Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/6iLRNmhEkle6ivGQW1sZ5gcKS8Y.roa
File: 6iLRNmhEkle6ivGQW1sZ5gcKS8Y.roa (raw, json)
Hash identifier: +zvQRhGc/V+HMxoGc8X8w2swmCXbOVN2JfxwGb1F+xI=
Subject key identifier: EA:22:D1:36:68:44:92:57:BA:8A:F1:90:5B:5B:19:E6:07:0A:4B:C6
Certificate issuer: /CN=032b9d2de53710b3158e42f22889109e2c40f43b
Certificate serial: 01953E91E1B28F99189B04553D18D47F2913
Authority key identifier: 03:2B:9D:2D:E5:37:10:B3:15:8E:42:F2:28:89:10:9E:2C:40:F4:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyudLeU3ELMVjkLyKIkQnixA9Ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/6iLRNmhEkle6ivGQW1sZ5gcKS8Y.roa
Signing time: Tue 25 Feb 2025 19:25:02 +0000
ROA not before: Tue 25 Feb 2025 19:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210022
IP address blocks: 185.158.20.0/24 maxlen: 24
185.158.21.0/24 maxlen: 24
185.158.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3e:91:e1:b2:8f:99:18:9b:04:55:3d:18:d4:7f:29:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=032b9d2de53710b3158e42f22889109e2c40f43b
Validity
Not Before: Feb 25 19:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea22d13668449257ba8af1905b5b19e6070a4bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dd:d4:a2:7f:cd:92:cb:52:d1:a0:6c:0a:9b:
1a:28:7d:6a:f1:b1:c6:45:21:fa:20:74:ad:6f:d9:
cb:a6:fc:e4:5f:43:42:0e:12:e8:4c:aa:69:e0:24:
dc:0d:e8:98:25:fb:43:65:3d:23:ae:53:95:54:f1:
59:04:8a:69:35:e2:6e:32:6d:ca:68:80:ec:c9:6b:
5b:0a:8c:26:90:7a:9a:be:7e:14:d9:4d:fb:42:a5:
30:17:e6:b5:92:60:2a:c8:f9:10:e0:e9:96:de:17:
1b:c2:e9:a5:5d:22:42:cc:f2:4e:1d:7b:c1:b9:51:
26:e1:97:03:10:34:5e:36:09:fd:d3:aa:7b:d1:1f:
3b:00:25:9a:bf:32:92:47:18:32:c6:15:0f:67:4b:
5d:d6:f3:16:37:e1:04:e7:1d:0b:24:98:b0:f8:f2:
83:43:aa:a3:d0:0c:a2:64:e2:a0:30:2e:50:52:d7:
c4:c2:1f:45:b0:55:b8:ab:30:92:ba:05:2a:31:ea:
5c:1c:0c:ac:a9:f1:ca:fe:d1:ea:38:36:1e:7c:f1:
dd:fe:47:74:fd:df:39:fd:05:10:87:c7:9f:e3:ef:
d2:12:57:4b:20:84:25:08:73:91:0b:ba:78:91:37:
b9:39:9b:83:34:b8:75:cf:e5:56:75:be:39:c5:2e:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:22:D1:36:68:44:92:57:BA:8A:F1:90:5B:5B:19:E6:07:0A:4B:C6
X509v3 Authority Key Identifier:
keyid:03:2B:9D:2D:E5:37:10:B3:15:8E:42:F2:28:89:10:9E:2C:40:F4:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyudLeU3ELMVjkLyKIkQnixA9Ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/6iLRNmhEkle6ivGQW1sZ5gcKS8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/d6dc9d-eb33-4ca4-aa82-4d19a8de0aba/1/AyudLeU3ELMVjkLyKIkQnixA9Ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.20.0-185.158.22.255
Signature Algorithm: sha256WithRSAEncryption
71:ba:2b:36:12:5f:80:36:b7:2e:a5:98:ec:bb:ad:5a:72:7c:
e1:e4:e6:2d:33:ab:6d:ff:5b:64:ed:4a:33:b0:77:50:a1:09:
21:f2:84:e1:9d:9e:10:5a:bf:eb:6f:bb:48:e9:d4:92:32:3e:
28:3b:dd:10:ce:fa:b8:c5:ea:f9:01:a1:6a:26:b8:bc:82:72:
5f:9a:39:9d:91:c6:e0:b1:f0:b8:41:b1:53:4b:7a:1b:d9:2d:
ea:27:e9:61:be:bb:0d:62:63:05:00:8b:98:54:82:4b:53:ec:
78:db:77:33:92:49:04:10:4b:11:a2:3b:82:2b:72:d8:51:55:
ca:97:bc:2d:34:34:d8:08:0d:5e:24:0c:d8:41:94:49:4c:40:
b9:ac:5b:eb:fc:29:10:f6:94:fd:1c:3a:e5:f9:81:62:c3:82:
60:c3:6d:21:64:f0:da:b4:a6:5d:44:87:1a:6c:20:7b:1a:14:
cc:07:29:8c:bb:c0:ea:a2:b7:05:07:3e:f3:58:9f:0e:0d:01:
52:61:2b:a0:b4:37:db:9a:ef:ac:00:0b:9d:df:cc:5f:ba:ca:
72:e6:3b:7e:62:9c:3d:f4:28:a0:7a:f7:91:3c:d9:67:6c:81:
4f:c9:13:4b:38:d6:a7:bc:11:a4:76:31:2f:41:18:94:01:29:
79:ee:d3:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZU+keGyj5kYmwRVPRjUfykTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmI5ZDJkZTUzNzEwYjMxNThlNDJmMjI4ODkxMDllMmM0
MGY0M2IwHhcNMjUwMjI1MTkyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIyZDEzNjY4NDQ5MjU3YmE4YWYxOTA1YjViMTllNjA3MGE0YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt3Uon/NkstS0aBsCpsaKH1q8bHG
RSH6IHStb9nLpvzkX0NCDhLoTKpp4CTcDeiYJftDZT0jrlOVVPFZBIppNeJuMm3K
aIDsyWtbCowmkHqavn4U2U37QqUwF+a1kmAqyPkQ4OmW3hcbwumlXSJCzPJOHXvB
uVEm4ZcDEDReNgn906p70R87ACWavzKSRxgyxhUPZ0td1vMWN+EE5x0LJJiw+PKD
Q6qj0AyiZOKgMC5QUtfEwh9FsFW4qzCSugUqMepcHAysqfHK/tHqODYefPHd/kd0
/d85/QUQh8ef4+/SEldLIIQlCHORC7p4kTe5OZuDNLh1z+VWdb45xS42rwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOoi0TZoRJJXuorxkFtbGeYHCkvGMB8GA1UdIwQY
MBaAFAMrnS3lNxCzFY5C8iiJEJ4sQPQ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXl1ZExlVTNFTE1WamtMeUtJa1FuaXhBOURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kNmRjOWQtZWIzMy00Y2E0LWFhODIt
NGQxOWE4ZGUwYWJhLzEvNmlMUk5taEVrbGU2aXZHUVcxc1o1Z2NLUzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kNmRjOWQtZWIzMy00Y2E0LWFhODItNGQxOWE4ZGUwYWJh
LzEvQXl1ZExlVTNFTE1WamtMeUtJa1FuaXhBOURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5nhQD
BAC5nhYwDQYJKoZIhvcNAQELBQADggEBAHG6KzYSX4A2ty6lmOy7rVpyfOHk5i0z
q23/W2TtSjOwd1ChCSHyhOGdnhBav+tvu0jp1JIyPig73RDO+rjF6vkBoWomuLyC
cl+aOZ2RxuCx8LhBsVNLehvZLeon6WG+uw1iYwUAi5hUgktT7HjbdzOSSQQQSxGi
O4IrcthRVcqXvC00NNgIDV4kDNhBlElMQLmsW+v8KRD2lP0cOuX5gWLDgmDDbSFk
8Nq0pl1EhxpsIHsaFMwHKYy7wOqitwUHPvNYnw4NAVJhK6C0N9ua76wAC53fzF+6
ynLmO35inD30KKB695E82WdsgU/JE0s41qe8EaR2MS9BGJQBKXnu0xw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:42 2025 by rpki-client on console.sobornost.net