Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/aI7Jkk0hKBc5FvPXNc087oh3O6I.roa
File: aI7Jkk0hKBc5FvPXNc087oh3O6I.roa (raw, json)
Hash identifier: NGQRZS/iBgx2LNEuUjWmKtWDne6hFeLh8g8pm9sOGIE=
Subject key identifier: 68:8E:C9:92:4D:21:28:17:39:16:F3:D7:35:CD:3C:EE:88:77:3B:A2
Certificate issuer: /CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Certificate serial: 019424457C7C4FCDE40C9CEFE059B13E08D1
Authority key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/aI7Jkk0hKBc5FvPXNc087oh3O6I.roa
Signing time: Wed 01 Jan 2025 23:48:41 +0000
ROA not before: Wed 01 Jan 2025 23:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205371
IP address blocks: 185.220.112.0/24 maxlen: 24
185.220.113.0/24 maxlen: 24
185.220.114.0/24 maxlen: 24
185.220.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7c:7c:4f:cd:e4:0c:9c:ef:e0:59:b1:3e:08:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Validity
Not Before: Jan 1 23:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=688ec9924d2128173916f3d735cd3cee88773ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bc:7b:53:c1:ce:b3:1e:96:5e:4c:96:da:83:
a2:36:c9:c1:81:6a:0a:80:bb:8a:9c:44:5d:25:65:
e7:5a:b3:41:70:c0:fb:3c:f0:ca:43:0f:30:f2:6e:
70:4d:07:e7:67:5b:40:d3:98:3f:5c:4f:78:2a:a5:
12:c4:e8:e9:c2:4c:4b:93:62:bd:86:58:70:90:66:
84:de:53:e2:48:cc:03:4f:89:e3:ab:a0:c4:4b:97:
65:f3:18:42:b7:f5:ac:e3:62:30:0e:c4:97:a0:f7:
ec:91:ac:9f:3c:12:2e:bc:39:e8:53:69:b4:36:a6:
a8:f1:24:7a:a4:4e:b0:27:8f:c1:9d:6d:53:67:3d:
a0:52:4e:1f:52:65:30:ce:2e:f0:27:5b:11:18:7b:
94:fb:6e:85:a0:cd:22:78:0d:99:3b:92:62:10:0f:
8d:4d:32:82:b8:b4:a8:6b:fd:7d:9f:f7:ba:d5:4c:
a8:8d:ed:a1:be:e5:6b:45:48:87:87:74:98:cd:a8:
a6:bf:ef:74:3b:36:be:22:b2:c5:a5:ad:29:89:d5:
4e:66:e1:0b:6b:8d:0a:85:31:78:9c:3f:c0:c6:a8:
43:af:cf:9e:3e:af:ea:79:7e:3b:a4:f6:72:c7:f5:
fd:c1:59:83:23:c7:c5:cf:1d:b5:94:25:45:a3:0b:
66:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8E:C9:92:4D:21:28:17:39:16:F3:D7:35:CD:3C:EE:88:77:3B:A2
X509v3 Authority Key Identifier:
keyid:29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/aI7Jkk0hKBc5FvPXNc087oh3O6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/22
Signature Algorithm: sha256WithRSAEncryption
52:4b:95:14:7a:9c:c7:d1:81:da:6d:dd:19:ac:04:82:30:5e:
e0:43:5d:27:1b:4e:f3:e9:c0:20:de:d6:8f:0b:53:b8:e4:e6:
ac:20:50:42:c1:dd:b8:ad:a6:21:77:1e:32:4d:0d:e6:b7:3c:
2f:65:16:a2:58:94:47:7f:67:ec:30:8b:f7:c6:98:d7:7f:8d:
2b:49:65:fa:3e:71:2b:77:2a:ca:cd:09:b5:7f:8e:3c:b3:dc:
db:1c:50:fa:de:7a:5f:44:58:e2:66:88:27:60:e4:37:72:0e:
b8:5c:9b:0f:ce:7c:a1:13:b0:4c:d3:04:10:69:27:3e:8f:96:
86:e0:ae:f0:55:2e:08:bb:8b:f6:85:b2:21:9d:fd:cb:7d:3c:
ad:03:1b:06:fc:19:42:5a:ae:f3:ec:4b:ca:d5:27:9c:07:00:
e7:d2:9d:f5:61:a4:59:f3:a7:e7:e1:18:f1:5b:bf:e0:56:95:
19:6d:05:87:77:97:05:c2:48:a1:19:70:de:02:6b:54:80:a8:
55:61:36:9c:00:4b:0a:64:80:11:cc:c3:51:29:a3:14:c9:55:
d7:1b:20:18:ca:b5:2c:b4:d5:7c:0c:4e:6c:9e:f4:d8:e2:9a:
9a:6f:a2:73:c7:55:c8:0e:55:f8:1f:24:ea:7b:0d:ac:4c:06:
bb:23:a4:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXx8T83kDJzv4FmxPgjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NWI2YTM0YTIxMDliYTdjNGQ5N2Y3NmM3NDQ2NmYxNGMz
MzMzZTAwHhcNMjUwMTAxMjM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODhlYzk5MjRkMjEyODE3MzkxNmYzZDczNWNkM2NlZTg4NzczYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrx7U8HOsx6WXkyW2oOiNsnBgWoK
gLuKnERdJWXnWrNBcMD7PPDKQw8w8m5wTQfnZ1tA05g/XE94KqUSxOjpwkxLk2K9
hlhwkGaE3lPiSMwDT4njq6DES5dl8xhCt/Ws42IwDsSXoPfskayfPBIuvDnoU2m0
Nqao8SR6pE6wJ4/BnW1TZz2gUk4fUmUwzi7wJ1sRGHuU+26FoM0ieA2ZO5JiEA+N
TTKCuLSoa/19n/e61Uyoje2hvuVrRUiHh3SYzaimv+90Oza+IrLFpa0pidVOZuEL
a40KhTF4nD/AxqhDr8+ePq/qeX47pPZyx/X9wVmDI8fFzx21lCVFowtmzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiOyZJNISgXORbz1zXNPO6IdzuiMB8GA1UdIwQY
MBaAFClbajSiEJunxNl/dsdEZvFMMzPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAt
Yjc5N2E0NDA2ZjMwLzEvYUk3SmtrMGhLQmM1RnZQWE5jMDg3b2gzTzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAtYjc5N2E0NDA2ZjMw
LzEvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudxwMA0G
CSqGSIb3DQEBCwUAA4IBAQBSS5UUepzH0YHabd0ZrASCMF7gQ10nG07z6cAg3taP
C1O45OasIFBCwd24raYhdx4yTQ3mtzwvZRaiWJRHf2fsMIv3xpjXf40rSWX6PnEr
dyrKzQm1f448s9zbHFD63npfRFjiZognYOQ3cg64XJsPznyhE7BM0wQQaSc+j5aG
4K7wVS4Iu4v2hbIhnf3LfTytAxsG/BlCWq7z7EvK1SecBwDn0p31YaRZ86fn4Rjx
W7/gVpUZbQWHd5cFwkihGXDeAmtUgKhVYTacAEsKZIARzMNRKaMUyVXXGyAYyrUs
tNV8DE5snvTY4pqab6Jzx1XIDlX4HyTqew2sTAa7I6R9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net