Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/pOmwZuP6Q-BxWvua_azIxnDrtaY.roa
File: pOmwZuP6Q-BxWvua_azIxnDrtaY.roa (raw, json)
Hash identifier: 1Gh5sWhYQZnz90m+gcSVdtSatfk353c30A4J7Tl7xJc=
Subject key identifier: A4:E9:B0:66:E3:FA:43:E0:71:5A:FB:9A:FD:AC:C8:C6:70:EB:B5:A6
Certificate issuer: /CN=421e49e1c755fde038bd1875c7f397a568646014
Certificate serial: 0194228DDF8DDBB9A1BD8342AA7F5B4B2751
Authority key identifier: 42:1E:49:E1:C7:55:FD:E0:38:BD:18:75:C7:F3:97:A5:68:64:60:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qh5J4cdV_eA4vRh1x_OXpWhkYBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/pOmwZuP6Q-BxWvua_azIxnDrtaY.roa
Signing time: Wed 01 Jan 2025 15:48:30 +0000
ROA not before: Wed 01 Jan 2025 15:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209985
IP address blocks: 185.170.66.0/24 maxlen: 24
2a0b:fbc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:df:8d:db:b9:a1:bd:83:42:aa:7f:5b:4b:27:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421e49e1c755fde038bd1875c7f397a568646014
Validity
Not Before: Jan 1 15:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4e9b066e3fa43e0715afb9afdacc8c670ebb5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a8:54:a3:9f:93:c3:a4:80:80:d9:af:60:53:
e7:6e:ef:ce:d2:e7:ca:d5:f0:da:3c:97:f7:89:0e:
c4:8d:ae:19:98:9e:ab:db:50:5a:24:4c:b2:38:85:
31:7a:94:8a:14:bd:4c:d3:a9:76:db:02:c8:a1:f4:
c7:20:04:7f:de:bd:10:ae:12:c5:02:85:95:a2:cb:
e5:00:a5:49:e8:80:ce:31:fd:b7:a7:6a:8c:f3:eb:
be:96:d6:84:0d:a8:57:07:a7:21:63:8a:82:86:25:
a7:b5:8d:74:21:63:cd:85:90:b6:41:84:88:d2:12:
c6:a4:c9:58:77:58:61:9a:8d:b7:ef:28:9e:4e:d1:
00:43:be:ef:4e:b6:f1:57:8f:32:ae:71:4c:5f:17:
09:f5:ec:28:06:52:41:fa:e8:f4:60:19:ef:91:b3:
d1:8f:eb:7c:80:7a:b4:dc:80:f7:85:f3:66:ee:c1:
f3:32:11:2b:9f:ca:f0:8b:b5:fb:67:c2:d3:ac:b0:
5e:79:8a:4e:44:60:f2:9c:ca:34:a6:86:02:ab:96:
af:11:44:8a:c6:1f:18:6d:8c:66:a3:f4:28:58:7f:
cb:1a:4e:58:29:f9:b7:cf:a2:e6:c5:9b:4e:1e:de:
85:83:75:45:ce:5a:c5:44:84:1a:5e:6f:da:6f:99:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E9:B0:66:E3:FA:43:E0:71:5A:FB:9A:FD:AC:C8:C6:70:EB:B5:A6
X509v3 Authority Key Identifier:
keyid:42:1E:49:E1:C7:55:FD:E0:38:BD:18:75:C7:F3:97:A5:68:64:60:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qh5J4cdV_eA4vRh1x_OXpWhkYBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/pOmwZuP6Q-BxWvua_azIxnDrtaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6cbb0e-f455-4573-a9f9-38d6716b2005/1/Qh5J4cdV_eA4vRh1x_OXpWhkYBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.66.0/24
IPv6:
2a0b:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
43:98:e4:35:64:14:cb:dd:59:5d:e5:20:bf:b4:07:1f:fa:25:
32:45:ed:9f:b1:5a:31:4e:b1:14:eb:38:e9:bd:7c:fa:10:dd:
ae:ae:12:b2:cd:3e:31:f3:2c:65:22:7b:9f:81:f1:f6:d7:42:
13:c7:0c:9d:a6:78:bd:de:03:0f:b6:48:86:9e:c2:7c:1e:85:
c5:ad:2b:7d:28:cb:2e:86:7c:76:fc:39:a2:7d:2e:27:cd:e8:
70:99:cd:78:66:1c:6d:da:89:b1:d5:09:81:95:08:c7:3d:3c:
f0:2f:93:fc:d8:5a:fd:c3:34:81:96:9b:9a:3d:06:42:67:66:
ba:ee:a0:c8:05:94:98:76:9e:15:03:23:30:d0:1f:49:43:46:
e0:da:80:2f:b7:d1:b5:c8:11:31:97:b5:4e:94:92:f8:8a:1e:
40:2c:d0:cd:15:e4:55:7f:b2:9d:7d:87:31:3b:92:9b:80:c1:
16:af:c6:b8:da:23:b7:94:74:4e:a4:2f:03:c9:b9:1a:5f:db:
14:ae:16:e1:0b:a9:c2:d1:33:ac:07:f8:e2:78:a2:bc:61:e4:
55:7a:d7:8b:82:02:97:45:b8:0b:48:8e:5d:1f:2b:63:4d:b5:
cd:5b:29:65:9f:1e:73:5e:2e:88:08:da:39:82:e0:67:76:28:
53:f3:6c:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijd+N27mhvYNCqn9bSydRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWU0OWUxYzc1NWZkZTAzOGJkMTg3NWM3ZjM5N2E1Njg2
NDYwMTQwHhcNMjUwMTAxMTU0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU5YjA2NmUzZmE0M2UwNzE1YWZiOWFmZGFjYzhjNjcwZWJiNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16hUo5+Tw6SAgNmvYFPnbu/O0ufK
1fDaPJf3iQ7Eja4ZmJ6r21BaJEyyOIUxepSKFL1M06l22wLIofTHIAR/3r0QrhLF
AoWVosvlAKVJ6IDOMf23p2qM8+u+ltaEDahXB6chY4qChiWntY10IWPNhZC2QYSI
0hLGpMlYd1hhmo237yieTtEAQ77vTrbxV48yrnFMXxcJ9ewoBlJB+uj0YBnvkbPR
j+t8gHq03ID3hfNm7sHzMhErn8rwi7X7Z8LTrLBeeYpORGDynMo0poYCq5avEUSK
xh8YbYxmo/QoWH/LGk5YKfm3z6LmxZtOHt6Fg3VFzlrFRIQaXm/ab5m/gQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKTpsGbj+kPgcVr7mv2syMZw67WmMB8GA1UdIwQY
MBaAFEIeSeHHVf3gOL0Ydcfzl6VoZGAUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWg1SjRjZFZfZUE0dlJoMXhfT1hwV2hrWUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82Y2JiMGUtZjQ1NS00NTczLWE5Zjkt
MzhkNjcxNmIyMDA1LzEvcE9td1p1UDZRLUJ4V3Z1YV9hekl4bkRydGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82Y2JiMGUtZjQ1NS00NTczLWE5ZjktMzhkNjcxNmIyMDA1
LzEvUWg1SjRjZFZfZUE0dlJoMXhfT1hwV2hrWUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuapCMA0E
AgACMAcDBQAqC/vAMA0GCSqGSIb3DQEBCwUAA4IBAQBDmOQ1ZBTL3Vld5SC/tAcf
+iUyRe2fsVoxTrEU6zjpvXz6EN2urhKyzT4x8yxlInufgfH210ITxwydpni93gMP
tkiGnsJ8HoXFrSt9KMsuhnx2/DmifS4nzehwmc14Zhxt2omx1QmBlQjHPTzwL5P8
2Fr9wzSBlpuaPQZCZ2a67qDIBZSYdp4VAyMw0B9JQ0bg2oAvt9G1yBExl7VOlJL4
ih5ALNDNFeRVf7KdfYcxO5KbgMEWr8a42iO3lHROpC8DybkaX9sUrhbhC6nC0TOs
B/jieKK8YeRVeteLggKXRbgLSI5dHytjTbXNWyllnx5zXi6ICNo5guBndihT82xZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:49 2025 by rpki-client on console.sobornost.net