Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa
File: gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa (raw, json)
Hash identifier: rJ5djAjgxTYzs8j0EQsFjkKUrs3CGg0sgiibLKW68Ck=
Subject key identifier: 81:B4:D0:E5:31:4B:A9:87:6F:DD:BC:4C:41:74:50:49:17:0C:22:87
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 019425FDC2F9988108C29250239AFF3ABEEB
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57111
IP address blocks: 185.103.112.0/22 maxlen: 24
185.199.24.0/22 maxlen: 24
185.204.132.0/22 maxlen: 24
2a0a:9440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c2:f9:98:81:08:c2:92:50:23:9a:ff:3a:be:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81b4d0e5314ba9876fddbc4c41745049170c2287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a1:8b:7a:2f:e6:05:7f:30:28:16:48:9b:7e:
d5:89:6c:a3:44:6a:ec:1a:6e:b5:ff:28:52:67:85:
66:df:a0:82:d9:9e:0b:d7:f1:c8:6e:f9:24:42:fc:
4d:89:61:86:a1:e4:35:c3:2e:09:d9:c1:45:ab:69:
ae:71:69:88:42:d8:32:92:aa:2d:72:70:ac:b3:76:
ba:9a:19:d2:9d:c0:8e:c2:5c:14:fe:67:2a:47:bc:
53:bb:51:15:68:23:56:43:d1:66:47:b1:7c:95:1d:
c0:2c:07:3a:f9:80:46:0e:3f:f4:a5:56:08:da:df:
ba:1d:7e:36:c8:52:92:9b:b6:5b:ac:5c:4f:87:01:
f9:c8:6f:7d:be:61:48:82:af:82:28:76:75:78:ec:
3b:17:fd:9b:9e:8d:ad:50:94:1d:1c:38:0e:e5:68:
f5:83:c6:04:f5:9c:85:0a:47:65:34:ce:95:41:c0:
e2:1d:8c:82:4c:fa:20:d5:4f:0d:e5:2c:1c:75:f4:
68:09:fd:ed:90:84:fe:8b:98:71:3a:ad:1d:1b:f2:
0a:67:1a:fe:b5:82:a5:76:3f:a1:a2:3b:c4:23:3f:
f5:47:55:92:c2:bd:c0:b8:67:97:47:88:97:8e:b9:
38:93:4b:20:ee:aa:e9:e6:bf:66:04:2d:af:d0:49:
f7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B4:D0:E5:31:4B:A9:87:6F:DD:BC:4C:41:74:50:49:17:0C:22:87
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/gbTQ5TFLqYdv3bxMQXRQSRcMIoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.112.0/22
185.199.24.0/22
185.204.132.0/22
IPv6:
2a0a:9440::/29
Signature Algorithm: sha256WithRSAEncryption
3e:86:34:07:14:f3:97:e0:fa:ad:d5:1e:4c:8b:62:91:14:ec:
8b:75:c1:86:ab:20:dc:af:7b:87:0f:ed:10:01:af:85:74:a3:
85:3c:42:3b:61:ba:17:f0:30:ee:c5:47:db:a1:dc:fc:74:6d:
93:5a:a0:98:fa:26:e4:87:cf:15:46:c9:31:41:bb:ea:99:3c:
37:4f:f5:a3:cb:5f:c1:cb:13:ae:cd:85:aa:15:70:25:d1:ae:
0d:81:fd:e8:25:ae:76:98:40:bf:59:e0:24:06:bf:bd:83:fc:
ca:b9:03:59:47:99:31:23:5b:2b:1f:b8:9c:6a:ad:dd:6c:3f:
49:da:37:18:3b:9c:d8:3c:bb:89:9d:18:4b:82:70:e1:58:87:
85:b8:8d:11:e4:6d:27:fc:15:94:a9:1d:8c:4c:c3:a1:a4:41:
a0:dd:c8:2a:c9:ba:40:d4:57:55:3d:e3:d9:1a:db:7f:21:c7:
1e:a7:af:85:f2:58:5a:24:7b:e2:f4:d2:8a:27:cc:9e:16:32:
a1:e6:b9:a3:92:5d:3c:92:5f:e0:00:9b:b3:95:d8:dc:29:2a:
fa:46:42:a5:7b:c6:b8:4b:20:9d:08:a4:7b:11:44:d4:14:3f:
23:3c:5e:0c:a9:c1:10:26:ce:34:a6:04:d8:d6:f3:cb:2e:89:
dc:aa:f8:98
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQl/cL5mIEIwpJQI5r/Or7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI0ZDBlNTMxNGJhOTg3NmZkZGJjNGM0MTc0NTA0OTE3MGMyMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqGLei/mBX8wKBZIm37ViWyjRGrs
Gm61/yhSZ4Vm36CC2Z4L1/HIbvkkQvxNiWGGoeQ1wy4J2cFFq2mucWmIQtgykqot
cnCss3a6mhnSncCOwlwU/mcqR7xTu1EVaCNWQ9FmR7F8lR3ALAc6+YBGDj/0pVYI
2t+6HX42yFKSm7ZbrFxPhwH5yG99vmFIgq+CKHZ1eOw7F/2bno2tUJQdHDgO5Wj1
g8YE9ZyFCkdlNM6VQcDiHYyCTPog1U8N5SwcdfRoCf3tkIT+i5hxOq0dG/IKZxr+
tYKldj+hojvEIz/1R1WSwr3AuGeXR4iXjrk4k0sg7qrp5r9mBC2v0En3dQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIG00OUxS6mHb928TEF0UEkXDCKHMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvZ2JUUTVURkxxWWR2M2J4TVFYUlFTUmNNSW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWdwAwQC
uccYAwQCucyEMA0EAgACMAcDBQMqCpRAMA0GCSqGSIb3DQEBCwUAA4IBAQA+hjQH
FPOX4Pqt1R5Mi2KRFOyLdcGGqyDcr3uHD+0QAa+FdKOFPEI7YboX8DDuxUfbodz8
dG2TWqCY+ibkh88VRskxQbvqmTw3T/Wjy1/ByxOuzYWqFXAl0a4Ngf3oJa52mEC/
WeAkBr+9g/zKuQNZR5kxI1srH7icaq3dbD9J2jcYO5zYPLuJnRhLgnDhWIeFuI0R
5G0n/BWUqR2MTMOhpEGg3cgqybpA1FdVPePZGtt/Iccep6+F8lhaJHvi9NKKJ8ye
FjKh5rmjkl08kl/gAJuzldjcKSr6RkKle8a4SyCdCKR7EUTUFD8jPF4MqcEQJs40
pgTY1vPLLoncqviY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:54 2025 by rpki-client on console.sobornost.net