Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/KaQ1cbhsU-_BkoECZGtKOYFMwp4.roa
File: KaQ1cbhsU-_BkoECZGtKOYFMwp4.roa (raw, json)
Hash identifier: l5AAqJ6KrxG8q9wOC3vocpvn5IVvSVAwWKvgrRqMXhc=
Subject key identifier: 29:A4:35:71:B8:6C:53:EF:C1:92:81:02:64:6B:4A:39:81:4C:C2:9E
Certificate issuer: /CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Certificate serial: 019424B3AB92030F45508CAFBFDA0BB185AA
Authority key identifier: 6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/KaQ1cbhsU-_BkoECZGtKOYFMwp4.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201625
IP address blocks: 185.68.164.0/22 maxlen: 32
2a05:1220::/29 maxlen: 48
2a05:1220::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ab:92:03:0f:45:50:8c:af:bf:da:0b:b1:85:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29a43571b86c53efc1928102646b4a39814cc29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a4:7f:e8:33:e2:a4:ed:86:ee:9b:a7:5c:67:
dd:c4:de:8f:72:a4:7b:51:f4:a5:45:7e:2c:c8:65:
4d:8d:7b:c3:ea:b5:cd:03:51:da:01:68:12:74:c9:
30:fc:1b:8f:93:b8:1a:6b:0f:d3:22:d5:80:a7:af:
4e:34:69:ef:53:ac:1d:22:6a:f6:1f:e3:3a:69:15:
b8:bb:bd:b9:63:a5:1f:db:89:79:1b:a4:79:e8:e0:
65:f3:72:bc:54:23:7c:8c:ad:4d:e5:5c:4d:14:7c:
37:1e:7b:01:01:a9:83:f6:33:8b:89:14:8e:54:cf:
82:63:7f:94:80:88:81:2f:ce:07:7b:90:01:7a:97:
8a:4f:b3:75:2b:a5:aa:50:40:6b:1d:7f:24:db:00:
ea:b6:57:71:72:eb:93:75:81:7d:51:d8:8a:db:e1:
a8:6b:5f:8f:9e:18:fc:4e:f0:1e:3d:00:cf:4f:05:
7f:b7:c9:d4:7b:57:56:0b:0b:da:a1:4b:74:56:ce:
b6:d9:78:98:1a:84:9d:14:ca:3d:77:32:4f:1f:a9:
d3:9d:97:45:8c:5c:08:16:85:c8:bb:9c:d5:9c:13:
97:4e:de:4e:f5:64:98:c9:1c:ca:0d:57:18:4f:3f:
c1:4c:e1:d9:0f:d8:67:91:d8:9f:26:9a:2f:65:79:
88:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A4:35:71:B8:6C:53:EF:C1:92:81:02:64:6B:4A:39:81:4C:C2:9E
X509v3 Authority Key Identifier:
keyid:6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/KaQ1cbhsU-_BkoECZGtKOYFMwp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.164.0/22
IPv6:
2a05:1220::/29
Signature Algorithm: sha256WithRSAEncryption
30:92:83:72:03:ae:27:26:fa:14:93:2c:9f:28:cd:f7:01:b8:
00:14:34:ff:c6:af:61:20:04:2a:e9:8d:08:f4:8e:6d:c8:14:
a4:1e:f1:a7:0e:46:b0:30:a9:08:7d:89:2b:97:16:29:2c:7a:
c5:8c:53:ff:ec:e5:5f:61:e7:b3:ad:84:11:0c:13:c3:2b:4b:
1b:0e:55:3a:5d:64:26:4e:63:6c:64:46:f7:5d:f4:96:a2:d4:
a4:ed:b1:81:f5:74:1d:76:26:11:0c:01:3a:b2:fa:4c:4c:4c:
c7:29:d4:ef:e3:15:1d:8c:79:1b:a4:1e:9d:f7:a0:5a:3d:18:
f1:80:cf:b0:a5:f9:09:29:fe:36:7a:d5:68:f3:af:57:dd:8e:
4e:0f:8a:ac:3c:6c:03:c0:25:6e:0a:39:b7:da:f9:5b:9c:26:
d6:b8:8f:ea:b4:cc:e9:59:60:1d:10:3e:2f:3a:b0:40:36:30:
47:8c:99:d7:1b:47:22:53:5a:2e:d0:32:f6:30:ea:34:5e:86:
fb:1d:ec:63:49:5f:fa:ab:3b:fc:9f:bc:ba:69:26:77:01:b4:
03:aa:18:75:15:00:9e:92:f5:c9:32:47:83:56:63:55:c9:fd:
99:da:b5:da:e3:38:5c:60:45:b1:a7:6a:d8:08:49:a0:32:e4:
28:64:e2:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks6uSAw9FUIyvv9oLsYWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2IzZmIzYmVhOGNjOGUzNmUzZGE3ZDljNDcwNDliZmM2
ZmZiMTQwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE0MzU3MWI4NmM1M2VmYzE5MjgxMDI2NDZiNGEzOTgxNGNjMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaR/6DPipO2G7punXGfdxN6PcqR7
UfSlRX4syGVNjXvD6rXNA1HaAWgSdMkw/BuPk7gaaw/TItWAp69ONGnvU6wdImr2
H+M6aRW4u725Y6Uf24l5G6R56OBl83K8VCN8jK1N5VxNFHw3HnsBAamD9jOLiRSO
VM+CY3+UgIiBL84He5ABepeKT7N1K6WqUEBrHX8k2wDqtldxcuuTdYF9UdiK2+Go
a1+Pnhj8TvAePQDPTwV/t8nUe1dWCwvaoUt0Vs622XiYGoSdFMo9dzJPH6nTnZdF
jFwIFoXIu5zVnBOXTt5O9WSYyRzKDVcYTz/BTOHZD9hnkdifJpovZXmIFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCmkNXG4bFPvwZKBAmRrSjmBTMKeMB8GA1UdIwQY
MBaAFG7LP7O+qMyONuPafZxHBJv8b/sUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnNzX3M3Nm96STQyNDlwOW5FY0VtX3h2LXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8wYmE3ZTItNjNhMi00YzQxLTg2YjUt
YTM3MGY0YmEyZDJiLzEvS2FRMWNiaHNVLV9Ca29FQ1pHdEtPWUZNd3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8wYmE3ZTItNjNhMi00YzQxLTg2YjUtYTM3MGY0YmEyZDJi
LzEvYnNzX3M3Nm96STQyNDlwOW5FY0VtX3h2LXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUSkMA0E
AgACMAcDBQMqBRIgMA0GCSqGSIb3DQEBCwUAA4IBAQAwkoNyA64nJvoUkyyfKM33
AbgAFDT/xq9hIAQq6Y0I9I5tyBSkHvGnDkawMKkIfYkrlxYpLHrFjFP/7OVfYeez
rYQRDBPDK0sbDlU6XWQmTmNsZEb3XfSWotSk7bGB9XQddiYRDAE6svpMTEzHKdTv
4xUdjHkbpB6d96BaPRjxgM+wpfkJKf42etVo869X3Y5OD4qsPGwDwCVuCjm32vlb
nCbWuI/qtMzpWWAdED4vOrBANjBHjJnXG0ciU1ou0DL2MOo0Xob7HexjSV/6qzv8
n7y6aSZ3AbQDqhh1FQCekvXJMkeDVmNVyf2Z2rXa4zhcYEWxp2rYCEmgMuQoZOLL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:12 2025 by rpki-client on console.sobornost.net