Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/OmRgq5feW-kx9jvx4AAFdyevf30.roa
File: OmRgq5feW-kx9jvx4AAFdyevf30.roa (raw, json)
Hash identifier: AB8XLVSpCXGmgkqlgUf55sAgLfrFZhXp5WrR9S6Xa20=
Subject key identifier: 3A:64:60:AB:97:DE:5B:E9:31:F6:3B:F1:E0:00:05:77:27:AF:7F:7D
Certificate issuer: /CN=21077355df11cdbf992f90d67eaab9109ab8ebf3
Certificate serial: 019422FC3F636D3C8216F557B895C6FA547C
Authority key identifier: 21:07:73:55:DF:11:CD:BF:99:2F:90:D6:7E:AA:B9:10:9A:B8:EB:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQdzVd8Rzb-ZL5DWfqq5EJq46_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/OmRgq5feW-kx9jvx4AAFdyevf30.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60205
IP address blocks: 185.25.44.0/22 maxlen: 24
2a00:61a0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3f:63:6d:3c:82:16:f5:57:b8:95:c6:fa:54:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21077355df11cdbf992f90d67eaab9109ab8ebf3
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a6460ab97de5be931f63bf1e000057727af7f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ef:89:7d:25:88:28:c1:cf:72:7f:7a:de:82:
75:ba:36:4b:a0:4f:c9:35:e3:44:2f:b9:af:54:07:
e2:5a:e8:fa:96:70:91:18:14:fa:15:64:3d:27:c0:
fa:86:d1:48:ca:c3:f8:46:ec:ee:99:10:b2:9c:92:
fa:f1:66:62:4c:71:e7:50:91:97:92:83:e1:1e:0f:
1f:96:fd:c1:7f:58:74:28:d0:5c:02:06:65:63:28:
2f:83:18:70:f9:ec:2e:6a:90:69:0d:4c:e9:3b:96:
bc:0a:d7:6a:f9:33:f8:69:68:f2:f1:44:4d:fb:65:
53:91:47:3e:4d:97:ab:2b:f6:ae:74:b4:65:6c:f6:
f0:ed:33:fa:83:3a:44:12:15:02:8a:d5:23:9d:b3:
0b:fd:29:f3:65:27:8b:0c:43:57:2c:59:7a:1c:68:
c7:17:f0:5e:89:81:fa:21:6e:ea:8c:bd:23:3d:3d:
3e:20:a3:c9:6d:42:92:8c:70:52:f4:fb:72:d1:f6:
c0:77:45:91:22:cb:1c:59:42:4b:72:a7:77:db:32:
48:43:fd:7a:d1:de:e4:18:03:74:d7:59:80:f1:88:
46:0d:75:7a:6d:5c:98:ce:65:c6:2c:e3:1b:d5:b2:
29:0b:81:2d:cb:c0:b7:a8:ed:1a:47:af:55:ac:bc:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:64:60:AB:97:DE:5B:E9:31:F6:3B:F1:E0:00:05:77:27:AF:7F:7D
X509v3 Authority Key Identifier:
keyid:21:07:73:55:DF:11:CD:BF:99:2F:90:D6:7E:AA:B9:10:9A:B8:EB:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdzVd8Rzb-ZL5DWfqq5EJq46_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/OmRgq5feW-kx9jvx4AAFdyevf30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/f2da78-2d98-4081-9d67-43bf655f3365/1/IQdzVd8Rzb-ZL5DWfqq5EJq46_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.44.0/22
IPv6:
2a00:61a0::/29
Signature Algorithm: sha256WithRSAEncryption
52:ba:d4:f4:8e:37:72:84:75:c9:b0:20:23:5f:03:18:12:f1:
82:d5:9e:9e:b0:21:4b:54:7f:bc:0c:51:6d:1f:d6:7f:47:02:
a3:8a:f3:46:27:75:bb:28:b1:f9:09:0f:33:09:ef:30:0c:46:
14:79:ac:15:d7:f7:3a:bb:c8:48:60:e8:26:bc:cf:de:66:e6:
8b:ec:27:32:e5:ff:5d:80:ec:8d:64:b4:1d:11:22:6a:e6:24:
22:cf:4e:e2:ac:4a:21:5b:bd:90:4f:4a:65:bc:17:82:89:13:
17:f3:a8:fd:c5:81:b1:35:a4:99:f2:e1:28:75:24:8c:2d:b7:
43:ed:92:5e:f9:b2:ac:d6:d0:5b:c7:56:80:48:10:03:e4:31:
ec:95:a0:79:87:53:35:74:58:8d:91:a1:a0:be:15:1a:63:df:
f3:c9:9f:c1:e6:8a:29:9f:e8:a3:3c:21:86:3e:51:97:72:50:
e7:9c:3e:20:df:d2:70:3f:f2:86:3e:a7:09:20:27:63:b1:47:
b2:e8:72:81:6a:0c:56:b2:d7:2f:43:c6:91:44:52:1d:7a:88:
b9:85:44:d1:3b:40:9f:50:64:a6:19:ab:8b:1e:24:0a:be:ff:
1a:d8:c2:1b:53:62:57:6e:db:00:18:c9:f9:6d:d0:ba:f9:a8:
4d:2a:b1:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/D9jbTyCFvVXuJXG+lR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc3MzU1ZGYxMWNkYmY5OTJmOTBkNjdlYWFiOTEwOWFi
OGViZjMwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY0NjBhYjk3ZGU1YmU5MzFmNjNiZjFlMDAwMDU3NzI3YWY3ZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6u+JfSWIKMHPcn963oJ1ujZLoE/J
NeNEL7mvVAfiWuj6lnCRGBT6FWQ9J8D6htFIysP4RuzumRCynJL68WZiTHHnUJGX
koPhHg8flv3Bf1h0KNBcAgZlYygvgxhw+ewuapBpDUzpO5a8Ctdq+TP4aWjy8URN
+2VTkUc+TZerK/audLRlbPbw7TP6gzpEEhUCitUjnbML/SnzZSeLDENXLFl6HGjH
F/BeiYH6IW7qjL0jPT0+IKPJbUKSjHBS9Pty0fbAd0WRIsscWUJLcqd32zJIQ/16
0d7kGAN011mA8YhGDXV6bVyYzmXGLOMb1bIpC4Ety8C3qO0aR69VrLytIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDpkYKuX3lvpMfY78eAABXcnr399MB8GA1UdIwQY
MBaAFCEHc1XfEc2/mS+Q1n6quRCauOvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkelZkOFJ6Yi1aTDVEV2ZxcTVFSnE0Nl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mMmRhNzgtMmQ5OC00MDgxLTlkNjct
NDNiZjY1NWYzMzY1LzEvT21SZ3E1ZmVXLWt4OWp2eDRBQUZkeWV2ZjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mMmRhNzgtMmQ5OC00MDgxLTlkNjctNDNiZjY1NWYzMzY1
LzEvSVFkelZkOFJ6Yi1aTDVEV2ZxcTVFSnE0Nl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRksMA0E
AgACMAcDBQMqAGGgMA0GCSqGSIb3DQEBCwUAA4IBAQBSutT0jjdyhHXJsCAjXwMY
EvGC1Z6esCFLVH+8DFFtH9Z/RwKjivNGJ3W7KLH5CQ8zCe8wDEYUeawV1/c6u8hI
YOgmvM/eZuaL7Ccy5f9dgOyNZLQdESJq5iQiz07irEohW72QT0plvBeCiRMX86j9
xYGxNaSZ8uEodSSMLbdD7ZJe+bKs1tBbx1aASBAD5DHslaB5h1M1dFiNkaGgvhUa
Y9/zyZ/B5oopn+ijPCGGPlGXclDnnD4g39JwP/KGPqcJICdjsUey6HKBagxWstcv
Q8aRRFIdeoi5hUTRO0CfUGSmGauLHiQKvv8a2MIbU2JXbtsAGMn5bdC6+ahNKrHp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:45 2025 by rpki-client on console.sobornost.net