Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/g4DPD_TlI2jk4YtUIO3nppJCypo.roa
File: g4DPD_TlI2jk4YtUIO3nppJCypo.roa (raw, json)
Hash identifier: 1cUob6Ttj1c9mZCdpqGoW3x2UVNqUiWBsqfqlcDpGkM=
Subject key identifier: 83:80:CF:0F:F4:E5:23:68:E4:E1:8B:54:20:ED:E7:A6:92:42:CA:9A
Certificate issuer: /CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Certificate serial: 0194228E24A247F9356838F4232BBF9D7826
Authority key identifier: 58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/g4DPD_TlI2jk4YtUIO3nppJCypo.roa
Signing time: Wed 01 Jan 2025 15:48:48 +0000
ROA not before: Wed 01 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16218
IP address blocks: 185.60.208.0/22 maxlen: 22
217.113.32.0/20 maxlen: 20
2a02:ea0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:24:a2:47:f9:35:68:38:f4:23:2b:bf:9d:78:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Validity
Not Before: Jan 1 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8380cf0ff4e52368e4e18b5420ede7a69242ca9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:92:04:0b:0a:4e:9c:26:f7:58:62:dd:7a:41:
12:1d:6b:76:73:ec:ec:ca:e2:7e:b2:df:ca:6c:7c:
4b:0c:b3:ca:1a:89:65:6e:b6:c0:80:ab:f0:85:94:
39:d6:e4:d5:33:45:a0:24:fb:4a:59:3c:9f:b4:37:
16:92:53:49:a0:74:99:bd:d3:f9:8d:16:73:0b:40:
5a:fe:a1:aa:9c:90:ae:53:14:b3:15:0c:2a:61:a3:
6b:e3:96:94:42:5a:f9:d8:2f:3d:6b:e2:5d:91:b6:
3e:33:89:7e:e3:00:06:36:61:9e:f0:2f:57:cb:17:
1e:b1:ee:b7:32:b5:d0:21:0e:bc:9b:f1:37:a4:88:
31:1b:4e:85:61:7c:ae:51:7f:6a:35:a0:6a:38:fe:
e4:31:4b:28:f9:a9:3d:ab:0e:fa:e3:14:11:8f:67:
15:fc:b6:15:09:b3:5a:e0:a2:96:49:d9:23:67:5a:
97:0e:a5:4b:95:cd:d1:ec:46:7c:40:60:c9:bf:7a:
fe:8b:c9:fa:46:8d:b9:50:06:cb:ab:66:7d:87:7f:
76:e0:4f:bc:a2:ec:1d:04:36:fd:bb:a5:d1:49:d9:
b8:bc:9e:08:b2:24:b1:30:91:15:2f:59:33:5d:a4:
c8:d4:f3:27:20:ec:19:98:5c:75:a9:64:83:f7:ce:
0c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:80:CF:0F:F4:E5:23:68:E4:E1:8B:54:20:ED:E7:A6:92:42:CA:9A
X509v3 Authority Key Identifier:
keyid:58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/g4DPD_TlI2jk4YtUIO3nppJCypo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/WNKjVqVHgVW-qovGJWqG9tWz9zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.208.0/22
217.113.32.0/20
IPv6:
2a02:ea0::/29
Signature Algorithm: sha256WithRSAEncryption
02:c6:9a:71:31:5e:9c:a0:7e:c1:f0:97:e0:91:03:88:66:e3:
0a:a7:54:01:e0:ea:34:51:72:9c:83:d0:e3:85:e9:cc:d5:09:
3a:6d:42:c4:f3:9f:e3:06:b1:2e:91:d2:10:c6:a7:7c:e4:40:
0f:23:81:68:21:a8:1e:1a:28:00:19:93:71:76:7c:3c:04:de:
85:8e:9e:1e:e8:c2:22:65:d8:4a:f6:71:82:11:6d:71:12:90:
d2:39:54:2d:18:a5:a7:20:c1:9a:28:3d:fc:a0:a0:87:19:ca:
7c:e5:5b:49:20:31:b8:2c:31:aa:a4:79:87:b2:5c:bd:8a:b4:
9b:07:4e:53:34:5f:e7:2c:81:ca:72:33:e3:1e:04:21:4b:e2:
e2:fc:e6:cd:d2:cf:3f:02:87:b1:5d:af:b5:39:33:90:90:0d:
32:cf:71:d3:23:fd:49:b8:ee:4b:d3:98:de:8c:d5:9f:70:74:
79:4f:fa:af:53:94:a7:ba:99:fe:59:0c:3d:31:3f:de:76:38:
34:b7:fe:43:d1:7e:bb:e7:c6:81:b2:12:0d:19:45:d6:f3:55:
06:85:a9:89:8f:e1:ac:f7:ad:9b:f4:52:1f:8b:b4:7f:8e:a9:
71:66:73:7e:77:dc:d4:dc:f8:47:5c:0b:5e:1e:07:3c:14:a7:
d9:9a:7c:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijiSiR/k1aDj0Iyu/nXgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJhMzU2YTU0NzgxNTViZWFhOGJjNjI1NmE4NmY2ZDVi
M2Y3M2MwHhcNMjUwMTAxMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzgwY2YwZmY0ZTUyMzY4ZTRlMThiNTQyMGVkZTdhNjkyNDJjYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpIECwpOnCb3WGLdekESHWt2c+zs
yuJ+st/KbHxLDLPKGollbrbAgKvwhZQ51uTVM0WgJPtKWTyftDcWklNJoHSZvdP5
jRZzC0Ba/qGqnJCuUxSzFQwqYaNr45aUQlr52C89a+JdkbY+M4l+4wAGNmGe8C9X
yxcese63MrXQIQ68m/E3pIgxG06FYXyuUX9qNaBqOP7kMUso+ak9qw764xQRj2cV
/LYVCbNa4KKWSdkjZ1qXDqVLlc3R7EZ8QGDJv3r+i8n6Ro25UAbLq2Z9h3924E+8
ouwdBDb9u6XRSdm4vJ4IsiSxMJEVL1kzXaTI1PMnIOwZmFx1qWSD984MWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIOAzw/05SNo5OGLVCDt56aSQsqaMB8GA1UdIwQY
MBaAFFjSo1alR4FVvqqLxiVqhvbVs/c8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05LalZxVkhnVlctcW92R0pXcUc5dFd6OXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNWFmYzItYjA0Yy00NDZkLTlhMDQt
OTA1MzA1NGE1Y2FiLzEvZzREUERfVGxJMmprNFl0VUlPM25wcEpDeXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNWFmYzItYjA0Yy00NDZkLTlhMDQtOTA1MzA1NGE1Y2Fi
LzEvV05LalZxVkhnVlctcW92R0pXcUc5dFd6OXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTzQAwQE
2XEgMA0EAgACMAcDBQMqAg6gMA0GCSqGSIb3DQEBCwUAA4IBAQACxppxMV6coH7B
8JfgkQOIZuMKp1QB4Oo0UXKcg9DjhenM1Qk6bULE85/jBrEukdIQxqd85EAPI4Fo
IageGigAGZNxdnw8BN6Fjp4e6MIiZdhK9nGCEW1xEpDSOVQtGKWnIMGaKD38oKCH
Gcp85VtJIDG4LDGqpHmHsly9irSbB05TNF/nLIHKcjPjHgQhS+Li/ObN0s8/Aoex
Xa+1OTOQkA0yz3HTI/1JuO5L05jejNWfcHR5T/qvU5Snupn+WQw9MT/edjg0t/5D
0X6758aBshINGUXW81UGhamJj+Gs962b9FIfi7R/jqlxZnN+d9zU3PhHXAteHgc8
FKfZmnwE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net