Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/liO3Dk9HW5maOXYINfx-lTJgFC0.roa
File: liO3Dk9HW5maOXYINfx-lTJgFC0.roa (raw, json)
Hash identifier: q4LEiFG0iKJd0o8pxD+sRsl85pA8hcAalAJZcMAOiLU=
Subject key identifier: 96:23:B7:0E:4F:47:5B:99:9A:39:76:08:35:FC:7E:95:32:60:14:2D
Certificate issuer: /CN=3f0289affaaf080e252718e3f4489da29d9fa55a
Certificate serial: 019423D72C45B5D85B1CD76B9E936AC9F44F
Authority key identifier: 3F:02:89:AF:FA:AF:08:0E:25:27:18:E3:F4:48:9D:A2:9D:9F:A5:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PwKJr_qvCA4lJxjj9Eidop2fpVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/liO3Dk9HW5maOXYINfx-lTJgFC0.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198167
IP address blocks: 185.119.216.0/22 maxlen: 23
185.119.218.0/24 maxlen: 24
2a03:78c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2c:45:b5:d8:5b:1c:d7:6b:9e:93:6a:c9:f4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f0289affaaf080e252718e3f4489da29d9fa55a
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9623b70e4f475b999a39760835fc7e953260142d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:1a:73:93:f6:91:de:9b:65:6e:d7:b4:bd:
3b:53:01:8b:7e:bb:3a:f3:41:45:d8:ef:75:d7:81:
f3:12:50:4b:8c:ab:a1:37:7f:f8:75:5f:5a:67:a8:
99:69:40:ff:23:86:d7:50:d5:f8:c5:c3:ab:dd:cd:
24:cc:30:86:71:f6:08:9f:93:09:e8:51:66:e9:5e:
a0:0b:d4:b1:85:32:7f:b2:08:b2:18:fe:2c:f8:b9:
7a:65:27:b4:32:b9:fb:85:e4:9a:c6:81:e9:d7:8d:
5a:f0:be:aa:cd:45:d2:ed:af:09:1e:74:eb:fa:7f:
f6:36:d1:81:26:87:12:36:9b:b5:6d:ec:f2:e3:8b:
85:17:81:ad:be:e2:f5:91:e9:ed:2e:14:df:84:13:
8b:11:0f:6e:09:55:22:32:02:61:47:7b:cf:73:98:
d1:bb:53:a4:22:ec:d0:94:b9:84:11:61:a8:a2:f6:
93:75:c6:22:11:a4:e2:2e:ea:2f:1a:83:93:ae:d6:
84:b9:24:99:e7:1a:1b:bb:79:d8:d8:30:f1:22:60:
b3:02:1e:e2:36:c4:e4:5c:14:25:8f:62:f5:c7:dc:
e3:aa:54:b5:9d:66:25:12:58:bf:9c:cd:e1:ba:80:
ba:39:af:cb:21:c2:7b:b1:cd:34:3f:ab:43:c1:1b:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:23:B7:0E:4F:47:5B:99:9A:39:76:08:35:FC:7E:95:32:60:14:2D
X509v3 Authority Key Identifier:
keyid:3F:02:89:AF:FA:AF:08:0E:25:27:18:E3:F4:48:9D:A2:9D:9F:A5:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwKJr_qvCA4lJxjj9Eidop2fpVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/liO3Dk9HW5maOXYINfx-lTJgFC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/PwKJr_qvCA4lJxjj9Eidop2fpVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.216.0/22
IPv6:
2a03:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
ae:b7:ae:9f:fb:e4:ab:eb:54:43:7b:3f:ce:5e:26:52:3e:29:
a7:89:9e:76:67:c6:ed:11:d0:e4:ce:ee:f8:f3:9f:32:4d:2e:
30:1c:6c:46:d1:54:cd:39:88:d6:bc:b0:9c:05:b2:e3:0f:2c:
21:80:62:63:91:f1:a7:c7:8e:d3:bf:ac:6d:83:47:50:52:43:
1d:c1:9e:89:64:d2:24:05:3f:15:43:bb:f3:e6:bb:c7:cb:54:
3e:60:2e:72:ef:5a:cc:69:56:f2:0c:2e:95:c7:da:6d:12:b1:
a6:57:98:28:bb:93:38:b8:59:c6:76:37:64:c1:c7:1b:6a:ec:
df:e3:05:65:c2:8f:c2:9d:96:a0:90:8c:bd:de:e5:a5:19:e2:
e8:8c:a8:07:a2:46:2c:37:53:2e:7d:9f:bd:ea:3f:04:65:92:
c7:ff:a0:e7:ef:f4:44:d2:02:a8:3d:0e:e9:31:6c:7c:6c:d6:
b9:0d:96:5f:2a:80:9a:e9:1a:c1:9f:22:2c:89:8f:bf:0f:6e:
6f:32:1f:24:a3:f2:5c:ab:06:5a:fc:b3:20:b9:c4:76:5a:a0:
55:31:20:9a:a1:cd:63:c2:95:98:39:42:e3:da:51:61:b0:d9:
1f:e9:3f:95:3e:5a:a8:12:ee:fd:2b:cf:52:17:92:e0:e9:95:
1a:71:1d:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1yxFtdhbHNdrnpNqyfRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDI4OWFmZmFhZjA4MGUyNTI3MThlM2Y0NDg5ZGEyOWQ5
ZmE1NWEwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjIzYjcwZTRmNDc1Yjk5OWEzOTc2MDgzNWZjN2U5NTMyNjAxNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGgac5P2kd6bZW7XtL07UwGLfrs6
80FF2O9114HzElBLjKuhN3/4dV9aZ6iZaUD/I4bXUNX4xcOr3c0kzDCGcfYIn5MJ
6FFm6V6gC9SxhTJ/sgiyGP4s+Ll6ZSe0Mrn7heSaxoHp141a8L6qzUXS7a8JHnTr
+n/2NtGBJocSNpu1bezy44uFF4GtvuL1kentLhTfhBOLEQ9uCVUiMgJhR3vPc5jR
u1OkIuzQlLmEEWGoovaTdcYiEaTiLuovGoOTrtaEuSSZ5xobu3nY2DDxImCzAh7i
NsTkXBQlj2L1x9zjqlS1nWYlEli/nM3huoC6Oa/LIcJ7sc00P6tDwRvfewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJYjtw5PR1uZmjl2CDX8fpUyYBQtMB8GA1UdIwQY
MBaAFD8Cia/6rwgOJScY4/RInaKdn6VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdLSnJfcXZDQTRsSnhqajlFaWRvcDJmcFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85ZmNjY2YtZTdhYS00YzQ0LTk1OTAt
MWNmMGZlYWFhM2VhLzEvbGlPM0RrOUhXNW1hT1hZSU5meC1sVEpnRkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85ZmNjY2YtZTdhYS00YzQ0LTk1OTAtMWNmMGZlYWFhM2Vh
LzEvUHdLSnJfcXZDQTRsSnhqajlFaWRvcDJmcFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXfYMA0E
AgACMAcDBQAqA3jAMA0GCSqGSIb3DQEBCwUAA4IBAQCut66f++Sr61RDez/OXiZS
PimniZ52Z8btEdDkzu74858yTS4wHGxG0VTNOYjWvLCcBbLjDywhgGJjkfGnx47T
v6xtg0dQUkMdwZ6JZNIkBT8VQ7vz5rvHy1Q+YC5y71rMaVbyDC6Vx9ptErGmV5go
u5M4uFnGdjdkwccbauzf4wVlwo/CnZagkIy93uWlGeLojKgHokYsN1MufZ+96j8E
ZZLH/6Dn7/RE0gKoPQ7pMWx8bNa5DZZfKoCa6RrBnyIsiY+/D25vMh8ko/JcqwZa
/LMgucR2WqBVMSCaoc1jwpWYOULj2lFhsNkf6T+VPlqoEu79K89SF5Lg6ZUacR2X
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net