Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/4aKaPeuKkFGP9DkxcB8DOClWpKg.roa
File: 4aKaPeuKkFGP9DkxcB8DOClWpKg.roa (raw, json)
Hash identifier: m9nL9aDr5NjXaEfCOc4RkIAjrxKiWL1MukDMMkDw9YE=
Subject key identifier: E1:A2:9A:3D:EB:8A:90:51:8F:F4:39:31:70:1F:03:38:29:56:A4:A8
Certificate issuer: /CN=3e09a54cc224ad7b3ca0c575317b8184e2ace216
Certificate serial: 01942067EBC6EE3E2A8AADCD0D9931A6A7EF
Authority key identifier: 3E:09:A5:4C:C2:24:AD:7B:3C:A0:C5:75:31:7B:81:84:E2:AC:E2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/4aKaPeuKkFGP9DkxcB8DOClWpKg.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:eb:c6:ee:3e:2a:8a:ad:cd:0d:99:31:a6:a7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e09a54cc224ad7b3ca0c575317b8184e2ace216
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1a29a3deb8a90518ff43931701f03382956a4a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:57:9a:24:0d:ca:f2:34:31:e3:f6:d0:67:
84:75:e0:8a:e5:70:c5:4c:da:e4:ef:a5:1a:cb:90:
b6:0a:01:95:d8:b0:0a:d0:9e:04:35:31:dd:7c:5a:
2c:90:e0:cc:2e:38:c7:e1:76:ad:be:33:b4:4f:c8:
68:2e:d3:4a:36:27:09:9b:85:45:6e:dd:f2:be:89:
e0:b4:72:02:51:ba:ba:e6:78:d2:3f:f6:d2:97:4c:
2d:fc:d8:71:e7:77:46:c9:be:1d:4e:2b:a4:a7:73:
4a:53:7b:43:95:00:da:ae:4f:87:ad:d8:c5:bc:93:
bc:bf:69:b6:31:32:54:3f:ac:0f:33:1f:a0:37:4e:
f8:e9:88:e9:dd:2d:75:f4:ec:dd:6f:ab:8c:52:c9:
0c:7c:06:17:13:b8:d0:ae:b9:e6:2f:1a:b0:bc:bd:
23:62:0a:da:2f:65:c2:50:62:97:65:1e:0b:76:ae:
14:69:ad:5e:11:9e:71:ac:48:05:e6:a8:a8:f6:ae:
5a:79:47:ba:27:b7:e3:77:37:43:80:3c:c2:72:bb:
1d:0d:42:5d:0d:d7:f2:21:bf:2c:0c:86:eb:0f:1d:
ad:11:fa:6e:76:c2:bb:af:31:aa:15:18:74:94:28:
05:53:5e:30:35:f5:d9:5f:d3:0a:22:8e:01:83:3f:
e8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A2:9A:3D:EB:8A:90:51:8F:F4:39:31:70:1F:03:38:29:56:A4:A8
X509v3 Authority Key Identifier:
keyid:3E:09:A5:4C:C2:24:AD:7B:3C:A0:C5:75:31:7B:81:84:E2:AC:E2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/4aKaPeuKkFGP9DkxcB8DOClWpKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/PgmlTMIkrXs8oMV1MXuBhOKs4hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.240.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:05:9f:ec:b9:67:84:3f:f8:15:48:a3:14:30:7c:f9:fa:9f:
d0:bf:76:d3:fd:88:8f:ac:3d:c8:3f:79:81:a2:88:29:c3:92:
2d:cb:23:b0:f6:43:d7:a2:68:f1:c2:6a:a7:4e:1e:30:92:f6:
9c:cc:0f:d3:53:3e:5e:6a:33:c3:65:97:e9:9c:66:e2:6b:5e:
e8:e1:22:d4:47:af:0d:fc:08:21:6a:8d:e5:55:0f:ec:8d:2d:
93:8b:91:db:88:20:89:d8:51:09:68:14:47:84:aa:d4:04:ae:
6d:44:7b:65:a6:5f:b2:02:c9:a8:4f:40:43:5d:69:48:3d:b8:
98:e5:e7:aa:fc:7c:62:19:18:80:2c:a7:f4:ac:86:3d:13:57:
12:d9:b5:2a:3c:3f:b7:3e:96:81:f2:d1:0b:1d:5c:96:fd:dd:
c1:1a:12:f0:c1:c8:b9:dc:f8:27:91:ee:16:ce:a1:75:89:65:
96:c4:77:92:9e:c5:75:dc:5a:16:4d:f8:23:eb:ee:64:10:db:
c4:bd:08:44:23:b3:10:1c:11:66:2a:df:96:8a:72:84:e5:d7:
13:46:25:89:55:30:f2:f4:5a:39:1e:ac:1f:56:e1:1e:fb:de:
f9:9b:e7:08:c0:7f:c0:8c:a9:92:eb:ac:bd:37:66:83:e5:39:
ee:5f:77:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+vG7j4qiq3NDZkxpqfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMDlhNTRjYzIyNGFkN2IzY2EwYzU3NTMxN2I4MTg0ZTJh
Y2UyMTYwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWEyOWEzZGViOGE5MDUxOGZmNDM5MzE3MDFmMDMzODI5NTZhNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojdXmiQNyvI0MeP20GeEdeCK5XDF
TNrk76Uay5C2CgGV2LAK0J4ENTHdfFoskODMLjjH4XatvjO0T8hoLtNKNicJm4VF
bt3yvongtHICUbq65njSP/bSl0wt/Nhx53dGyb4dTiukp3NKU3tDlQDark+HrdjF
vJO8v2m2MTJUP6wPMx+gN0746Yjp3S119Ozdb6uMUskMfAYXE7jQrrnmLxqwvL0j
YgraL2XCUGKXZR4Ldq4Uaa1eEZ5xrEgF5qio9q5aeUe6J7fjdzdDgDzCcrsdDUJd
DdfyIb8sDIbrDx2tEfpudsK7rzGqFRh0lCgFU14wNfXZX9MKIo4Bgz/oVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGimj3ripBRj/Q5MXAfAzgpVqSoMB8GA1UdIwQY
MBaAFD4JpUzCJK17PKDFdTF7gYTirOIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdtbFRNSWtyWHM4b01WMU1YdUJoT0tzNGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81ZWYzZTItMDYwMy00NmZkLWFkOWYt
OGQ4YjZlMTE2MjE5LzEvNGFLYVBldUtrRkdQOURreGNCOERPQ2xXcEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81ZWYzZTItMDYwMy00NmZkLWFkOWYtOGQ4YjZlMTE2MjE5
LzEvUGdtbFRNSWtyWHM4b01WMU1YdUJoT0tzNGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWzwMA0G
CSqGSIb3DQEBCwUAA4IBAQB/BZ/suWeEP/gVSKMUMHz5+p/Qv3bT/YiPrD3IP3mB
oogpw5ItyyOw9kPXomjxwmqnTh4wkvaczA/TUz5eajPDZZfpnGbia17o4SLUR68N
/Aghao3lVQ/sjS2Ti5HbiCCJ2FEJaBRHhKrUBK5tRHtlpl+yAsmoT0BDXWlIPbiY
5eeq/HxiGRiALKf0rIY9E1cS2bUqPD+3PpaB8tELHVyW/d3BGhLwwci53Pgnke4W
zqF1iWWWxHeSnsV13FoWTfgj6+5kENvEvQhEI7MQHBFmKt+WinKE5dcTRiWJVTDy
9Fo5HqwfVuEe+975m+cIwH/AjKmS66y9N2aD5TnuX3dP
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:27:16 2025 by rpki-client on console.sobornost.net