Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/3nqGhkLV9lVUPlFFGoMeuG1mXiA.roa
File: 3nqGhkLV9lVUPlFFGoMeuG1mXiA.roa (raw, json)
Hash identifier: XcfY9Hmln8PmxUq94JhUMZLnl3Q3LCi2mdpPddFOCD0=
Subject key identifier: DE:7A:86:86:42:D5:F6:55:54:3E:51:45:1A:83:1E:B8:6D:66:5E:20
Certificate issuer: /CN=908c573c2d83c7d8fd2a3cf9a7f536f92925a3bd
Certificate serial: 0194266B154D46F0FDDF396EAD49E66B121D
Authority key identifier: 90:8C:57:3C:2D:83:C7:D8:FD:2A:3C:F9:A7:F5:36:F9:29:25:A3:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kIxXPC2Dx9j9Kjz5p_U2-Sklo70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/3nqGhkLV9lVUPlFFGoMeuG1mXiA.roa
Signing time: Thu 02 Jan 2025 09:48:59 +0000
ROA not before: Thu 02 Jan 2025 09:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205543
IP address blocks: 185.214.236.0/22 maxlen: 24
2a0b:af40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:15:4d:46:f0:fd:df:39:6e:ad:49:e6:6b:12:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908c573c2d83c7d8fd2a3cf9a7f536f92925a3bd
Validity
Not Before: Jan 2 09:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de7a868642d5f655543e51451a831eb86d665e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1a:14:86:9b:19:ed:ec:aa:ff:8b:00:31:2a:
16:93:c7:fd:de:00:96:21:ba:6b:95:23:5c:fe:df:
ca:bc:a9:4d:23:eb:4f:52:81:49:8a:2f:b7:38:85:
3d:d5:cc:5c:c0:da:4e:23:0a:34:77:e0:88:77:b2:
2c:dd:32:42:f9:cd:96:b8:6d:33:18:cf:ea:a5:d2:
16:ee:63:43:1e:9c:7a:61:ee:8f:cc:d1:ca:f9:15:
16:2d:50:47:08:17:c7:04:fe:93:2b:50:85:b7:16:
a3:e9:26:38:03:c2:50:82:ad:da:41:56:e0:b0:41:
bd:19:28:cf:8e:75:ad:47:a8:3b:44:3c:90:9f:c4:
4b:11:f3:99:cb:bf:98:3c:70:1a:20:f3:53:fe:f7:
20:ba:27:16:77:8b:22:f6:a0:7d:cc:6a:62:d9:6a:
5e:ac:c4:af:fd:a0:d8:29:10:de:ea:58:99:34:e7:
de:29:32:9d:33:e8:04:ca:7e:18:14:48:8e:d5:00:
71:91:24:16:90:c3:aa:db:19:ad:24:e9:ac:c7:36:
88:49:3b:94:b5:49:8a:57:55:0f:c5:d2:89:91:d4:
2d:6d:85:29:89:c0:74:7e:74:e6:39:da:3a:fc:d3:
9c:d5:35:2f:16:b3:18:f7:99:50:28:9e:26:dc:b2:
16:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7A:86:86:42:D5:F6:55:54:3E:51:45:1A:83:1E:B8:6D:66:5E:20
X509v3 Authority Key Identifier:
keyid:90:8C:57:3C:2D:83:C7:D8:FD:2A:3C:F9:A7:F5:36:F9:29:25:A3:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kIxXPC2Dx9j9Kjz5p_U2-Sklo70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/3nqGhkLV9lVUPlFFGoMeuG1mXiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/83c416-7d9d-447a-add1-4e85bfd7d058/1/kIxXPC2Dx9j9Kjz5p_U2-Sklo70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.236.0/22
IPv6:
2a0b:af40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:43:1a:a0:b6:e5:3f:cb:09:dc:5d:a4:2b:d0:50:f7:da:29:
c5:a7:d1:2d:51:04:9e:0d:a7:6e:04:e2:40:c4:4d:27:40:ed:
6d:1c:d5:b6:8c:80:7b:69:1d:ef:55:61:d9:2f:d6:ce:02:b2:
32:be:7b:61:ea:63:f6:00:2f:df:04:2a:19:35:b0:62:2d:53:
01:57:57:4a:bf:c1:cc:ca:4d:04:07:f6:34:03:5a:a8:7d:2e:
e7:00:80:21:36:51:7b:c7:84:bb:6b:ef:7f:5e:c1:fb:31:29:
f3:b6:dd:36:48:20:7f:59:51:8f:43:07:04:e8:ca:f3:38:33:
ba:ea:72:51:bc:ef:2d:8e:17:7e:2a:6a:f2:a8:c3:ac:4e:51:
05:8d:73:2b:3c:e4:26:c6:17:43:5f:73:4c:82:28:f5:e0:3e:
37:38:f3:41:9e:30:19:a6:91:d6:84:2b:44:74:8e:b8:e7:33:
a3:25:97:bf:8f:3b:01:e7:97:57:6e:f6:53:58:7a:d6:9f:63:
c9:bc:d4:aa:3e:b5:51:17:6d:d4:60:b3:95:05:93:6d:05:11:
e9:89:23:7a:8e:a6:32:1f:d4:9c:9a:0a:c4:19:a2:f8:32:ac:
37:a5:2f:8f:6c:8e:17:7e:e0:cd:1b:d2:40:98:02:39:eb:6c:
9b:61:86:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmaxVNRvD93zlurUnmaxIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOGM1NzNjMmQ4M2M3ZDhmZDJhM2NmOWE3ZjUzNmY5Mjky
NWEzYmQwHhcNMjUwMTAyMDk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdhODY4NjQyZDVmNjU1NTQzZTUxNDUxYTgzMWViODZkNjY1ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRoUhpsZ7eyq/4sAMSoWk8f93gCW
IbprlSNc/t/KvKlNI+tPUoFJii+3OIU91cxcwNpOIwo0d+CId7Is3TJC+c2WuG0z
GM/qpdIW7mNDHpx6Ye6PzNHK+RUWLVBHCBfHBP6TK1CFtxaj6SY4A8JQgq3aQVbg
sEG9GSjPjnWtR6g7RDyQn8RLEfOZy7+YPHAaIPNT/vcguicWd4si9qB9zGpi2Wpe
rMSv/aDYKRDe6liZNOfeKTKdM+gEyn4YFEiO1QBxkSQWkMOq2xmtJOmsxzaISTuU
tUmKV1UPxdKJkdQtbYUpicB0fnTmOdo6/NOc1TUvFrMY95lQKJ4m3LIW9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN56hoZC1fZVVD5RRRqDHrhtZl4gMB8GA1UdIwQY
MBaAFJCMVzwtg8fY/So8+af1NvkpJaO9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0l4WFBDMkR4OWo5S2p6NXBfVTItU2tsbzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84M2M0MTYtN2Q5ZC00NDdhLWFkZDEt
NGU4NWJmZDdkMDU4LzEvM25xR2hrTFY5bFZVUGxGRkdvTWV1RzFtWGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84M2M0MTYtN2Q5ZC00NDdhLWFkZDEtNGU4NWJmZDdkMDU4
LzEva0l4WFBDMkR4OWo5S2p6NXBfVTItU2tsbzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudbsMA0E
AgACMAcDBQMqC69AMA0GCSqGSIb3DQEBCwUAA4IBAQBeQxqgtuU/ywncXaQr0FD3
2inFp9EtUQSeDaduBOJAxE0nQO1tHNW2jIB7aR3vVWHZL9bOArIyvnth6mP2AC/f
BCoZNbBiLVMBV1dKv8HMyk0EB/Y0A1qofS7nAIAhNlF7x4S7a+9/XsH7MSnztt02
SCB/WVGPQwcE6MrzODO66nJRvO8tjhd+KmryqMOsTlEFjXMrPOQmxhdDX3NMgij1
4D43OPNBnjAZppHWhCtEdI645zOjJZe/jzsB55dXbvZTWHrWn2PJvNSqPrVRF23U
YLOVBZNtBRHpiSN6jqYyH9ScmgrEGaL4Mqw3pS+PbI4XfuDNG9JAmAI562ybYYbe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:26 2025 by rpki-client on console.sobornost.net