Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/h0KwGsV7Y4PS9-ubvbwvPxeINTw.roa
File: h0KwGsV7Y4PS9-ubvbwvPxeINTw.roa (raw, json)
Hash identifier: QnImr5OAriGOLs8DShZajEz7o3J5PVeEaUrLJ83dAtA=
Subject key identifier: 87:42:B0:1A:C5:7B:63:83:D2:F7:EB:9B:BD:BC:2F:3F:17:88:35:3C
Certificate issuer: /CN=9246785f469be8aa7151e3333e47465d478fd0e7
Certificate serial: 019427B610C0E56D7D7C7B2C871316BCDA90
Authority key identifier: 92:46:78:5F:46:9B:E8:AA:71:51:E3:33:3E:47:46:5D:47:8F:D0:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkZ4X0ab6KpxUeMzPkdGXUeP0Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/h0KwGsV7Y4PS9-ubvbwvPxeINTw.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39180
IP address blocks: 185.24.16.0/24 maxlen: 24
185.24.17.0/24 maxlen: 24
185.24.18.0/24 maxlen: 24
185.24.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:10:c0:e5:6d:7d:7c:7b:2c:87:13:16:bc:da:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9246785f469be8aa7151e3333e47465d478fd0e7
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8742b01ac57b6383d2f7eb9bbdbc2f3f1788353c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:64:a1:19:30:67:87:16:8b:59:3a:99:a7:73:
40:a5:0e:17:f8:e8:29:87:57:6c:25:68:a5:f6:f8:
20:9c:ad:ee:fa:b6:60:55:e6:1d:7f:5f:31:8d:93:
5c:60:34:85:1d:1b:d5:7b:f4:a9:6e:cc:51:aa:33:
30:02:3e:aa:f0:87:9b:3a:24:c2:a9:57:8e:35:c6:
b5:b1:83:de:20:d1:69:4c:ed:50:2f:ad:f6:e3:17:
96:d8:db:cb:36:44:ab:7e:e5:31:04:90:c3:54:62:
0f:0e:0f:5f:fe:d6:3f:5c:cb:31:64:b0:7a:88:8e:
cd:6f:f0:63:ba:45:6b:35:68:13:2d:4f:2c:a7:a6:
3b:91:97:1b:5a:9b:aa:c0:a7:9b:da:ae:be:cd:a5:
48:a7:bd:72:f2:eb:05:3b:17:67:2d:82:8a:16:39:
e7:bc:d9:3b:e8:c9:c2:33:74:02:5a:fb:e6:50:9e:
16:c6:af:b3:17:b5:c9:86:d2:dd:3b:78:37:2f:66:
23:a4:31:63:ef:eb:7d:d8:66:17:89:53:3f:f6:9a:
f0:3c:de:39:e2:f3:26:f0:55:82:5b:2a:20:6c:74:
95:bb:05:38:ff:4c:4a:43:56:aa:17:66:3a:fc:81:
db:8e:47:65:0f:0c:86:b8:56:7f:b9:07:05:8b:59:
34:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:42:B0:1A:C5:7B:63:83:D2:F7:EB:9B:BD:BC:2F:3F:17:88:35:3C
X509v3 Authority Key Identifier:
keyid:92:46:78:5F:46:9B:E8:AA:71:51:E3:33:3E:47:46:5D:47:8F:D0:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkZ4X0ab6KpxUeMzPkdGXUeP0Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/h0KwGsV7Y4PS9-ubvbwvPxeINTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/kkZ4X0ab6KpxUeMzPkdGXUeP0Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.16.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:2a:8c:6f:c5:0b:3e:cb:23:44:73:05:5b:e6:76:07:c9:a5:
7b:15:b5:dd:bb:d8:b6:8b:0e:28:20:75:2a:58:d9:1c:d1:e7:
8e:0a:47:f7:cf:3e:d2:2e:b3:62:50:fd:e8:49:cf:1b:86:c6:
77:97:18:60:df:b5:6d:f9:8c:e0:c8:42:f2:ee:78:b3:75:f6:
a9:b7:94:5c:36:97:da:bc:4b:10:5f:e1:7f:12:5a:8f:0e:e0:
94:bf:12:79:67:9e:32:e4:28:3e:b8:32:45:5b:df:97:c7:92:
40:c3:e1:63:88:20:e0:e0:1d:53:da:1d:e5:3b:26:f2:42:31:
6c:36:76:8c:07:ad:81:ac:09:ba:b3:9f:57:bd:c4:ea:09:92:
cd:ff:0e:00:af:f1:e9:23:ac:b1:49:ab:f4:41:83:0c:62:d5:
54:b2:a0:0f:96:ee:b3:a9:5b:d0:5d:5c:c1:99:cb:9a:34:d6:
b9:ab:11:75:59:f2:ef:ac:45:6d:8a:5f:8a:d8:fe:9b:a6:8b:
73:92:63:8b:db:8f:a2:7f:c9:52:d0:f5:e7:cd:6a:33:61:a5:
a9:ef:fd:f7:15:43:7d:46:aa:f3:4a:c6:10:d4:3a:5d:1b:70:
f2:f2:20:b5:9c:07:8a:f2:d8:f5:e6:09:42:27:a1:d0:5e:a5:
9c:92:d9:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthDA5W19fHsshxMWvNqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDY3ODVmNDY5YmU4YWE3MTUxZTMzMzNlNDc0NjVkNDc4
ZmQwZTcwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQyYjAxYWM1N2I2MzgzZDJmN2ViOWJiZGJjMmYzZjE3ODgzNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2ShGTBnhxaLWTqZp3NApQ4X+Ogp
h1dsJWil9vggnK3u+rZgVeYdf18xjZNcYDSFHRvVe/SpbsxRqjMwAj6q8IebOiTC
qVeONca1sYPeINFpTO1QL6324xeW2NvLNkSrfuUxBJDDVGIPDg9f/tY/XMsxZLB6
iI7Nb/BjukVrNWgTLU8sp6Y7kZcbWpuqwKeb2q6+zaVIp71y8usFOxdnLYKKFjnn
vNk76MnCM3QCWvvmUJ4Wxq+zF7XJhtLdO3g3L2YjpDFj7+t92GYXiVM/9prwPN45
4vMm8FWCWyogbHSVuwU4/0xKQ1aqF2Y6/IHbjkdlDwyGuFZ/uQcFi1k0yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdCsBrFe2OD0vfrm728Lz8XiDU8MB8GA1UdIwQY
MBaAFJJGeF9Gm+iqcVHjMz5HRl1Hj9DnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2taNFgwYWI2S3B4VWVNelBrZEdYVWVQME9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZTA1ODAtOGIyZi00OWE3LWFiZDgt
NWMzOGM3NDc1YWE5LzEvaDBLd0dzVjdZNFBTOS11YnZid3ZQeGVJTlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZTA1ODAtOGIyZi00OWE3LWFiZDgtNWMzOGM3NDc1YWE5
LzEva2taNFgwYWI2S3B4VWVNelBrZEdYVWVQME9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRgQMA0G
CSqGSIb3DQEBCwUAA4IBAQAbKoxvxQs+yyNEcwVb5nYHyaV7FbXdu9i2iw4oIHUq
WNkc0eeOCkf3zz7SLrNiUP3oSc8bhsZ3lxhg37Vt+YzgyELy7nizdfapt5RcNpfa
vEsQX+F/ElqPDuCUvxJ5Z54y5Cg+uDJFW9+Xx5JAw+FjiCDg4B1T2h3lOybyQjFs
NnaMB62BrAm6s59XvcTqCZLN/w4Ar/HpI6yxSav0QYMMYtVUsqAPlu6zqVvQXVzB
mcuaNNa5qxF1WfLvrEVtil+K2P6bpotzkmOL24+if8lS0PXnzWozYaWp7/33FUN9
RqrzSsYQ1DpdG3Dy8iC1nAeK8tj15glCJ6HQXqWcktnD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net