Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/38e6f7-4e35-4c2d-9977-097cb8df2a24/1/tCW9fwISpjkcZibIaKBsjXs7N7A.roa
File: tCW9fwISpjkcZibIaKBsjXs7N7A.roa (raw, json)
Hash identifier: NwxiC6aogmrL5itM5Y4be2nBp9O9LLOH8w2QrDP5u38=
Subject key identifier: B4:25:BD:7F:02:12:A6:39:1C:66:26:C8:68:A0:6C:8D:7B:3B:37:B0
Certificate issuer: /CN=8b9cc57ca84723aec2841145f6f7d301bdf35bac
Certificate serial: 019488D76C19778964F63A935F19C15F4E11
Authority key identifier: 8B:9C:C5:7C:A8:47:23:AE:C2:84:11:45:F6:F7:D3:01:BD:F3:5B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5zFfKhHI67ChBFF9vfTAb3zW6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/38e6f7-4e35-4c2d-9977-097cb8df2a24/1/tCW9fwISpjkcZibIaKBsjXs7N7A.roa
Signing time: Tue 21 Jan 2025 12:30:06 +0000
ROA not before: Tue 21 Jan 2025 12:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215329
IP address blocks: 185.37.100.0/24 maxlen: 24
2a13:c2c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:d7:6c:19:77:89:64:f6:3a:93:5f:19:c1:5f:4e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9cc57ca84723aec2841145f6f7d301bdf35bac
Validity
Not Before: Jan 21 12:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b425bd7f0212a6391c6626c868a06c8d7b3b37b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c3:3c:ce:60:d2:16:f7:01:a0:8e:39:87:9e:
ce:e1:64:6d:86:b6:24:a7:6b:36:2d:b9:d0:9c:4a:
37:ab:0f:d1:f1:b0:75:ed:46:77:b7:e3:f9:c3:c8:
32:34:e0:b3:c8:7a:30:35:53:a4:0d:db:f2:27:70:
5d:03:4d:84:bd:70:81:50:ab:03:1d:4f:50:3a:4e:
3e:30:53:04:5a:1a:76:d7:d3:30:4b:87:7c:29:30:
6f:82:4f:74:59:ad:58:a3:43:9c:5d:69:aa:26:96:
19:80:87:2b:07:ce:71:dc:5c:e0:bc:32:5d:4c:ce:
22:01:2f:ea:6f:f1:6c:61:e9:e2:32:fd:0a:5d:c9:
24:ae:26:d0:80:dc:b8:75:e3:fa:be:9e:cc:d1:57:
be:a8:70:2a:af:cc:2b:d6:f8:3f:1b:42:1f:3a:b2:
92:0c:23:f3:f3:b0:ec:b7:83:12:1f:bb:3e:ac:c8:
1a:d2:5b:bc:74:59:f0:5a:f0:03:50:86:0e:99:71:
65:e9:87:13:5d:e6:b6:a8:1b:84:6f:a3:5a:3b:1f:
4c:f0:a3:86:25:7a:12:af:3e:32:ed:4e:86:40:c2:
c5:15:81:be:2e:3d:27:bd:25:21:18:92:34:4c:72:
da:3e:1f:2b:4f:04:22:1f:f9:5e:c1:de:dc:cb:e6:
f1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:25:BD:7F:02:12:A6:39:1C:66:26:C8:68:A0:6C:8D:7B:3B:37:B0
X509v3 Authority Key Identifier:
keyid:8B:9C:C5:7C:A8:47:23:AE:C2:84:11:45:F6:F7:D3:01:BD:F3:5B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5zFfKhHI67ChBFF9vfTAb3zW6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/38e6f7-4e35-4c2d-9977-097cb8df2a24/1/tCW9fwISpjkcZibIaKBsjXs7N7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/38e6f7-4e35-4c2d-9977-097cb8df2a24/1/i5zFfKhHI67ChBFF9vfTAb3zW6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.100.0/24
IPv6:
2a13:c2c0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:25:6b:bb:ad:f2:2f:6e:da:8f:31:fa:10:a4:02:c7:da:b6:
f4:23:57:76:97:43:24:d6:e5:d5:9d:33:f9:d5:dd:23:b0:a4:
7e:f6:e6:3e:57:d5:31:21:2a:5e:f3:12:d1:b0:e9:4d:cf:9a:
79:51:67:75:bf:f8:4c:b4:97:89:aa:0a:1b:79:ff:e0:87:02:
03:d0:80:99:32:28:00:5a:eb:76:b6:4e:ad:a0:0b:53:e2:77:
ee:e7:57:d9:55:83:68:90:7e:f3:ff:82:1e:74:e8:04:04:76:
df:bd:59:02:1d:66:26:26:c3:fa:a2:fa:ca:ea:c0:c1:ab:af:
30:67:12:13:05:93:9c:4a:68:a3:22:32:c2:e1:91:f3:2b:32:
09:54:c8:7f:aa:ea:aa:c1:0e:d5:6d:ed:6a:ee:bb:f4:a7:25:
f6:16:32:65:43:b5:91:7e:d2:19:78:f2:2e:43:ab:a0:13:ab:
78:37:07:65:cb:8d:49:34:01:f2:83:e7:3f:c1:29:7f:0f:72:
80:b0:95:1d:5c:c1:2b:d6:fb:5c:a0:6b:40:8f:25:6f:cd:17:
99:28:f6:1b:2b:5d:4a:1d:22:4e:f7:6b:e2:8f:be:b4:b4:bf:
ff:30:d7:0e:ae:8a:4c:e9:a6:85:25:0e:6f:73:8c:b6:84:65:
9f:38:cf:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSI12wZd4lk9jqTXxnBX04RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWNjNTdjYTg0NzIzYWVjMjg0MTE0NWY2ZjdkMzAxYmRm
MzViYWMwHhcNMjUwMTIxMTIzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDI1YmQ3ZjAyMTJhNjM5MWM2NjI2Yzg2OGEwNmM4ZDdiM2IzN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsM8zmDSFvcBoI45h57O4WRthrYk
p2s2LbnQnEo3qw/R8bB17UZ3t+P5w8gyNOCzyHowNVOkDdvyJ3BdA02EvXCBUKsD
HU9QOk4+MFMEWhp219MwS4d8KTBvgk90Wa1Yo0OcXWmqJpYZgIcrB85x3FzgvDJd
TM4iAS/qb/FsYeniMv0KXckkribQgNy4deP6vp7M0Ve+qHAqr8wr1vg/G0IfOrKS
DCPz87Dst4MSH7s+rMga0lu8dFnwWvADUIYOmXFl6YcTXea2qBuEb6NaOx9M8KOG
JXoSrz4y7U6GQMLFFYG+Lj0nvSUhGJI0THLaPh8rTwQiH/lewd7cy+bxcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLQlvX8CEqY5HGYmyGigbI17OzewMB8GA1UdIwQY
MBaAFIucxXyoRyOuwoQRRfb30wG981usMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTV6RmZLaEhJNjdDaEJGRjl2ZlRBYjN6VzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zOGU2ZjctNGUzNS00YzJkLTk5Nzct
MDk3Y2I4ZGYyYTI0LzEvdENXOWZ3SVNwamtjWmliSWFLQnNqWHM3TjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zOGU2ZjctNGUzNS00YzJkLTk5NzctMDk3Y2I4ZGYyYTI0
LzEvaTV6RmZLaEhJNjdDaEJGRjl2ZlRBYjN6VzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSVkMA0E
AgACMAcDBQAqE8LAMA0GCSqGSIb3DQEBCwUAA4IBAQBqJWu7rfIvbtqPMfoQpALH
2rb0I1d2l0Mk1uXVnTP51d0jsKR+9uY+V9UxISpe8xLRsOlNz5p5UWd1v/hMtJeJ
qgobef/ghwID0ICZMigAWut2tk6toAtT4nfu51fZVYNokH7z/4IedOgEBHbfvVkC
HWYmJsP6ovrK6sDBq68wZxITBZOcSmijIjLC4ZHzKzIJVMh/quqqwQ7Vbe1q7rv0
pyX2FjJlQ7WRftIZePIuQ6ugE6t4Nwdly41JNAHyg+c/wSl/D3KAsJUdXMEr1vtc
oGtAjyVvzReZKPYbK11KHSJO92vij760tL//MNcOropM6aaFJQ5vc4y2hGWfOM9Q
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net