Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/iefIsjicRY6rMPB46yzGeoYmfDY.roa
File: iefIsjicRY6rMPB46yzGeoYmfDY.roa (raw, json)
Hash identifier: wYK+cODxbPgs0PQn468rpCusa1e+6M4kLS/qnuHcsvY=
Subject key identifier: 89:E7:C8:B2:38:9C:45:8E:AB:30:F0:78:EB:2C:C6:7A:86:26:7C:36
Certificate issuer: /CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Certificate serial: 019420D6634C7E0F6C7F1A0B44EE25919D7C
Authority key identifier: 5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/iefIsjicRY6rMPB46yzGeoYmfDY.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207467
IP address blocks: 185.65.72.0/22 maxlen: 24
185.65.74.0/24 maxlen: 24
185.65.75.0/24 maxlen: 24
2a03:1a20::/48 maxlen: 48
2a03:1a20:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:63:4c:7e:0f:6c:7f:1a:0b:44:ee:25:91:9d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89e7c8b2389c458eab30f078eb2cc67a86267c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:92:28:24:53:2f:bb:73:2a:eb:93:8a:a1:3f:
10:28:96:f5:8b:9e:a9:b9:ed:95:72:bf:1f:92:d2:
4f:0c:8f:f9:db:00:84:fc:07:7c:b6:48:a6:f6:58:
80:fb:7c:92:37:55:66:86:1d:18:b5:23:18:03:33:
84:6d:9c:8b:3d:11:c3:65:4d:d2:79:58:1b:c0:eb:
d6:fa:73:b9:9d:2c:40:44:66:1c:c5:0b:60:7c:4b:
80:da:76:9a:48:af:a0:11:d4:b2:69:14:d2:bd:37:
b8:b4:17:f7:40:67:e4:fb:97:2a:81:f8:ce:fe:e0:
0f:d6:5f:42:38:36:79:95:bd:d8:d0:85:cb:52:b9:
32:ff:e8:dd:38:0d:94:41:ae:0a:0f:a7:76:e2:b7:
b9:32:fc:da:4e:4a:2b:bf:f3:8d:e8:b8:41:ef:13:
6b:c2:e6:b7:ee:63:a1:e0:ef:98:b7:a6:dc:92:2b:
d1:55:c4:3f:c5:d3:39:7c:01:7b:e7:ad:1a:be:88:
65:e8:d9:7d:7b:87:7f:cc:2c:82:d1:dd:6e:db:c3:
1d:87:6f:42:f8:24:4c:31:8b:dc:24:db:68:e0:0e:
16:dc:78:23:43:70:44:94:cf:3f:bd:bd:c5:00:e1:
9b:9d:87:00:b0:8f:a6:98:b0:78:31:7b:98:78:ee:
c3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E7:C8:B2:38:9C:45:8E:AB:30:F0:78:EB:2C:C6:7A:86:26:7C:36
X509v3 Authority Key Identifier:
keyid:5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/iefIsjicRY6rMPB46yzGeoYmfDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.72.0/22
IPv6:
2a03:1a20::/48
2a03:1a20:10::/48
Signature Algorithm: sha256WithRSAEncryption
a3:ff:50:2c:a3:89:09:1a:e8:34:80:6e:4e:98:e8:e0:b1:fe:
12:c6:73:27:50:fd:64:e1:79:0a:1e:55:5c:58:bc:a0:81:38:
e3:9b:9f:4e:04:14:52:9f:26:10:25:49:0b:62:e2:a5:c8:62:
1a:01:a8:0b:7a:d4:32:84:14:11:73:58:9f:86:c5:68:36:6d:
11:06:97:8b:fd:0a:b5:0c:48:7b:16:08:06:79:c6:a8:6f:32:
e7:8c:ab:60:57:4e:03:19:2f:3a:56:f3:84:9a:3f:98:4b:4e:
d9:7b:f3:bf:ff:38:3b:44:80:ee:d6:ba:a0:7a:63:27:43:ce:
a9:88:ed:7c:32:39:12:23:5f:8d:ee:8a:3d:c6:20:ae:16:e7:
ac:cf:24:8e:58:e3:3b:8c:33:90:70:79:7e:7e:e3:cc:f8:c7:
d0:cc:3f:b0:5c:1f:3f:fb:14:7d:c9:5b:2c:1b:5a:b0:51:00:
b4:65:5a:a2:2e:6e:a3:25:f5:a4:96:92:21:e0:24:df:a1:49:
ec:7d:4c:f2:b2:b6:fa:2e:b1:f8:37:34:fa:20:55:65:ee:6e:
06:e0:22:4e:05:d2:06:62:40:a1:2b:a5:a9:2b:1e:29:49:63:
af:d2:2d:38:c2:cb:0d:33:5e:9d:cb:4c:38:a5:0a:03:ef:5e:
fb:25:27:8a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQg1mNMfg9sfxoLRO4lkZ18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2JiODQ4OTE2NTFmMjAzOWNkODFiMGI2MDkxMmY3YzBl
NWNmOTYwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU3YzhiMjM4OWM0NThlYWIzMGYwNzhlYjJjYzY3YTg2MjY3YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJIoJFMvu3Mq65OKoT8QKJb1i56p
ue2Vcr8fktJPDI/52wCE/Ad8tkim9liA+3ySN1Vmhh0YtSMYAzOEbZyLPRHDZU3S
eVgbwOvW+nO5nSxARGYcxQtgfEuA2naaSK+gEdSyaRTSvTe4tBf3QGfk+5cqgfjO
/uAP1l9CODZ5lb3Y0IXLUrky/+jdOA2UQa4KD6d24re5MvzaTkorv/ON6LhB7xNr
wua37mOh4O+Yt6bckivRVcQ/xdM5fAF7560avohl6Nl9e4d/zCyC0d1u28Mdh29C
+CRMMYvcJNto4A4W3HgjQ3BElM8/vb3FAOGbnYcAsI+mmLB4MXuYeO7DbQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFInnyLI4nEWOqzDweOssxnqGJnw2MB8GA1UdIwQY
MBaAFF07uEiRZR8gOc2BsLYJEvfA5c+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4Njkt
NGY4YzYzOGE3MmUxLzEvaWVmSXNqaWNSWTZyTVBCNDZ5ekdlb1ltZkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4NjktNGY4YzYzOGE3MmUx
LzEvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuUFIMBgE
AgACMBIDBwAqAxogAAADBwAqAxogABAwDQYJKoZIhvcNAQELBQADggEBAKP/UCyj
iQka6DSAbk6Y6OCx/hLGcydQ/WTheQoeVVxYvKCBOOObn04EFFKfJhAlSQti4qXI
YhoBqAt61DKEFBFzWJ+GxWg2bREGl4v9CrUMSHsWCAZ5xqhvMueMq2BXTgMZLzpW
84SaP5hLTtl787//ODtEgO7WuqB6YydDzqmI7XwyORIjX43uij3GIK4W56zPJI5Y
4zuMM5BweX5+48z4x9DMP7BcHz/7FH3JWywbWrBRALRlWqIubqMl9aSWkiHgJN+h
Sex9TPKytvousfg3NPogVWXubgbgIk4F0gZiQKErpakrHilJY6/SLTjCyw0zXp3L
TDilCgPvXvslJ4o=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net