Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/RCG29GRzXNkfnM3mAc2fQgzDKKo.roa
File: RCG29GRzXNkfnM3mAc2fQgzDKKo.roa (raw, json)
Hash identifier: VMJ45tdoRBW32E+FWz6jKq995VHfDQKLmdI/8SmUIrw=
Subject key identifier: 44:21:B6:F4:64:73:5C:D9:1F:9C:CD:E6:01:CD:9F:42:0C:C3:28:AA
Certificate issuer: /CN=01fab8f3d1fb3d2a35c4f67a48f6f6083eaba575
Certificate serial: 0194221FD8818FC8FDC8B3607935DB90B4B3
Authority key identifier: 01:FA:B8:F3:D1:FB:3D:2A:35:C4:F6:7A:48:F6:F6:08:3E:AB:A5:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Afq489H7PSo1xPZ6SPb2CD6rpXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/RCG29GRzXNkfnM3mAc2fQgzDKKo.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203667
IP address blocks: 185.233.72.0/22 maxlen: 22
2a0c:d700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d8:81:8f:c8:fd:c8:b3:60:79:35:db:90:b4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01fab8f3d1fb3d2a35c4f67a48f6f6083eaba575
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4421b6f464735cd91f9ccde601cd9f420cc328aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:08:eb:ec:b2:f3:f7:17:68:81:57:9e:2a:1a:
d1:fe:78:63:ca:e9:ad:34:a9:69:00:cf:f2:14:48:
ea:ad:a1:ad:9c:b0:47:43:37:8e:27:ac:a7:84:d4:
07:0a:04:48:50:26:a8:24:1f:0f:70:43:21:5e:55:
69:56:c7:0f:90:2d:a8:df:92:39:5e:15:81:a4:b4:
eb:b4:17:af:0c:95:4f:53:8e:55:4a:de:83:9a:c4:
17:b5:8a:cd:48:52:de:19:65:b1:35:6a:0f:34:6d:
32:0e:69:2a:22:6c:6b:44:0a:e0:c6:5f:ad:04:79:
b5:8b:da:45:38:b9:ea:b3:be:05:99:bb:ec:8c:94:
e7:0a:cf:aa:27:a5:6b:f6:09:a7:cd:79:f4:18:fe:
f4:d1:74:d5:6a:39:b7:72:c9:34:95:a8:cb:8f:a0:
13:70:98:92:0b:7a:a8:7e:94:5d:b3:72:c6:86:99:
32:2f:56:2c:84:56:df:78:30:48:31:ab:39:70:cd:
93:fe:d1:8d:40:62:82:dd:fb:a5:4b:46:78:a2:1e:
f0:0e:9f:fc:61:9d:a0:5c:08:a8:27:b3:c0:fe:28:
2f:5c:8a:87:4f:92:54:e7:79:4e:f9:65:80:8c:82:
00:e3:71:3b:5c:0d:90:7e:a8:8f:7e:7e:a0:a8:0a:
da:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:21:B6:F4:64:73:5C:D9:1F:9C:CD:E6:01:CD:9F:42:0C:C3:28:AA
X509v3 Authority Key Identifier:
keyid:01:FA:B8:F3:D1:FB:3D:2A:35:C4:F6:7A:48:F6:F6:08:3E:AB:A5:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afq489H7PSo1xPZ6SPb2CD6rpXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/RCG29GRzXNkfnM3mAc2fQgzDKKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/Afq489H7PSo1xPZ6SPb2CD6rpXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.72.0/22
IPv6:
2a0c:d700::/29
Signature Algorithm: sha256WithRSAEncryption
51:b4:40:1d:7f:d1:23:d1:33:4a:d9:ea:16:91:2c:b1:44:30:
12:32:3f:3e:88:ea:99:a4:e8:82:4f:79:82:bd:6f:fa:24:e6:
29:ff:49:8d:07:dc:1b:9b:b0:67:56:ee:12:d1:5b:b2:a0:0d:
bb:3d:57:1e:a6:2b:16:97:40:38:3b:84:27:93:c4:45:a3:20:
71:8d:46:10:60:44:3a:d7:6a:07:b9:23:06:80:ac:88:90:a7:
c4:47:36:02:12:0b:b3:1e:0b:26:3f:d4:7c:00:af:5e:0c:b7:
48:5e:8b:a0:64:e7:dd:0d:15:3a:66:64:10:e4:41:ff:77:d5:
f9:b2:f3:f7:09:a3:8a:3d:3a:e5:97:45:b4:1d:c5:6b:6a:22:
1e:07:3f:f9:cf:a5:e8:f5:a0:72:ba:b7:d9:76:cf:6b:bd:1d:
49:93:fc:61:f1:53:a1:fd:7c:4b:ef:a5:ff:2d:6d:45:68:59:
8d:75:21:6f:66:55:2f:b2:c9:19:06:78:55:1d:2a:b4:9f:46:
76:c6:db:18:a4:c1:d4:60:e1:ab:ff:3c:6e:45:00:a3:4d:b9:
38:e0:28:51:3f:fe:71:f2:7d:71:0d:37:0a:a2:55:45:7a:ef:
49:88:53:fe:d7:ab:7f:ff:e6:84:d8:54:93:42:f3:68:c2:be:
bd:2b:a4:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH9iBj8j9yLNgeTXbkLSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmFiOGYzZDFmYjNkMmEzNWM0ZjY3YTQ4ZjZmNjA4M2Vh
YmE1NzUwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIxYjZmNDY0NzM1Y2Q5MWY5Y2NkZTYwMWNkOWY0MjBjYzMyOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgjr7LLz9xdogVeeKhrR/nhjyumt
NKlpAM/yFEjqraGtnLBHQzeOJ6ynhNQHCgRIUCaoJB8PcEMhXlVpVscPkC2o35I5
XhWBpLTrtBevDJVPU45VSt6DmsQXtYrNSFLeGWWxNWoPNG0yDmkqImxrRArgxl+t
BHm1i9pFOLnqs74FmbvsjJTnCs+qJ6Vr9gmnzXn0GP700XTVajm3csk0lajLj6AT
cJiSC3qofpRds3LGhpkyL1YshFbfeDBIMas5cM2T/tGNQGKC3fulS0Z4oh7wDp/8
YZ2gXAioJ7PA/igvXIqHT5JU53lO+WWAjIIA43E7XA2QfqiPfn6gqAraYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEQhtvRkc1zZH5zN5gHNn0IMwyiqMB8GA1UdIwQY
MBaAFAH6uPPR+z0qNcT2ekj29gg+q6V1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZxNDg5SDdQU28xeFBaNlNQYjJDRDZycFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy85N2Y5MTctOTNmOC00MDVjLTlkNTUt
YTNjMDYxZDhiZTkxLzEvUkNHMjlHUnpYTmtmbk0zbUFjMmZRZ3pES0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy85N2Y5MTctOTNmOC00MDVjLTlkNTUtYTNjMDYxZDhiZTkx
LzEvQWZxNDg5SDdQU28xeFBaNlNQYjJDRDZycFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuelIMA0E
AgACMAcDBQMqDNcAMA0GCSqGSIb3DQEBCwUAA4IBAQBRtEAdf9Ej0TNK2eoWkSyx
RDASMj8+iOqZpOiCT3mCvW/6JOYp/0mNB9wbm7BnVu4S0VuyoA27PVcepisWl0A4
O4Qnk8RFoyBxjUYQYEQ612oHuSMGgKyIkKfERzYCEguzHgsmP9R8AK9eDLdIXoug
ZOfdDRU6ZmQQ5EH/d9X5svP3CaOKPTrll0W0HcVraiIeBz/5z6Xo9aByurfZds9r
vR1Jk/xh8VOh/XxL76X/LW1FaFmNdSFvZlUvsskZBnhVHSq0n0Z2xtsYpMHUYOGr
/zxuRQCjTbk44ChRP/5x8n1xDTcKolVFeu9JiFP+16t//+aE2FSTQvNowr69K6QR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net