Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/2XVoCZTKym6uFBbbZ3eQR5rDQvA.roa
File: 2XVoCZTKym6uFBbbZ3eQR5rDQvA.roa (raw, json)
Hash identifier: n2Cq7UkktrX9e2PG285AW0Hq0D/LP39OO6u2SsZMUFM=
Subject key identifier: D9:75:68:09:94:CA:CA:6E:AE:14:16:DB:67:77:90:47:9A:C3:42:F0
Certificate issuer: /CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Certificate serial: 0194655365DBD96F975AF3BC941BC30B6D7B
Authority key identifier: BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/2XVoCZTKym6uFBbbZ3eQR5rDQvA.roa
Signing time: Tue 14 Jan 2025 14:59:11 +0000
ROA not before: Tue 14 Jan 2025 14:59:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204149
IP address blocks: 185.112.188.0/23 maxlen: 23
185.112.188.0/24 maxlen: 24
185.112.189.0/24 maxlen: 24
185.112.190.0/23 maxlen: 23
185.112.190.0/24 maxlen: 24
185.112.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:53:65:db:d9:6f:97:5a:f3:bc:94:1b:c3:0b:6d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Validity
Not Before: Jan 14 14:59:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d975680994caca6eae1416db677790479ac342f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:5f:c3:b5:7a:7b:7b:27:14:e7:fe:5b:cd:
df:e7:cb:af:ab:e4:a3:b3:d5:31:9c:64:b6:e2:33:
14:ed:d5:37:df:f1:37:2c:0f:be:dc:53:0a:69:ec:
13:00:e8:80:84:72:30:65:28:c7:06:a3:7f:05:37:
86:eb:67:05:c4:1e:69:28:c9:83:dd:35:4c:d2:be:
b3:ee:da:81:ef:24:6e:a3:f1:6e:80:34:a9:52:cf:
3e:b2:f7:6e:e5:77:c7:c1:63:37:aa:34:90:24:e3:
6c:bc:23:f4:82:d6:21:3b:e2:a0:1a:6c:da:3b:ab:
34:39:d5:39:83:95:3c:ad:cc:3f:52:7e:d2:3c:32:
07:b2:ec:f0:43:35:75:ee:ce:5c:d7:25:df:66:6b:
af:df:0d:ec:e0:3d:dc:ed:a2:ba:50:6f:bb:10:c0:
b8:8c:35:61:e6:38:78:9b:18:8e:92:80:b4:87:b2:
72:1e:81:f9:a2:6b:d5:a7:24:02:fe:21:57:6f:61:
f1:12:de:ec:19:3e:ef:06:7e:37:f1:9a:a3:89:19:
b7:6a:2a:aa:07:28:54:51:6f:ac:50:26:bf:93:31:
fd:0b:ff:84:f2:38:ed:2c:24:82:d7:7d:9b:9d:59:
65:27:b0:8e:23:92:e7:a4:03:f6:26:b8:8c:05:a6:
c0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:75:68:09:94:CA:CA:6E:AE:14:16:DB:67:77:90:47:9A:C3:42:F0
X509v3 Authority Key Identifier:
keyid:BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/2XVoCZTKym6uFBbbZ3eQR5rDQvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:9f:dc:eb:9a:64:ec:ce:38:6d:e9:94:17:d7:3a:ba:53:d7:
0a:68:c3:05:cf:4b:72:0f:75:93:04:f2:98:25:ac:7d:76:e4:
51:9e:1b:04:ca:b0:66:13:ff:54:0d:b6:24:4c:0d:39:55:79:
79:c7:bf:cc:fc:44:80:24:e3:3d:1c:81:4e:c8:6a:48:f5:b6:
06:ce:90:c9:ad:15:dd:9b:06:7d:5a:d8:c9:d2:9d:84:78:59:
a8:f7:26:1e:63:ab:f3:e7:7d:68:32:c4:90:b3:b8:49:a5:c1:
17:d3:94:a2:01:71:db:f1:9d:97:ad:37:fd:e7:0a:e6:cf:e8:
49:99:9c:d9:ae:9b:2e:6a:38:a6:bd:f5:1a:d6:9c:54:6f:b4:
6e:1c:2e:ce:14:39:11:7c:f8:29:c2:2c:c7:92:a6:f6:5c:3c:
03:e1:20:ce:f7:5c:1f:65:f8:1c:5a:c8:54:80:38:54:9d:37:
e6:86:c6:fc:ba:7a:32:2f:1d:8b:33:9e:d2:b7:16:b2:cd:a6:
43:35:ce:de:31:97:4f:9b:42:9c:44:6b:9b:01:e1:45:79:cf:
7d:fb:b2:b9:11:e6:47:48:e3:35:3d:05:c0:a9:ee:36:1a:bc:
95:1e:58:df:dd:72:8a:1d:4d:1d:80:e4:63:6f:28:5c:b7:a0:
96:62:a6:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRlU2Xb2W+XWvO8lBvDC217MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDNhZDAwN2UyYTI0MmE2YjA5MDYxYTNjMWEzNjBh
NjRkNWEwHhcNMjUwMTE0MTQ1OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc1NjgwOTk0Y2FjYTZlYWUxNDE2ZGI2Nzc3OTA0NzlhYzM0MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvpfw7V6e3snFOf+W83f58uvq+Sj
s9UxnGS24jMU7dU33/E3LA++3FMKaewTAOiAhHIwZSjHBqN/BTeG62cFxB5pKMmD
3TVM0r6z7tqB7yRuo/FugDSpUs8+svdu5XfHwWM3qjSQJONsvCP0gtYhO+KgGmza
O6s0OdU5g5U8rcw/Un7SPDIHsuzwQzV17s5c1yXfZmuv3w3s4D3c7aK6UG+7EMC4
jDVh5jh4mxiOkoC0h7JyHoH5omvVpyQC/iFXb2HxEt7sGT7vBn438ZqjiRm3aiqq
ByhUUW+sUCa/kzH9C/+E8jjtLCSC132bnVllJ7COI5LnpAP2JriMBabAOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNl1aAmUyspurhQW22d3kEeaw0LwMB8GA1UdIwQY
MBaAFLycQDrQB+KiQqawkGGjwaNgpk1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQt
ODhlNjgxNjI3MWY3LzEvMlhWb0NaVEt5bTZ1RkJiYlozZVFSNXJEUXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQtODhlNjgxNjI3MWY3
LzEvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXC8MA0G
CSqGSIb3DQEBCwUAA4IBAQArn9zrmmTszjht6ZQX1zq6U9cKaMMFz0tyD3WTBPKY
Jax9duRRnhsEyrBmE/9UDbYkTA05VXl5x7/M/ESAJOM9HIFOyGpI9bYGzpDJrRXd
mwZ9WtjJ0p2EeFmo9yYeY6vz531oMsSQs7hJpcEX05SiAXHb8Z2XrTf95wrmz+hJ
mZzZrpsuajimvfUa1pxUb7RuHC7OFDkRfPgpwizHkqb2XDwD4SDO91wfZfgcWshU
gDhUnTfmhsb8unoyLx2LM57StxayzaZDNc7eMZdPm0KcRGubAeFFec99+7K5EeZH
SOM1PQXAqe42GryVHljf3XKKHU0dgORjbyhct6CWYqYo
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:15:58 2025 by rpki-client on console.sobornost.net