Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0e49a1-73a9-4581-b88c-f10486e60a53/1/KWPAsF0vFOD6kPsFU3LMV-L0lSI.roa
File: KWPAsF0vFOD6kPsFU3LMV-L0lSI.roa (raw, json)
Hash identifier: VQvFUbsDDfVrBdoP9kicGC0pG5uJaNDDod3tQ4qnm70=
Subject key identifier: 29:63:C0:B0:5D:2F:14:E0:FA:90:FB:05:53:72:CC:57:E2:F4:95:22
Certificate issuer: /CN=3deb5817bbe7e5a1c5fb130551b84ab488016f92
Certificate serial: 0194FF7A25D3EFE0187EF11A21C44C5955F3
Authority key identifier: 3D:EB:58:17:BB:E7:E5:A1:C5:FB:13:05:51:B8:4A:B4:88:01:6F:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PetYF7vn5aHF-xMFUbhKtIgBb5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0e49a1-73a9-4581-b88c-f10486e60a53/1/KWPAsF0vFOD6kPsFU3LMV-L0lSI.roa
Signing time: Thu 13 Feb 2025 13:23:02 +0000
ROA not before: Thu 13 Feb 2025 13:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61128
IP address blocks: 185.16.156.0/24 maxlen: 24
185.16.157.0/24 maxlen: 24
185.16.158.0/24 maxlen: 24
185.16.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:7a:25:d3:ef:e0:18:7e:f1:1a:21:c4:4c:59:55:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb5817bbe7e5a1c5fb130551b84ab488016f92
Validity
Not Before: Feb 13 13:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2963c0b05d2f14e0fa90fb055372cc57e2f49522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6d:cf:72:ad:71:05:28:f5:12:8e:37:fd:f2:
b4:d2:c9:1b:ac:8b:36:e9:50:ad:a6:5c:36:2c:b3:
ee:29:aa:cc:40:14:ac:2e:55:3d:07:57:9b:29:50:
be:78:b9:91:03:01:a2:e4:ac:cf:a1:63:fd:c8:02:
d0:ac:84:da:5a:c4:64:bd:e4:7e:97:f7:3a:71:6d:
46:7c:fc:0b:b7:db:5d:24:d0:c8:e0:44:a9:ba:a3:
27:84:d8:ae:98:6d:b1:e4:0e:1f:63:35:26:c0:e4:
d0:ee:61:f2:8b:de:5b:9a:22:89:bd:3f:a8:a0:00:
f6:b7:0e:32:e7:1b:ff:5d:a5:c6:9d:4f:61:8f:45:
85:23:92:46:0e:43:da:b0:f2:c5:68:2c:6d:fa:12:
81:8e:77:e7:2e:63:b9:98:77:17:9b:1a:b4:6f:4a:
34:5a:95:18:8a:0c:38:4c:56:3b:04:4a:24:ce:f4:
30:c5:10:e0:4e:3c:d1:73:19:a9:26:65:b6:ae:b4:
d9:24:d5:16:38:83:e2:e4:9d:1b:a3:3b:94:54:21:
66:e3:72:ad:8a:51:8f:2b:ed:31:a2:42:3c:d7:43:
d9:01:1d:65:a5:c8:cb:f1:c4:c0:c2:d3:2b:30:a6:
cc:ae:36:45:ba:07:ab:16:d5:3c:ed:e4:f0:ac:54:
a0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:63:C0:B0:5D:2F:14:E0:FA:90:FB:05:53:72:CC:57:E2:F4:95:22
X509v3 Authority Key Identifier:
keyid:3D:EB:58:17:BB:E7:E5:A1:C5:FB:13:05:51:B8:4A:B4:88:01:6F:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PetYF7vn5aHF-xMFUbhKtIgBb5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0e49a1-73a9-4581-b88c-f10486e60a53/1/KWPAsF0vFOD6kPsFU3LMV-L0lSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0e49a1-73a9-4581-b88c-f10486e60a53/1/PetYF7vn5aHF-xMFUbhKtIgBb5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.156.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:79:ef:3f:7c:09:a2:3d:d5:4b:e1:47:58:c1:e4:c8:25:c1:
21:86:06:0b:5d:b6:fe:52:f5:26:6b:ee:c3:3b:c7:bf:c4:cc:
fc:21:7f:98:81:f1:c0:c1:2e:b7:9c:fe:9d:e7:8f:57:2a:db:
df:05:5f:48:39:2b:23:f9:04:d7:93:21:35:d6:55:0d:76:44:
50:08:46:2b:1b:f1:47:6b:4f:78:4e:58:bd:34:da:d0:10:32:
dd:6e:05:5e:dd:3c:12:52:03:88:b8:8a:17:48:7a:32:19:d7:
aa:b6:fa:87:a7:6e:85:4c:ff:06:2b:b5:d9:58:ac:ac:41:e3:
fe:65:1f:7b:a4:7b:b6:b0:08:96:7b:35:3c:2f:24:4d:69:f3:
b8:c2:60:70:be:a4:31:d2:8b:ea:22:50:b9:0d:6f:45:21:92:
f1:7e:49:7b:11:f5:bd:35:e6:bd:48:17:55:b3:a0:d2:0c:06:
ad:52:73:91:4d:48:a3:e5:6a:2c:b1:ab:98:13:87:47:15:fb:
04:c6:14:12:e7:1b:7f:63:c4:e5:be:aa:30:84:a7:e4:76:14:
b3:6b:df:93:87:fd:42:a6:c6:c5:2a:98:3b:27:f1:bf:60:91:
a9:8a:03:45:e7:62:61:b0:40:f1:c1:2b:34:a9:0c:65:60:26:
7c:8a:1e:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT/eiXT7+AYfvEaIcRMWVXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWI1ODE3YmJlN2U1YTFjNWZiMTMwNTUxYjg0YWI0ODgw
MTZmOTIwHhcNMjUwMjEzMTMyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYzYzBiMDVkMmYxNGUwZmE5MGZiMDU1MzcyY2M1N2UyZjQ5NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW3Pcq1xBSj1Eo43/fK00skbrIs2
6VCtplw2LLPuKarMQBSsLlU9B1ebKVC+eLmRAwGi5KzPoWP9yALQrITaWsRkveR+
l/c6cW1GfPwLt9tdJNDI4ESpuqMnhNiumG2x5A4fYzUmwOTQ7mHyi95bmiKJvT+o
oAD2tw4y5xv/XaXGnU9hj0WFI5JGDkPasPLFaCxt+hKBjnfnLmO5mHcXmxq0b0o0
WpUYigw4TFY7BEokzvQwxRDgTjzRcxmpJmW2rrTZJNUWOIPi5J0bozuUVCFm43Kt
ilGPK+0xokI810PZAR1lpcjL8cTAwtMrMKbMrjZFugerFtU87eTwrFSggwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCljwLBdLxTg+pD7BVNyzFfi9JUiMB8GA1UdIwQY
MBaAFD3rWBe75+WhxfsTBVG4SrSIAW+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGV0WUY3dm41YUhGLXhNRlViaEt0SWdCYjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wZTQ5YTEtNzNhOS00NTgxLWI4OGMt
ZjEwNDg2ZTYwYTUzLzEvS1dQQXNGMHZGT0Q2a1BzRlUzTE1WLUwwbFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wZTQ5YTEtNzNhOS00NTgxLWI4OGMtZjEwNDg2ZTYwYTUz
LzEvUGV0WUY3dm41YUhGLXhNRlViaEt0SWdCYjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRCcMA0G
CSqGSIb3DQEBCwUAA4IBAQCLee8/fAmiPdVL4UdYweTIJcEhhgYLXbb+UvUma+7D
O8e/xMz8IX+YgfHAwS63nP6d549XKtvfBV9IOSsj+QTXkyE11lUNdkRQCEYrG/FH
a094Tli9NNrQEDLdbgVe3TwSUgOIuIoXSHoyGdeqtvqHp26FTP8GK7XZWKysQeP+
ZR97pHu2sAiWezU8LyRNafO4wmBwvqQx0ovqIlC5DW9FIZLxfkl7EfW9Nea9SBdV
s6DSDAatUnORTUij5WossauYE4dHFfsExhQS5xt/Y8TlvqowhKfkdhSza9+Th/1C
psbFKpg7J/G/YJGpigNF52JhsEDxwSs0qQxlYCZ8ih64
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:25 2025 by rpki-client on console.sobornost.net