Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/49e49a-987e-4741-aba9-37a50cdfae07/1/tvKD3UXqZVXDvVX7leTlMKw_qew.roa
File: tvKD3UXqZVXDvVX7leTlMKw_qew.roa (raw, json)
Hash identifier: WK5XR30REtOfSSrTxnfQEhXv68zn6pJyCz3GjFrJURA=
Subject key identifier: B6:F2:83:DD:45:EA:65:55:C3:BD:55:FB:95:E4:E5:30:AC:3F:A9:EC
Certificate issuer: /CN=6e681c256d672981cb39ce25ca78cf215cf4eaa6
Certificate serial: 019421B1D2E9A0F42014E824596402BA20F2
Authority key identifier: 6E:68:1C:25:6D:67:29:81:CB:39:CE:25:CA:78:CF:21:5C:F4:EA:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmgcJW1nKYHLOc4lynjPIVz06qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/49e49a-987e-4741-aba9-37a50cdfae07/1/tvKD3UXqZVXDvVX7leTlMKw_qew.roa
Signing time: Wed 01 Jan 2025 11:48:09 +0000
ROA not before: Wed 01 Jan 2025 11:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205251
IP address blocks: 185.149.180.0/24 maxlen: 24
185.149.181.0/24 maxlen: 24
185.149.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d2:e9:a0:f4:20:14:e8:24:59:64:02:ba:20:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e681c256d672981cb39ce25ca78cf215cf4eaa6
Validity
Not Before: Jan 1 11:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6f283dd45ea6555c3bd55fb95e4e530ac3fa9ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:36:da:81:87:4b:27:ca:1d:81:9f:e4:1b:
2d:92:69:2c:49:f7:7a:f0:ef:1c:5d:56:bc:d0:fc:
03:14:f0:6e:35:78:01:31:a5:f3:3c:cf:b0:52:75:
94:d3:25:fa:55:f8:82:63:11:e5:5b:a7:78:7b:1a:
e7:1d:3c:e7:8d:69:11:2c:8d:de:1c:c5:20:46:fe:
77:4b:62:3b:61:98:51:bc:74:58:6b:98:29:9d:f4:
b7:36:63:4f:28:56:6c:2b:1f:31:7d:6b:4f:f7:7f:
16:33:28:05:ce:b7:76:a1:ea:9c:a1:bd:30:35:19:
f1:2b:3a:57:c0:c4:f8:6b:ec:41:84:d3:60:34:a7:
90:67:87:85:d4:78:82:10:07:18:9d:5d:bb:98:33:
35:8b:84:5f:ab:b3:fe:e1:c3:f9:a1:88:c4:31:b8:
f4:e5:05:27:14:9d:06:88:71:a5:9c:b3:22:df:cd:
16:12:5f:10:a8:35:0c:9a:45:5c:64:60:6a:dd:47:
e6:f7:3f:a0:a5:02:97:a7:37:14:82:0b:d9:e7:10:
c0:e5:5b:84:ee:8b:ea:a4:f1:1b:60:1e:0a:f9:14:
7f:b2:e3:91:1e:d3:66:d9:49:82:f0:b3:f7:1f:ba:
9e:e1:bf:5f:cd:c8:82:dc:e2:d9:4f:3a:00:4a:7e:
4e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F2:83:DD:45:EA:65:55:C3:BD:55:FB:95:E4:E5:30:AC:3F:A9:EC
X509v3 Authority Key Identifier:
keyid:6E:68:1C:25:6D:67:29:81:CB:39:CE:25:CA:78:CF:21:5C:F4:EA:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmgcJW1nKYHLOc4lynjPIVz06qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/49e49a-987e-4741-aba9-37a50cdfae07/1/tvKD3UXqZVXDvVX7leTlMKw_qew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/49e49a-987e-4741-aba9-37a50cdfae07/1/bmgcJW1nKYHLOc4lynjPIVz06qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.180.0-185.149.182.255
Signature Algorithm: sha256WithRSAEncryption
56:0c:b6:51:75:20:bd:bf:09:84:05:77:cb:6c:70:5e:de:4e:
ee:dc:67:e1:f8:60:1e:01:aa:ed:5f:e0:2d:35:58:15:ba:fb:
8f:dd:00:e2:74:47:0d:86:d6:12:ce:b7:2c:ed:c5:7e:23:7f:
14:f2:98:44:52:1e:e4:dc:91:ef:a1:eb:43:82:a7:93:c2:bb:
ad:4b:32:a7:39:86:08:32:d0:bc:66:10:f7:55:ad:b9:37:ab:
6b:54:7b:41:22:aa:22:1a:25:f6:70:f7:c5:ea:bb:d2:9e:6e:
b7:9d:75:7e:ef:bb:bf:34:f5:af:76:f3:8a:e6:2e:7e:de:0b:
94:47:59:e9:f8:69:62:7b:4c:e3:fd:fc:e9:2e:7f:02:74:ab:
01:df:27:b4:68:a4:68:88:58:12:0b:c6:80:51:9b:b7:ad:85:
ff:bb:6d:02:a9:f3:b8:ef:1a:56:a1:32:9f:a5:18:7c:92:a7:
55:0a:f5:1b:3f:3c:62:91:a5:66:17:0a:2a:bc:07:e0:e3:dc:
72:6f:23:a4:14:9f:1f:27:23:2c:51:d8:61:fd:ad:99:40:56:
13:da:19:66:ba:2e:2a:11:a1:1f:ff:3f:c2:60:b6:b2:16:6d:
42:52:bb:f4:17:79:af:ae:c6:7a:e2:b1:2f:db:b0:c4:c5:9c:
f6:60:73:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhsdLpoPQgFOgkWWQCuiDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjgxYzI1NmQ2NzI5ODFjYjM5Y2UyNWNhNzhjZjIxNWNm
NGVhYTYwHhcNMjUwMTAxMTE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmYyODNkZDQ1ZWE2NTU1YzNiZDU1ZmI5NWU0ZTUzMGFjM2ZhOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUY22oGHSyfKHYGf5BstkmksSfd6
8O8cXVa80PwDFPBuNXgBMaXzPM+wUnWU0yX6VfiCYxHlW6d4exrnHTznjWkRLI3e
HMUgRv53S2I7YZhRvHRYa5gpnfS3NmNPKFZsKx8xfWtP938WMygFzrd2oeqcob0w
NRnxKzpXwMT4a+xBhNNgNKeQZ4eF1HiCEAcYnV27mDM1i4Rfq7P+4cP5oYjEMbj0
5QUnFJ0GiHGlnLMi380WEl8QqDUMmkVcZGBq3Ufm9z+gpQKXpzcUggvZ5xDA5VuE
7ovqpPEbYB4K+RR/suORHtNm2UmC8LP3H7qe4b9fzciC3OLZTzoASn5OvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLbyg91F6mVVw71V+5Xk5TCsP6nsMB8GA1UdIwQY
MBaAFG5oHCVtZymByznOJcp4zyFc9OqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1nY0pXMW5LWUhMT2M0bHlualBJVnowNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80OWU0OWEtOTg3ZS00NzQxLWFiYTkt
MzdhNTBjZGZhZTA3LzEvdHZLRDNVWHFaVlhEdlZYN2xlVGxNS3dfcWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80OWU0OWEtOTg3ZS00NzQxLWFiYTktMzdhNTBjZGZhZTA3
LzEvYm1nY0pXMW5LWUhMT2M0bHlualBJVnowNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5lbQD
BAC5lbYwDQYJKoZIhvcNAQELBQADggEBAFYMtlF1IL2/CYQFd8tscF7eTu7cZ+H4
YB4Bqu1f4C01WBW6+4/dAOJ0Rw2G1hLOtyztxX4jfxTymERSHuTcke+h60OCp5PC
u61LMqc5hggy0LxmEPdVrbk3q2tUe0EiqiIaJfZw98Xqu9KebreddX7vu7809a92
84rmLn7eC5RHWen4aWJ7TOP9/OkufwJ0qwHfJ7RopGiIWBILxoBRm7ethf+7bQKp
87jvGlahMp+lGHySp1UK9Rs/PGKRpWYXCiq8B+Dj3HJvI6QUnx8nIyxR2GH9rZlA
VhPaGWa6LioRoR//P8JgtrIWbUJSu/QXea+uxnrisS/bsMTFnPZgc50=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net