Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/eWonEOCqO1vviTWWC4HukImo8zA.roa
File: eWonEOCqO1vviTWWC4HukImo8zA.roa (raw, json)
Hash identifier: sMT1P9/4Uirj38sOSO6BfhAmJiAf2rmN1xaNoG1qFVU=
Subject key identifier: 79:6A:27:10:E0:AA:3B:5B:EF:89:35:96:0B:81:EE:90:89:A8:F3:30
Certificate issuer: /CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Certificate serial: 01957F20538C9C14E39DF6CBD30D1C383D14
Authority key identifier: FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/eWonEOCqO1vviTWWC4HukImo8zA.roa
Signing time: Mon 10 Mar 2025 08:16:19 +0000
ROA not before: Mon 10 Mar 2025 08:16:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211873
IP address blocks: 185.105.40.0/22 maxlen: 24
185.105.41.0/24 maxlen: 24
185.105.42.0/23 maxlen: 23
185.149.28.0/22 maxlen: 22
185.149.28.0/24 maxlen: 24
185.149.29.0/24 maxlen: 24
185.149.30.0/24 maxlen: 24
185.149.31.0/24 maxlen: 24
2a06:34c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:20:53:8c:9c:14:e3:9d:f6:cb:d3:0d:1c:38:3d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Validity
Not Before: Mar 10 08:16:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=796a2710e0aa3b5bef8935960b81ee9089a8f330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3f:95:1a:96:b3:4e:77:3d:78:9d:b0:9d:d9:
78:18:8f:56:ac:5e:51:90:40:74:5b:18:a1:b0:3e:
a0:64:31:07:b1:a6:cf:70:9c:d9:ea:93:7b:27:21:
66:7a:79:bc:f9:3b:ec:e7:37:9d:e3:9e:37:6e:dd:
7f:33:47:32:17:8e:ec:5e:22:8b:7c:0a:22:57:a9:
ee:da:6e:99:a3:7a:03:f7:f3:0c:50:88:9a:46:60:
a4:56:2f:08:f7:21:c1:10:a2:8b:c4:0f:cc:0b:87:
36:0b:17:fc:39:02:6f:97:ea:41:78:d8:8e:32:f5:
09:76:cf:e4:6e:f9:69:76:a4:7f:0d:74:d7:62:2f:
0a:39:b8:ef:0b:55:7b:d2:8f:3e:96:e7:36:8c:16:
9b:90:98:4b:7d:f1:2a:1e:6f:cb:f1:6f:23:0b:cd:
75:6d:06:2c:c1:cd:72:c1:c7:92:2e:2a:14:02:0a:
b1:9a:c5:69:d2:7a:0f:e6:50:5d:a9:7d:0a:9f:64:
53:c8:3f:0d:97:86:82:d4:23:ae:81:5c:92:c9:e6:
49:d6:c1:91:a7:57:39:a4:61:9c:d5:7e:38:2e:50:
f0:3b:7d:17:54:52:29:ee:fb:b1:f9:57:7e:58:4f:
1c:fe:ae:e6:e8:f5:a6:a7:52:97:28:5f:14:a2:64:
eb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6A:27:10:E0:AA:3B:5B:EF:89:35:96:0B:81:EE:90:89:A8:F3:30
X509v3 Authority Key Identifier:
keyid:FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/eWonEOCqO1vviTWWC4HukImo8zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.40.0/22
185.149.28.0/22
IPv6:
2a06:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:e1:ac:4f:b8:a8:d0:a2:bb:c0:fd:73:a0:7f:db:52:86:43:
87:14:ef:24:7a:3c:89:50:c7:a9:60:1c:a7:0c:95:4b:59:79:
cc:0a:c8:09:3b:8a:ac:69:eb:1c:44:f9:bd:9a:3b:ec:24:27:
c6:f5:99:1d:8f:e8:8b:0e:58:3f:a1:1b:aa:1e:74:0e:68:e6:
a9:5f:8d:2f:81:81:ba:43:90:05:13:c3:a5:5d:ee:93:b1:f9:
01:71:91:6a:be:5a:83:f9:77:15:07:d4:b4:25:16:30:0a:4c:
b6:32:ee:35:44:f3:1e:41:7c:dc:1b:42:42:f5:80:d4:c8:d2:
cd:a2:8e:e6:95:c5:8d:5d:a0:c9:51:88:de:9d:ce:e1:80:50:
ab:df:82:60:d4:47:f5:95:e5:c8:18:39:4f:f2:b4:94:5b:cf:
d9:8c:98:59:92:a4:3e:ea:2c:9f:21:23:88:da:c0:a9:26:de:
89:3b:88:03:e8:fb:96:f0:1b:9d:d2:d6:4b:f9:db:b6:7b:57:
98:aa:2b:17:f2:f8:3e:40:88:30:f0:54:43:62:6e:3d:7f:bd:
bb:2a:42:4e:c2:8c:db:f0:ac:50:0e:9e:1c:66:c6:7d:08:32:
26:ab:f5:bf:cc:e3:65:1a:f8:ed:19:71:88:b1:9a:b7:d4:8b:
f5:a8:34:cc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZV/IFOMnBTjnfbL0w0cOD0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZmNkNDUxNWI0OTMwMzkyMTY3NThkZTczOGU0ZjFhZThl
MzIyNGMwHhcNMjUwMzEwMDgxNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTZhMjcxMGUwYWEzYjViZWY4OTM1OTYwYjgxZWU5MDg5YThmMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz+VGpazTnc9eJ2wndl4GI9WrF5R
kEB0WxihsD6gZDEHsabPcJzZ6pN7JyFmenm8+Tvs5zed4543bt1/M0cyF47sXiKL
fAoiV6nu2m6Zo3oD9/MMUIiaRmCkVi8I9yHBEKKLxA/MC4c2Cxf8OQJvl+pBeNiO
MvUJds/kbvlpdqR/DXTXYi8KObjvC1V70o8+luc2jBabkJhLffEqHm/L8W8jC811
bQYswc1ywceSLioUAgqxmsVp0noP5lBdqX0Kn2RTyD8Nl4aC1COugVySyeZJ1sGR
p1c5pGGc1X44LlDwO30XVFIp7vux+Vd+WE8c/q7m6PWmp1KXKF8UomTrcQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHlqJxDgqjtb74k1lguB7pCJqPMwMB8GA1UdIwQY
MBaAFPv81FFbSTA5IWdY3nOOTxro4yJMMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1felVVVnRKTURraFoxamVjNDVQR3Vqaklrdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2
LTA5OGQwNGNlNTFiMi8xL2VXb25FT0NxTzF2dmlUV1dDNEh1a0ltbzh6QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2LTA5OGQwNGNlNTFi
Mi8xLzEtX3pVVVZ0Sk1Ea2haMWplYzQ1UEd1ampJa3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5aSgD
BAK5lRwwDQQCAAIwBwMFAyoGNMAwDQYJKoZIhvcNAQELBQADggEBAD/hrE+4qNCi
u8D9c6B/21KGQ4cU7yR6PIlQx6lgHKcMlUtZecwKyAk7iqxp6xxE+b2aO+wkJ8b1
mR2P6IsOWD+hG6oedA5o5qlfjS+BgbpDkAUTw6Vd7pOx+QFxkWq+WoP5dxUH1LQl
FjAKTLYy7jVE8x5BfNwbQkL1gNTI0s2ijuaVxY1doMlRiN6dzuGAUKvfgmDUR/WV
5cgYOU/ytJRbz9mMmFmSpD7qLJ8hI4jawKkm3ok7iAPo+5bwG53S1kv527Z7V5iq
Kxfy+D5AiDDwVENibj1/vbsqQk7CjNvwrFAOnhxmxn0IMiar9b/M42Ua+O0ZcYix
mrfUi/WoNMw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net