Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/aFAF2a0pf2_iQW_Ah5PtSVGIIsU.roa
File: aFAF2a0pf2_iQW_Ah5PtSVGIIsU.roa (raw, json)
Hash identifier: CRoJAvxL/AEhIjj3BGa3AOSm/IAStthRp+t6FhfWlZc=
Subject key identifier: 68:50:05:D9:AD:29:7F:6F:E2:41:6F:C0:87:93:ED:49:51:88:22:C5
Certificate issuer: /CN=039b01353e51a3a87e835963bd8833ed81853d77
Certificate serial: 019424B3F704D42B4EEC84D080DBCD9E3294
Authority key identifier: 03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/aFAF2a0pf2_iQW_Ah5PtSVGIIsU.roa
Signing time: Thu 02 Jan 2025 01:49:21 +0000
ROA not before: Thu 02 Jan 2025 01:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203318
IP address blocks: 185.138.80.0/22 maxlen: 24
185.214.73.0/24 maxlen: 24
2a00:1ac1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f7:04:d4:2b:4e:ec:84:d0:80:db:cd:9e:32:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=039b01353e51a3a87e835963bd8833ed81853d77
Validity
Not Before: Jan 2 01:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=685005d9ad297f6fe2416fc08793ed49518822c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:83:d0:be:c8:b4:b4:55:74:69:08:19:3b:84:
c9:1b:52:30:3c:4c:d4:ee:e2:39:c5:14:9e:27:2c:
f2:da:4e:ff:25:c7:ed:85:65:d1:72:57:10:b8:79:
d5:0b:e4:65:3a:98:8e:71:a9:0d:55:3d:06:98:4e:
03:11:08:1e:78:0c:1d:b4:98:24:f4:a2:b6:ba:ab:
eb:84:c8:99:2c:56:49:7b:0e:8a:a3:ee:0d:08:79:
65:64:2a:09:07:7b:97:98:e4:06:ac:41:69:92:1b:
24:90:00:d7:79:80:69:2a:cb:ac:a5:44:a0:cc:cb:
f4:77:4d:ce:b4:dc:1c:9e:46:16:f1:f8:02:fa:12:
92:60:53:e8:38:b6:01:18:dc:13:32:97:eb:ac:93:
af:52:00:e0:e2:76:9a:83:40:7e:e0:75:0a:07:44:
1f:9d:a2:fc:b5:d8:c5:36:da:52:c8:f3:ec:b2:4d:
1f:bd:20:26:b2:89:ba:31:1d:f0:c3:b2:8b:25:3b:
4d:8b:43:c5:4a:be:01:7b:b9:23:35:eb:0f:73:fd:
3d:fa:bf:ff:7b:f7:e6:24:71:f4:52:30:48:e0:68:
57:78:38:37:5a:c3:5b:7b:6d:b8:c7:9b:9a:32:96:
a2:b4:9f:3d:e0:3d:45:48:57:43:39:67:c9:8d:3c:
32:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:50:05:D9:AD:29:7F:6F:E2:41:6F:C0:87:93:ED:49:51:88:22:C5
X509v3 Authority Key Identifier:
keyid:03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/aFAF2a0pf2_iQW_Ah5PtSVGIIsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.80.0/22
185.214.73.0/24
IPv6:
2a00:1ac1::/32
Signature Algorithm: sha256WithRSAEncryption
4e:27:72:70:a9:00:8f:6c:9e:9a:61:51:14:9d:f7:8d:c0:78:
37:ed:73:42:e3:f3:cf:12:27:e3:c5:40:dd:d1:fb:34:72:ca:
92:20:12:3f:22:51:c1:17:e0:a7:23:0c:aa:af:d2:b7:17:8b:
2d:cd:76:49:29:f9:80:04:03:f9:5d:ae:b9:fc:7f:a9:12:90:
a6:6c:e0:b1:08:be:65:b6:18:9a:18:25:a1:3e:16:da:f5:fb:
ae:f5:c3:7d:2e:c7:46:43:0e:bf:f3:dc:26:cd:32:95:db:89:
34:32:04:73:0d:fc:51:0a:3f:f4:d9:d9:4e:31:99:f9:3a:c6:
98:0e:fc:5d:90:11:b5:d4:53:86:30:20:29:2a:d5:3d:64:a1:
f9:68:51:9d:b8:d4:6b:7e:f0:1f:00:f7:ad:6a:78:82:9d:33:
63:24:1a:db:b0:5b:34:49:38:03:90:f3:9c:54:e1:33:54:35:
a0:d2:3c:fc:23:49:21:60:e6:3a:cc:6c:10:b9:08:1e:2d:fd:
62:08:f8:8e:90:f3:8c:fa:60:ee:a1:ef:6e:02:c5:75:8e:6f:
a9:20:66:ca:bc:67:87:27:6d:18:cf:10:39:2f:98:b8:fb:0a:
d5:89:d3:b6:52:74:bc:d1:dd:0a:07:2e:b3:a3:b6:61:26:6d:
68:79:8e:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks/cE1CtO7ITQgNvNnjKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOWIwMTM1M2U1MWEzYTg3ZTgzNTk2M2JkODgzM2VkODE4
NTNkNzcwHhcNMjUwMTAyMDE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODUwMDVkOWFkMjk3ZjZmZTI0MTZmYzA4NzkzZWQ0OTUxODgyMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4PQvsi0tFV0aQgZO4TJG1IwPEzU
7uI5xRSeJyzy2k7/JcfthWXRclcQuHnVC+RlOpiOcakNVT0GmE4DEQgeeAwdtJgk
9KK2uqvrhMiZLFZJew6Ko+4NCHllZCoJB3uXmOQGrEFpkhskkADXeYBpKsuspUSg
zMv0d03OtNwcnkYW8fgC+hKSYFPoOLYBGNwTMpfrrJOvUgDg4naag0B+4HUKB0Qf
naL8tdjFNtpSyPPssk0fvSAmsom6MR3ww7KLJTtNi0PFSr4Be7kjNesPc/09+r//
e/fmJHH0UjBI4GhXeDg3WsNbe224x5uaMpaitJ894D1FSFdDOWfJjTwy6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGhQBdmtKX9v4kFvwIeT7UlRiCLFMB8GA1UdIwQY
MBaAFAObATU+UaOofoNZY72IM+2BhT13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUt
NGE4YjZiNDA4MmIxLzEvYUZBRjJhMHBmMl9pUVdfQWg1UHRTVkdJSXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUtNGE4YjZiNDA4MmIx
LzEvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYpQAwQA
udZJMA0EAgACMAcDBQAqABrBMA0GCSqGSIb3DQEBCwUAA4IBAQBOJ3JwqQCPbJ6a
YVEUnfeNwHg37XNC4/PPEifjxUDd0fs0csqSIBI/IlHBF+CnIwyqr9K3F4stzXZJ
KfmABAP5Xa65/H+pEpCmbOCxCL5lthiaGCWhPhba9fuu9cN9LsdGQw6/89wmzTKV
24k0MgRzDfxRCj/02dlOMZn5OsaYDvxdkBG11FOGMCApKtU9ZKH5aFGduNRrfvAf
APetaniCnTNjJBrbsFs0STgDkPOcVOEzVDWg0jz8I0khYOY6zGwQuQgeLf1iCPiO
kPOM+mDuoe9uAsV1jm+pIGbKvGeHJ20YzxA5L5i4+wrVidO2UnS80d0KBy6zo7Zh
Jm1oeY51
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:54 2025 by rpki-client on console.sobornost.net