Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ecdb09-d786-429c-ab24-2fb3db14e7a1/1/1-oUOA5shr8O2sg4EEWwNhnrzj_I.roa
File: 1-oUOA5shr8O2sg4EEWwNhnrzj_I.roa (raw, json)
Hash identifier: OzNzxkVRfLpGf6O/tWP1m2J9w7M1neQw2I/0j8LaOgM=
Subject key identifier: FA:85:0E:03:9B:21:AF:C3:B6:B2:0E:04:11:6C:0D:86:7A:F3:8F:F2
Certificate issuer: /CN=67dbf31d597746c9a1434706062a40653bc545c3
Certificate serial: 01953CE111BC172EE4F31F6EC208719864AD
Authority key identifier: 67:DB:F3:1D:59:77:46:C9:A1:43:47:06:06:2A:40:65:3B:C5:45:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9vzHVl3RsmhQ0cGBipAZTvFRcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ecdb09-d786-429c-ab24-2fb3db14e7a1/1/1-oUOA5shr8O2sg4EEWwNhnrzj_I.roa
Signing time: Tue 25 Feb 2025 11:32:17 +0000
ROA not before: Tue 25 Feb 2025 11:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207560
IP address blocks: 185.225.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:e1:11:bc:17:2e:e4:f3:1f:6e:c2:08:71:98:64:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67dbf31d597746c9a1434706062a40653bc545c3
Validity
Not Before: Feb 25 11:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa850e039b21afc3b6b20e04116c0d867af38ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ed:32:76:ed:aa:f5:9a:5a:68:8c:16:67:32:
a4:08:46:45:2d:1a:12:fa:d7:97:55:ae:63:b8:03:
d2:40:ef:d9:42:c6:ef:1b:e0:df:91:06:5d:12:df:
50:86:2c:74:8d:e8:7d:f8:c1:13:f5:c6:c6:76:51:
da:7d:69:0b:62:14:e5:37:9d:45:41:29:97:0f:33:
f2:be:fd:ca:3f:49:9c:8e:db:9f:ab:4e:2f:b8:54:
80:d8:29:12:dd:12:6d:54:95:a1:a8:7f:6f:de:c9:
d7:c1:3e:6c:d3:b5:3c:52:3f:05:64:3a:ee:d9:ec:
e4:5f:69:37:43:49:f3:db:8a:0d:c0:5c:52:10:f9:
ec:fd:13:7c:73:80:e8:b6:b9:a4:58:d4:c5:aa:21:
60:64:16:e7:ab:43:8c:88:31:ec:89:a4:b5:f6:db:
5e:53:da:e9:c4:ee:e7:ae:49:86:7c:db:ed:a8:c5:
a2:51:75:2a:a2:80:43:ff:27:a2:36:e2:c8:1a:92:
fd:e4:cf:0c:c0:ec:03:03:00:7b:85:7f:a2:3a:5b:
56:98:79:b8:a6:86:8c:c8:a4:f4:01:8d:3d:b4:a6:
58:d2:f5:c1:77:e9:71:be:27:0c:d5:a6:a6:c6:f4:
c6:27:f1:1d:74:fe:99:2d:3d:e3:50:56:c2:5e:81:
43:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:85:0E:03:9B:21:AF:C3:B6:B2:0E:04:11:6C:0D:86:7A:F3:8F:F2
X509v3 Authority Key Identifier:
keyid:67:DB:F3:1D:59:77:46:C9:A1:43:47:06:06:2A:40:65:3B:C5:45:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9vzHVl3RsmhQ0cGBipAZTvFRcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ecdb09-d786-429c-ab24-2fb3db14e7a1/1/1-oUOA5shr8O2sg4EEWwNhnrzj_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ecdb09-d786-429c-ab24-2fb3db14e7a1/1/Z9vzHVl3RsmhQ0cGBipAZTvFRcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.226.0/24
Signature Algorithm: sha256WithRSAEncryption
56:10:aa:ef:19:1d:6c:58:62:9a:b7:bd:3e:af:0e:47:3d:71:
66:0c:82:4b:63:46:71:d2:cb:10:7e:16:f5:d1:b0:69:0e:21:
45:f0:74:b4:f2:4e:19:c0:f4:2d:48:35:1b:35:a3:95:d2:0f:
aa:7f:bd:10:86:71:ea:e3:47:ee:5d:01:f8:bf:10:f9:9a:6a:
c8:51:31:02:5a:76:04:11:9e:de:6f:ff:58:0a:c7:5b:33:e4:
c8:c3:74:47:01:ec:51:89:42:88:04:ce:1c:1b:1f:38:1c:23:
92:08:54:c8:44:05:e4:15:ff:84:c0:e8:d7:2f:53:bc:b4:f2:
93:2b:f4:39:64:59:74:24:dc:e6:5d:b8:21:ab:11:b9:fc:e8:
c0:7c:6b:dc:92:1d:f7:31:58:d5:e7:8e:71:98:28:1f:9d:95:
59:40:bd:1a:47:1a:a0:99:53:d7:ef:a7:e5:e9:06:4b:83:ca:
36:58:e1:48:7e:92:57:fe:b1:30:57:55:e5:1a:aa:3c:f1:99:
95:8e:dd:33:f6:c4:13:1f:fa:85:ff:04:a7:ed:bb:4a:b5:3f:
28:0c:c2:6a:52:f3:ac:36:6a:0a:35:71:0f:7d:96:6c:43:1c:
6f:8f:8b:83:5a:f3:2a:ac:c5:f7:5d:be:03:6a:66:f6:2b:13:
ae:2d:a3:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZU84RG8Fy7k8x9uwghxmGStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZGJmMzFkNTk3NzQ2YzlhMTQzNDcwNjA2MmE0MDY1M2Jj
NTQ1YzMwHhcNMjUwMjI1MTEzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg1MGUwMzliMjFhZmMzYjZiMjBlMDQxMTZjMGQ4NjdhZjM4ZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje0ydu2q9ZpaaIwWZzKkCEZFLRoS
+teXVa5juAPSQO/ZQsbvG+DfkQZdEt9Qhix0jeh9+MET9cbGdlHafWkLYhTlN51F
QSmXDzPyvv3KP0mcjtufq04vuFSA2CkS3RJtVJWhqH9v3snXwT5s07U8Uj8FZDru
2ezkX2k3Q0nz24oNwFxSEPns/RN8c4DotrmkWNTFqiFgZBbnq0OMiDHsiaS19tte
U9rpxO7nrkmGfNvtqMWiUXUqooBD/yeiNuLIGpL95M8MwOwDAwB7hX+iOltWmHm4
poaMyKT0AY09tKZY0vXBd+lxvicM1aamxvTGJ/EddP6ZLT3jUFbCXoFDDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqFDgObIa/DtrIOBBFsDYZ684/yMB8GA1UdIwQY
MBaAFGfb8x1Zd0bJoUNHBgYqQGU7xUXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjl2ekhWbDNSc21oUTBjR0JpcEFaVHZGUmNNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9lY2RiMDktZDc4Ni00MjljLWFiMjQt
MmZiM2RiMTRlN2ExLzEvMS1vVU9BNXNocjhPMnNnNEVFV3dOaG5yempfSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvZWNkYjA5LWQ3ODYtNDI5Yy1hYjI0LTJmYjNkYjE0ZTdh
MS8xL1o5dnpIVmwzUnNtaFEwY0dCaXBBWlR2RlJjTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnh4jAN
BgkqhkiG9w0BAQsFAAOCAQEAVhCq7xkdbFhimre9Pq8ORz1xZgyCS2NGcdLLEH4W
9dGwaQ4hRfB0tPJOGcD0LUg1GzWjldIPqn+9EIZx6uNH7l0B+L8Q+ZpqyFExAlp2
BBGe3m//WArHWzPkyMN0RwHsUYlCiATOHBsfOBwjkghUyEQF5BX/hMDo1y9TvLTy
kyv0OWRZdCTc5l24IasRufzowHxr3JId9zFY1eeOcZgoH52VWUC9GkcaoJlT1++n
5ekGS4PKNljhSH6SV/6xMFdV5RqqPPGZlY7dM/bEEx/6hf8Ep+27SrU/KAzCalLz
rDZqCjVxD32WbEMcb4+Lg1rzKqzF912+A2pm9isTri2jkQ==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:00 2025 by rpki-client on console.sobornost.net