Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/ab2b10-5e87-4624-9776-59a0c5ff6505/1/rWmXzuPVAuMc61ALuQe-2WhbT9s.roa
File: rWmXzuPVAuMc61ALuQe-2WhbT9s.roa (raw, json)
Hash identifier: OUZXq6sIvQV4mWZYFrhWWMjn+vbRxUs/Ip4xXPXay4E=
Subject key identifier: AD:69:97:CE:E3:D5:02:E3:1C:EB:50:0B:B9:07:BE:D9:68:5B:4F:DB
Certificate issuer: /CN=878eca3bccd4e5c2efb3608ee83a57f9ae821be6
Certificate serial: 019423D742EAB139B984A993FB8ECB742C44
Authority key identifier: 87:8E:CA:3B:CC:D4:E5:C2:EF:B3:60:8E:E8:3A:57:F9:AE:82:1B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h47KO8zU5cLvs2CO6DpX-a6CG-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/ab2b10-5e87-4624-9776-59a0c5ff6505/1/rWmXzuPVAuMc61ALuQe-2WhbT9s.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201333
IP address blocks: 185.196.164.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:42:ea:b1:39:b9:84:a9:93:fb:8e:cb:74:2c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878eca3bccd4e5c2efb3608ee83a57f9ae821be6
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad6997cee3d502e31ceb500bb907bed9685b4fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:d8:8c:b0:b4:09:53:5b:03:cb:0a:9c:1c:
62:ef:54:a5:03:df:28:22:d5:e7:3e:2d:a3:be:76:
60:a4:06:91:90:69:b2:1c:f5:5a:42:26:52:f2:b6:
57:57:d0:42:e4:2f:cd:2f:f8:1e:34:06:bc:82:bb:
f3:b3:68:d5:38:33:2f:65:ca:b7:a7:e5:77:ea:ce:
44:d2:85:ae:de:42:d1:31:9a:1d:85:17:53:99:7c:
22:bb:b6:aa:c4:17:d4:f5:e4:13:93:b4:6d:7e:63:
cd:a8:fd:41:ea:ca:27:f0:09:aa:1d:c2:36:ab:6b:
09:35:66:af:ad:7d:b5:e6:97:64:f7:6d:18:db:71:
3b:71:28:d5:7d:21:8f:0f:6d:f6:08:86:d4:ae:c9:
c9:21:5a:8e:2e:9b:1e:9e:b1:34:9c:c9:e0:5d:12:
ec:e6:b3:01:4f:cf:c9:98:90:6e:f7:5e:67:f2:dd:
47:f9:4b:33:12:1f:28:84:78:5d:f4:b5:d2:99:05:
fa:aa:d2:4f:42:7e:da:0b:2c:a6:9f:09:ac:ee:d8:
b4:02:d3:b6:7f:44:a0:3c:76:12:c2:ac:34:94:ce:
51:ad:3b:42:58:3a:40:48:62:76:85:16:67:43:56:
48:c2:be:55:50:ac:af:a8:cb:98:2a:a1:f1:93:ab:
18:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:69:97:CE:E3:D5:02:E3:1C:EB:50:0B:B9:07:BE:D9:68:5B:4F:DB
X509v3 Authority Key Identifier:
keyid:87:8E:CA:3B:CC:D4:E5:C2:EF:B3:60:8E:E8:3A:57:F9:AE:82:1B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h47KO8zU5cLvs2CO6DpX-a6CG-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ab2b10-5e87-4624-9776-59a0c5ff6505/1/rWmXzuPVAuMc61ALuQe-2WhbT9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ab2b10-5e87-4624-9776-59a0c5ff6505/1/h47KO8zU5cLvs2CO6DpX-a6CG-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:70:e4:9a:a3:25:a3:d1:2f:a7:4c:52:3e:72:e6:c2:4d:33:
86:c4:4d:2c:8a:fc:4d:eb:04:01:f6:1d:1a:30:e8:fa:eb:6f:
cd:30:50:46:01:70:e6:50:cd:e9:89:9f:03:c0:fe:dd:75:2b:
b1:f5:9e:ff:cb:3c:2a:b2:b8:06:11:8c:0d:2b:7e:74:79:e1:
e2:9f:d6:80:5d:fe:19:fd:f2:a0:6e:f5:65:01:30:a8:b6:56:
de:a7:7f:9b:8a:b1:39:00:df:4a:04:d3:29:a6:d7:6d:06:50:
84:76:08:c6:8a:3c:9f:a7:ca:72:ae:6c:35:fd:9f:5f:a2:68:
6d:64:74:d7:a7:48:d2:b7:37:b0:ed:0a:ed:2c:fb:88:fd:a8:
25:50:0b:58:66:8d:81:83:01:0b:40:5b:0a:56:d4:e3:95:ba:
dd:7f:56:62:b0:fe:b4:99:8e:ec:7d:2a:0e:28:60:fc:d1:0b:
db:98:66:ab:5e:6d:95:44:b1:d3:9c:cf:5b:64:84:cf:ac:44:
2d:be:27:b8:92:91:7a:fe:7e:04:83:5a:32:35:c0:3b:7d:6e:
b4:8f:ca:0b:d1:91:31:a3:46:77:75:be:52:b3:36:82:1d:df:
f0:8f:0f:ea:d6:c8:ac:65:96:7b:10:69:98:a1:43:29:25:31:
60:83:7c:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj10LqsTm5hKmT+47LdCxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGVjYTNiY2NkNGU1YzJlZmIzNjA4ZWU4M2E1N2Y5YWU4
MjFiZTYwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY5OTdjZWUzZDUwMmUzMWNlYjUwMGJiOTA3YmVkOTY4NWI0ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMvYjLC0CVNbA8sKnBxi71SlA98o
ItXnPi2jvnZgpAaRkGmyHPVaQiZS8rZXV9BC5C/NL/geNAa8grvzs2jVODMvZcq3
p+V36s5E0oWu3kLRMZodhRdTmXwiu7aqxBfU9eQTk7RtfmPNqP1B6son8AmqHcI2
q2sJNWavrX215pdk920Y23E7cSjVfSGPD232CIbUrsnJIVqOLpsenrE0nMngXRLs
5rMBT8/JmJBu915n8t1H+UszEh8ohHhd9LXSmQX6qtJPQn7aCyymnwms7ti0AtO2
f0SgPHYSwqw0lM5RrTtCWDpASGJ2hRZnQ1ZIwr5VUKyvqMuYKqHxk6sYLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1pl87j1QLjHOtQC7kHvtloW0/bMB8GA1UdIwQY
MBaAFIeOyjvM1OXC77Ngjug6V/mughvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDQ3S084elU1Y0x2czJDTzZEcFgtYTZDRy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9hYjJiMTAtNWU4Ny00NjI0LTk3NzYt
NTlhMGM1ZmY2NTA1LzEvcldtWHp1UFZBdU1jNjFBTHVRZS0yV2hiVDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9hYjJiMTAtNWU4Ny00NjI0LTk3NzYtNTlhMGM1ZmY2NTA1
LzEvaDQ3S084elU1Y0x2czJDTzZEcFgtYTZDRy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucSkMA0G
CSqGSIb3DQEBCwUAA4IBAQCccOSaoyWj0S+nTFI+cubCTTOGxE0sivxN6wQB9h0a
MOj662/NMFBGAXDmUM3piZ8DwP7ddSux9Z7/yzwqsrgGEYwNK350eeHin9aAXf4Z
/fKgbvVlATCotlbep3+birE5AN9KBNMpptdtBlCEdgjGijyfp8pyrmw1/Z9fomht
ZHTXp0jStzew7QrtLPuI/aglUAtYZo2BgwELQFsKVtTjlbrdf1ZisP60mY7sfSoO
KGD80QvbmGarXm2VRLHTnM9bZITPrEQtvie4kpF6/n4Eg1oyNcA7fW60j8oL0ZEx
o0Z3db5SszaCHd/wjw/q1sisZZZ7EGmYoUMpJTFgg3xh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:28 2025 by rpki-client on console.sobornost.net