Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/1TalR7Afli-hXkmIqf9328FI3Fk.roa
File: 1TalR7Afli-hXkmIqf9328FI3Fk.roa (raw, json)
Hash identifier: CZU1GRNs7a/ZLVQIh1+1KE9CTeVWWUwOxmLShJ7hoBQ=
Subject key identifier: D5:36:A5:47:B0:1F:96:2F:A1:5E:49:88:A9:FF:77:DB:C1:48:DC:59
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 01942823858A68A0BC5D0B211D6B772335D8
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/1TalR7Afli-hXkmIqf9328FI3Fk.roa
Signing time: Thu 02 Jan 2025 17:50:04 +0000
ROA not before: Thu 02 Jan 2025 17:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51170
IP address blocks: 5.180.188.0/22 maxlen: 24
185.185.77.0/24 maxlen: 24
185.185.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:85:8a:68:a0:bc:5d:0b:21:1d:6b:77:23:35:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jan 2 17:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d536a547b01f962fa15e4988a9ff77dbc148dc59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:25:43:df:3e:da:74:51:83:e7:a3:a7:e8:e9:
2a:51:92:13:8a:ff:5f:03:d7:29:8a:0b:5a:f8:b8:
7a:d2:a1:d3:1b:26:7e:f2:88:fb:92:6b:97:db:a7:
50:97:fd:99:86:7c:59:7d:f6:ad:0c:7f:86:e4:7c:
54:9b:84:ff:35:e8:ea:61:a1:66:dd:f4:18:8a:09:
87:4d:d7:7a:e3:f0:fc:d2:23:6b:48:68:70:81:5f:
39:fa:27:36:7a:c6:e6:79:b0:fd:91:80:71:90:71:
54:31:ae:01:dc:01:ac:c2:33:23:3e:ba:05:a7:cd:
dc:74:68:4d:04:b9:d8:95:ca:fb:30:63:e7:b5:97:
8d:0a:4f:07:08:00:5b:a7:97:58:4a:a8:6e:6f:35:
04:85:01:65:62:5f:19:16:ca:34:21:56:91:fd:6a:
0e:45:0a:28:1c:46:ad:90:1a:72:fc:35:49:57:5c:
19:ce:b5:f3:92:d5:01:7e:3e:e4:cf:f1:e1:de:19:
d1:2e:a3:35:f2:e7:38:77:96:44:f6:42:af:8d:02:
4a:d6:c5:4b:d7:6b:bd:a4:9a:d2:c3:d7:a4:14:d4:
f3:0d:e8:70:bd:ba:9f:a2:99:31:c4:e9:1c:40:bb:
cc:4a:c5:9d:d5:78:06:4a:ad:30:4a:f1:d1:5d:d8:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:36:A5:47:B0:1F:96:2F:A1:5E:49:88:A9:FF:77:DB:C1:48:DC:59
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/1TalR7Afli-hXkmIqf9328FI3Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.77.0-185.185.78.255
Signature Algorithm: sha256WithRSAEncryption
1a:54:c0:43:2c:55:fd:ca:79:3a:e5:92:9c:32:81:e6:19:18:
04:cb:ba:cb:7a:7a:ee:0e:e2:1c:27:89:2e:f4:c0:4b:a7:5e:
e0:57:d4:7d:fc:d4:28:10:79:ba:b4:f6:18:4c:6f:15:67:08:
67:6b:70:ad:80:fc:3a:f5:09:b9:a8:05:32:ae:92:5b:73:0a:
6b:11:48:f5:ad:0b:4f:3c:cd:5f:3c:a1:0f:b0:01:0b:8a:62:
6f:5b:9b:ea:52:20:6e:2c:e6:23:fb:48:7e:70:93:de:18:94:
47:14:c8:79:b5:2d:11:9c:6a:2e:f7:a2:ba:47:2b:28:0a:36:
ba:f5:40:82:96:82:7c:6a:34:97:31:24:7f:bf:83:7f:05:e5:
88:16:33:58:f6:eb:ca:4f:f2:61:e0:05:ec:e2:7b:65:1d:6e:
56:73:5b:55:73:88:5a:ac:87:29:db:4e:4a:6c:bc:c7:b7:c5:
3c:d1:cc:0d:62:e3:2d:62:f7:f0:e8:db:e4:ce:c1:35:83:d0:
37:90:88:b2:0c:fe:6d:f6:01:86:df:b5:4b:e8:fe:69:83:24:
b4:1b:b1:b9:f8:95:bb:28:c9:27:35:45:e8:94:75:af:50:eb:
2b:0c:c2:03:e6:28:69:f6:91:4c:8f:20:ae:d1:b6:32:7d:15:
e0:16:8e:22
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoI4WKaKC8XQshHWt3IzXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjUwMTAyMTc1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM2YTU0N2IwMWY5NjJmYTE1ZTQ5ODhhOWZmNzdkYmMxNDhkYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CVD3z7adFGD56On6OkqUZITiv9f
A9cpigta+Lh60qHTGyZ+8oj7kmuX26dQl/2ZhnxZffatDH+G5HxUm4T/NejqYaFm
3fQYigmHTdd64/D80iNrSGhwgV85+ic2esbmebD9kYBxkHFUMa4B3AGswjMjProF
p83cdGhNBLnYlcr7MGPntZeNCk8HCABbp5dYSqhubzUEhQFlYl8ZFso0IVaR/WoO
RQooHEatkBpy/DVJV1wZzrXzktUBfj7kz/Hh3hnRLqM18uc4d5ZE9kKvjQJK1sVL
12u9pJrSw9ekFNTzDehwvbqfopkxxOkcQLvMSsWd1XgGSq0wSvHRXdjJeQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNU2pUewH5YvoV5JiKn/d9vBSNxZMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvMVRhbFI3QWZsaS1oWGttSXFmOTMyOEZJM0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQYJKoZIhvcNAQELBQADggEBABpUwEMsVf3KeTrlkpwygeYZ
GATLust6eu4O4hwniS70wEunXuBX1H381CgQebq09hhMbxVnCGdrcK2A/Dr1Cbmo
BTKukltzCmsRSPWtC088zV88oQ+wAQuKYm9bm+pSIG4s5iP7SH5wk94YlEcUyHm1
LRGcai73orpHKygKNrr1QIKWgnxqNJcxJH+/g38F5YgWM1j268pP8mHgBezie2Ud
blZzW1VziFqshynbTkpsvMe3xTzRzA1i4y1i9/Do2+TOwTWD0DeQiLIM/m32AYbf
tUvo/mmDJLQbsbn4lbsoySc1ReiUda9Q6ysMwgPmKGn2kUyPIK7RtjJ9FeAWjiI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net