Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/iiZidHMAHkbcf8XyOTt3Z_vw0jE.roa
File: iiZidHMAHkbcf8XyOTt3Z_vw0jE.roa (raw, json)
Hash identifier: xKnilsXqPSaJ4FjR+VlNoOzanS4pqyzg7Ofj3A9rVOQ=
Subject key identifier: 8A:26:62:74:73:00:1E:46:DC:7F:C5:F2:39:3B:77:67:FB:F0:D2:31
Certificate issuer: /CN=5b3825b48b3599effaa0bc81a8dddb98f1d802c4
Certificate serial: 019427B5146838D5449349249100DD9C1C12
Authority key identifier: 5B:38:25:B4:8B:35:99:EF:FA:A0:BC:81:A8:DD:DB:98:F1:D8:02:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WzgltIs1me_6oLyBqN3bmPHYAsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/iiZidHMAHkbcf8XyOTt3Z_vw0jE.roa
Signing time: Thu 02 Jan 2025 15:49:25 +0000
ROA not before: Thu 02 Jan 2025 15:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206859
IP address blocks: 185.173.252.0/22 maxlen: 22
2a0b:7500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:14:68:38:d5:44:93:49:24:91:00:dd:9c:1c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b3825b48b3599effaa0bc81a8dddb98f1d802c4
Validity
Not Before: Jan 2 15:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a26627473001e46dc7fc5f2393b7767fbf0d231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:26:de:45:17:14:8d:c0:55:7d:2b:ef:33:
db:b6:d1:fa:09:9d:09:e4:59:30:69:1d:8a:b1:bf:
5a:8a:0f:8b:70:49:2a:7b:03:61:b1:83:f0:2f:98:
64:b9:24:f0:ed:19:ec:54:e9:a5:de:8d:97:a5:84:
af:6a:57:e0:ae:78:6b:d3:14:f9:eb:bc:24:2c:f3:
14:4a:2b:f2:5d:35:10:ca:88:3b:21:62:a4:5e:6d:
c4:fe:12:7d:30:7b:96:51:8d:aa:62:a7:ff:33:c5:
c8:31:ca:30:f3:08:d0:26:e5:44:a2:b2:99:6e:90:
f2:11:0c:ea:72:f1:2b:f6:71:e1:18:e8:9b:81:2c:
50:71:fc:63:62:62:19:f0:7b:7d:e6:8e:2d:7b:53:
e9:f8:c4:cb:b3:29:ea:3c:8f:d1:f7:03:59:d6:b6:
68:31:1d:f1:0a:99:36:9a:4d:2f:22:dd:4b:a3:75:
53:d4:cc:04:76:4f:b0:f5:f6:ba:7e:71:20:2f:b1:
f4:ef:e8:99:e7:94:54:db:e9:6e:ee:47:6c:08:95:
75:14:b0:f2:09:d0:34:21:13:cc:3c:ce:6d:90:8d:
c6:7c:c4:bc:94:43:69:04:af:5c:bc:ad:d8:03:39:
67:74:00:b3:8b:67:a4:3e:44:6f:ca:d8:38:62:e3:
8b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:26:62:74:73:00:1E:46:DC:7F:C5:F2:39:3B:77:67:FB:F0:D2:31
X509v3 Authority Key Identifier:
keyid:5B:38:25:B4:8B:35:99:EF:FA:A0:BC:81:A8:DD:DB:98:F1:D8:02:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WzgltIs1me_6oLyBqN3bmPHYAsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/iiZidHMAHkbcf8XyOTt3Z_vw0jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/WzgltIs1me_6oLyBqN3bmPHYAsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.252.0/22
IPv6:
2a0b:7500::/29
Signature Algorithm: sha256WithRSAEncryption
0d:c0:54:b2:75:9d:7f:e7:f5:c9:1c:a7:4e:bf:71:db:0f:7b:
65:a9:f3:77:23:76:70:32:14:54:82:35:a4:04:6f:21:98:93:
7f:58:f7:b9:7b:6d:2f:68:f3:e1:3e:f0:14:1c:76:52:45:31:
11:58:fd:e3:9a:6e:a4:8d:e9:47:44:0c:00:1d:0a:28:5e:7e:
02:ee:b6:d4:30:e4:d5:33:5b:fa:c2:16:5e:2f:6a:e4:ac:b7:
ac:72:3d:11:72:30:9e:60:c9:5a:8b:19:96:87:c5:e3:18:94:
c6:44:6a:13:c7:c4:37:9b:65:e6:32:ce:b2:d3:bc:c2:b5:4f:
5c:3f:3b:38:8b:d0:1d:8c:1c:71:23:d1:7f:44:a7:aa:0e:eb:
68:56:32:fa:bb:3e:89:93:58:07:87:e9:2b:c9:d9:8f:eb:bc:
c7:16:df:28:91:5a:22:59:d7:59:b9:57:7e:36:0e:44:ea:7c:
19:07:1a:71:54:10:ba:f6:6e:3e:b7:8a:4d:08:d1:79:ca:2c:
71:c9:d3:c3:c9:d7:49:de:38:c5:f1:f5:43:b7:fb:22:31:fb:
49:9d:f4:3e:71:69:00:6f:b4:c2:c5:7f:48:ff:1c:51:68:9e:
4f:4b:05:da:54:3f:45:fb:13:aa:a2:75:e4:a4:67:29:e2:69:
f6:e9:a3:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntRRoONVEk0kkkQDdnBwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMzgyNWI0OGIzNTk5ZWZmYWEwYmM4MWE4ZGRkYjk4ZjFk
ODAyYzQwHhcNMjUwMTAyMTU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI2NjI3NDczMDAxZTQ2ZGM3ZmM1ZjIzOTNiNzc2N2ZiZjBkMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwUm3kUXFI3AVX0r7zPbttH6CZ0J
5FkwaR2Ksb9aig+LcEkqewNhsYPwL5hkuSTw7RnsVOml3o2XpYSvalfgrnhr0xT5
67wkLPMUSivyXTUQyog7IWKkXm3E/hJ9MHuWUY2qYqf/M8XIMcow8wjQJuVEorKZ
bpDyEQzqcvEr9nHhGOibgSxQcfxjYmIZ8Ht95o4te1Pp+MTLsynqPI/R9wNZ1rZo
MR3xCpk2mk0vIt1Lo3VT1MwEdk+w9fa6fnEgL7H07+iZ55RU2+lu7kdsCJV1FLDy
CdA0IRPMPM5tkI3GfMS8lENpBK9cvK3YAzlndACzi2ekPkRvytg4YuOLXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIomYnRzAB5G3H/F8jk7d2f78NIxMB8GA1UdIwQY
MBaAFFs4JbSLNZnv+qC8gajd25jx2ALEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3pnbHRJczFtZV82b0x5QnFOM2JtUEhZQXNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lMDU1OWQtYWJlNi00NDNiLWE5Nzgt
NWU3ZGVkMTQyMWRhLzEvaWlaaWRITUFIa2JjZjhYeU9UdDNaX3Z3MGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lMDU1OWQtYWJlNi00NDNiLWE5NzgtNWU3ZGVkMTQyMWRh
LzEvV3pnbHRJczFtZV82b0x5QnFOM2JtUEhZQXNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua38MA0E
AgACMAcDBQMqC3UAMA0GCSqGSIb3DQEBCwUAA4IBAQANwFSydZ1/5/XJHKdOv3Hb
D3tlqfN3I3ZwMhRUgjWkBG8hmJN/WPe5e20vaPPhPvAUHHZSRTERWP3jmm6kjelH
RAwAHQooXn4C7rbUMOTVM1v6whZeL2rkrLescj0RcjCeYMlaixmWh8XjGJTGRGoT
x8Q3m2XmMs6y07zCtU9cPzs4i9AdjBxxI9F/RKeqDutoVjL6uz6Jk1gHh+krydmP
67zHFt8okVoiWddZuVd+Ng5E6nwZBxpxVBC69m4+t4pNCNF5yixxydPDyddJ3jjF
8fVDt/siMftJnfQ+cWkAb7TCxX9I/xxRaJ5PSwXaVD9F+xOqonXkpGcp4mn26aOj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net