Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/1-AKJmO9q5axmG2bLlo_CKWpT7rI.roa
File: 1-AKJmO9q5axmG2bLlo_CKWpT7rI.roa (raw, json)
Hash identifier: IzbOHhtlqnCQLwohTNVhlpmomMZIZO83L4rK6yCvODA=
Subject key identifier: F8:02:89:98:EF:6A:E5:AC:66:1B:66:CB:96:8F:C2:29:6A:53:EE:B2
Certificate issuer: /CN=e373bcd3255a0dad5f4a350d11dc891fa0be0437
Certificate serial: 019424B304EB4E5D4D5C51F3A1177B8820C1
Authority key identifier: E3:73:BC:D3:25:5A:0D:AD:5F:4A:35:0D:11:DC:89:1F:A0:BE:04:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43O80yVaDa1fSjUNEdyJH6C-BDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/1-AKJmO9q5axmG2bLlo_CKWpT7rI.roa
Signing time: Thu 02 Jan 2025 01:48:19 +0000
ROA not before: Thu 02 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205311
IP address blocks: 185.219.108.0/22 maxlen: 23
2a0b:e540::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:04:eb:4e:5d:4d:5c:51:f3:a1:17:7b:88:20:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e373bcd3255a0dad5f4a350d11dc891fa0be0437
Validity
Not Before: Jan 2 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8028998ef6ae5ac661b66cb968fc2296a53eeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:96:2a:03:14:5b:c4:de:71:b6:6b:95:c3:b4:
14:8a:9e:54:ed:9b:9b:ba:fa:28:e6:13:4e:56:64:
66:33:a4:9b:00:f3:f1:37:80:5e:0e:ad:24:ca:7a:
60:16:4c:71:96:5a:07:f0:01:ca:b9:38:28:0a:24:
2f:44:96:68:2b:48:ac:64:35:b2:9b:ea:13:36:40:
69:bb:7e:9d:a2:aa:3a:b2:2e:f5:12:a8:e6:f3:d8:
d9:38:b2:ba:d1:d4:ef:7b:c7:85:dc:d8:59:a9:6e:
c9:46:b9:3d:72:23:d4:42:4d:33:ef:20:5b:7f:15:
24:f2:78:7d:71:cb:23:51:61:5b:eb:0c:e6:44:1f:
50:00:45:f5:06:9e:0f:4f:30:1d:c5:72:4e:e4:af:
49:95:71:1b:af:a2:31:f0:be:61:54:8c:e5:e4:11:
39:8c:be:fd:ef:5b:60:0a:4d:ef:e3:4f:71:b5:32:
a7:ca:fd:ee:c8:94:44:5c:c8:00:ba:ac:41:96:db:
41:26:1c:45:2f:43:ef:c5:91:8d:19:81:d2:12:4c:
43:64:d2:cf:9c:15:c3:a9:46:7c:31:db:67:f2:81:
c4:28:2f:e7:31:d5:a9:98:8a:02:3d:e0:23:3b:49:
bf:5c:f6:5e:d0:b7:96:f9:72:6d:e9:a6:c4:5e:f6:
0c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:02:89:98:EF:6A:E5:AC:66:1B:66:CB:96:8F:C2:29:6A:53:EE:B2
X509v3 Authority Key Identifier:
keyid:E3:73:BC:D3:25:5A:0D:AD:5F:4A:35:0D:11:DC:89:1F:A0:BE:04:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43O80yVaDa1fSjUNEdyJH6C-BDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/1-AKJmO9q5axmG2bLlo_CKWpT7rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/43O80yVaDa1fSjUNEdyJH6C-BDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.108.0/22
IPv6:
2a0b:e540::/29
Signature Algorithm: sha256WithRSAEncryption
37:ad:e6:bf:69:de:d8:e7:bc:82:0f:6c:43:40:d1:64:92:76:
4b:95:1b:08:cb:62:9a:5b:84:47:ad:ac:25:89:ec:95:12:21:
6a:4d:1e:7d:8b:3b:e9:bc:5b:c0:b4:58:96:60:76:4a:b0:4d:
f7:a7:81:58:57:2e:08:c1:1f:37:b8:05:45:d0:b2:98:1a:85:
3f:ca:1b:8d:ec:1c:01:c8:b1:56:27:bd:ef:4d:b8:7f:7f:c8:
c6:a7:29:2a:ec:0c:6e:81:bf:aa:c9:47:3c:be:3a:99:27:5f:
12:b8:33:01:11:1d:18:50:e9:fa:32:c0:8c:de:a8:29:01:ea:
1b:9f:c7:eb:2a:40:a1:84:61:2f:57:2f:0f:ed:dd:f8:9a:7c:
a4:cb:e1:79:81:51:a4:20:06:34:ac:fc:b4:b1:72:57:f5:00:
e3:bc:e0:21:8f:3a:05:ba:85:aa:c2:dd:e9:d2:28:26:32:ca:
87:23:68:8c:c0:e2:ac:ae:64:cc:3c:24:53:43:ee:19:86:85:
42:40:24:9a:b4:fa:85:6e:8e:5c:b6:2a:7e:04:64:c4:32:02:
b6:16:53:24:64:4f:3f:37:23:e2:d2:8f:ff:a7:9e:11:94:80:
56:1e:48:90:a1:6d:a4:7a:d6:fa:07:ee:38:f1:39:a8:12:46:
d0:56:57:9c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQkswTrTl1NXFHzoRd7iCDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzNiY2QzMjU1YTBkYWQ1ZjRhMzUwZDExZGM4OTFmYTBi
ZTA0MzcwHhcNMjUwMTAyMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODAyODk5OGVmNmFlNWFjNjYxYjY2Y2I5NjhmYzIyOTZhNTNlZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZYqAxRbxN5xtmuVw7QUip5U7Zub
uvoo5hNOVmRmM6SbAPPxN4BeDq0kynpgFkxxlloH8AHKuTgoCiQvRJZoK0isZDWy
m+oTNkBpu36doqo6si71Eqjm89jZOLK60dTve8eF3NhZqW7JRrk9ciPUQk0z7yBb
fxUk8nh9ccsjUWFb6wzmRB9QAEX1Bp4PTzAdxXJO5K9JlXEbr6Ix8L5hVIzl5BE5
jL7971tgCk3v409xtTKnyv3uyJREXMgAuqxBlttBJhxFL0PvxZGNGYHSEkxDZNLP
nBXDqUZ8Mdtn8oHEKC/nMdWpmIoCPeAjO0m/XPZe0LeW+XJt6abEXvYMBQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPgCiZjvauWsZhtmy5aPwilqU+6yMB8GA1UdIwQY
MBaAFONzvNMlWg2tX0o1DRHciR+gvgQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNPODB5VmFEYTFmU2pVTkVkeUpINkMtQkRjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9kMjBkYmMtMmFiNC00M2ZiLTgwYTIt
MDRlN2IxYThjZTE4LzEvMS1BS0ptTzlxNWF4bUcyYkxsb19DS1dwVDdySS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvZDIwZGJjLTJhYjQtNDNmYi04MGEyLTA0ZTdiMWE4Y2Ux
OC8xLzQzTzgweVZhRGExZlNqVU5FZHlKSDZDLUJEYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnbbDAN
BAIAAjAHAwUDKgvlQDANBgkqhkiG9w0BAQsFAAOCAQEAN63mv2ne2Oe8gg9sQ0DR
ZJJ2S5UbCMtimluER62sJYnslRIhak0efYs76bxbwLRYlmB2SrBN96eBWFcuCMEf
N7gFRdCymBqFP8objewcAcixVie97024f3/IxqcpKuwMboG/qslHPL46mSdfErgz
AREdGFDp+jLAjN6oKQHqG5/H6ypAoYRhL1cvD+3d+Jp8pMvheYFRpCAGNKz8tLFy
V/UA47zgIY86BbqFqsLd6dIoJjLKhyNojMDirK5kzDwkU0PuGYaFQkAkmrT6hW6O
XLYqfgRkxDICthZTJGRPPzcj4tKP/6eeEZSAVh5IkKFtpHrW+gfuOPE5qBJG0FZX
nA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net