Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/07e947-a4dc-48df-92c0-9a1f0ddb9e70/1/TocS328LtH4EypX0JXxV-WS9TT0.roa
File: TocS328LtH4EypX0JXxV-WS9TT0.roa (raw, json)
Hash identifier: bEdaCkmgCoynn5OTjJyCYh6lNgGRH20s+aBGflckEag=
Subject key identifier: 4E:87:12:DF:6F:0B:B4:7E:04:CA:95:F4:25:7C:55:F9:64:BD:4D:3D
Certificate issuer: /CN=94e6f473302c6a3c89df7b8932c56bc841cb5fac
Certificate serial: 019421B1DB2E8996A2002AF004022DAC7F42
Authority key identifier: 94:E6:F4:73:30:2C:6A:3C:89:DF:7B:89:32:C5:6B:C8:41:CB:5F:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOb0czAsajyJ33uJMsVryEHLX6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/07e947-a4dc-48df-92c0-9a1f0ddb9e70/1/TocS328LtH4EypX0JXxV-WS9TT0.roa
Signing time: Wed 01 Jan 2025 11:48:11 +0000
ROA not before: Wed 01 Jan 2025 11:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203170
IP address blocks: 185.77.190.0/23 maxlen: 23
185.77.190.0/24 maxlen: 24
185.77.191.0/24 maxlen: 24
2a05:5f00::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:db:2e:89:96:a2:00:2a:f0:04:02:2d:ac:7f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e6f473302c6a3c89df7b8932c56bc841cb5fac
Validity
Not Before: Jan 1 11:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e8712df6f0bb47e04ca95f4257c55f964bd4d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:18:a2:42:8d:f2:e8:91:1f:b6:0b:8c:5e:44:
5f:e1:81:d1:45:38:72:47:72:5c:c4:f0:53:4c:bb:
71:f6:a0:dd:f1:51:da:57:d7:38:75:19:3c:a3:dd:
d1:2b:bd:7e:34:21:92:98:32:ed:59:6a:1d:9c:5d:
5f:76:e3:36:93:e4:82:d3:8b:7b:e9:fd:ae:8a:21:
10:96:2b:14:f8:5b:da:cc:fc:fe:fb:ff:13:51:ae:
25:94:7f:42:a8:3a:76:20:70:79:4b:a5:64:c5:38:
24:f0:95:b2:b8:51:f2:a3:a7:db:c0:ff:41:5b:a8:
c1:3b:69:96:4c:4c:11:79:15:d3:f9:76:bf:dd:39:
ad:5e:1e:5d:74:f2:3c:be:6d:ad:af:af:ee:6b:3a:
29:c3:e3:c3:94:03:14:bf:2c:cd:93:09:04:04:40:
d5:b0:be:a1:58:dd:67:35:d2:06:86:55:fa:0f:9c:
b8:58:db:c7:8d:91:8c:df:8c:65:e3:3a:8f:b9:51:
62:fd:44:35:5e:f6:87:e9:22:63:be:f5:c0:d7:f1:
ac:e8:bc:51:1c:e0:0c:c9:bc:38:ec:f1:98:3f:b9:
4f:39:36:8d:15:f6:08:37:a0:5a:6e:01:08:fe:e8:
8c:af:3b:d0:15:0e:b8:09:1d:2b:36:23:d8:24:4d:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:87:12:DF:6F:0B:B4:7E:04:CA:95:F4:25:7C:55:F9:64:BD:4D:3D
X509v3 Authority Key Identifier:
keyid:94:E6:F4:73:30:2C:6A:3C:89:DF:7B:89:32:C5:6B:C8:41:CB:5F:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOb0czAsajyJ33uJMsVryEHLX6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/07e947-a4dc-48df-92c0-9a1f0ddb9e70/1/TocS328LtH4EypX0JXxV-WS9TT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/07e947-a4dc-48df-92c0-9a1f0ddb9e70/1/lOb0czAsajyJ33uJMsVryEHLX6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.190.0/23
IPv6:
2a05:5f00::/30
Signature Algorithm: sha256WithRSAEncryption
71:81:e3:94:11:f6:09:0d:15:b4:6e:ea:cf:0e:27:b8:f2:93:
d1:c4:22:b0:37:39:42:47:cb:f2:15:09:59:3b:b8:c8:9f:66:
4a:f8:d7:1d:f4:91:96:7b:69:1f:df:d1:13:eb:0c:8b:43:63:
0a:d1:70:0e:88:59:91:8b:54:54:e8:fe:cd:59:31:e4:97:e6:
0d:90:d2:f8:5e:47:64:5f:83:61:36:ad:b7:0d:d4:36:5f:27:
29:ea:e2:0e:8a:a0:a0:30:4a:d9:4d:fc:67:dc:1d:d7:27:75:
0e:69:18:24:d8:25:24:6e:fe:6e:52:59:12:c8:4b:87:c9:8d:
3c:11:42:e5:3e:5f:ab:9b:18:40:12:f8:e2:b5:e7:5a:50:03:
1c:b5:38:0b:11:d4:79:89:47:fa:4a:21:0a:10:47:51:91:f5:
e0:a2:b2:fc:cb:fd:30:b3:4c:ff:13:e5:78:0d:fa:37:36:4c:
31:68:2b:db:b0:ff:ec:3c:f4:88:b8:44:27:0f:ba:a4:e6:31:
54:d7:43:21:4b:6d:3d:73:05:5b:00:79:a9:12:ea:08:b8:c1:
8e:07:59:b9:c0:8b:c2:80:ce:7f:7c:55:e5:b1:ad:af:ac:2d:
73:ed:cc:61:7c:1f:0d:6f:15:ff:c9:90:40:ed:64:2e:15:59:
94:43:51:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsdsuiZaiACrwBAItrH9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTZmNDczMzAyYzZhM2M4OWRmN2I4OTMyYzU2YmM4NDFj
YjVmYWMwHhcNMjUwMTAxMTE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTg3MTJkZjZmMGJiNDdlMDRjYTk1ZjQyNTdjNTVmOTY0YmQ0ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihiiQo3y6JEftguMXkRf4YHRRThy
R3JcxPBTTLtx9qDd8VHaV9c4dRk8o93RK71+NCGSmDLtWWodnF1fduM2k+SC04t7
6f2uiiEQlisU+FvazPz++/8TUa4llH9CqDp2IHB5S6VkxTgk8JWyuFHyo6fbwP9B
W6jBO2mWTEwReRXT+Xa/3TmtXh5ddPI8vm2tr6/uazopw+PDlAMUvyzNkwkEBEDV
sL6hWN1nNdIGhlX6D5y4WNvHjZGM34xl4zqPuVFi/UQ1XvaH6SJjvvXA1/Gs6LxR
HOAMybw47PGYP7lPOTaNFfYIN6BabgEI/uiMrzvQFQ64CR0rNiPYJE2dAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE6HEt9vC7R+BMqV9CV8VflkvU09MB8GA1UdIwQY
MBaAFJTm9HMwLGo8id97iTLFa8hBy1+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9iMGN6QXNhanlKMzN1Sk1zVnJ5RUhMWDZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wN2U5NDctYTRkYy00OGRmLTkyYzAt
OWExZjBkZGI5ZTcwLzEvVG9jUzMyOEx0SDRFeXBYMEpYeFYtV1M5VFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wN2U5NDctYTRkYy00OGRmLTkyYzAtOWExZjBkZGI5ZTcw
LzEvbE9iMGN6QXNhanlKMzN1Sk1zVnJ5RUhMWDZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU2+MA0E
AgACMAcDBQIqBV8AMA0GCSqGSIb3DQEBCwUAA4IBAQBxgeOUEfYJDRW0burPDie4
8pPRxCKwNzlCR8vyFQlZO7jIn2ZK+Ncd9JGWe2kf39ET6wyLQ2MK0XAOiFmRi1RU
6P7NWTHkl+YNkNL4XkdkX4NhNq23DdQ2Xycp6uIOiqCgMErZTfxn3B3XJ3UOaRgk
2CUkbv5uUlkSyEuHyY08EULlPl+rmxhAEvjitedaUAMctTgLEdR5iUf6SiEKEEdR
kfXgorL8y/0ws0z/E+V4Dfo3NkwxaCvbsP/sPPSIuEQnD7qk5jFU10MhS209cwVb
AHmpEuoIuMGOB1m5wIvCgM5/fFXlsa2vrC1z7cxhfB8NbxX/yZBA7WQuFVmUQ1E+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:39 2025 by rpki-client on console.sobornost.net