Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/OzolCaVQx815IgHszNbLgije_3o.roa
File: OzolCaVQx815IgHszNbLgije_3o.roa (raw, json)
Hash identifier: pECs27ONBBOsTMiOF6c8bJDyRRMdkf/LormEyok2vwE=
Subject key identifier: 3B:3A:25:09:A5:50:C7:CD:79:22:01:EC:CC:D6:CB:82:28:DE:FF:7A
Certificate issuer: /CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Certificate serial: 01954849A186E34263437B97D4FF60019394
Authority key identifier: AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/OzolCaVQx815IgHszNbLgije_3o.roa
Signing time: Thu 27 Feb 2025 16:42:19 +0000
ROA not before: Thu 27 Feb 2025 16:42:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204082
IP address blocks: 185.109.243.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:49:a1:86:e3:42:63:43:7b:97:d4:ff:60:01:93:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Validity
Not Before: Feb 27 16:42:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b3a2509a550c7cd792201ecccd6cb8228deff7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ec:45:d1:fd:5d:6b:27:88:c9:4d:29:85:ed:
3b:53:27:7e:d0:c7:13:86:77:59:d7:6f:03:10:2a:
c5:df:a8:88:1b:cb:42:4b:9d:f2:c1:93:69:cd:26:
9c:a5:fd:f6:4b:a4:22:4e:90:85:71:87:29:72:d2:
b7:5f:32:35:17:19:91:e4:8b:25:84:ec:37:ca:e5:
a3:3e:b1:fe:59:c8:c5:98:57:7a:2e:bc:c3:9f:6d:
73:90:86:00:4f:00:be:66:89:53:1a:ca:18:9d:15:
2b:21:78:0e:90:2d:f9:f3:c8:e9:53:84:04:ed:74:
dd:7f:b7:5f:26:8b:7c:f9:28:1d:ef:1f:98:b2:03:
03:25:d1:01:79:bf:a7:19:80:97:c1:8b:bd:e2:2e:
36:72:7f:3c:8b:40:46:09:fc:b1:f2:9e:91:8f:ad:
12:53:14:66:9c:0c:be:c4:6b:a5:d1:9f:cc:2f:47:
2c:56:fc:0d:dc:85:f0:11:b2:77:da:54:49:f7:95:
e5:76:b9:98:a0:7e:f2:65:3a:99:8b:0f:03:8f:de:
e5:63:2f:0a:1f:a8:0a:8a:29:ff:ac:0d:b8:37:bf:
2b:21:41:01:c5:3c:21:56:b9:1a:89:55:b8:9b:17:
90:33:cf:5f:63:ec:1d:00:60:35:e6:7b:b8:70:a4:
15:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3A:25:09:A5:50:C7:CD:79:22:01:EC:CC:D6:CB:82:28:DE:FF:7A
X509v3 Authority Key Identifier:
keyid:AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/OzolCaVQx815IgHszNbLgije_3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/r-xPShbMUb1RYhARU5zrV0rBXQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:dd:6a:ca:ab:66:f3:dc:79:e8:df:19:e9:84:0d:0d:bd:71:
55:5c:4d:4d:e0:39:b5:07:18:51:21:ff:df:64:71:73:c5:ae:
4a:8e:8f:3c:80:c3:17:9f:8d:48:0b:dd:28:9e:7d:ac:1f:11:
c4:83:4a:fe:b8:74:68:07:12:20:2b:33:dd:50:53:1c:52:2b:
95:30:52:2d:95:6c:8a:c9:ee:cb:38:d4:1f:cf:ee:ac:28:1b:
1d:31:89:8e:da:84:04:dc:09:58:65:d3:b4:51:6c:eb:f8:60:
3a:ee:53:84:1e:de:58:70:39:5a:90:d7:9b:4c:2a:36:0a:ee:
ab:62:79:15:f1:ba:ee:ab:be:e9:fe:4e:17:47:ff:83:b8:a0:
dc:f0:e8:1e:cf:6c:20:7a:bb:b3:56:20:88:bc:e4:2d:d5:24:
6e:8f:cd:fb:18:76:58:e0:3b:c6:6e:03:dc:60:e4:de:40:a1:
a1:1f:ca:8b:4e:83:c3:44:c6:d7:cb:4f:ee:7b:a1:84:76:6a:
b7:8c:0d:26:a8:fd:0b:a5:b2:4c:fa:19:19:61:c3:be:ab:10:
cf:2c:57:06:9d:34:e0:ae:01:ab:1c:a7:74:bc:59:f8:eb:77:
16:42:42:3f:ac:6a:79:91:7a:14:c6:80:ca:95:59:12:27:1d:
89:fb:67:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVISaGG40JjQ3uX1P9gAZOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWM0ZjRhMTZjYzUxYmQ1MTYyMTAxMTUzOWNlYjU3NGFj
MTVkMDIwHhcNMjUwMjI3MTY0MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNhMjUwOWE1NTBjN2NkNzkyMjAxZWNjY2Q2Y2I4MjI4ZGVmZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmexF0f1dayeIyU0phe07Uyd+0McT
hndZ128DECrF36iIG8tCS53ywZNpzSacpf32S6QiTpCFcYcpctK3XzI1FxmR5Isl
hOw3yuWjPrH+WcjFmFd6LrzDn21zkIYATwC+ZolTGsoYnRUrIXgOkC3588jpU4QE
7XTdf7dfJot8+Sgd7x+YsgMDJdEBeb+nGYCXwYu94i42cn88i0BGCfyx8p6Rj60S
UxRmnAy+xGul0Z/ML0csVvwN3IXwEbJ32lRJ95XldrmYoH7yZTqZiw8Dj97lYy8K
H6gKiin/rA24N78rIUEBxTwhVrkaiVW4mxeQM89fY+wdAGA15nu4cKQVtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDs6JQmlUMfNeSIB7MzWy4Io3v96MB8GA1UdIwQY
MBaAFK/sT0oWzFG9UWIQEVOc61dKwV0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0Nzgt
MjdlZmMxM2FmZjFlLzEvT3pvbENhVlF4ODE1SWdIc3pOYkxnaWplXzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0NzgtMjdlZmMxM2FmZjFl
LzEvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW3zMA0G
CSqGSIb3DQEBCwUAA4IBAQCk3WrKq2bz3Hno3xnphA0NvXFVXE1N4Dm1BxhRIf/f
ZHFzxa5Kjo88gMMXn41IC90onn2sHxHEg0r+uHRoBxIgKzPdUFMcUiuVMFItlWyK
ye7LONQfz+6sKBsdMYmO2oQE3AlYZdO0UWzr+GA67lOEHt5YcDlakNebTCo2Cu6r
YnkV8bruq77p/k4XR/+DuKDc8Ogez2wgeruzViCIvOQt1SRuj837GHZY4DvGbgPc
YOTeQKGhH8qLToPDRMbXy0/ue6GEdmq3jA0mqP0LpbJM+hkZYcO+qxDPLFcGnTTg
rgGrHKd0vFn463cWQkI/rGp5kXoUxoDKlVkSJx2J+2cx
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:26:39 2025 by rpki-client on console.sobornost.net