Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/clWNFKcGPCSVI8IczoLVlzymSwE.roa
File: clWNFKcGPCSVI8IczoLVlzymSwE.roa (raw, json)
Hash identifier: kwC3djRgAXxGmhjo7j0gZC7YajpIcaKz89NjkpuMd6c=
Subject key identifier: 72:55:8D:14:A7:06:3C:24:95:23:C2:1C:CE:82:D5:97:3C:A6:4B:01
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 0195AEE2BCF64BDB7C1109ECC9E00A227D5B
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/clWNFKcGPCSVI8IczoLVlzymSwE.roa
Signing time: Wed 19 Mar 2025 14:50:49 +0000
ROA not before: Wed 19 Mar 2025 14:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210288
IP address blocks: 185.229.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:e2:bc:f6:4b:db:7c:11:09:ec:c9:e0:0a:22:7d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Mar 19 14:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72558d14a7063c249523c21cce82d5973ca64b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2e:2e:99:7d:50:24:9a:b4:72:b8:1f:98:6e:
55:21:5c:9c:8c:53:c3:af:cb:49:86:e4:d2:f1:2c:
3f:91:21:a5:70:87:d1:55:8c:b6:f9:09:11:14:4a:
55:82:a2:6a:57:41:82:a5:70:eb:21:0c:c9:4f:f6:
2b:a0:8a:4f:12:d8:c9:28:2a:f3:68:fb:92:75:75:
eb:6f:0c:0a:9e:8b:ac:de:d6:6f:60:73:49:cc:88:
a9:42:45:e0:55:43:cd:a8:be:a7:e4:bc:e2:7e:36:
83:d8:f3:8c:09:1d:ed:3a:22:2f:a3:9c:e8:e6:e7:
fe:19:0e:10:d5:7c:74:a0:07:0d:a4:22:d2:e1:32:
b2:2f:67:21:05:2d:7f:8b:65:a9:99:96:a3:3f:82:
fb:40:ee:fa:74:18:e5:e9:58:f6:4c:53:26:63:10:
e7:99:71:cd:fc:90:cf:ed:86:60:76:0b:21:a9:ef:
bd:e6:7f:1a:47:77:17:e2:a7:e6:a7:72:64:99:72:
d1:39:97:5b:74:e0:75:52:be:84:27:a3:e5:14:3e:
60:df:19:1b:61:e2:d2:c6:0a:7d:90:f3:3b:a5:44:
66:90:d4:7a:17:a0:21:01:b0:97:e8:48:84:dd:42:
be:27:d1:6f:83:dc:87:2a:46:fe:64:ac:98:0b:b7:
1d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:55:8D:14:A7:06:3C:24:95:23:C2:1C:CE:82:D5:97:3C:A6:4B:01
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/clWNFKcGPCSVI8IczoLVlzymSwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.134.0/24
Signature Algorithm: sha256WithRSAEncryption
24:5c:86:6a:7d:75:d1:22:cb:5b:a4:06:6c:b2:76:d6:43:64:
76:ae:1a:22:80:37:7e:a2:f1:fd:4d:4e:18:ff:45:d4:d6:98:
4f:35:31:d3:a2:89:6b:0d:c9:56:9e:45:4d:67:7a:a7:5b:ae:
a0:16:f2:43:bb:dd:1f:64:35:01:5d:b1:7c:49:8b:6f:12:2c:
0f:8e:1e:a5:2f:3b:72:ec:3a:67:ef:96:f8:ee:9c:98:06:e2:
22:4f:a2:10:f7:e3:26:96:36:a9:cb:f5:d8:c9:1a:58:4b:01:
e7:3b:03:33:fa:d1:7a:9a:81:0e:60:08:bf:98:1f:88:ff:23:
31:b1:e6:a5:3c:67:f3:d7:3b:e4:02:ad:5b:75:f3:c8:c4:fe:
8b:47:e6:29:94:af:77:db:68:5a:2c:13:f9:4a:03:f6:1d:9f:
f7:7a:b1:5e:1c:e4:0f:eb:66:c1:f9:bd:1f:8f:bf:6a:7c:a7:
f7:d6:91:7c:41:c0:1d:f5:82:71:5e:67:c4:06:0f:94:06:52:
3c:d9:14:3f:61:2e:0e:91:fa:e3:28:0c:7b:f4:57:51:f5:6f:
23:2d:00:d2:9a:b1:e4:c3:69:4d:9e:cb:21:0a:ee:b4:b4:30:
d5:88:3e:a1:1b:3a:ad:bf:45:8a:c6:34:53:85:13:77:6a:02:
0a:6c:b5:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWu4rz2S9t8EQnsyeAKIn1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjUwMzE5MTQ1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjU1OGQxNGE3MDYzYzI0OTUyM2MyMWNjZTgyZDU5NzNjYTY0YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC4umX1QJJq0crgfmG5VIVycjFPD
r8tJhuTS8Sw/kSGlcIfRVYy2+QkRFEpVgqJqV0GCpXDrIQzJT/YroIpPEtjJKCrz
aPuSdXXrbwwKnous3tZvYHNJzIipQkXgVUPNqL6n5LzifjaD2POMCR3tOiIvo5zo
5uf+GQ4Q1Xx0oAcNpCLS4TKyL2chBS1/i2WpmZajP4L7QO76dBjl6Vj2TFMmYxDn
mXHN/JDP7YZgdgshqe+95n8aR3cX4qfmp3JkmXLROZdbdOB1Ur6EJ6PlFD5g3xkb
YeLSxgp9kPM7pURmkNR6F6AhAbCX6EiE3UK+J9Fvg9yHKkb+ZKyYC7cdXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJVjRSnBjwklSPCHM6C1Zc8pksBMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvY2xXTkZLY0dQQ1NWSThJY3pvTFZsenltU3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueWGMA0G
CSqGSIb3DQEBCwUAA4IBAQAkXIZqfXXRIstbpAZssnbWQ2R2rhoigDd+ovH9TU4Y
/0XU1phPNTHToolrDclWnkVNZ3qnW66gFvJDu90fZDUBXbF8SYtvEiwPjh6lLzty
7Dpn75b47pyYBuIiT6IQ9+Mmljapy/XYyRpYSwHnOwMz+tF6moEOYAi/mB+I/yMx
sealPGfz1zvkAq1bdfPIxP6LR+YplK9322haLBP5SgP2HZ/3erFeHOQP62bB+b0f
j79qfKf31pF8QcAd9YJxXmfEBg+UBlI82RQ/YS4OkfrjKAx79FdR9W8jLQDSmrHk
w2lNnsshCu60tDDViD6hGzqtv0WKxjRThRN3agIKbLX1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:25 2025 by rpki-client on console.sobornost.net