Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/STK2SAlRO7jYy3vcEqTR9ikjblA.roa
File: STK2SAlRO7jYy3vcEqTR9ikjblA.roa (raw, json)
Hash identifier: k6oW+GQsDjU/vILzjfv+z+LTQhLzDJ0y7rBRC2wvlVc=
Subject key identifier: 49:32:B6:48:09:51:3B:B8:D8:CB:7B:DC:12:A4:D1:F6:29:23:6E:50
Certificate issuer: /CN=e08e907c0fe50891a76bd99b2908700a6ac62e38
Certificate serial: 019423699700517A2EACF50436BA57127B1F
Authority key identifier: E0:8E:90:7C:0F:E5:08:91:A7:6B:D9:9B:29:08:70:0A:6A:C6:2E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4I6QfA_lCJGna9mbKQhwCmrGLjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/STK2SAlRO7jYy3vcEqTR9ikjblA.roa
Signing time: Wed 01 Jan 2025 19:48:29 +0000
ROA not before: Wed 01 Jan 2025 19:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31511
IP address blocks: 185.30.252.0/22 maxlen: 22
195.62.68.0/23 maxlen: 23
2a04:4720::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:97:00:51:7a:2e:ac:f5:04:36:ba:57:12:7b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08e907c0fe50891a76bd99b2908700a6ac62e38
Validity
Not Before: Jan 1 19:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4932b64809513bb8d8cb7bdc12a4d1f629236e50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f2:0d:ce:ee:27:ad:b6:b2:49:34:02:2e:6b:
aa:56:cb:50:e5:e4:1e:50:12:78:50:dd:c3:0a:81:
d7:fc:51:83:a5:23:c5:00:05:20:2a:5a:53:ea:0f:
1a:9d:c2:86:66:8b:a0:3c:bc:c9:fe:b4:9b:68:6a:
05:99:71:47:09:68:21:16:c6:ea:40:90:f7:0d:79:
dd:72:b2:90:c8:08:e2:2c:10:4e:f6:4f:58:42:25:
7f:38:d2:15:3a:bf:f1:cb:3f:84:65:77:2d:f8:68:
32:ad:25:f0:05:f6:74:3b:b5:65:0e:90:6d:0b:43:
87:e6:1a:16:04:fb:1f:97:08:80:56:8b:9e:32:67:
a9:53:f3:2b:38:16:4b:c7:d1:e6:9d:31:cd:31:58:
6b:8d:6d:f6:3d:ed:8a:ff:ed:47:5e:4b:88:ab:36:
5b:81:19:2e:31:17:7f:52:9f:f6:46:28:63:53:16:
17:74:48:20:5d:00:d6:a0:57:53:a8:ce:76:0f:9a:
31:df:da:fa:ef:f7:7f:72:06:c5:df:66:51:42:1c:
63:dc:11:a5:e8:06:6b:3e:5b:76:a8:74:7a:0d:b0:
8a:c7:eb:d6:c5:20:3b:3f:57:dd:b3:2a:0e:b5:85:
88:c1:a2:36:94:87:52:27:a7:8c:75:45:e1:70:41:
a1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:32:B6:48:09:51:3B:B8:D8:CB:7B:DC:12:A4:D1:F6:29:23:6E:50
X509v3 Authority Key Identifier:
keyid:E0:8E:90:7C:0F:E5:08:91:A7:6B:D9:9B:29:08:70:0A:6A:C6:2E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4I6QfA_lCJGna9mbKQhwCmrGLjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/STK2SAlRO7jYy3vcEqTR9ikjblA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c28e27-d05b-478a-9b0b-db97892a51fd/1/4I6QfA_lCJGna9mbKQhwCmrGLjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.252.0/22
195.62.68.0/23
IPv6:
2a04:4720::/30
Signature Algorithm: sha256WithRSAEncryption
29:4c:41:1e:62:70:88:33:96:d4:1e:1e:56:c9:be:2f:21:d3:
95:e5:6c:a5:15:c1:65:66:0c:83:bc:d4:36:de:03:7a:eb:68:
d9:21:b7:b0:3a:11:30:40:45:27:3b:c4:f4:da:3c:eb:b2:d9:
3f:14:19:76:45:1b:f2:09:55:82:5a:8b:ee:01:b3:11:be:3a:
2c:25:50:57:bd:e2:11:42:87:92:b4:37:c0:15:4f:ae:38:02:
1c:fd:08:9d:e0:5c:46:63:ee:d2:cc:4e:d3:ac:d5:e5:95:25:
af:de:96:b2:54:f8:73:2e:79:9b:79:0c:3a:31:ea:ef:9b:26:
40:c0:a4:63:fb:a9:4a:a7:04:0e:e8:c7:64:30:a8:5b:99:a2:
eb:6a:f8:78:3b:05:5e:43:29:f0:64:43:d7:af:97:2f:0f:b2:
fa:7d:e3:dd:4c:e1:9d:d3:dc:44:56:68:06:8d:d8:bf:7c:f5:
bd:07:86:7a:52:4b:06:f0:c3:a9:bb:35:7a:78:8a:15:24:bc:
27:ff:d1:76:8d:89:55:98:6c:ee:2c:d0:a7:c0:45:a3:86:62:
6e:be:4b:80:05:a3:f5:74:53:1f:45:7d:89:64:36:78:50:63:
26:49:b0:dd:ff:2d:ff:7e:82:9e:57:13:52:e7:6d:ec:02:b5:
08:b1:95:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaZcAUXourPUENrpXEnsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOGU5MDdjMGZlNTA4OTFhNzZiZDk5YjI5MDg3MDBhNmFj
NjJlMzgwHhcNMjUwMTAxMTk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMyYjY0ODA5NTEzYmI4ZDhjYjdiZGMxMmE0ZDFmNjI5MjM2ZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/INzu4nrbaySTQCLmuqVstQ5eQe
UBJ4UN3DCoHX/FGDpSPFAAUgKlpT6g8ancKGZougPLzJ/rSbaGoFmXFHCWghFsbq
QJD3DXndcrKQyAjiLBBO9k9YQiV/ONIVOr/xyz+EZXct+GgyrSXwBfZ0O7VlDpBt
C0OH5hoWBPsflwiAVoueMmepU/MrOBZLx9HmnTHNMVhrjW32Pe2K/+1HXkuIqzZb
gRkuMRd/Up/2RihjUxYXdEggXQDWoFdTqM52D5ox39r67/d/cgbF32ZRQhxj3BGl
6AZrPlt2qHR6DbCKx+vWxSA7P1fdsyoOtYWIwaI2lIdSJ6eMdUXhcEGhYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEkytkgJUTu42Mt73BKk0fYpI25QMB8GA1UdIwQY
MBaAFOCOkHwP5QiRp2vZmykIcApqxi44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEk2UWZBX2xDSkduYTltYktRaHdDbXJHTGpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMjhlMjctZDA1Yi00NzhhLTliMGIt
ZGI5Nzg5MmE1MWZkLzEvU1RLMlNBbFJPN2pZeTN2Y0VxVFI5aWtqYmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMjhlMjctZDA1Yi00NzhhLTliMGItZGI5Nzg5MmE1MWZk
LzEvNEk2UWZBX2xDSkduYTltYktRaHdDbXJHTGpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuR78AwQB
wz5EMA0EAgACMAcDBQIqBEcgMA0GCSqGSIb3DQEBCwUAA4IBAQApTEEeYnCIM5bU
Hh5Wyb4vIdOV5WylFcFlZgyDvNQ23gN662jZIbewOhEwQEUnO8T02jzrstk/FBl2
RRvyCVWCWovuAbMRvjosJVBXveIRQoeStDfAFU+uOAIc/Qid4FxGY+7SzE7TrNXl
lSWv3payVPhzLnmbeQw6MervmyZAwKRj+6lKpwQO6MdkMKhbmaLravh4OwVeQynw
ZEPXr5cvD7L6fePdTOGd09xEVmgGjdi/fPW9B4Z6UksG8MOpuzV6eIoVJLwn/9F2
jYlVmGzuLNCnwEWjhmJuvkuABaP1dFMfRX2JZDZ4UGMmSbDd/y3/foKeVxNS523s
ArUIsZWo
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net