Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/EpJyeK5l3AFsANhOcZBiUOqM9nk.roa
File: EpJyeK5l3AFsANhOcZBiUOqM9nk.roa (raw, json)
Hash identifier: jEvX43x9SqA5MKvP91NPr1LUmWhpxkfIrUnmrmVabWE=
Subject key identifier: 12:92:72:78:AE:65:DC:01:6C:00:D8:4E:71:90:62:50:EA:8C:F6:79
Certificate issuer: /CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Certificate serial: 01941FFA0514C26D0A65C0922964625E340B
Authority key identifier: 1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/EpJyeK5l3AFsANhOcZBiUOqM9nk.roa
Signing time: Wed 01 Jan 2025 03:47:46 +0000
ROA not before: Wed 01 Jan 2025 03:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204467
IP address blocks: 185.247.156.0/22 maxlen: 22
2a01:6dc0::/32 maxlen: 32
2a0d:c680::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:05:14:c2:6d:0a:65:c0:92:29:64:62:5e:34:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d
Validity
Not Before: Jan 1 03:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12927278ae65dc016c00d84e71906250ea8cf679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:0f:4d:88:c6:be:00:06:ac:8f:81:76:03:
be:76:42:de:f2:bb:10:30:03:92:9a:23:36:df:5a:
a6:dc:ef:c8:bf:60:95:87:a7:c3:4c:9e:08:46:70:
f0:a9:8e:1d:e5:70:99:48:1c:66:10:9f:e5:ba:db:
51:5b:0b:6f:54:a2:e5:ac:e0:db:4d:7b:b4:1b:84:
aa:4d:91:c3:05:60:7b:48:7d:dc:75:64:be:96:db:
ef:f9:7f:51:32:c3:7b:3e:c2:68:61:cc:e5:3b:bc:
b6:8d:a9:b0:fe:5b:48:fd:a3:26:54:08:19:6c:57:
eb:e4:3a:56:81:31:a4:d3:79:da:7c:55:fc:39:52:
7a:7c:37:d7:6e:92:6a:d4:45:8a:0a:2d:82:ad:6c:
35:f5:9c:19:68:c6:cb:05:5c:3d:86:df:dd:0f:4d:
c7:27:e5:f0:2e:63:f5:25:36:ae:6a:6e:9f:14:77:
43:42:de:2d:27:a9:17:a9:78:26:ea:d0:9d:ca:bd:
de:4f:f5:25:52:3e:0a:42:86:be:6c:90:5c:17:37:
54:d9:20:75:24:f5:ac:6f:3a:d3:c4:d3:9a:36:72:
76:75:22:6b:58:f2:d8:02:ed:04:48:eb:ea:1d:a5:
f8:e8:d0:bc:b6:9a:f2:16:a1:92:36:99:e2:ae:88:
3f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:92:72:78:AE:65:DC:01:6C:00:D8:4E:71:90:62:50:EA:8C:F6:79
X509v3 Authority Key Identifier:
keyid:1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/EpJyeK5l3AFsANhOcZBiUOqM9nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.156.0/22
IPv6:
2a01:6dc0::/32
2a0d:c680::/29
Signature Algorithm: sha256WithRSAEncryption
9c:5f:78:5a:03:06:88:0e:28:e3:3e:39:26:d8:54:10:e2:0d:
32:7a:e2:1e:f9:d0:d4:12:fb:1d:dc:71:f5:92:8d:c7:70:35:
21:8b:12:86:ae:88:2a:8f:ef:65:52:87:a6:d9:72:4b:ba:74:
5c:46:ea:cb:20:64:22:75:60:4f:ca:0f:1e:98:46:50:b3:a8:
74:49:57:e6:d5:aa:36:4b:c2:3d:c5:37:29:fb:24:85:af:eb:
c2:b8:4c:9d:18:00:fa:f3:8f:0e:90:48:63:0d:8f:63:5b:71:
81:d4:77:a5:cc:d8:12:6c:04:33:ec:3f:25:e9:e4:08:86:3f:
3a:7f:60:90:9b:96:2f:d0:36:2f:41:70:78:53:c2:d9:2b:39:
67:4a:92:9d:74:9d:06:44:84:70:e2:72:1e:3b:6d:35:1f:a2:
6e:ff:9e:0c:e0:2c:e8:76:06:5a:03:91:7d:15:6b:e2:b0:45:
7b:74:53:fa:30:65:71:43:1d:6e:a3:dd:69:af:70:61:c7:47:
6e:76:7f:ae:e6:93:3a:b2:3c:4e:98:44:aa:80:1e:63:ea:cc:
16:e9:e3:28:37:a9:b4:44:9a:3e:33:0c:cc:6e:cc:1a:eb:5f:
ff:7e:74:ea:0a:88:3a:8e:7d:03:f2:b7:9c:5f:ee:ae:09:70:
49:1e:0f:2b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQf+gUUwm0KZcCSKWRiXjQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDJkNDYzYWUxNTM0NmQ1ZWRkNzkzN2I4YmZhOGUwOWIx
NDM3NmQwHhcNMjUwMTAxMDM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjkyNzI3OGFlNjVkYzAxNmMwMGQ4NGU3MTkwNjI1MGVhOGNmNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdcPTYjGvgAGrI+BdgO+dkLe8rsQ
MAOSmiM231qm3O/Iv2CVh6fDTJ4IRnDwqY4d5XCZSBxmEJ/luttRWwtvVKLlrODb
TXu0G4SqTZHDBWB7SH3cdWS+ltvv+X9RMsN7PsJoYczlO7y2jamw/ltI/aMmVAgZ
bFfr5DpWgTGk03nafFX8OVJ6fDfXbpJq1EWKCi2CrWw19ZwZaMbLBVw9ht/dD03H
J+XwLmP1JTauam6fFHdDQt4tJ6kXqXgm6tCdyr3eT/UlUj4KQoa+bJBcFzdU2SB1
JPWsbzrTxNOaNnJ2dSJrWPLYAu0ESOvqHaX46NC8tpryFqGSNpnirog/QwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBKScniuZdwBbADYTnGQYlDqjPZ5MB8GA1UdIwQY
MBaAFBvS1GOuFTRtXt15N7i/qOCbFDdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2Njkt
MWY5M2MyMzlhMDEyLzEvRXBKeWVLNWwzQUZzQU5oT2NaQmlVT3FNOW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2NjktMWY5M2MyMzlhMDEy
LzEvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCufecMBQE
AgACMA4DBQAqAW3AAwUDKg3GgDANBgkqhkiG9w0BAQsFAAOCAQEAnF94WgMGiA4o
4z45JthUEOINMnriHvnQ1BL7Hdxx9ZKNx3A1IYsShq6IKo/vZVKHptlyS7p0XEbq
yyBkInVgT8oPHphGULOodElX5tWqNkvCPcU3Kfskha/rwrhMnRgA+vOPDpBIYw2P
Y1txgdR3pczYEmwEM+w/JenkCIY/On9gkJuWL9A2L0FweFPC2Ss5Z0qSnXSdBkSE
cOJyHjttNR+ibv+eDOAs6HYGWgORfRVr4rBFe3RT+jBlcUMdbqPdaa9wYcdHbnZ/
ruaTOrI8TphEqoAeY+rMFunjKDeptESaPjMMzG7MGutf/3506gqIOo59A/K3nF/u
rglwSR4PKw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:14 2025 by rpki-client on console.sobornost.net