Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4b622e-f5a1-4c2c-8c77-6f71cad16f96/1/2YmJTcAs1uemHQPUBr03G1oF2-o.roa
File: 2YmJTcAs1uemHQPUBr03G1oF2-o.roa (raw, json)
Hash identifier: pPzIg/QViF6nnNM/CzGYm2r3D8l+qUVLVDXD+71JZMM=
Subject key identifier: D9:89:89:4D:C0:2C:D6:E7:A6:1D:03:D4:06:BD:37:1B:5A:05:DB:EA
Certificate issuer: /CN=2f3fcb6425d598e4b87b04917b3ef9509e3b56c0
Certificate serial: 0194206826C741CBBF847CD5F5359C3F1272
Authority key identifier: 2F:3F:CB:64:25:D5:98:E4:B8:7B:04:91:7B:3E:F9:50:9E:3B:56:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lz_LZCXVmOS4ewSRez75UJ47VsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4b622e-f5a1-4c2c-8c77-6f71cad16f96/1/2YmJTcAs1uemHQPUBr03G1oF2-o.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211368
IP address blocks: 185.239.156.0/24 maxlen: 24
185.239.157.0/24 maxlen: 24
185.239.158.0/24 maxlen: 24
185.239.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:26:c7:41:cb:bf:84:7c:d5:f5:35:9c:3f:12:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3fcb6425d598e4b87b04917b3ef9509e3b56c0
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d989894dc02cd6e7a61d03d406bd371b5a05dbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d0:9d:c5:ae:68:62:03:0f:fc:b6:6e:a6:f6:
cd:1f:34:d0:08:43:9d:96:3a:08:d9:62:36:cc:46:
e1:82:90:73:07:51:d7:97:7e:3d:70:0e:b8:0b:aa:
98:93:8b:86:1e:1a:d9:c3:5b:4b:82:f7:5e:60:90:
87:b5:6e:32:f7:fc:94:fb:7f:87:5d:0e:f8:2d:e4:
1a:f7:3d:48:7d:cc:82:ec:cc:40:14:d9:7f:16:41:
ad:2c:3d:e5:58:90:67:22:f3:96:ba:89:76:c1:93:
d7:db:12:ff:fc:59:d0:a1:22:0f:8f:d7:9a:cf:4d:
76:ac:62:90:28:58:1f:34:6f:ee:99:2d:16:f9:b2:
16:70:41:76:0a:ad:c9:ed:c4:6d:cf:07:b4:c0:50:
0f:5c:90:9d:0e:87:b6:8f:68:53:e7:96:59:36:c4:
59:fa:c7:a1:a8:d6:1b:a7:e7:35:1a:f7:f8:8a:11:
d7:94:0a:c0:81:95:17:51:ed:f5:5d:ff:8b:e7:c5:
a4:ea:77:bb:3d:33:ca:57:d2:6d:49:71:71:1a:75:
91:bf:61:de:6a:4f:17:9b:aa:8d:ae:a5:e9:ad:ee:
b3:3c:ed:18:dc:40:1c:51:e2:86:97:f0:2b:1d:b3:
5c:3e:87:8a:9a:00:61:b1:b3:25:ce:e4:bb:69:54:
0d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:89:89:4D:C0:2C:D6:E7:A6:1D:03:D4:06:BD:37:1B:5A:05:DB:EA
X509v3 Authority Key Identifier:
keyid:2F:3F:CB:64:25:D5:98:E4:B8:7B:04:91:7B:3E:F9:50:9E:3B:56:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lz_LZCXVmOS4ewSRez75UJ47VsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4b622e-f5a1-4c2c-8c77-6f71cad16f96/1/2YmJTcAs1uemHQPUBr03G1oF2-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4b622e-f5a1-4c2c-8c77-6f71cad16f96/1/Lz_LZCXVmOS4ewSRez75UJ47VsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.156.0/22
Signature Algorithm: sha256WithRSAEncryption
82:c6:7c:d5:68:2c:89:26:a1:29:b6:00:15:59:cc:20:51:42:
24:ec:6f:17:ee:0a:2c:b8:66:a1:f4:31:a3:1e:f3:cd:6c:55:
f5:20:15:05:c0:06:16:5b:25:5c:77:d2:45:99:eb:dd:9e:80:
fd:71:8c:52:8c:aa:29:43:61:ba:0f:60:f9:6c:f8:d7:08:25:
f7:e5:be:d7:f7:11:6a:e3:c2:fe:1d:82:25:d9:a3:12:5f:91:
02:34:2c:a6:e6:31:64:e1:ff:71:a9:e2:fe:9a:b0:67:ee:44:
9e:44:2c:aa:4e:01:49:d1:a0:25:14:1e:9c:d4:4c:62:9c:c7:
94:8b:ef:34:23:18:e4:10:be:ef:e9:0b:13:bc:ff:55:e6:91:
fb:16:92:3e:6c:4a:4e:49:44:01:ce:46:30:3e:16:52:d2:ba:
85:8e:4a:8b:c8:82:21:0f:1a:92:09:72:74:17:ab:f4:9c:8d:
c3:e7:a4:59:59:ec:72:61:40:6b:5c:21:f7:1d:99:99:f6:9a:
fb:90:cb:b5:c7:54:8e:47:68:a1:3c:7f:fb:77:d4:cf:be:30:
01:d7:82:32:48:a2:9c:d7:00:aa:91:97:55:f8:30:3d:32:4b:
c5:43:25:4f:00:f4:b1:63:33:a9:dd:35:f1:65:f8:1c:18:69:
c8:55:ba:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaCbHQcu/hHzV9TWcPxJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmM2ZjYjY0MjVkNTk4ZTRiODdiMDQ5MTdiM2VmOTUwOWUz
YjU2YzAwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg5ODk0ZGMwMmNkNmU3YTYxZDAzZDQwNmJkMzcxYjVhMDVkYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNCdxa5oYgMP/LZupvbNHzTQCEOd
ljoI2WI2zEbhgpBzB1HXl349cA64C6qYk4uGHhrZw1tLgvdeYJCHtW4y9/yU+3+H
XQ74LeQa9z1IfcyC7MxAFNl/FkGtLD3lWJBnIvOWuol2wZPX2xL//FnQoSIPj9ea
z012rGKQKFgfNG/umS0W+bIWcEF2Cq3J7cRtzwe0wFAPXJCdDoe2j2hT55ZZNsRZ
+sehqNYbp+c1Gvf4ihHXlArAgZUXUe31Xf+L58Wk6ne7PTPKV9JtSXFxGnWRv2He
ak8Xm6qNrqXpre6zPO0Y3EAcUeKGl/ArHbNcPoeKmgBhsbMlzuS7aVQNZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmJiU3ALNbnph0D1Aa9NxtaBdvqMB8GA1UdIwQY
MBaAFC8/y2Ql1ZjkuHsEkXs++VCeO1bAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpfTFpDWFZtT1M0ZXdTUmV6NzVVSjQ3VnNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YjYyMmUtZjVhMS00YzJjLThjNzct
NmY3MWNhZDE2Zjk2LzEvMlltSlRjQXMxdWVtSFFQVUJyMDNHMW9GMi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YjYyMmUtZjVhMS00YzJjLThjNzctNmY3MWNhZDE2Zjk2
LzEvTHpfTFpDWFZtT1M0ZXdTUmV6NzVVSjQ3VnNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue+cMA0G
CSqGSIb3DQEBCwUAA4IBAQCCxnzVaCyJJqEptgAVWcwgUUIk7G8X7gosuGah9DGj
HvPNbFX1IBUFwAYWWyVcd9JFmevdnoD9cYxSjKopQ2G6D2D5bPjXCCX35b7X9xFq
48L+HYIl2aMSX5ECNCym5jFk4f9xqeL+mrBn7kSeRCyqTgFJ0aAlFB6c1ExinMeU
i+80IxjkEL7v6QsTvP9V5pH7FpI+bEpOSUQBzkYwPhZS0rqFjkqLyIIhDxqSCXJ0
F6v0nI3D56RZWexyYUBrXCH3HZmZ9pr7kMu1x1SOR2ihPH/7d9TPvjAB14IySKKc
1wCqkZdV+DA9MkvFQyVPAPSxYzOp3TXxZfgcGGnIVboX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net