Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/fM16NL7UA9ErJ0RNfb8ePLmU6tQ.roa
File: fM16NL7UA9ErJ0RNfb8ePLmU6tQ.roa (raw, json)
Hash identifier: 2mPsCiT6kK+HE+XcnPI9z3k0mcNw38StY2DELHnEXqY=
Subject key identifier: 7C:CD:7A:34:BE:D4:03:D1:2B:27:44:4D:7D:BF:1E:3C:B9:94:EA:D4
Certificate issuer: /CN=c2838d1f3b231bf72e453dd78c4b50ac009ff7f1
Certificate serial: 0194258E6819F874BDDBD63FD195B5A71B5A
Authority key identifier: C2:83:8D:1F:3B:23:1B:F7:2E:45:3D:D7:8C:4B:50:AC:00:9F:F7:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/woONHzsjG_cuRT3XjEtQrACf9_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/fM16NL7UA9ErJ0RNfb8ePLmU6tQ.roa
Signing time: Thu 02 Jan 2025 05:47:57 +0000
ROA not before: Thu 02 Jan 2025 05:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203649
IP address blocks: 185.128.56.0/24 maxlen: 24
185.128.57.0/24 maxlen: 24
185.128.58.0/24 maxlen: 24
185.128.59.0/24 maxlen: 24
2a06:f480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:68:19:f8:74:bd:db:d6:3f:d1:95:b5:a7:1b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2838d1f3b231bf72e453dd78c4b50ac009ff7f1
Validity
Not Before: Jan 2 05:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ccd7a34bed403d12b27444d7dbf1e3cb994ead4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:fb:9b:8e:0a:df:2d:1f:39:4a:b0:4f:47:
9e:76:6e:de:70:50:29:47:71:a8:b8:f3:29:79:1c:
14:21:db:66:89:6a:49:4b:83:1e:62:2a:a2:b0:09:
5b:37:f9:ec:77:c7:c8:6b:ac:59:5b:9c:f7:88:3e:
10:b9:dc:0b:80:e0:85:48:a8:35:86:d8:36:4d:c8:
5b:0f:14:81:86:59:c7:59:84:4c:38:22:8b:99:ff:
c7:ed:f4:09:6c:cf:d6:c4:98:75:71:ae:8e:5c:24:
67:23:c2:c2:78:75:8a:00:92:10:47:83:d1:4e:c5:
23:22:04:00:8d:1d:f6:d8:7c:fd:23:3b:3b:1d:c8:
35:21:d6:01:3d:d9:5a:e0:20:91:d1:c7:46:80:c4:
a5:4b:0c:1d:9a:14:ef:fa:f0:e9:4d:99:2d:ac:7b:
5b:56:44:24:57:69:76:36:82:4f:a7:21:0f:76:7b:
ee:61:f6:39:bb:b2:d7:12:d2:8c:5e:da:88:db:2a:
84:73:cb:7b:27:dc:15:05:81:42:02:00:38:b3:4b:
d5:7a:95:25:84:45:de:b9:7f:fc:80:44:ff:05:56:
6b:b6:31:90:7b:5b:36:87:fc:e5:ca:a5:e3:8b:60:
b1:d5:0a:98:2e:50:69:af:a0:c5:a3:98:ef:ba:27:
b1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CD:7A:34:BE:D4:03:D1:2B:27:44:4D:7D:BF:1E:3C:B9:94:EA:D4
X509v3 Authority Key Identifier:
keyid:C2:83:8D:1F:3B:23:1B:F7:2E:45:3D:D7:8C:4B:50:AC:00:9F:F7:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woONHzsjG_cuRT3XjEtQrACf9_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/fM16NL7UA9ErJ0RNfb8ePLmU6tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/woONHzsjG_cuRT3XjEtQrACf9_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.56.0/22
IPv6:
2a06:f480::/29
Signature Algorithm: sha256WithRSAEncryption
3e:9b:c8:25:51:72:b4:ae:82:c4:7c:db:6b:b7:a8:c9:cb:f1:
be:54:ea:67:8e:c2:f9:fc:f7:5f:86:a2:26:e6:d3:c3:f5:9b:
84:92:b4:30:97:40:65:bf:6e:38:5b:d0:fd:a1:04:29:97:46:
4a:a1:c7:e7:c2:3d:68:2b:94:22:2e:64:9f:77:0c:36:7c:23:
c9:a7:3f:a7:45:89:f8:b9:69:98:f6:78:68:8d:33:92:74:87:
64:72:ed:b6:02:03:80:02:ec:5c:47:5a:96:9d:ae:7f:c5:0e:
95:e2:50:f8:aa:b7:df:55:60:29:66:77:63:ff:7f:86:4f:f3:
fa:08:e6:40:21:d2:19:8b:4c:2f:37:2d:a4:af:db:f4:f6:ee:
25:e3:54:ca:2c:3e:da:68:ef:b6:b8:54:3d:9e:5c:13:ee:61:
14:3b:97:8a:97:b2:71:2a:30:6f:0e:44:6f:c2:a1:6a:29:63:
f0:40:b6:60:b3:1e:b0:49:27:26:51:5b:31:7b:10:db:0b:63:
9b:83:0b:65:aa:1c:fe:96:f7:4e:a1:7e:26:bd:fe:93:90:93:
75:f6:48:04:97:5f:80:65:59:9d:e1:1e:7e:19:1a:ab:33:61:
af:99:0b:bc:30:9b:c0:3a:a3:d7:13:1f:72:e9:92:4d:00:ef:
43:ec:57:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljmgZ+HS929Y/0ZW1pxtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyODM4ZDFmM2IyMzFiZjcyZTQ1M2RkNzhjNGI1MGFjMDA5
ZmY3ZjEwHhcNMjUwMTAyMDU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2NkN2EzNGJlZDQwM2QxMmIyNzQ0NGQ3ZGJmMWUzY2I5OTRlYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJD7m44K3y0fOUqwT0eedm7ecFAp
R3GouPMpeRwUIdtmiWpJS4MeYiqisAlbN/nsd8fIa6xZW5z3iD4QudwLgOCFSKg1
htg2TchbDxSBhlnHWYRMOCKLmf/H7fQJbM/WxJh1ca6OXCRnI8LCeHWKAJIQR4PR
TsUjIgQAjR322Hz9Izs7Hcg1IdYBPdla4CCR0cdGgMSlSwwdmhTv+vDpTZktrHtb
VkQkV2l2NoJPpyEPdnvuYfY5u7LXEtKMXtqI2yqEc8t7J9wVBYFCAgA4s0vVepUl
hEXeuX/8gET/BVZrtjGQe1s2h/zlyqXji2Cx1QqYLlBpr6DFo5jvuiexVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHzNejS+1APRKydETX2/Hjy5lOrUMB8GA1UdIwQY
MBaAFMKDjR87Ixv3LkU914xLUKwAn/fxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd29PTkh6c2pHX2N1UlQzWGpFdFFyQUNmOV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNjY3NDYtYzMwNi00MDhhLWJhN2Ut
MmIzYzY0ZjlmOWFiLzEvZk0xNk5MN1VBOUVySjBSTmZiOGVQTG1VNnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNjY3NDYtYzMwNi00MDhhLWJhN2UtMmIzYzY0ZjlmOWFi
LzEvd29PTkh6c2pHX2N1UlQzWGpFdFFyQUNmOV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYA4MA0E
AgACMAcDBQMqBvSAMA0GCSqGSIb3DQEBCwUAA4IBAQA+m8glUXK0roLEfNtrt6jJ
y/G+VOpnjsL5/PdfhqIm5tPD9ZuEkrQwl0Blv244W9D9oQQpl0ZKocfnwj1oK5Qi
LmSfdww2fCPJpz+nRYn4uWmY9nhojTOSdIdkcu22AgOAAuxcR1qWna5/xQ6V4lD4
qrffVWApZndj/3+GT/P6COZAIdIZi0wvNy2kr9v09u4l41TKLD7aaO+2uFQ9nlwT
7mEUO5eKl7JxKjBvDkRvwqFqKWPwQLZgsx6wSScmUVsxexDbC2Obgwtlqhz+lvdO
oX4mvf6TkJN19kgEl1+AZVmd4R5+GRqrM2GvmQu8MJvAOqPXEx9y6ZJNAO9D7FcE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:34 2025 by rpki-client on console.sobornost.net