Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/d3e9bd-446b-4116-8453-d467cc6e7d8f/1/RFIhLbL5apmrV9lcic2R569sFqE.roa
File: RFIhLbL5apmrV9lcic2R569sFqE.roa (raw, json)
Hash identifier: eQDwgZT68cMBWjVX4YIww5uW6xuaB6mxhLhX47tqj9U=
Subject key identifier: 44:52:21:2D:B2:F9:6A:99:AB:57:D9:5C:89:CD:91:E7:AF:6C:16:A1
Certificate issuer: /CN=077a0fb99e52ae4fa1d66faad93f42e6d07886a6
Certificate serial: 01942444B74838A733811AB49FC6FE272FA5
Authority key identifier: 07:7A:0F:B9:9E:52:AE:4F:A1:D6:6F:AA:D9:3F:42:E6:D0:78:86:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3oPuZ5Srk-h1m-q2T9C5tB4hqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/d3e9bd-446b-4116-8453-d467cc6e7d8f/1/RFIhLbL5apmrV9lcic2R569sFqE.roa
Signing time: Wed 01 Jan 2025 23:47:50 +0000
ROA not before: Wed 01 Jan 2025 23:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59817
IP address blocks: 185.70.56.0/22 maxlen: 24
2a03:34a0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b7:48:38:a7:33:81:1a:b4:9f:c6:fe:27:2f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=077a0fb99e52ae4fa1d66faad93f42e6d07886a6
Validity
Not Before: Jan 1 23:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4452212db2f96a99ab57d95c89cd91e7af6c16a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:85:a0:47:e5:a7:83:99:38:e6:16:f3:74:f6:
12:ae:37:7a:4d:61:c8:8e:40:cf:42:df:4f:e8:26:
17:6c:cc:2b:5a:fa:14:f3:5d:66:af:71:dd:cb:46:
e1:ec:c4:13:21:99:52:90:d5:18:e7:f3:1c:8f:dc:
e8:49:4e:01:cf:ea:fa:45:b7:b8:c5:cf:70:03:f5:
46:1d:cf:f1:d0:1d:b4:b3:a3:56:26:f8:9e:ba:9c:
88:76:13:fa:42:bf:fb:be:d7:61:ed:5d:1b:31:97:
0a:0d:bb:00:97:bc:20:71:28:74:0f:b1:8f:a0:fd:
4b:57:00:0e:ea:23:a2:72:34:62:2b:53:6f:a7:47:
0f:7c:e2:f9:50:ad:23:6a:c2:fa:05:f4:5b:09:5c:
1c:0b:cd:5d:aa:76:c0:66:0a:65:6c:42:52:51:ce:
dc:6e:f2:e4:d2:16:2a:96:b0:02:a2:f2:14:09:f8:
d9:7c:15:8a:c2:7d:36:03:b0:e8:f1:7c:87:ab:41:
c4:b2:5d:b1:9c:f5:25:86:f8:28:98:bb:60:fb:8b:
55:60:8d:19:02:0e:19:7e:00:bb:01:15:9d:cc:ea:
dc:44:ad:3c:0c:1d:fe:4b:23:83:17:98:b1:8a:e4:
5a:1c:60:21:5a:7f:07:b0:30:98:14:3f:37:5d:8b:
d2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:52:21:2D:B2:F9:6A:99:AB:57:D9:5C:89:CD:91:E7:AF:6C:16:A1
X509v3 Authority Key Identifier:
keyid:07:7A:0F:B9:9E:52:AE:4F:A1:D6:6F:AA:D9:3F:42:E6:D0:78:86:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3oPuZ5Srk-h1m-q2T9C5tB4hqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/d3e9bd-446b-4116-8453-d467cc6e7d8f/1/RFIhLbL5apmrV9lcic2R569sFqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/d3e9bd-446b-4116-8453-d467cc6e7d8f/1/B3oPuZ5Srk-h1m-q2T9C5tB4hqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.56.0/22
IPv6:
2a03:34a0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:44:c2:26:3c:e8:94:cf:18:4d:42:3c:c0:96:d1:37:e9:6d:
f8:d4:cf:e5:e8:aa:a0:ee:51:89:62:58:d1:b2:d6:4b:e8:df:
95:3a:53:f2:e1:73:7f:24:fa:62:c2:87:e4:31:0f:8c:f6:65:
c5:a3:5d:64:e9:7b:7b:37:0d:76:ec:9a:37:ca:e9:bb:54:e0:
a4:5d:86:0e:da:6a:15:1f:a3:2b:92:a4:22:6c:cb:af:1d:bd:
15:18:af:26:d3:13:a2:ee:21:78:a1:0d:e7:71:af:8b:be:f9:
ac:69:15:9c:2a:10:82:56:18:b5:7e:3f:7b:74:78:fa:ae:c3:
36:3e:16:19:2e:36:37:cb:c5:43:fc:19:2c:dc:79:c3:34:1b:
06:f7:dc:36:f4:da:4d:7e:1f:12:eb:81:4f:70:3e:b7:e5:19:
91:12:d0:b2:89:5c:af:65:be:b7:33:41:9c:18:ae:e7:da:45:
00:d2:f0:13:be:f0:04:9b:b1:7c:72:03:a0:4f:f1:47:e5:8b:
79:d4:ce:22:be:cd:46:00:e1:2e:69:51:e8:25:34:5e:96:5d:
a1:a9:e9:01:e6:6c:da:d5:e9:3a:54:4c:10:3e:51:33:fc:4d:
36:0a:cf:dc:b2:da:56:8a:6e:d4:a8:67:3f:c2:6f:fd:df:d6:
8d:54:23:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRLdIOKczgRq0n8b+Jy+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3N2EwZmI5OWU1MmFlNGZhMWQ2NmZhYWQ5M2Y0MmU2ZDA3
ODg2YTYwHhcNMjUwMTAxMjM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUyMjEyZGIyZjk2YTk5YWI1N2Q5NWM4OWNkOTFlN2FmNmMxNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64WgR+Wng5k45hbzdPYSrjd6TWHI
jkDPQt9P6CYXbMwrWvoU811mr3Hdy0bh7MQTIZlSkNUY5/Mcj9zoSU4Bz+r6Rbe4
xc9wA/VGHc/x0B20s6NWJvieupyIdhP6Qr/7vtdh7V0bMZcKDbsAl7wgcSh0D7GP
oP1LVwAO6iOicjRiK1Nvp0cPfOL5UK0jasL6BfRbCVwcC81dqnbAZgplbEJSUc7c
bvLk0hYqlrACovIUCfjZfBWKwn02A7Do8XyHq0HEsl2xnPUlhvgomLtg+4tVYI0Z
Ag4ZfgC7ARWdzOrcRK08DB3+SyODF5ixiuRaHGAhWn8HsDCYFD83XYvS7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFERSIS2y+WqZq1fZXInNkeevbBahMB8GA1UdIwQY
MBaAFAd6D7meUq5PodZvqtk/QubQeIamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjNvUHVaNVNyay1oMW0tcTJUOUM1dEI0aHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9kM2U5YmQtNDQ2Yi00MTE2LTg0NTMt
ZDQ2N2NjNmU3ZDhmLzEvUkZJaExiTDVhcG1yVjlsY2ljMlI1NjlzRnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9kM2U5YmQtNDQ2Yi00MTE2LTg0NTMtZDQ2N2NjNmU3ZDhm
LzEvQjNvUHVaNVNyay1oMW0tcTJUOUM1dEI0aHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUY4MA0E
AgACMAcDBQAqAzSgMA0GCSqGSIb3DQEBCwUAA4IBAQAvRMImPOiUzxhNQjzAltE3
6W341M/l6Kqg7lGJYljRstZL6N+VOlPy4XN/JPpiwofkMQ+M9mXFo11k6Xt7Nw12
7Jo3yum7VOCkXYYO2moVH6MrkqQibMuvHb0VGK8m0xOi7iF4oQ3nca+LvvmsaRWc
KhCCVhi1fj97dHj6rsM2PhYZLjY3y8VD/Bks3HnDNBsG99w29NpNfh8S64FPcD63
5RmREtCyiVyvZb63M0GcGK7n2kUA0vATvvAEm7F8cgOgT/FH5Yt51M4ivs1GAOEu
aVHoJTRell2hqekB5mza1ek6VEwQPlEz/E02Cs/cstpWim7UqGc/wm/939aNVCPK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:28 2025 by rpki-client on console.sobornost.net