Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/3Q4b3ZrB5hBNl0sc19tX6sYik8M.roa
File: 3Q4b3ZrB5hBNl0sc19tX6sYik8M.roa (raw, json)
Hash identifier: Y2d6NgWxe37Sh2Kw4xqcfrnYvSssw7Fp3dHdg6i9y18=
Subject key identifier: DD:0E:1B:DD:9A:C1:E6:10:4D:97:4B:1C:D7:DB:57:EA:C6:22:93:C3
Certificate issuer: /CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131
Certificate serial: 0195F5302C80D3CE291C9AEB12E14A1D30CB
Authority key identifier: 29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/3Q4b3ZrB5hBNl0sc19tX6sYik8M.roa
Signing time: Wed 02 Apr 2025 06:28:49 +0000
ROA not before: Wed 02 Apr 2025 06:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205940
IP address blocks: 185.201.140.0/23 maxlen: 23
2a0a:c540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:30:2c:80:d3:ce:29:1c:9a:eb:12:e1:4a:1d:30:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131
Validity
Not Before: Apr 2 06:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd0e1bdd9ac1e6104d974b1cd7db57eac62293c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c4:63:49:e7:6f:7a:68:d0:5e:90:e0:98:df:
c6:4f:67:88:ba:49:e9:de:0f:65:6a:89:c6:9a:1a:
d3:77:bb:92:a8:5d:e6:6d:17:80:ff:5b:dd:bd:78:
c4:cf:4c:69:32:c5:1f:e9:9f:cf:d9:37:7b:a5:6b:
40:8f:ec:bb:ca:84:08:9e:73:f7:12:59:33:43:f1:
e5:b1:e6:1a:cf:0b:f8:61:3a:01:e4:97:bd:f5:98:
25:11:82:07:d8:e8:6b:1a:52:28:9a:80:a1:25:b3:
b6:92:c8:63:97:71:c2:00:c5:9d:7e:a4:06:25:94:
92:ac:58:5b:be:8d:2e:5c:b2:f6:b2:a0:6a:ac:1a:
c1:82:2b:08:14:89:34:c2:6a:83:d2:8d:d1:57:db:
37:73:2c:2e:e5:cb:f8:78:c2:b4:1f:3a:ae:11:ee:
07:f9:5e:2a:2d:5c:1f:10:4f:a5:42:80:ea:76:81:
65:50:df:a4:6a:1b:be:e1:bd:b5:59:3d:27:c6:46:
0d:b3:e2:fe:5b:a5:9d:6f:65:20:81:48:96:cd:9c:
0c:df:cf:c7:28:89:3a:3e:df:7d:88:b8:c5:05:be:
3e:f5:e6:67:10:64:c1:69:08:57:01:31:ae:f3:78:
1e:2f:1b:24:84:68:aa:0e:6a:92:43:80:bd:d9:f7:
d3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:1B:DD:9A:C1:E6:10:4D:97:4B:1C:D7:DB:57:EA:C6:22:93:C3
X509v3 Authority Key Identifier:
keyid:29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/3Q4b3ZrB5hBNl0sc19tX6sYik8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.140.0/23
IPv6:
2a0a:c540::/29
Signature Algorithm: sha256WithRSAEncryption
65:9b:40:ce:40:1c:e8:70:62:e2:dd:7d:55:5c:63:97:5d:76:
9f:4d:79:70:95:e3:6d:fa:7f:1e:0a:b9:9f:68:59:07:bc:18:
c3:a9:16:61:11:44:2f:e6:fc:9f:b0:89:40:31:d7:3f:8c:12:
53:47:6b:23:af:b2:b9:38:d6:10:38:05:7a:48:01:9d:e6:d9:
ff:78:d4:08:c4:c3:bb:c3:c4:51:c8:5f:39:21:1a:dd:ae:7b:
fe:ba:e5:50:a8:b3:58:c5:c6:ff:a9:01:5e:86:49:6b:5f:60:
b4:95:32:45:72:7e:fb:a7:5a:d1:81:fb:08:70:fc:dd:b7:d5:
54:70:01:92:2f:ed:cd:e6:35:3a:1e:8f:76:25:25:f3:19:73:
73:f3:15:72:d1:c5:33:fa:1c:13:50:ec:8d:f4:1b:21:c7:e0:
ba:be:4d:03:55:50:86:32:29:30:cc:25:0c:f8:b3:c4:ce:a1:
20:d9:96:cc:fa:ad:b6:8f:0f:d6:23:87:47:75:d6:62:c6:14:
cc:26:3e:48:03:65:85:fa:ff:8e:82:5f:41:f4:37:33:2f:99:
e6:aa:20:46:0c:20:83:cf:18:d4:50:80:d6:07:f5:bc:25:db:
13:f0:a9:1a:ff:3a:20:6b:43:da:bf:e5:80:f5:f2:9d:3c:15:
4d:a9:39:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZX1MCyA084pHJrrEuFKHTDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzE5NGY0YjUyYjlmZjQzM2YyYmYwZDE2YjU4YzExYzdj
ZjExMzEwHhcNMjUwNDAyMDYyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBlMWJkZDlhYzFlNjEwNGQ5NzRiMWNkN2RiNTdlYWM2MjI5M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcRjSedvemjQXpDgmN/GT2eIuknp
3g9laonGmhrTd7uSqF3mbReA/1vdvXjEz0xpMsUf6Z/P2Td7pWtAj+y7yoQInnP3
ElkzQ/HlseYazwv4YToB5Je99ZglEYIH2OhrGlIomoChJbO2kshjl3HCAMWdfqQG
JZSSrFhbvo0uXLL2sqBqrBrBgisIFIk0wmqD0o3RV9s3cywu5cv4eMK0HzquEe4H
+V4qLVwfEE+lQoDqdoFlUN+kahu+4b21WT0nxkYNs+L+W6Wdb2UggUiWzZwM38/H
KIk6Pt99iLjFBb4+9eZnEGTBaQhXATGu83geLxskhGiqDmqSQ4C92ffTxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN0OG92aweYQTZdLHNfbV+rGIpPDMB8GA1UdIwQY
MBaAFClxlPS1K5/0M/K/DRa1jBHHzxExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84MGI0YzAtMDZjYi00NDI0LTlkZDUt
NWE5ODg5MzFlYTMzLzEvM1E0YjNackI1aEJObDBzYzE5dFg2c1lpazhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS84MGI0YzAtMDZjYi00NDI0LTlkZDUtNWE5ODg5MzFlYTMz
LzEvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBucmMMA0E
AgACMAcDBQMqCsVAMA0GCSqGSIb3DQEBCwUAA4IBAQBlm0DOQBzocGLi3X1VXGOX
XXafTXlwleNt+n8eCrmfaFkHvBjDqRZhEUQv5vyfsIlAMdc/jBJTR2sjr7K5ONYQ
OAV6SAGd5tn/eNQIxMO7w8RRyF85IRrdrnv+uuVQqLNYxcb/qQFehklrX2C0lTJF
cn77p1rRgfsIcPzdt9VUcAGSL+3N5jU6Ho92JSXzGXNz8xVy0cUz+hwTUOyN9Bsh
x+C6vk0DVVCGMikwzCUM+LPEzqEg2ZbM+q22jw/WI4dHddZixhTMJj5IA2WF+v+O
gl9B9DczL5nmqiBGDCCDzxjUUIDWB/W8JdsT8Kka/zoga0Pav+WA9fKdPBVNqTl1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:13 2025 by rpki-client on console.sobornost.net