Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/uoan53hXupFY82EE07DVdsPlwIA.roa
File: uoan53hXupFY82EE07DVdsPlwIA.roa (raw, json)
Hash identifier: TC/9xx3yMw3pvUPoSTot1awFY2hOCYSHnoHLCt9YsDA=
Subject key identifier: BA:86:A7:E7:78:57:BA:91:58:F3:61:04:D3:B0:D5:76:C3:E5:C0:80
Certificate issuer: /CN=b7a670e51c96419fc52028b12e45655ef914ddbb
Certificate serial: 0194266BA81B5704535AE124AD1ED43E1C41
Authority key identifier: B7:A6:70:E5:1C:96:41:9F:C5:20:28:B1:2E:45:65:5E:F9:14:DD:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/uoan53hXupFY82EE07DVdsPlwIA.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59914
IP address blocks: 185.66.224.0/24 maxlen: 24
185.66.225.0/24 maxlen: 24
185.66.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a8:1b:57:04:53:5a:e1:24:ad:1e:d4:3e:1c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a670e51c96419fc52028b12e45655ef914ddbb
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba86a7e77857ba9158f36104d3b0d576c3e5c080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:74:05:d4:1d:ee:e8:65:04:fb:51:3e:e0:48:
2a:da:99:37:53:0d:0e:1d:f8:60:0c:5a:94:cf:2a:
59:dc:dc:61:e9:3f:53:3a:1f:ad:f3:a0:d6:db:c2:
0e:d1:a9:ba:68:46:2c:ad:d1:2a:32:37:7a:66:ce:
c4:56:94:5f:8f:a4:f6:4d:94:fa:24:bc:d0:63:75:
4d:b1:6c:cd:58:02:7e:c0:77:59:ca:6f:69:99:ec:
77:19:5a:0f:ee:60:59:f7:13:c0:7c:4a:51:43:4f:
03:d6:f2:6f:a1:25:e2:05:d9:d6:b1:e0:40:f2:ad:
5a:5f:9f:4f:e6:67:d7:c9:2f:25:73:7f:af:46:88:
e9:05:39:f0:b2:ae:48:b6:bb:99:bc:2c:e1:fb:0a:
19:d4:aa:70:31:d6:95:bf:a2:e2:e1:8f:fc:1b:50:
82:71:80:c7:30:54:b8:f2:f7:80:de:e5:80:b5:05:
2f:0f:7b:74:40:71:71:6a:45:b6:85:bd:27:32:67:
f6:57:ea:3b:71:8d:53:ce:13:6a:da:7f:ff:fc:20:
fd:eb:c6:14:88:a4:3d:de:eb:e3:be:6b:a3:28:f6:
e0:04:fd:eb:1a:a6:68:2d:e3:a7:93:0d:fd:b5:c4:
f2:f1:db:c0:e7:0b:1b:26:51:76:4f:0f:e1:61:5d:
aa:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:86:A7:E7:78:57:BA:91:58:F3:61:04:D3:B0:D5:76:C3:E5:C0:80
X509v3 Authority Key Identifier:
keyid:B7:A6:70:E5:1C:96:41:9F:C5:20:28:B1:2E:45:65:5E:F9:14:DD:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/uoan53hXupFY82EE07DVdsPlwIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/t6Zw5RyWQZ_FICixLkVlXvkU3bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.224.0/23
185.66.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:27:60:d6:33:2c:1a:a5:ca:ee:26:49:15:f5:89:0f:f8:5d:
a2:88:a2:ea:cf:1f:1d:89:1d:03:cb:5b:62:7f:1d:d3:6f:88:
d5:2b:fc:e0:fa:c6:26:1c:88:a0:cf:23:38:08:ec:ed:cc:1b:
05:db:40:bf:d5:21:83:38:03:22:e1:bb:fa:df:10:4a:aa:3c:
04:a6:f3:19:a6:f3:c1:a2:db:6c:fc:bb:a8:d5:af:7c:a3:dc:
81:d3:10:6b:bf:50:b3:8a:a5:30:b8:81:9d:75:b4:8a:0a:00:
6b:79:22:fb:f3:65:b9:47:5a:60:31:aa:e6:36:7c:e3:01:86:
dc:ad:e4:38:de:4f:ea:02:c2:01:ea:d3:a0:12:7e:e7:f6:42:
fd:90:bd:d5:d2:00:f6:fe:01:b5:6c:41:f2:7c:1e:82:53:71:
4b:36:a5:79:44:bf:bf:40:81:89:a9:f7:fb:41:92:c8:75:f6:
38:e4:4d:78:ea:73:5b:1f:7e:2e:1c:18:99:2e:73:f7:e6:ee:
ec:5e:92:ca:f3:9f:27:fd:e4:17:f5:cb:bc:b5:9a:c4:c3:9f:
57:2d:62:24:7f:dc:67:17:bb:ec:50:87:3a:39:a9:20:49:e0:
01:48:63:9b:e5:dd:f2:8f:42:8f:d6:1c:7b:cf:9a:64:95:01:
9f:9b:ab:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma6gbVwRTWuEkrR7UPhxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTY3MGU1MWM5NjQxOWZjNTIwMjhiMTJlNDU2NTVlZjkx
NGRkYmIwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg2YTdlNzc4NTdiYTkxNThmMzYxMDRkM2IwZDU3NmMzZTVjMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3QF1B3u6GUE+1E+4Egq2pk3Uw0O
HfhgDFqUzypZ3Nxh6T9TOh+t86DW28IO0am6aEYsrdEqMjd6Zs7EVpRfj6T2TZT6
JLzQY3VNsWzNWAJ+wHdZym9pmex3GVoP7mBZ9xPAfEpRQ08D1vJvoSXiBdnWseBA
8q1aX59P5mfXyS8lc3+vRojpBTnwsq5ItruZvCzh+woZ1KpwMdaVv6Li4Y/8G1CC
cYDHMFS48veA3uWAtQUvD3t0QHFxakW2hb0nMmf2V+o7cY1TzhNq2n///CD968YU
iKQ93uvjvmujKPbgBP3rGqZoLeOnkw39tcTy8dvA5wsbJlF2Tw/hYV2qZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqGp+d4V7qRWPNhBNOw1XbD5cCAMB8GA1UdIwQY
MBaAFLemcOUclkGfxSAosS5FZV75FN27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZadzVSeVdRWl9GSUNpeExrVmxYdmtVM2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNGNhOWQtNWQzMi00ZWZkLThlMWIt
MTMyOTM3ZDM5Y2VhLzEvdW9hbjUzaFh1cEZZODJFRTA3RFZkc1Bsd0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNGNhOWQtNWQzMi00ZWZkLThlMWItMTMyOTM3ZDM5Y2Vh
LzEvdDZadzVSeVdRWl9GSUNpeExrVmxYdmtVM2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULgAwQA
uULjMA0GCSqGSIb3DQEBCwUAA4IBAQAbJ2DWMywapcruJkkV9YkP+F2iiKLqzx8d
iR0Dy1tifx3Tb4jVK/zg+sYmHIigzyM4COztzBsF20C/1SGDOAMi4bv63xBKqjwE
pvMZpvPBotts/Luo1a98o9yB0xBrv1CziqUwuIGddbSKCgBreSL782W5R1pgMarm
NnzjAYbcreQ43k/qAsIB6tOgEn7n9kL9kL3V0gD2/gG1bEHyfB6CU3FLNqV5RL+/
QIGJqff7QZLIdfY45E146nNbH34uHBiZLnP35u7sXpLK858n/eQX9cu8tZrEw59X
LWIkf9xnF7vsUIc6OakgSeABSGOb5d3yj0KP1hx7z5pklQGfm6tU
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:35 2025 by rpki-client on console.sobornost.net