Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/080bf2-7b2e-465e-ae9c-c4adbeb5adc0/1/7JS41vM91mOZftvqn8jPBmhbJuk.roa
File: 7JS41vM91mOZftvqn8jPBmhbJuk.roa (raw, json)
Hash identifier: aROAKgddtydWzjEbRgk4taCxbXsDkr5HWG29W6Kls8I=
Subject key identifier: EC:94:B8:D6:F3:3D:D6:63:99:7E:DB:EA:9F:C8:CF:06:68:5B:26:E9
Certificate issuer: /CN=dfac628a4c5cc6e570f4f41c4e0d6395491b4d7f
Certificate serial: 0194266B4838C3E23672DA6B073A234D4E87
Authority key identifier: DF:AC:62:8A:4C:5C:C6:E5:70:F4:F4:1C:4E:0D:63:95:49:1B:4D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36xiikxcxuVw9PQcTg1jlUkbTX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/080bf2-7b2e-465e-ae9c-c4adbeb5adc0/1/7JS41vM91mOZftvqn8jPBmhbJuk.roa
Signing time: Thu 02 Jan 2025 09:49:12 +0000
ROA not before: Thu 02 Jan 2025 09:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20647
IP address blocks: 185.231.124.0/22 maxlen: 22
2a0c:5f00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:48:38:c3:e2:36:72:da:6b:07:3a:23:4d:4e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfac628a4c5cc6e570f4f41c4e0d6395491b4d7f
Validity
Not Before: Jan 2 09:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec94b8d6f33dd663997edbea9fc8cf06685b26e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c7:70:e3:31:74:63:01:61:1c:74:da:81:70:
ba:de:40:08:aa:a7:2d:9d:44:5a:81:bf:04:fe:43:
f3:c6:6a:7a:b9:c0:7f:6a:f3:5f:23:f1:0e:f3:f4:
42:b6:7e:51:dc:19:32:41:ce:c0:c4:1d:23:f6:ee:
28:9a:96:26:e6:2c:bd:76:11:58:07:6e:bf:1c:da:
a0:cd:30:5c:d5:f3:97:03:20:d1:ec:e1:48:ee:60:
af:62:49:7f:c7:b3:ae:e9:5a:61:32:f3:f9:07:f2:
2d:42:41:d8:c3:a3:3e:1c:3c:b1:17:db:8a:5c:24:
e3:51:dc:84:39:df:0c:00:dd:c9:23:83:a8:a0:fd:
10:2a:7d:a6:a4:4c:45:a0:8c:f2:a1:96:f5:27:95:
d8:02:6c:0e:c0:ba:2f:7d:b1:04:a7:c4:be:a3:5a:
7a:95:17:65:2a:ad:4d:37:92:71:c9:9e:ff:68:66:
32:0f:3f:41:d8:4c:fd:99:0a:ff:09:85:65:dc:c1:
77:cd:68:0c:15:3a:e3:e0:49:e9:69:1d:86:c6:d0:
8d:a0:4b:46:cd:09:7e:d1:00:1f:ff:51:78:8e:12:
be:f5:f2:43:c4:9b:e5:0a:25:73:cc:4a:81:5e:12:
29:4f:51:50:5b:08:5b:0f:3a:7f:56:06:d5:8c:ef:
a5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:94:B8:D6:F3:3D:D6:63:99:7E:DB:EA:9F:C8:CF:06:68:5B:26:E9
X509v3 Authority Key Identifier:
keyid:DF:AC:62:8A:4C:5C:C6:E5:70:F4:F4:1C:4E:0D:63:95:49:1B:4D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36xiikxcxuVw9PQcTg1jlUkbTX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/080bf2-7b2e-465e-ae9c-c4adbeb5adc0/1/7JS41vM91mOZftvqn8jPBmhbJuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/080bf2-7b2e-465e-ae9c-c4adbeb5adc0/1/36xiikxcxuVw9PQcTg1jlUkbTX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.124.0/22
IPv6:
2a0c:5f00::/32
Signature Algorithm: sha256WithRSAEncryption
98:51:f0:51:3e:3e:ac:03:67:76:22:40:ad:d2:ba:52:9f:8c:
45:55:1f:f6:a0:f8:a9:bb:2f:30:5f:c7:36:c1:4b:06:df:af:
aa:e3:68:69:95:8a:74:34:d3:c1:9b:87:93:a1:66:2c:1b:6d:
e7:20:a5:8a:f9:cf:dc:30:a4:52:bd:46:76:ed:39:a4:f8:a7:
cd:7c:3e:dc:e1:4d:29:80:ef:f3:10:39:7f:cb:cb:9c:9a:ad:
1d:0e:03:f1:6d:28:bf:30:f2:35:fa:9f:07:df:ec:cc:93:db:
73:eb:0e:b2:89:ec:97:47:3c:dc:45:ca:7d:56:a0:c3:09:87:
1a:0e:31:c8:40:3c:35:a2:a5:93:8f:4c:93:04:b0:cb:5c:c5:
00:9e:05:43:7c:9a:ce:1e:90:5f:d7:99:10:f4:2c:36:9d:e6:
8c:0a:2d:fd:06:a5:92:a0:da:2b:95:e1:86:95:ee:99:38:f3:
1b:21:de:b6:0c:cc:58:60:ea:ef:c4:6d:17:b6:99:ec:5f:be:
7c:22:20:83:2c:3d:c2:d1:f7:c8:3e:cf:30:b7:90:a7:4d:59:
37:e4:30:a9:3d:60:10:67:aa:24:ce:db:87:c7:da:44:54:68:
b5:15:17:db:84:05:de:6e:7c:ed:1a:74:ea:6c:14:e7:0a:bf:
a4:aa:ed:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma0g4w+I2ctprBzojTU6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYWM2MjhhNGM1Y2M2ZTU3MGY0ZjQxYzRlMGQ2Mzk1NDkx
YjRkN2YwHhcNMjUwMTAyMDk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk0YjhkNmYzM2RkNjYzOTk3ZWRiZWE5ZmM4Y2YwNjY4NWIyNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsdw4zF0YwFhHHTagXC63kAIqqct
nURagb8E/kPzxmp6ucB/avNfI/EO8/RCtn5R3BkyQc7AxB0j9u4ompYm5iy9dhFY
B26/HNqgzTBc1fOXAyDR7OFI7mCvYkl/x7Ou6VphMvP5B/ItQkHYw6M+HDyxF9uK
XCTjUdyEOd8MAN3JI4OooP0QKn2mpExFoIzyoZb1J5XYAmwOwLovfbEEp8S+o1p6
lRdlKq1NN5JxyZ7/aGYyDz9B2Ez9mQr/CYVl3MF3zWgMFTrj4EnpaR2GxtCNoEtG
zQl+0QAf/1F4jhK+9fJDxJvlCiVzzEqBXhIpT1FQWwhbDzp/VgbVjO+lxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOyUuNbzPdZjmX7b6p/IzwZoWybpMB8GA1UdIwQY
MBaAFN+sYopMXMblcPT0HE4NY5VJG01/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZ4aWlreGN4dVZ3OVBRY1RnMWpsVWtiVFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wODBiZjItN2IyZS00NjVlLWFlOWMt
YzRhZGJlYjVhZGMwLzEvN0pTNDF2TTkxbU9aZnR2cW44alBCbWhiSnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wODBiZjItN2IyZS00NjVlLWFlOWMtYzRhZGJlYjVhZGMw
LzEvMzZ4aWlreGN4dVZ3OVBRY1RnMWpsVWtiVFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCued8MA0E
AgACMAcDBQAqDF8AMA0GCSqGSIb3DQEBCwUAA4IBAQCYUfBRPj6sA2d2IkCt0rpS
n4xFVR/2oPipuy8wX8c2wUsG36+q42hplYp0NNPBm4eToWYsG23nIKWK+c/cMKRS
vUZ27Tmk+KfNfD7c4U0pgO/zEDl/y8ucmq0dDgPxbSi/MPI1+p8H3+zMk9tz6w6y
ieyXRzzcRcp9VqDDCYcaDjHIQDw1oqWTj0yTBLDLXMUAngVDfJrOHpBf15kQ9Cw2
neaMCi39BqWSoNorleGGle6ZOPMbId62DMxYYOrvxG0XtpnsX758IiCDLD3C0ffI
Ps8wt5CnTVk35DCpPWAQZ6okztuHx9pEVGi1FRfbhAXebnztGnTqbBTnCr+kqu24
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:29 2025 by rpki-client on console.sobornost.net