Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/iqTl4BIzOojgsD_Wimn0FwnJtEM.roa
File: iqTl4BIzOojgsD_Wimn0FwnJtEM.roa (raw, json)
Hash identifier: 3DGwbK08inzQ4rExkDlqu5OQopsFOPF3AI5Z6YQHb4s=
Subject key identifier: 8A:A4:E5:E0:12:33:3A:88:E0:B0:3F:D6:8A:69:F4:17:09:C9:B4:43
Certificate issuer: /CN=0011fe2b2f67547ad712d6fc36ac67dd692f0e1e
Certificate serial: 0195238C8A6C750BC3A6D2AFB09C3DD58181
Authority key identifier: 00:11:FE:2B:2F:67:54:7A:D7:12:D6:FC:36:AC:67:DD:69:2F:0E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/iqTl4BIzOojgsD_Wimn0FwnJtEM.roa
Signing time: Thu 20 Feb 2025 13:29:27 +0000
ROA not before: Thu 20 Feb 2025 13:29:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39659
IP address blocks: 185.229.36.0/22 maxlen: 22
185.229.36.0/23 maxlen: 23
185.229.37.0/24 maxlen: 24
185.229.38.0/23 maxlen: 23
185.229.38.0/24 maxlen: 24
185.229.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:8c:8a:6c:75:0b:c3:a6:d2:af:b0:9c:3d:d5:81:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0011fe2b2f67547ad712d6fc36ac67dd692f0e1e
Validity
Not Before: Feb 20 13:29:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aa4e5e012333a88e0b03fd68a69f41709c9b443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8b:c5:bc:5c:28:23:17:bb:c4:8f:1d:6c:de:
8e:ea:8f:3a:18:17:45:40:7d:7f:c6:0c:9f:20:f1:
73:6f:70:89:09:d2:db:16:25:62:db:40:c3:49:4f:
e8:43:13:34:5b:98:b6:05:af:80:42:04:90:6e:c8:
2d:64:30:c5:88:e5:91:e3:60:82:d6:fa:29:cd:67:
96:1a:1b:6c:09:d1:0d:47:13:f7:67:e7:9b:b0:78:
3d:6f:0e:a2:5b:da:fb:ce:9e:24:b3:d6:28:d6:a1:
a1:b2:13:42:92:7c:90:fd:d4:7d:b2:bc:e5:d1:99:
1c:f7:50:61:a6:25:7b:c1:35:0f:96:12:8a:b1:da:
75:33:5f:68:36:c2:52:18:69:04:8d:eb:ac:f2:bb:
5f:93:aa:20:d6:76:e2:c5:ac:fd:a0:56:56:24:99:
b3:61:0b:02:4e:51:ed:4b:72:15:86:91:e4:c1:1a:
e1:c7:bc:64:f2:18:e8:4c:b8:d2:1a:9f:be:6a:2d:
c4:7d:1b:61:7c:25:4d:32:ac:5a:7f:99:de:fb:a7:
70:56:be:d9:c0:c0:63:d0:ef:ef:da:33:13:cd:37:
a2:84:be:0a:7a:10:4a:a4:64:af:ae:1e:3a:2c:ea:
fb:93:4f:e9:c5:0d:96:ad:2b:49:83:38:77:13:3b:
4d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A4:E5:E0:12:33:3A:88:E0:B0:3F:D6:8A:69:F4:17:09:C9:B4:43
X509v3 Authority Key Identifier:
keyid:00:11:FE:2B:2F:67:54:7A:D7:12:D6:FC:36:AC:67:DD:69:2F:0E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/iqTl4BIzOojgsD_Wimn0FwnJtEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.36.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:d5:ff:fc:f9:35:b6:c8:5b:a3:6f:20:41:9a:be:f2:f8:d0:
fb:f5:38:77:d1:ad:6c:8d:97:8e:c1:fc:c5:0b:a5:10:38:3c:
9f:87:e8:85:79:05:d5:50:72:8e:65:b7:2f:19:6a:d6:57:ba:
15:b1:55:5b:4a:51:65:ac:40:b0:a4:00:6c:2c:0b:03:71:34:
62:85:42:5f:9b:83:63:6e:96:5c:fd:1c:3f:49:ef:dd:81:10:
95:01:b5:98:3b:83:37:36:4d:b0:6f:8d:da:e6:fb:64:ce:15:
f7:2c:0f:b6:4e:39:3f:2f:f4:15:6c:4a:29:5c:52:7a:ae:93:
4c:90:97:18:07:cc:39:74:99:37:12:23:97:9a:1d:35:03:d9:
65:7c:ba:74:32:8e:5e:dc:d4:c1:70:44:66:a1:e3:bc:7b:30:
10:1b:5c:e5:98:f4:3f:4b:68:1a:3c:c9:a4:40:cf:12:f7:a1:
a9:ba:f9:b3:a7:db:fc:1d:ab:80:43:5c:51:0c:56:2e:dc:bf:
e0:c7:55:d8:d5:29:b0:55:ca:1c:47:a4:8f:33:5f:ba:a6:cc:
fc:1e:8c:1f:04:c8:64:1d:cb:82:af:f8:af:99:cf:d7:ca:58:
e7:43:fc:0a:bc:78:b8:8b:68:9f:5b:8c:b5:09:ba:46:80:60:
1f:04:91:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUjjIpsdQvDptKvsJw91YGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTFmZTJiMmY2NzU0N2FkNzEyZDZmYzM2YWM2N2RkNjky
ZjBlMWUwHhcNMjUwMjIwMTMyOTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE0ZTVlMDEyMzMzYTg4ZTBiMDNmZDY4YTY5ZjQxNzA5YzliNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIvFvFwoIxe7xI8dbN6O6o86GBdF
QH1/xgyfIPFzb3CJCdLbFiVi20DDSU/oQxM0W5i2Ba+AQgSQbsgtZDDFiOWR42CC
1vopzWeWGhtsCdENRxP3Z+ebsHg9bw6iW9r7zp4ks9Yo1qGhshNCknyQ/dR9srzl
0Zkc91BhpiV7wTUPlhKKsdp1M19oNsJSGGkEjeus8rtfk6og1nbixaz9oFZWJJmz
YQsCTlHtS3IVhpHkwRrhx7xk8hjoTLjSGp++ai3EfRthfCVNMqxaf5ne+6dwVr7Z
wMBj0O/v2jMTzTeihL4KehBKpGSvrh46LOr7k0/pxQ2WrStJgzh3EztNnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqk5eASMzqI4LA/1opp9BcJybRDMB8GA1UdIwQY
MBaAFAAR/isvZ1R61xLW/DasZ91pLw4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJILUt5OW5WSHJYRXRiOE5xeG4zV2t2RGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZGQwNmQtZTdhNi00NDkxLTllMTMt
YTI4OGI0MWE1MGY2LzEvaXFUbDRCSXpPb2pnc0RfV2ltbjBGd25KdEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ZGQwNmQtZTdhNi00NDkxLTllMTMtYTI4OGI0MWE1MGY2
LzEvQUJILUt5OW5WSHJYRXRiOE5xeG4zV2t2RGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueUkMA0G
CSqGSIb3DQEBCwUAA4IBAQBb1f/8+TW2yFujbyBBmr7y+ND79Th30a1sjZeOwfzF
C6UQODyfh+iFeQXVUHKOZbcvGWrWV7oVsVVbSlFlrECwpABsLAsDcTRihUJfm4Nj
bpZc/Rw/Se/dgRCVAbWYO4M3Nk2wb43a5vtkzhX3LA+2Tjk/L/QVbEopXFJ6rpNM
kJcYB8w5dJk3EiOXmh01A9llfLp0Mo5e3NTBcERmoeO8ezAQG1zlmPQ/S2gaPMmk
QM8S96Gpuvmzp9v8HauAQ1xRDFYu3L/gx1XY1SmwVcocR6SPM1+6psz8HowfBMhk
HcuCr/ivmc/XyljnQ/wKvHi4i2ifW4y1CbpGgGAfBJFS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net