Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/baHbcRR9kf1ghjeGFAS82cVbM5E.roa
File: baHbcRR9kf1ghjeGFAS82cVbM5E.roa (raw, json)
Hash identifier: ryV49aEsL3mdbzWN2VnZ4BiiOTM51N9BlYGHQV8L9fI=
Subject key identifier: 6D:A1:DB:71:14:7D:91:FD:60:86:37:86:14:04:BC:D9:C5:5B:33:91
Certificate issuer: /CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Certificate serial: 0194236975A040472F775EA174785567A1AD
Authority key identifier: 3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/baHbcRR9kf1ghjeGFAS82cVbM5E.roa
Signing time: Wed 01 Jan 2025 19:48:21 +0000
ROA not before: Wed 01 Jan 2025 19:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204796
IP address blocks: 185.240.0.0/22 maxlen: 24
195.158.252.0/23 maxlen: 23
195.190.11.0/24 maxlen: 24
2001:67c:11f8::/48 maxlen: 48
2a0c:6880::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:75:a0:40:47:2f:77:5e:a1:74:78:55:67:a1:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Validity
Not Before: Jan 1 19:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6da1db71147d91fd608637861404bcd9c55b3391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:71:73:49:bc:62:0d:e3:63:c1:62:be:32:12:
3e:17:ac:8f:8a:ef:34:a4:dc:88:20:ce:fb:0a:f6:
25:32:b6:ca:84:d4:94:15:69:f3:ff:44:61:73:fb:
fd:30:25:ad:d5:dc:98:4f:36:ea:40:09:70:25:b5:
c2:f1:e1:46:f2:c6:4a:f3:10:27:3c:2c:b1:26:8d:
28:3d:d3:03:b3:9f:b4:cc:1b:a4:01:31:2d:b2:f2:
11:40:25:d5:32:fe:48:be:d1:50:41:e5:26:0c:de:
75:57:70:46:f3:3d:09:b9:3c:2c:7f:43:63:35:ad:
5c:3c:d5:6d:cb:44:ae:ea:42:62:67:da:cb:18:75:
07:15:0f:eb:21:e0:2b:e5:80:66:7d:60:53:b6:a5:
39:2b:ae:77:95:1f:e1:f1:03:90:0e:26:e6:a7:0e:
fd:35:71:a4:4c:03:f4:f0:2b:f9:4c:06:f4:26:d3:
95:6c:a5:67:34:6f:e3:25:37:35:77:3f:04:27:ca:
4c:42:f3:15:e2:3a:7e:92:ad:5a:f6:14:9a:5f:9e:
23:81:ce:20:70:0f:fa:24:f6:b3:00:d1:36:a0:f2:
e9:6b:4f:9b:e5:5b:58:86:92:71:22:96:11:91:ee:
f6:be:de:85:eb:a7:93:7f:21:53:6f:d5:6d:c3:3b:
2b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A1:DB:71:14:7D:91:FD:60:86:37:86:14:04:BC:D9:C5:5B:33:91
X509v3 Authority Key Identifier:
keyid:3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/baHbcRR9kf1ghjeGFAS82cVbM5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.0.0/22
195.158.252.0/23
195.190.11.0/24
IPv6:
2001:67c:11f8::/48
2a0c:6880::/32
Signature Algorithm: sha256WithRSAEncryption
10:39:ab:0a:0d:bc:51:96:09:90:30:88:62:80:8f:18:93:8c:
28:13:2e:bb:9b:7d:7e:94:ab:2d:97:c0:57:2d:61:c8:70:19:
17:6a:83:c8:35:a9:cc:f5:3e:50:d9:b7:ca:a0:37:e2:17:27:
c6:e7:6d:5c:0c:fa:d6:b5:c9:3a:c4:8a:49:96:ef:85:6c:55:
96:0e:e2:70:41:d8:a8:2e:3e:29:2f:11:ec:c2:ee:24:40:10:
2c:b8:c6:3b:f1:3a:c6:e1:6f:3b:97:b6:6e:3a:a9:b5:a7:3e:
6e:c8:be:ee:40:7c:55:cd:da:24:e8:0f:fe:67:a3:a7:5f:97:
61:68:5d:c9:fd:5a:b6:75:18:a8:8b:27:c2:84:90:09:7e:e8:
9a:e3:ba:ca:d1:a7:34:90:d6:52:58:97:ad:ef:48:68:db:eb:
67:2b:ef:df:dd:cf:d1:af:b7:5c:f0:f2:d9:b5:fe:38:d9:a7:
79:02:bf:24:4e:e6:2c:f5:a5:7a:10:d5:f0:65:c9:18:95:bb:
b5:b3:f8:95:83:70:de:d8:63:6d:81:5f:08:ae:39:e0:9b:c6:
45:9a:25:a0:ab:c1:bd:ab:53:19:94:b0:51:33:ca:4e:12:32:
b3:12:d1:ab:37:03:61:e7:63:a6:1d:59:3d:42:da:2f:c3:e5:
2a:38:fc:26
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjaXWgQEcvd16hdHhVZ6GtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMGVmNDM1OGFkYjA0MGYzMzNkOTM2MWE0MjYxZWEwZTUw
ZDM4YWIwHhcNMjUwMTAxMTk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGExZGI3MTE0N2Q5MWZkNjA4NjM3ODYxNDA0YmNkOWM1NWIzMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXFzSbxiDeNjwWK+MhI+F6yPiu80
pNyIIM77CvYlMrbKhNSUFWnz/0Rhc/v9MCWt1dyYTzbqQAlwJbXC8eFG8sZK8xAn
PCyxJo0oPdMDs5+0zBukATEtsvIRQCXVMv5IvtFQQeUmDN51V3BG8z0JuTwsf0Nj
Na1cPNVty0Su6kJiZ9rLGHUHFQ/rIeAr5YBmfWBTtqU5K653lR/h8QOQDibmpw79
NXGkTAP08Cv5TAb0JtOVbKVnNG/jJTc1dz8EJ8pMQvMV4jp+kq1a9hSaX54jgc4g
cA/6JPazANE2oPLpa0+b5VtYhpJxIpYRke72vt6F66eTfyFTb9VtwzsrcwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG2h23EUfZH9YIY3hhQEvNnFWzORMB8GA1UdIwQY
MBaAFD0O9DWK2wQPMz2TYaQmHqDlDTirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDct
ZDJiYzk2YTk4YTE4LzEvYmFIYmNSUjlrZjFnaGplR0ZBUzgyY1ZiTTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDctZDJiYzk2YTk4YTE4
LzEvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCufAAAwQB
w578AwQAw74LMBYEAgACMBADBwAgAQZ8EfgDBQAqDGiAMA0GCSqGSIb3DQEBCwUA
A4IBAQAQOasKDbxRlgmQMIhigI8Yk4woEy67m31+lKstl8BXLWHIcBkXaoPINanM
9T5Q2bfKoDfiFyfG521cDPrWtck6xIpJlu+FbFWWDuJwQdioLj4pLxHswu4kQBAs
uMY78TrG4W87l7ZuOqm1pz5uyL7uQHxVzdok6A/+Z6OnX5dhaF3J/Vq2dRioiyfC
hJAJfuia47rK0ac0kNZSWJet70ho2+tnK+/f3c/Rr7dc8PLZtf442ad5Ar8kTuYs
9aV6ENXwZckYlbu1s/iVg3De2GNtgV8Irjngm8ZFmiWgq8G9q1MZlLBRM8pOEjKz
EtGrNwNh52OmHVk9Qtovw+UqOPwm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:06 2025 by rpki-client on console.sobornost.net