Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/0grHL5XgK1ebyYywK4lDDAZgFXk.roa
File: 0grHL5XgK1ebyYywK4lDDAZgFXk.roa (raw, json)
Hash identifier: 7IJm0rOyyU+pJZuljsQpmmrB2AVEaK9nH1aTnz504mA=
Subject key identifier: D2:0A:C7:2F:95:E0:2B:57:9B:C9:8C:B0:2B:89:43:0C:06:60:15:79
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 019423D7003D2CD0375E51D2BEF2B3057279
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/0grHL5XgK1ebyYywK4lDDAZgFXk.roa
Signing time: Wed 01 Jan 2025 21:48:00 +0000
ROA not before: Wed 01 Jan 2025 21:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204838
IP address blocks: 185.108.38.0/23 maxlen: 24
185.108.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:00:3d:2c:d0:37:5e:51:d2:be:f2:b3:05:72:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 1 21:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d20ac72f95e02b579bc98cb02b89430c06601579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:17:cb:86:c8:23:f7:3c:f1:b2:56:d1:bc:
0e:86:f9:27:f5:10:28:ea:d0:4c:4f:79:93:1a:ff:
51:88:a2:55:cb:b0:1d:f8:0e:52:44:47:63:eb:80:
e4:3f:70:63:96:d1:41:e5:91:44:c6:b5:0e:d0:8f:
4d:63:95:e3:7f:ac:6e:1a:f2:a5:33:cf:78:1b:73:
93:5d:3f:61:7b:d8:af:b8:05:2a:7f:e7:86:75:0d:
98:f9:25:a6:23:ac:d1:d6:8b:c1:3a:f5:72:f0:b7:
4d:31:00:12:3f:a3:aa:aa:4c:fa:6a:46:9d:0b:e5:
b1:f4:31:65:8a:41:c4:84:57:36:a5:fa:71:03:45:
6f:5d:55:2e:51:df:e4:f9:0c:4e:c4:aa:b0:3f:d2:
6e:c3:e1:16:1b:d0:93:38:fb:4c:1e:cc:91:80:3b:
83:a6:34:4c:0e:fc:7c:0c:17:8d:d7:20:6c:bb:d1:
02:02:96:c2:92:57:89:18:a5:47:df:f1:cd:ee:bf:
74:da:e9:e2:ea:21:ad:4d:74:8f:f2:3a:70:e8:64:
49:3e:f2:e3:e2:95:62:36:5c:8a:24:57:bc:40:33:
57:1c:fc:10:d2:c2:f3:eb:2f:25:c0:c2:47:35:48:
f7:b1:87:bc:3e:7e:11:58:36:eb:6e:37:7c:67:96:
e4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0A:C7:2F:95:E0:2B:57:9B:C9:8C:B0:2B:89:43:0C:06:60:15:79
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/0grHL5XgK1ebyYywK4lDDAZgFXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.38.0/23
Signature Algorithm: sha256WithRSAEncryption
30:8f:a8:6a:77:10:1f:0e:d8:6a:c4:ee:23:5c:4e:a8:08:a5:
6b:08:e6:4b:5f:67:2b:b8:63:f5:34:2c:a2:7d:1c:9c:09:66:
91:4b:85:2c:e3:6b:01:81:08:ae:12:81:0a:bf:94:f5:a8:4f:
8a:de:b4:59:71:79:90:af:df:4d:8e:02:bb:9d:3b:a9:84:af:
5f:ca:f1:2e:49:f4:25:ed:00:86:df:28:fc:c0:12:02:7f:8c:
e0:eb:24:43:95:f6:03:cc:99:20:a4:80:dc:39:54:ce:07:eb:
7f:e9:95:df:39:8c:c5:c7:5e:06:fa:fd:26:4a:c4:92:d2:21:
81:d1:be:3f:81:fb:40:32:2c:b8:31:af:61:f2:31:b9:d5:5a:
e9:bb:2c:bc:ec:12:64:41:d3:2a:fd:f8:52:cd:05:59:16:56:
49:d5:b8:d1:95:0c:b3:05:2c:c9:1d:37:b8:21:93:18:fd:cb:
31:13:b5:09:c4:6f:07:87:85:55:3a:af:8c:42:3f:f6:3d:29:
ed:38:46:de:1f:ca:65:3c:79:16:c1:15:b4:8c:b3:83:1c:c7:
de:3f:4c:c0:dd:fa:6f:1e:d1:dd:d7:bc:41:22:e6:a4:fa:3e:
e6:6f:64:66:c6:92:ab:45:2e:af:86:75:ea:2b:16:9f:7b:f6:
cb:3a:ac:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1wA9LNA3XlHSvvKzBXJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjUwMTAxMjE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBhYzcyZjk1ZTAyYjU3OWJjOThjYjAyYjg5NDMwYzA2NjAxNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/MXy4bII/c88bJW0bwOhvkn9RAo
6tBMT3mTGv9RiKJVy7Ad+A5SREdj64DkP3BjltFB5ZFExrUO0I9NY5Xjf6xuGvKl
M894G3OTXT9he9ivuAUqf+eGdQ2Y+SWmI6zR1ovBOvVy8LdNMQASP6Oqqkz6akad
C+Wx9DFlikHEhFc2pfpxA0VvXVUuUd/k+QxOxKqwP9Juw+EWG9CTOPtMHsyRgDuD
pjRMDvx8DBeN1yBsu9ECApbCkleJGKVH3/HN7r902uni6iGtTXSP8jpw6GRJPvLj
4pViNlyKJFe8QDNXHPwQ0sLz6y8lwMJHNUj3sYe8Pn4RWDbrbjd8Z5bkiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIKxy+V4CtXm8mMsCuJQwwGYBV5MB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvMGdySEw1WGdLMWVieVl5d0s0bEREQVpnRlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWwmMA0G
CSqGSIb3DQEBCwUAA4IBAQAwj6hqdxAfDthqxO4jXE6oCKVrCOZLX2cruGP1NCyi
fRycCWaRS4Us42sBgQiuEoEKv5T1qE+K3rRZcXmQr99NjgK7nTuphK9fyvEuSfQl
7QCG3yj8wBICf4zg6yRDlfYDzJkgpIDcOVTOB+t/6ZXfOYzFx14G+v0mSsSS0iGB
0b4/gftAMiy4Ma9h8jG51Vrpuyy87BJkQdMq/fhSzQVZFlZJ1bjRlQyzBSzJHTe4
IZMY/csxE7UJxG8Hh4VVOq+MQj/2PSntOEbeH8plPHkWwRW0jLODHMfeP0zA3fpv
HtHd17xBIuak+j7mb2RmxpKrRS6vhnXqKxafe/bLOqxA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net