Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/lBGL9p4jnzQMYNOwvgWWIRMR64U.roa
File: lBGL9p4jnzQMYNOwvgWWIRMR64U.roa (raw, json)
Hash identifier: 3FeAIvuJzpUiBU31icxKTzpDUG89bC33mLCDCqaCBw8=
Subject key identifier: 94:11:8B:F6:9E:23:9F:34:0C:60:D3:B0:BE:05:96:21:13:11:EB:85
Certificate issuer: /CN=25717849a69ad8df87088da658b2305b8594c8c4
Certificate serial: 019425FDCFDF6F8DCD6B6F1B3DD268ADA193
Authority key identifier: 25:71:78:49:A6:9A:D8:DF:87:08:8D:A6:58:B2:30:5B:85:94:C8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXF4Saaa2N-HCI2mWLIwW4WUyMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/lBGL9p4jnzQMYNOwvgWWIRMR64U.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211204
IP address blocks: 185.205.8.0/24 maxlen: 24
185.205.9.0/24 maxlen: 24
185.205.10.0/24 maxlen: 24
185.205.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:cf:df:6f:8d:cd:6b:6f:1b:3d:d2:68:ad:a1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25717849a69ad8df87088da658b2305b8594c8c4
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94118bf69e239f340c60d3b0be0596211311eb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0d:4f:42:6b:ec:de:7b:96:9d:fd:6d:18:02:
1a:c8:87:1c:07:67:76:3b:76:e6:9b:16:a1:2d:82:
cd:04:35:9b:c7:b1:88:71:df:41:a8:7e:8a:9f:06:
83:8d:08:26:52:e0:d3:4d:31:df:97:22:88:68:fb:
0c:45:ab:dd:91:68:4f:22:da:0a:eb:34:00:80:b7:
2d:ac:94:04:2d:81:c1:22:2c:e7:ec:fa:1d:df:e0:
82:b3:dc:03:26:91:70:65:44:3b:49:b6:92:0e:37:
7c:b1:a1:c4:0b:58:83:06:e9:4d:a4:4b:db:11:b7:
e0:6e:76:57:b2:58:3a:3c:5b:bd:a8:17:b6:80:1b:
8f:e3:94:24:cc:72:a9:01:ce:1b:d9:48:79:8b:8d:
71:ce:52:38:61:b2:7c:6c:01:a8:eb:17:2b:2b:a5:
ec:0b:30:e5:60:4a:37:de:45:d4:ef:73:6c:4e:ae:
13:cf:aa:e6:55:8d:1e:3e:43:d6:a9:f8:b6:9f:1a:
cd:31:f9:87:1f:dc:ea:a6:1b:d0:48:6f:2c:93:cf:
1d:12:4b:a6:80:be:24:c2:28:b9:2b:a8:9b:f5:19:
8e:6d:79:92:e5:73:b6:ea:b3:cc:72:36:df:eb:6b:
a0:93:8f:8d:5f:ef:61:51:52:72:22:93:2f:13:fd:
cf:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:11:8B:F6:9E:23:9F:34:0C:60:D3:B0:BE:05:96:21:13:11:EB:85
X509v3 Authority Key Identifier:
keyid:25:71:78:49:A6:9A:D8:DF:87:08:8D:A6:58:B2:30:5B:85:94:C8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXF4Saaa2N-HCI2mWLIwW4WUyMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/lBGL9p4jnzQMYNOwvgWWIRMR64U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/JXF4Saaa2N-HCI2mWLIwW4WUyMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.8.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:92:0c:f9:6b:38:32:ba:2c:06:3b:ba:35:6d:df:ef:db:b1:
c6:a3:91:2e:62:0a:d4:6a:f2:b7:e7:04:4c:b6:56:de:b6:94:
9e:de:bf:a7:f6:e1:c6:5f:f4:37:70:84:05:8b:dd:10:ce:f3:
9b:20:e9:41:40:69:01:79:0c:7e:a9:3a:db:dc:f7:93:ae:05:
b3:65:7e:2e:6b:f8:78:52:27:27:ed:38:e4:f9:38:fd:16:97:
91:f5:55:e3:aa:71:90:f7:40:4e:62:1f:4a:67:aa:71:88:fe:
ef:c9:99:82:93:db:fa:7c:99:8e:df:ca:6d:4e:7e:a9:db:7e:
fb:4d:d7:70:50:cd:03:5e:b8:70:44:b4:9d:b0:50:f5:00:be:
58:b5:f4:b2:7d:81:b0:4f:eb:64:a3:3d:f0:d4:94:27:7d:9e:
35:d6:68:af:3f:79:56:0b:6d:30:e5:22:32:14:7b:ee:7e:63:
ee:08:30:60:cb:cf:94:de:59:6f:a4:16:5a:67:0d:a5:cb:28:
28:08:e9:04:80:63:0e:ed:c3:17:8c:62:a0:9d:20:58:3f:18:
0a:02:cc:dc:81:cf:fc:fc:ba:db:05:a9:d7:15:07:ee:fd:7d:
96:9f:41:28:16:27:bb:27:72:3c:f3:96:a4:f3:24:8e:99:e0:
37:df:36:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/c/fb43Na28bPdJoraGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NzE3ODQ5YTY5YWQ4ZGY4NzA4OGRhNjU4YjIzMDViODU5
NGM4YzQwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDExOGJmNjllMjM5ZjM0MGM2MGQzYjBiZTA1OTYyMTEzMTFlYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw1PQmvs3nuWnf1tGAIayIccB2d2
O3bmmxahLYLNBDWbx7GIcd9BqH6KnwaDjQgmUuDTTTHflyKIaPsMRavdkWhPItoK
6zQAgLctrJQELYHBIizn7Pod3+CCs9wDJpFwZUQ7SbaSDjd8saHEC1iDBulNpEvb
EbfgbnZXslg6PFu9qBe2gBuP45QkzHKpAc4b2Uh5i41xzlI4YbJ8bAGo6xcrK6Xs
CzDlYEo33kXU73NsTq4Tz6rmVY0ePkPWqfi2nxrNMfmHH9zqphvQSG8sk88dEkum
gL4kwii5K6ib9RmObXmS5XO26rPMcjbf62ugk4+NX+9hUVJyIpMvE/3PvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQRi/aeI580DGDTsL4FliETEeuFMB8GA1UdIwQY
MBaAFCVxeEmmmtjfhwiNpliyMFuFlMjEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhGNFNhYWEyTi1IQ0kybVdMSXdXNFdVeU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8wOTVlY2YtN2Q2YS00ODgxLTg4ZTct
ZmUyNGVkMmFkY2ZmLzEvbEJHTDlwNGpuelFNWU5Pd3ZnV1dJUk1SNjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8wOTVlY2YtN2Q2YS00ODgxLTg4ZTctZmUyNGVkMmFkY2Zm
LzEvSlhGNFNhYWEyTi1IQ0kybVdMSXdXNFdVeU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc0IMA0G
CSqGSIb3DQEBCwUAA4IBAQCLkgz5azgyuiwGO7o1bd/v27HGo5EuYgrUavK35wRM
tlbetpSe3r+n9uHGX/Q3cIQFi90QzvObIOlBQGkBeQx+qTrb3PeTrgWzZX4ua/h4
Uicn7Tjk+Tj9FpeR9VXjqnGQ90BOYh9KZ6pxiP7vyZmCk9v6fJmO38ptTn6p2377
TddwUM0DXrhwRLSdsFD1AL5YtfSyfYGwT+tkoz3w1JQnfZ411mivP3lWC20w5SIy
FHvufmPuCDBgy8+U3llvpBZaZw2lyygoCOkEgGMO7cMXjGKgnSBYPxgKAszcgc/8
/LrbBanXFQfu/X2Wn0EoFie7J3I885ak8ySOmeA33zbH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net