Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/Vm2xySa3TZzRcufAzxt4hRBLNss.roa
File: Vm2xySa3TZzRcufAzxt4hRBLNss.roa (raw, json)
Hash identifier: O5+b4nw4CSapOt9ANvlpqmvnfoL7HE4era1klJG6PPo=
Subject key identifier: 56:6D:B1:C9:26:B7:4D:9C:D1:72:E7:C0:CF:1B:78:85:10:4B:36:CB
Certificate issuer: /CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Certificate serial: 019426D9A9FF95F85A06AE17E4890364A879
Authority key identifier: CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/Vm2xySa3TZzRcufAzxt4hRBLNss.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198288
IP address blocks: 185.208.120.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a9:ff:95:f8:5a:06:ae:17:e4:89:03:64:a8:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=566db1c926b74d9cd172e7c0cf1b7885104b36cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1f:25:d1:1b:c9:41:8e:2e:e4:7d:e2:83:df:
ba:48:41:c5:44:88:2a:9d:d7:19:25:03:14:e9:59:
fb:bb:18:1a:08:31:68:08:81:f6:02:fe:1d:bb:06:
9c:55:18:91:b8:ec:1b:4d:4f:c1:cc:c8:a5:3d:77:
1a:4d:d6:98:7e:36:3d:f6:ba:ea:b4:3b:69:d7:cb:
04:8d:64:f7:9a:f9:a6:0a:59:50:01:88:7a:84:10:
3f:91:b8:a8:39:fa:7f:7d:c8:d5:0f:c2:c2:1e:0a:
07:24:45:11:75:e6:32:ef:0a:a8:7f:b3:32:9f:ab:
43:b8:d6:bf:d6:1d:11:83:40:45:ec:7e:d8:e2:63:
43:9f:72:91:fb:23:0a:22:73:e1:85:71:91:45:0a:
ca:eb:db:c8:a0:4f:7c:ec:bd:cf:11:35:c0:fb:34:
71:b6:83:29:b7:69:03:4e:06:81:3f:63:4d:4e:88:
aa:91:82:44:db:a2:de:ad:72:cc:14:b3:24:7e:9c:
6f:be:05:53:cd:78:2d:6d:3c:9c:21:6b:df:7f:70:
52:7c:fb:09:03:ab:db:7d:3c:aa:ae:67:9a:db:d1:
09:c0:d3:81:a9:d0:6b:b6:b5:f4:6c:f1:03:4a:bd:
0e:14:7a:4f:b1:6f:cd:dc:b6:4d:8c:da:9f:3f:a5:
8e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:6D:B1:C9:26:B7:4D:9C:D1:72:E7:C0:CF:1B:78:85:10:4B:36:CB
X509v3 Authority Key Identifier:
keyid:CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/Vm2xySa3TZzRcufAzxt4hRBLNss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:89:45:e8:79:64:6b:7a:5c:80:9e:14:27:3b:8f:61:0a:59:
b2:bc:52:05:9b:02:87:0f:c2:b9:d6:c8:18:c0:96:3f:8c:49:
99:80:3a:91:cd:fd:cb:2f:8b:63:c9:b8:14:3b:4b:6b:42:ba:
df:32:96:4e:a3:3a:e8:37:e7:6f:19:ac:37:19:d5:2b:7f:a1:
62:86:9c:a6:73:c4:09:20:f7:a5:64:ad:1c:28:82:f3:fe:fa:
3e:6a:1b:93:9b:de:33:52:21:6e:22:85:e0:40:38:52:9d:6c:
f8:89:8e:06:68:23:43:24:e3:cd:34:7d:fd:bd:00:7c:a1:0a:
3b:9a:c9:8d:62:98:11:73:8d:5a:d9:83:35:0c:39:32:a7:ce:
b0:51:04:6c:39:4c:21:c9:fb:58:fc:13:93:6f:c7:00:11:c9:
3d:58:03:4f:34:1a:a8:06:1e:70:37:55:a6:7d:0d:90:ff:96:
c3:7f:73:b0:2f:94:41:f0:19:83:e4:f6:6a:a3:11:95:04:35:
b4:a8:4b:9f:0c:07:b6:4e:cf:c6:12:7b:67:53:b4:a8:a3:42:
19:d8:64:8a:33:9d:6b:46:c7:f8:9f:74:d9:2d:c6:56:29:23:
94:8a:40:a9:fc:12:74:52:93:79:1a:3c:db:14:b4:db:ef:36:
d3:b2:63:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2an/lfhaBq4X5IkDZKh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNmRjZGFkOTkyOTA0NTZjNmQ3YzE4ZWIxYzA1OGQ5NDEw
ODg4MDEwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjZkYjFjOTI2Yjc0ZDljZDE3MmU3YzBjZjFiNzg4NTEwNGIzNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxB8l0RvJQY4u5H3ig9+6SEHFRIgq
ndcZJQMU6Vn7uxgaCDFoCIH2Av4duwacVRiRuOwbTU/BzMilPXcaTdaYfjY99rrq
tDtp18sEjWT3mvmmCllQAYh6hBA/kbioOfp/fcjVD8LCHgoHJEURdeYy7wqof7My
n6tDuNa/1h0Rg0BF7H7Y4mNDn3KR+yMKInPhhXGRRQrK69vIoE987L3PETXA+zRx
toMpt2kDTgaBP2NNToiqkYJE26LerXLMFLMkfpxvvgVTzXgtbTycIWvff3BSfPsJ
A6vbfTyqrmea29EJwNOBqdBrtrX0bPEDSr0OFHpPsW/N3LZNjNqfP6WOhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZtsckmt02c0XLnwM8beIUQSzbLMB8GA1UdIwQY
MBaAFMptza2ZKQRWxtfBjrHAWNlBCIgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmIt
YmM0NzVkMDA4ODY5LzEvVm0yeHlTYTNUWnpSY3VmQXp4dDRoUkJMTnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmItYmM0NzVkMDA4ODY5
LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudB4MA0G
CSqGSIb3DQEBCwUAA4IBAQCliUXoeWRrelyAnhQnO49hClmyvFIFmwKHD8K51sgY
wJY/jEmZgDqRzf3LL4tjybgUO0trQrrfMpZOozroN+dvGaw3GdUrf6Fihpymc8QJ
IPelZK0cKILz/vo+ahuTm94zUiFuIoXgQDhSnWz4iY4GaCNDJOPNNH39vQB8oQo7
msmNYpgRc41a2YM1DDkyp86wUQRsOUwhyftY/BOTb8cAEck9WANPNBqoBh5wN1Wm
fQ2Q/5bDf3OwL5RB8BmD5PZqoxGVBDW0qEufDAe2Ts/GEntnU7Soo0IZ2GSKM51r
Rsf4n3TZLcZWKSOUikCp/BJ0UpN5GjzbFLTb7zbTsmNL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:32 2025 by rpki-client on console.sobornost.net