Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/_wZ7w3Scv14H15k_iZCT9mnEPVI.roa
File: _wZ7w3Scv14H15k_iZCT9mnEPVI.roa (raw, json)
Hash identifier: JHtZU8B5JlDmryEaVYDxAxM9JobFikDH6+vwZ+Ii1xM=
Subject key identifier: FF:06:7B:C3:74:9C:BF:5E:07:D7:99:3F:89:90:93:F6:69:C4:3D:52
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 019425215E1C297B1DE1EB7004DE990EB2AE
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/_wZ7w3Scv14H15k_iZCT9mnEPVI.roa
Signing time: Thu 02 Jan 2025 03:48:51 +0000
ROA not before: Thu 02 Jan 2025 03:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57129
IP address blocks: 185.128.32.0/22 maxlen: 24
185.202.200.0/22 maxlen: 24
2a06:cd00::/29 maxlen: 48
2a0d:5900::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5e:1c:29:7b:1d:e1:eb:70:04:de:99:0e:b2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Jan 2 03:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff067bc3749cbf5e07d7993f899093f669c43d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:74:6c:47:d1:1b:96:3c:ed:c7:ae:51:73:
57:21:11:9e:ee:d4:ff:6f:30:13:92:4b:80:60:82:
90:72:34:8b:cb:4c:fe:66:82:30:ee:78:15:86:61:
8e:bf:1d:07:7c:95:d2:b3:e9:65:a3:0b:6c:d5:3a:
1b:fe:86:d3:b3:93:7c:64:10:d1:6e:5d:e7:0a:52:
ab:41:65:80:4a:58:d0:96:5c:df:d7:8d:ad:e7:08:
3c:8b:a0:cb:58:d4:50:be:24:98:5d:75:74:16:7f:
e2:15:54:15:2e:ae:7d:34:de:70:62:9d:c3:38:2e:
7b:26:67:83:05:c0:97:e1:ab:b9:a9:8e:c4:f4:ce:
71:64:ed:8c:4f:4a:08:ec:1e:30:4b:f0:20:a7:f9:
5a:c4:b2:c0:71:ab:06:ab:36:ec:33:cb:5b:20:17:
93:f8:4a:7c:f6:bc:a7:49:32:36:7d:6b:97:dc:4f:
9e:3e:9c:c2:99:4e:57:b1:ba:d9:a8:15:89:de:66:
fa:c5:13:23:fe:46:e3:02:16:85:2b:4f:07:20:09:
4b:9e:d7:b7:2e:cf:92:3a:53:c5:81:ec:72:3c:c5:
33:b8:6d:1b:e9:d6:e4:d5:ef:aa:f8:f1:95:e0:ad:
3c:68:36:08:34:4f:ec:f2:95:0d:65:96:e6:8c:32:
b7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:06:7B:C3:74:9C:BF:5E:07:D7:99:3F:89:90:93:F6:69:C4:3D:52
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/_wZ7w3Scv14H15k_iZCT9mnEPVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.32.0/22
185.202.200.0/22
IPv6:
2a06:cd00::/29
2a0d:5900::/29
Signature Algorithm: sha256WithRSAEncryption
a3:38:91:6e:25:ff:c4:eb:8e:aa:6e:34:89:8b:b0:f7:f3:1d:
12:e3:c2:34:b7:71:1e:1f:cd:52:de:ed:68:ec:27:24:1d:01:
36:1e:24:81:d5:2d:8a:d5:db:82:18:83:3c:da:d9:39:5e:ab:
d6:fc:2c:de:2b:ab:dd:e4:cb:00:e4:97:70:7a:c8:ed:14:4a:
c2:6d:bc:7a:c9:0b:68:5d:ec:95:e3:c7:ef:84:d7:d2:d6:32:
aa:db:b0:f7:96:10:09:cc:1e:9a:d0:f4:9b:d1:4a:11:71:58:
d3:cb:bb:a4:d0:b6:25:67:5a:ac:81:fa:11:00:7f:8a:f3:b7:
8a:73:2f:9c:a0:2c:22:9f:fd:6f:cf:5d:b9:0e:bb:6f:c9:20:
a4:f5:10:67:15:f3:35:39:56:a0:cd:93:3f:31:63:5e:9c:f7:
ac:2c:ce:68:fc:7f:14:1b:99:70:00:fa:ae:4f:d3:ac:17:a6:
19:a1:58:84:ef:47:83:ec:22:67:fc:94:c2:e7:29:07:ae:fe:
bb:d4:30:96:db:f4:21:59:bc:b0:82:be:b2:03:e2:e6:b4:92:
5f:a8:dd:04:b5:c3:7e:1a:af:e7:8e:56:46:91:b6:8b:cd:df:
0b:37:08:d6:0e:36:70:d6:80:fe:2a:a1:23:ee:f3:47:7a:7d:
c4:3b:e6:8a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlIV4cKXsd4etwBN6ZDrKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjUwMTAyMDM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA2N2JjMzc0OWNiZjVlMDdkNzk5M2Y4OTkwOTNmNjY5YzQzZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupR0bEfRG5Y87ceuUXNXIRGe7tT/
bzATkkuAYIKQcjSLy0z+ZoIw7ngVhmGOvx0HfJXSs+llowts1Tob/obTs5N8ZBDR
bl3nClKrQWWASljQllzf142t5wg8i6DLWNRQviSYXXV0Fn/iFVQVLq59NN5wYp3D
OC57JmeDBcCX4au5qY7E9M5xZO2MT0oI7B4wS/Agp/laxLLAcasGqzbsM8tbIBeT
+Ep89rynSTI2fWuX3E+ePpzCmU5XsbrZqBWJ3mb6xRMj/kbjAhaFK08HIAlLnte3
Ls+SOlPFgexyPMUzuG0b6dbk1e+q+PGV4K08aDYINE/s8pUNZZbmjDK3RwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFP8Ge8N0nL9eB9eZP4mQk/ZpxD1SMB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvX3daN3czU2N2MTRIMTVrX2laQ1Q5bW5FUFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuYAgAwQC
ucrIMBQEAgACMA4DBQMqBs0AAwUDKg1ZADANBgkqhkiG9w0BAQsFAAOCAQEAoziR
biX/xOuOqm40iYuw9/MdEuPCNLdxHh/NUt7taOwnJB0BNh4kgdUtitXbghiDPNrZ
OV6r1vws3iur3eTLAOSXcHrI7RRKwm28eskLaF3slePH74TX0tYyqtuw95YQCcwe
mtD0m9FKEXFY08u7pNC2JWdarIH6EQB/ivO3inMvnKAsIp/9b89duQ67b8kgpPUQ
ZxXzNTlWoM2TPzFjXpz3rCzOaPx/FBuZcAD6rk/TrBemGaFYhO9Hg+wiZ/yUwucp
B67+u9Qwltv0IVm8sIK+sgPi5rSSX6jdBLXDfhqv545WRpG2i83fCzcI1g42cNaA
/iqhI+7zR3p9xDvmig==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net