Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/es8QJCh0ckzLwfP8fcS7Bv9ovnQ.roa
File: es8QJCh0ckzLwfP8fcS7Bv9ovnQ.roa (raw, json)
Hash identifier: vTpYfK5q1nJR4gRnUXuRk239gyWGFIrlMOouYSRgbnc=
Subject key identifier: 7A:CF:10:24:28:74:72:4C:CB:C1:F3:FC:7D:C4:BB:06:FF:68:BE:74
Certificate issuer: /CN=39469af33611b79084f575e95b13e66550edb383
Certificate serial: 019427B542C22F5680CE4683F7B91A6A296E
Authority key identifier: 39:46:9A:F3:36:11:B7:90:84:F5:75:E9:5B:13:E6:65:50:ED:B3:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUaa8zYRt5CE9XXpWxPmZVDts4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/es8QJCh0ckzLwfP8fcS7Bv9ovnQ.roa
Signing time: Thu 02 Jan 2025 15:49:37 +0000
ROA not before: Thu 02 Jan 2025 15:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55081
IP address blocks: 185.83.68.0/22 maxlen: 22
185.83.68.0/24 maxlen: 24
185.83.69.0/24 maxlen: 24
185.83.70.0/24 maxlen: 24
185.83.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:42:c2:2f:56:80:ce:46:83:f7:b9:1a:6a:29:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39469af33611b79084f575e95b13e66550edb383
Validity
Not Before: Jan 2 15:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7acf10242874724ccbc1f3fc7dc4bb06ff68be74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6b:74:f7:21:a8:cb:91:c5:2c:e7:32:60:5a:
2b:f4:07:7b:37:cc:27:33:c7:5f:8e:2f:68:05:a1:
4c:66:d0:73:7d:26:d0:dd:d1:86:2e:85:31:ec:41:
da:a3:74:a9:06:27:b1:a2:c7:3e:85:cf:30:1f:f9:
a1:a3:a3:68:78:1e:f9:98:f0:b0:61:f9:7b:b9:54:
87:f2:7b:7d:b3:b2:aa:4d:35:9c:97:42:d9:bb:da:
6f:f2:03:1e:23:9e:0b:52:27:dc:89:26:a8:58:3c:
96:00:54:b9:37:e1:4c:d7:90:c9:f6:77:f4:a6:05:
fc:58:d4:27:43:aa:e8:37:53:fd:41:18:c3:30:09:
61:3d:43:3a:f5:73:34:81:6f:52:96:99:de:bc:12:
c9:39:2f:e9:e7:36:6f:a2:87:2c:ce:b8:cb:0a:8b:
25:7a:54:21:a5:ce:da:41:07:98:5a:5b:1e:25:a1:
98:9e:38:78:33:f7:5a:52:5e:90:bc:df:79:44:a3:
6e:7d:4f:46:aa:ae:79:3e:75:00:a7:f3:36:cc:97:
3f:a5:a1:bf:12:62:63:98:52:49:fa:9d:ea:6a:be:
2a:57:64:b8:13:d8:d4:c2:ef:8c:fa:59:a7:85:43:
23:1f:7a:45:c9:9d:91:21:a0:b9:47:a9:59:90:46:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CF:10:24:28:74:72:4C:CB:C1:F3:FC:7D:C4:BB:06:FF:68:BE:74
X509v3 Authority Key Identifier:
keyid:39:46:9A:F3:36:11:B7:90:84:F5:75:E9:5B:13:E6:65:50:ED:B3:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUaa8zYRt5CE9XXpWxPmZVDts4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/es8QJCh0ckzLwfP8fcS7Bv9ovnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/OUaa8zYRt5CE9XXpWxPmZVDts4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.68.0/22
Signature Algorithm: sha256WithRSAEncryption
85:d3:3c:20:75:6d:db:ab:1d:a6:39:d7:18:6e:5e:11:ee:a0:
23:cc:df:65:a3:2f:28:27:54:29:61:8d:3a:09:c4:9d:27:58:
91:c6:c4:7d:62:21:f4:d5:06:0f:73:47:75:48:bd:c9:61:13:
c0:7c:60:c0:b3:37:c2:d5:0e:4c:9e:a6:b4:75:db:a1:7d:44:
c0:8c:d3:17:49:da:4a:6f:5c:a6:71:e3:88:86:a7:2c:d6:0a:
59:01:a1:2c:62:60:96:19:e2:20:3a:b3:20:76:1e:22:08:36:
24:6f:b5:87:96:d0:2d:2c:e8:38:2c:0c:16:2d:c9:7b:d1:e5:
9a:c7:de:3d:22:be:14:86:eb:e8:cd:4f:43:f3:00:f9:d1:8e:
70:86:d2:4a:68:71:84:c9:6d:3d:86:e7:2a:bf:37:a3:ad:d4:
1b:56:1f:13:ec:78:2c:86:6b:64:53:27:fd:b8:67:b7:30:a8:
96:3d:b1:10:4a:89:d2:ab:1a:95:af:12:ef:83:43:ba:88:8d:
70:07:40:e5:18:d2:b9:99:86:45:fa:24:4f:ec:20:45:76:52:
b8:1b:07:c2:a8:51:c4:da:ff:fe:e1:a4:af:af:0a:2c:2a:85:
c0:f8:d6:0d:dd:d0:de:0f:39:c8:b6:58:29:b9:aa:e0:ce:6e:
ec:90:ca:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntULCL1aAzkaD97kaailuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDY5YWYzMzYxMWI3OTA4NGY1NzVlOTViMTNlNjY1NTBl
ZGIzODMwHhcNMjUwMTAyMTU0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNmMTAyNDI4NzQ3MjRjY2JjMWYzZmM3ZGM0YmIwNmZmNjhiZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmt09yGoy5HFLOcyYFor9Ad7N8wn
M8dfji9oBaFMZtBzfSbQ3dGGLoUx7EHao3SpBiexosc+hc8wH/mho6NoeB75mPCw
Yfl7uVSH8nt9s7KqTTWcl0LZu9pv8gMeI54LUifciSaoWDyWAFS5N+FM15DJ9nf0
pgX8WNQnQ6roN1P9QRjDMAlhPUM69XM0gW9SlpnevBLJOS/p5zZvoocszrjLCosl
elQhpc7aQQeYWlseJaGYnjh4M/daUl6QvN95RKNufU9Gqq55PnUAp/M2zJc/paG/
EmJjmFJJ+p3qar4qV2S4E9jUwu+M+lmnhUMjH3pFyZ2RIaC5R6lZkEZt+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrPECQodHJMy8Hz/H3Euwb/aL50MB8GA1UdIwQY
MBaAFDlGmvM2EbeQhPV16VsT5mVQ7bODMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VhYTh6WVJ0NUNFOVhYcFd4UG1aVkR0czRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yNWUzOGYtYTA5MS00ZTVjLWJmNjMt
NjZkZDJhOTFmYWNhLzEvZXM4UUpDaDBja3pMd2ZQOGZjUzdCdjlvdm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yNWUzOGYtYTA5MS00ZTVjLWJmNjMtNjZkZDJhOTFmYWNh
LzEvT1VhYTh6WVJ0NUNFOVhYcFd4UG1aVkR0czRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVNEMA0G
CSqGSIb3DQEBCwUAA4IBAQCF0zwgdW3bqx2mOdcYbl4R7qAjzN9loy8oJ1QpYY06
CcSdJ1iRxsR9YiH01QYPc0d1SL3JYRPAfGDAszfC1Q5Mnqa0dduhfUTAjNMXSdpK
b1ymceOIhqcs1gpZAaEsYmCWGeIgOrMgdh4iCDYkb7WHltAtLOg4LAwWLcl70eWa
x949Ir4UhuvozU9D8wD50Y5whtJKaHGEyW09hucqvzejrdQbVh8T7HgshmtkUyf9
uGe3MKiWPbEQSonSqxqVrxLvg0O6iI1wB0DlGNK5mYZF+iRP7CBFdlK4GwfCqFHE
2v/+4aSvrwosKoXA+NYN3dDeDznItlgpuargzm7skMqa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:46 2025 by rpki-client on console.sobornost.net