Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/Z4ohMPF1WbOgY7NPLu3yhyFt6Mc.roa
File: Z4ohMPF1WbOgY7NPLu3yhyFt6Mc.roa (raw, json)
Hash identifier: wjvtvacmB4OpgR5kZvFLo2El4XLARx+8D9159reAQW4=
Subject key identifier: 67:8A:21:30:F1:75:59:B3:A0:63:B3:4F:2E:ED:F2:87:21:6D:E8:C7
Certificate issuer: /CN=6cdec7b2e9f866eac36bc31ca4c4ff62d53dd166
Certificate serial: 019422FB3C38C1BC0BC0137A2B3CF0A77E8D
Authority key identifier: 6C:DE:C7:B2:E9:F8:66:EA:C3:6B:C3:1C:A4:C4:FF:62:D5:3D:D1:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bN7Hsun4ZurDa8McpMT_YtU90WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/Z4ohMPF1WbOgY7NPLu3yhyFt6Mc.roa
Signing time: Wed 01 Jan 2025 17:47:57 +0000
ROA not before: Wed 01 Jan 2025 17:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205813
IP address blocks: 185.204.192.0/22 maxlen: 22
185.204.192.0/24 maxlen: 24
185.204.193.0/24 maxlen: 24
185.204.194.0/24 maxlen: 24
185.204.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3c:38:c1:bc:0b:c0:13:7a:2b:3c:f0:a7:7e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cdec7b2e9f866eac36bc31ca4c4ff62d53dd166
Validity
Not Before: Jan 1 17:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=678a2130f17559b3a063b34f2eedf287216de8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:b5:e1:87:02:ba:85:d1:2f:02:74:b0:6e:
f2:b0:3f:52:9d:4a:3f:dc:89:5e:48:02:01:45:90:
e2:eb:54:21:45:23:c2:64:a6:94:95:af:50:d7:79:
7d:d4:d3:41:1a:cc:0e:7c:42:31:2c:85:bd:83:71:
e7:4a:3a:1a:f6:42:1e:15:ba:6c:eb:c2:98:fd:54:
28:6f:61:e6:4c:2f:fa:cc:60:97:2f:89:d0:0a:85:
19:bc:55:8d:38:61:c5:35:96:f2:ca:b3:7f:83:13:
2c:a9:42:da:16:57:8a:22:af:f7:6c:a6:36:19:30:
53:aa:a4:dc:0e:bf:29:56:1c:5c:73:97:54:31:04:
3a:6e:b3:1b:04:32:26:7c:79:e4:01:dc:02:cf:f9:
9d:d4:62:97:d6:42:dc:c9:80:8c:04:c3:54:29:98:
6b:ed:0f:d0:42:34:8f:6d:6d:6f:d4:2a:0e:93:7d:
14:2d:3b:8b:7e:8d:1b:b4:ed:7b:36:85:e6:47:58:
b8:5b:d8:86:2b:f6:72:1b:54:af:bb:69:a5:58:1f:
f5:a1:64:34:1e:86:d2:c7:59:64:28:2a:21:d9:49:
19:6a:4f:34:c8:47:3a:ba:5b:f2:14:36:b9:6b:e7:
54:cf:65:3e:d9:0a:81:5d:e2:97:6b:89:02:15:50:
a8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8A:21:30:F1:75:59:B3:A0:63:B3:4F:2E:ED:F2:87:21:6D:E8:C7
X509v3 Authority Key Identifier:
keyid:6C:DE:C7:B2:E9:F8:66:EA:C3:6B:C3:1C:A4:C4:FF:62:D5:3D:D1:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bN7Hsun4ZurDa8McpMT_YtU90WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/Z4ohMPF1WbOgY7NPLu3yhyFt6Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/bN7Hsun4ZurDa8McpMT_YtU90WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.192.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:40:9f:98:a8:44:2d:91:1e:b4:38:4e:b6:14:f2:99:f2:76:
41:a8:27:84:a8:57:5d:22:da:b7:ed:81:a6:3c:b3:a9:fd:d7:
9b:55:cd:49:5a:7b:37:bf:04:3d:70:01:20:6d:7b:0f:a0:67:
bf:68:cc:a5:de:30:e6:a1:fb:b5:99:fe:18:c2:5a:66:c8:91:
ef:38:4a:fe:db:51:90:b7:67:bc:a7:40:5e:95:e3:a0:85:66:
aa:11:2d:40:b9:6d:0f:6f:45:25:98:26:8c:97:ef:12:3b:07:
7c:b9:94:98:2d:4b:b2:60:4e:e7:ae:86:93:ea:3f:62:e9:e1:
93:0d:1e:df:7d:15:4e:ba:85:1c:b8:75:cf:f3:6f:f6:49:63:
64:79:5b:40:c2:28:33:7c:ef:96:76:d5:ae:e7:bf:0c:c1:f0:
9a:e6:bd:4b:17:9a:b7:f5:c2:30:34:25:58:0e:eb:cc:dd:9f:
d4:01:5a:bc:e3:3d:14:7d:1a:f2:d6:d3:c6:8b:58:86:fb:7d:
e4:6e:1a:d4:2d:e9:07:08:ee:af:e6:01:a3:6f:9d:4b:cb:b7:
69:16:ed:ed:e1:b0:52:95:74:b5:8b:1c:6a:37:57:24:84:3c:
ac:72:d2:56:27:8c:57:56:9e:21:33:8e:a2:7d:18:9c:1f:e8:
27:b5:9f:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zw4wbwLwBN6Kzzwp36NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZGVjN2IyZTlmODY2ZWFjMzZiYzMxY2E0YzRmZjYyZDUz
ZGQxNjYwHhcNMjUwMTAxMTc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhhMjEzMGYxNzU1OWIzYTA2M2IzNGYyZWVkZjI4NzIxNmRlOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoO14YcCuoXRLwJ0sG7ysD9SnUo/
3IleSAIBRZDi61QhRSPCZKaUla9Q13l91NNBGswOfEIxLIW9g3HnSjoa9kIeFbps
68KY/VQob2HmTC/6zGCXL4nQCoUZvFWNOGHFNZbyyrN/gxMsqULaFleKIq/3bKY2
GTBTqqTcDr8pVhxcc5dUMQQ6brMbBDImfHnkAdwCz/md1GKX1kLcyYCMBMNUKZhr
7Q/QQjSPbW1v1CoOk30ULTuLfo0btO17NoXmR1i4W9iGK/ZyG1Svu2mlWB/1oWQ0
HobSx1lkKCoh2UkZak80yEc6ulvyFDa5a+dUz2U+2QqBXeKXa4kCFVCoAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeKITDxdVmzoGOzTy7t8ochbejHMB8GA1UdIwQY
MBaAFGzex7Lp+Gbqw2vDHKTE/2LVPdFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk43SHN1bjRadXJEYThNY3BNVF9ZdFU5MFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMTUwNGMtYzFjNi00NTY0LWE0MDIt
NGU2N2JlNGU0MzJlLzEvWjRvaE1QRjFXYk9nWTdOUEx1M3loeUZ0Nk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMTUwNGMtYzFjNi00NTY0LWE0MDItNGU2N2JlNGU0MzJl
LzEvYk43SHN1bjRadXJEYThNY3BNVF9ZdFU5MFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuczAMA0G
CSqGSIb3DQEBCwUAA4IBAQArQJ+YqEQtkR60OE62FPKZ8nZBqCeEqFddItq37YGm
PLOp/debVc1JWns3vwQ9cAEgbXsPoGe/aMyl3jDmofu1mf4YwlpmyJHvOEr+21GQ
t2e8p0BeleOghWaqES1AuW0Pb0UlmCaMl+8SOwd8uZSYLUuyYE7nroaT6j9i6eGT
DR7ffRVOuoUcuHXP82/2SWNkeVtAwigzfO+WdtWu578MwfCa5r1LF5q39cIwNCVY
DuvM3Z/UAVq84z0UfRry1tPGi1iG+33kbhrULekHCO6v5gGjb51Ly7dpFu3t4bBS
lXS1ixxqN1ckhDysctJWJ4xXVp4hM46ifRicH+gntZ9n
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net