Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/cwewYqqUz_DTY7N101NBNvby5-A.roa
File: cwewYqqUz_DTY7N101NBNvby5-A.roa (raw, json)
Hash identifier: 12Ilbr32JYBfPHCal30nzRY5XUe8GWiDmB7OIucWhgs=
Subject key identifier: 73:07:B0:62:AA:94:CF:F0:D3:63:B3:75:D3:53:41:36:F6:F2:E7:E0
Certificate issuer: /CN=2bf0a0197868c6d8c34dd16b3f44decc5e4236f5
Certificate serial: 0194236A1E2DD53629A04A7DA1826ADD3997
Authority key identifier: 2B:F0:A0:19:78:68:C6:D8:C3:4D:D1:6B:3F:44:DE:CC:5E:42:36:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K_CgGXhoxtjDTdFrP0TezF5CNvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/cwewYqqUz_DTY7N101NBNvby5-A.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6758
IP address blocks: 176.121.52.0/22 maxlen: 22
185.243.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1e:2d:d5:36:29:a0:4a:7d:a1:82:6a:dd:39:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bf0a0197868c6d8c34dd16b3f44decc5e4236f5
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7307b062aa94cff0d363b375d3534136f6f2e7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b3:07:f0:2d:da:4b:d2:de:8f:cc:5f:b1:8a:
b9:c4:bd:81:89:3d:17:08:83:11:c3:0d:69:0f:7e:
5d:d9:29:ba:60:59:08:a5:3e:5b:0b:93:7a:a9:f2:
f1:ac:af:54:29:b4:cd:cc:a2:78:ba:6b:fa:68:4d:
63:44:b1:a8:0d:a0:39:59:e2:0b:55:04:f4:79:bb:
19:04:3a:de:ff:4c:31:35:3a:7c:26:40:2c:db:18:
c7:98:1c:6a:36:2d:f3:dc:ce:6d:95:2f:ad:f6:05:
6e:3e:7f:0e:f5:dd:64:46:10:a6:41:c6:1f:dd:ce:
a9:f6:ee:06:bd:8d:04:5d:ac:2e:5c:52:b1:03:21:
29:5f:23:5f:ff:29:76:3d:21:66:dd:55:83:24:58:
f4:ab:45:4c:51:01:e8:53:39:a8:f1:d9:5c:50:3e:
89:5e:ce:cb:e8:3f:06:d7:b1:21:ff:ca:8f:a4:6e:
32:5d:4c:a1:47:4d:aa:a5:cf:94:f0:65:74:80:93:
5b:f1:fd:cd:8b:24:d2:4a:6a:ae:c5:6b:71:85:c4:
7e:23:29:c3:b0:c5:a1:55:4f:ed:0c:75:73:fe:0a:
8a:fc:10:1c:75:35:40:a6:48:7f:0d:17:b8:12:55:
7b:37:0d:c6:af:c0:10:f6:be:d5:8d:27:70:98:7c:
75:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:07:B0:62:AA:94:CF:F0:D3:63:B3:75:D3:53:41:36:F6:F2:E7:E0
X509v3 Authority Key Identifier:
keyid:2B:F0:A0:19:78:68:C6:D8:C3:4D:D1:6B:3F:44:DE:CC:5E:42:36:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K_CgGXhoxtjDTdFrP0TezF5CNvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/cwewYqqUz_DTY7N101NBNvby5-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.52.0/22
185.243.3.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9c:e6:f0:d6:af:e3:95:2e:f3:29:0d:7e:fa:cc:eb:08:bd:
a6:8a:87:4b:ac:51:53:a2:df:a6:a1:4c:39:05:0b:7a:d7:ed:
ef:59:61:42:72:8b:f0:f1:e7:6d:5b:99:20:b9:c4:ad:26:1e:
79:11:c8:a9:4a:c0:1e:e7:9d:da:b8:4e:49:54:1e:3e:8c:13:
19:cf:7d:3e:24:75:17:9a:cf:67:a2:8d:d6:67:41:21:cb:3f:
fa:f1:d3:4e:fa:41:c3:19:6a:aa:f5:6b:71:23:1c:49:39:39:
84:0b:d3:79:86:de:18:0b:c9:d7:95:3a:6c:e0:83:79:e0:63:
8a:d5:9b:a8:d5:79:39:ed:d6:ab:8e:e2:eb:27:56:64:c5:94:
aa:a8:cf:e8:4e:79:3b:fe:37:bb:2e:ab:62:a0:de:65:eb:ce:
8f:42:26:68:fb:51:a1:51:be:29:14:77:18:fe:fb:df:9e:18:
6f:83:14:fb:f3:48:e9:a5:f8:5b:7c:1e:78:de:06:32:1c:4d:
87:74:23:d5:27:a2:21:17:f3:92:f8:03:11:09:f9:11:6c:0e:
85:75:6a:69:bc:2f:67:b5:9d:fb:81:20:33:49:b0:ab:4d:7f:
d4:34:3e:80:ad:b7:26:b9:b9:e5:a7:5e:16:4b:c0:ae:ba:63:
7b:a5:e9:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjah4t1TYpoEp9oYJq3TmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZjBhMDE5Nzg2OGM2ZDhjMzRkZDE2YjNmNDRkZWNjNWU0
MjM2ZjUwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA3YjA2MmFhOTRjZmYwZDM2M2IzNzVkMzUzNDEzNmY2ZjJlN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bMH8C3aS9Lej8xfsYq5xL2BiT0X
CIMRww1pD35d2Sm6YFkIpT5bC5N6qfLxrK9UKbTNzKJ4umv6aE1jRLGoDaA5WeIL
VQT0ebsZBDre/0wxNTp8JkAs2xjHmBxqNi3z3M5tlS+t9gVuPn8O9d1kRhCmQcYf
3c6p9u4GvY0EXawuXFKxAyEpXyNf/yl2PSFm3VWDJFj0q0VMUQHoUzmo8dlcUD6J
Xs7L6D8G17Eh/8qPpG4yXUyhR02qpc+U8GV0gJNb8f3NiyTSSmquxWtxhcR+IynD
sMWhVU/tDHVz/gqK/BAcdTVApkh/DRe4ElV7Nw3Gr8AQ9r7VjSdwmHx17wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHMHsGKqlM/w02OzddNTQTb28ufgMB8GA1UdIwQY
MBaAFCvwoBl4aMbYw03Raz9E3sxeQjb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS19DZ0dYaG94dGpEVGRGclAwVGV6RjVDTnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80MGQyMjAtNjIxZC00NmZiLWFjOWMt
NDhiODM2NmZmMjNlLzEvY3dld1lxcVV6X0RUWTdOMTAxTkJOdmJ5NS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80MGQyMjAtNjIxZC00NmZiLWFjOWMtNDhiODM2NmZmMjNl
LzEvS19DZ0dYaG94dGpEVGRGclAwVGV6RjVDTnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHk0AwQA
ufMDMA0GCSqGSIb3DQEBCwUAA4IBAQBwnObw1q/jlS7zKQ1++szrCL2miodLrFFT
ot+moUw5BQt61+3vWWFCcovw8edtW5kgucStJh55EcipSsAe553auE5JVB4+jBMZ
z30+JHUXms9noo3WZ0Ehyz/68dNO+kHDGWqq9WtxIxxJOTmEC9N5ht4YC8nXlTps
4IN54GOK1Zuo1Xk57darjuLrJ1ZkxZSqqM/oTnk7/je7LqtioN5l686PQiZo+1Gh
Ub4pFHcY/vvfnhhvgxT780jppfhbfB543gYyHE2HdCPVJ6IhF/OS+AMRCfkRbA6F
dWppvC9ntZ37gSAzSbCrTX/UND6Arbcmubnlp14WS8CuumN7pekf
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:38 2025 by rpki-client on console.sobornost.net