 9C:92:AA:53:D3:29:0A:A8:03:79:93:53:35:DB:9F:CC:3F:FD:29:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nJKqU9MpCqgDeZNTNdufzD_9Kao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/eaa4d0-8d1d-4cc1-8b22-450395fb88fa/1/If4EKlwd9K1sFMswbVmwiqIL9EU.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201548
IP address blocks: 185.71.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:53:90:c9:42:a3:ba:7c:e2:a0:8d:24:2d:16:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c92aa53d3290aa80379935335db9fcc3ffd29aa
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21fe042a5c1df4ad6c14cb306d59b08aa20bf445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:39:9e:cc:e2:5d:82:f0:a6:e9:dc:20:71:12:
e0:16:57:bf:5b:a1:f4:69:fc:6e:47:6f:29:3a:a4:
c0:b3:3b:e3:e0:e0:7a:d6:b4:8b:b2:36:27:7c:5c:
30:05:d1:b4:cf:9c:25:0a:37:14:4a:c8:77:1c:5a:
48:13:f5:08:d3:12:d9:37:0c:de:46:a1:15:12:dc:
a6:00:c3:93:e6:64:46:57:f2:54:29:a5:d1:ae:94:
fe:b0:f8:f8:31:a1:0b:70:8a:7d:a9:77:12:49:92:
53:1e:f3:b1:5c:c5:7b:18:7f:e1:a5:13:37:35:11:
fd:4a:5d:9d:8b:f7:52:54:ec:2a:2c:ef:c5:3f:c5:
18:92:5a:f7:a0:f7:cb:5a:83:14:ef:3d:e0:62:d6:
2f:1c:58:64:a5:60:b2:58:b2:f8:2c:a4:ad:46:80:
65:b2:87:12:c5:38:4d:a1:6c:6e:ca:89:e9:bc:d4:
34:7e:ba:3b:0e:eb:f7:4e:11:0f:0f:85:de:e2:ef:
9e:a3:44:d0:b6:a4:90:fe:a8:21:03:a8:86:33:80:
06:ef:3c:0e:4a:ef:38:4e:85:a3:ab:3a:34:b7:a6:
c4:5a:a2:8b:50:c6:09:32:8d:d8:2a:99:ba:41:7e:
3d:1a:d0:7a:83:9c:f4:11:56:30:ea:3c:c4:a9:8c:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FE:04:2A:5C:1D:F4:AD:6C:14:CB:30:6D:59:B0:8A:A2:0B:F4:45
X509v3 Authority Key Identifier:
keyid:9C:92:AA:53:D3:29:0A:A8:03:79:93:53:35:DB:9F:CC:3F:FD:29:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nJKqU9MpCqgDeZNTNdufzD_9Kao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/eaa4d0-8d1d-4cc1-8b22-450395fb88fa/1/If4EKlwd9K1sFMswbVmwiqIL9EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/eaa4d0-8d1d-4cc1-8b22-450395fb88fa/1/nJKqU9MpCqgDeZNTNdufzD_9Kao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.40.0/22
Signature Algorithm: sha256WithRSAEncryption
25:93:a9:f2:35:4a:ca:93:6d:92:5a:0d:00:f7:01:94:c2:e3:
91:5c:06:73:bf:1b:53:a0:f6:b7:d7:b3:70:2d:d4:f7:c6:54:
fa:30:32:a9:62:bd:2b:52:a4:1f:b7:1a:e5:57:33:23:ec:f8:
ee:d9:7d:22:bc:34:b9:1a:dc:a0:8c:e4:a9:dd:ad:89:b6:f2:
d9:0f:53:ca:67:2a:1b:da:c4:7b:c8:68:e4:87:60:b9:32:44:
eb:4f:46:ed:e4:aa:75:96:ed:86:03:4d:07:e7:4f:ef:41:41:
4e:0d:71:e2:f9:c1:2b:f0:ed:89:40:88:40:2a:60:2e:d7:fb:
01:ef:d5:e5:cb:c7:d9:bf:8c:61:64:6c:c5:cd:48:c1:0a:d4:
4c:87:e7:31:8c:83:00:95:85:12:f5:a2:3a:e9:ef:d5:06:ea:
40:17:38:f1:ca:7f:e7:f4:fd:a8:2d:07:08:a3:55:2a:3d:95:
f5:11:31:a0:7b:c1:ca:2e:37:f1:22:38:6e:34:95:3e:e1:04:
04:8b:ae:20:7a:e5:25:53:57:78:d2:7e:a2:2b:a5:0b:78:ae:
d5:22:58:92:91:c8:db:c4:ed:48:72:6d:c2:d4:aa:f1:70:05:
9f:a0:9a:9a:53:d7:bf:42:99:02:dc:27:69:0e:0d:76:f7:0d:
29:8d:7e:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRFOQyUKjunzioI0kLRYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljOTJhYTUzZDMyOTBhYTgwMzc5OTM1MzM1ZGI5ZmNjM2Zm
ZDI5YWEwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZlMDQyYTVjMWRmNGFkNmMxNGNiMzA2ZDU5YjA4YWEyMGJmNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzmezOJdgvCm6dwgcRLgFle/W6H0
afxuR28pOqTAszvj4OB61rSLsjYnfFwwBdG0z5wlCjcUSsh3HFpIE/UI0xLZNwze
RqEVEtymAMOT5mRGV/JUKaXRrpT+sPj4MaELcIp9qXcSSZJTHvOxXMV7GH/hpRM3
NRH9Sl2di/dSVOwqLO/FP8UYklr3oPfLWoMU7z3gYtYvHFhkpWCyWLL4LKStRoBl
socSxThNoWxuyonpvNQ0fro7Duv3ThEPD4Xe4u+eo0TQtqSQ/qghA6iGM4AG7zwO
Su84ToWjqzo0t6bEWqKLUMYJMo3YKpm6QX49GtB6g5z0EVYw6jzEqYy0PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCH+BCpcHfStbBTLMG1ZsIqiC/RFMB8GA1UdIwQY
MBaAFJySqlPTKQqoA3mTUzXbn8w//SmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkpLcVU5TXBDcWdEZVpOVE5kdWZ6RF85S2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9lYWE0ZDAtOGQxZC00Y2MxLThiMjIt
NDUwMzk1ZmI4OGZhLzEvSWY0RUtsd2Q5SzFzRk1zd2JWbXdpcUlMOUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9lYWE0ZDAtOGQxZC00Y2MxLThiMjItNDUwMzk1ZmI4OGZh
LzEvbkpLcVU5TXBDcWdEZVpOVE5kdWZ6RF85S2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUcoMA0G
CSqGSIb3DQEBCwUAA4IBAQAlk6nyNUrKk22SWg0A9wGUwuORXAZzvxtToPa317Nw
LdT3xlT6MDKpYr0rUqQftxrlVzMj7Pju2X0ivDS5GtygjOSp3a2JtvLZD1PKZyob
2sR7yGjkh2C5MkTrT0bt5Kp1lu2GA00H50/vQUFODXHi+cEr8O2JQIhAKmAu1/sB
79Xly8fZv4xhZGzFzUjBCtRMh+cxjIMAlYUS9aI66e/VBupAFzjxyn/n9P2oLQcI
o1UqPZX1ETGge8HKLjfxIjhuNJU+4QQEi64geuUlU1d40n6iK6ULeK7VIliSkcjb
xO1Icm3C1KrxcAWfoJqaU9e/QpkC3CdpDg129w0pjX4+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:06 2025 by rpki-client on console.sobornost.net