Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/3wDf96BAjCwHPGLFXHfr6FPj5tk.roa
File: 3wDf96BAjCwHPGLFXHfr6FPj5tk.roa (raw, json)
Hash identifier: n76aMPDVHHg0+waIaYLD5Tllb242OUUWngTT/Znka38=
Subject key identifier: DF:00:DF:F7:A0:40:8C:2C:07:3C:62:C5:5C:77:EB:E8:53:E3:E6:D9
Certificate issuer: /CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Certificate serial: 0194266BFA4BAFD986F3E0FB0F3F8096AB53
Authority key identifier: 42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/3wDf96BAjCwHPGLFXHfr6FPj5tk.roa
Signing time: Thu 02 Jan 2025 09:49:58 +0000
ROA not before: Thu 02 Jan 2025 09:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38916
IP address blocks: 185.237.18.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:fa:4b:af:d9:86:f3:e0:fb:0f:3f:80:96:ab:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Validity
Not Before: Jan 2 09:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df00dff7a0408c2c073c62c55c77ebe853e3e6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:3d:6c:93:5f:c3:99:0f:3e:48:28:e7:48:
e8:a9:0e:91:f8:f9:9f:0e:4d:74:88:5e:d0:4e:bb:
b1:5d:51:e6:cc:2e:31:6b:dc:b9:88:86:e6:1a:30:
03:d5:ff:e5:49:ac:78:ea:dc:16:1f:b9:c1:82:a8:
0b:2a:02:c7:0d:a7:71:3b:c0:0b:7d:82:2d:f2:95:
cd:9b:b0:d6:90:1b:1a:db:37:25:d9:d9:11:25:b7:
28:7e:2d:55:96:f0:55:6e:a1:af:10:60:75:aa:94:
23:a6:ca:e1:7d:f8:6a:16:65:22:b6:00:6b:6d:cf:
bf:dd:b8:6c:36:f9:3d:c3:ab:88:e1:90:a9:f9:16:
26:c3:ff:f6:3e:cc:72:3b:3e:fc:a9:8a:f9:7d:ae:
66:62:59:20:da:86:9f:ba:dd:aa:db:d0:6a:b4:3a:
4c:ca:40:0d:99:ef:64:62:24:d7:c1:4e:1f:88:dc:
77:58:45:72:7d:27:fe:3a:fd:39:29:0d:e1:b6:12:
81:a2:2a:ee:61:11:45:11:ff:4e:03:37:e2:06:97:
93:e8:fb:af:ed:06:54:30:e9:74:b6:9b:78:eb:f2:
36:ba:f4:05:97:f9:af:37:18:3a:96:3f:9e:cc:0a:
86:89:cc:42:ce:e3:51:ce:f9:e5:17:98:98:4a:c6:
63:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:00:DF:F7:A0:40:8C:2C:07:3C:62:C5:5C:77:EB:E8:53:E3:E6:D9
X509v3 Authority Key Identifier:
keyid:42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/3wDf96BAjCwHPGLFXHfr6FPj5tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.18.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:9d:f5:a0:b2:92:f1:37:4e:42:02:25:96:c8:3b:0d:db:48:
17:15:ef:c7:a0:04:a5:30:bd:10:b5:50:b7:06:84:3a:b5:56:
5c:6f:ec:18:14:94:30:4c:fc:0a:1c:d9:b7:9e:8a:f3:73:5a:
20:8e:67:11:35:25:23:3d:a1:fd:4e:5c:a3:fc:63:1b:73:35:
ae:03:29:27:ca:d3:01:87:40:81:6a:8a:ad:85:14:f7:10:e9:
d6:ca:9f:66:4e:d3:f3:ae:ba:6a:76:5f:fd:b2:d2:8e:f0:2d:
7a:8e:c4:e3:f2:f9:68:e9:af:19:2d:2f:ce:40:0f:22:ed:f5:
ff:0b:26:53:d3:99:27:e6:4f:75:e6:67:f3:75:e6:dc:da:fc:
00:14:2f:c7:16:49:d4:85:cd:95:c3:c5:ea:a3:c5:a7:39:19:
62:fe:ca:fd:6b:f3:94:15:0e:54:bb:e4:e1:dd:a6:3b:60:2a:
5a:35:73:26:8a:18:62:9c:8d:ca:aa:87:0a:1e:6f:a5:a7:94:
86:f8:9c:e6:38:ef:34:ea:67:a1:10:83:8f:44:1f:22:c9:de:
a5:3c:ad:81:86:25:f7:14:ba:82:52:78:11:16:e1:eb:ab:2b:
67:fc:fb:c3:35:0d:c0:19:fa:be:b8:e7:ef:04:ea:d7:c4:27:
3e:38:0e:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma/pLr9mG8+D7Dz+AlqtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTQwODhjNzdiZDEyNjg3ZmQ0YmE5ZmUzMTU5ZWE4MDU4
ODhlZDIwHhcNMjUwMTAyMDk0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAwZGZmN2EwNDA4YzJjMDczYzYyYzU1Yzc3ZWJlODUzZTNlNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdI9bJNfw5kPPkgo50joqQ6R+Pmf
Dk10iF7QTruxXVHmzC4xa9y5iIbmGjAD1f/lSax46twWH7nBgqgLKgLHDadxO8AL
fYIt8pXNm7DWkBsa2zcl2dkRJbcofi1VlvBVbqGvEGB1qpQjpsrhffhqFmUitgBr
bc+/3bhsNvk9w6uI4ZCp+RYmw//2PsxyOz78qYr5fa5mYlkg2oafut2q29BqtDpM
ykANme9kYiTXwU4fiNx3WEVyfSf+Ov05KQ3hthKBoiruYRFFEf9OAzfiBpeT6Puv
7QZUMOl0tpt46/I2uvQFl/mvNxg6lj+ezAqGicxCzuNRzvnlF5iYSsZjSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8A3/egQIwsBzxixVx36+hT4+bZMB8GA1UdIwQY
MBaAFEIUCIx3vRJof9S6n+MVnqgFiI7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAt
N2UyMWRiNWEyZWY5LzEvM3dEZjk2QkFqQ3dIUEdMRlhIZnI2RlBqNXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAtN2UyMWRiNWEyZWY5
LzEvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue0SMA0G
CSqGSIb3DQEBCwUAA4IBAQC1nfWgspLxN05CAiWWyDsN20gXFe/HoASlML0QtVC3
BoQ6tVZcb+wYFJQwTPwKHNm3norzc1ogjmcRNSUjPaH9Tlyj/GMbczWuAyknytMB
h0CBaoqthRT3EOnWyp9mTtPzrrpqdl/9stKO8C16jsTj8vlo6a8ZLS/OQA8i7fX/
CyZT05kn5k915mfzdebc2vwAFC/HFknUhc2Vw8Xqo8WnORli/sr9a/OUFQ5Uu+Th
3aY7YCpaNXMmihhinI3KqocKHm+lp5SG+JzmOO806mehEIOPRB8iyd6lPK2BhiX3
FLqCUngRFuHrqytn/PvDNQ3AGfq+uOfvBOrXxCc+OA5+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net