Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/88b5c3-341c-4ea9-a948-6e8e9d52dd48/1/1-dqt2rN6d4zMTr30hL21uHD8mgs.roa
File: 1-dqt2rN6d4zMTr30hL21uHD8mgs.roa (raw, json)
Hash identifier: 9J3OxeItEP/tcUsxKEYBHkcY9sk3+Jl9zYiOLoIv6HY=
Subject key identifier: F9:DA:AD:DA:B3:7A:77:8C:CC:4E:BD:F4:84:BD:B5:B8:70:FC:9A:0B
Certificate issuer: /CN=88d7592f411900c067b5e7a219a345abfdbaa40f
Certificate serial: 019422FB0A89A6507E0B6EF203ACA83F6502
Authority key identifier: 88:D7:59:2F:41:19:00:C0:67:B5:E7:A2:19:A3:45:AB:FD:BA:A4:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iNdZL0EZAMBnteeiGaNFq_26pA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/88b5c3-341c-4ea9-a948-6e8e9d52dd48/1/1-dqt2rN6d4zMTr30hL21uHD8mgs.roa
Signing time: Wed 01 Jan 2025 17:47:45 +0000
ROA not before: Wed 01 Jan 2025 17:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47381
IP address blocks: 185.112.156.0/22 maxlen: 22
2a02:6080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:0a:89:a6:50:7e:0b:6e:f2:03:ac:a8:3f:65:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88d7592f411900c067b5e7a219a345abfdbaa40f
Validity
Not Before: Jan 1 17:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9daaddab37a778ccc4ebdf484bdb5b870fc9a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:e2:29:e4:ab:17:e3:76:8f:87:76:0b:26:
bb:e6:d3:5d:60:f6:8a:71:8c:cf:55:ce:fd:76:e8:
93:70:30:f4:45:db:01:e6:42:71:5d:c7:ad:15:30:
3b:fe:d8:50:2b:56:84:4e:41:8b:e4:9d:44:aa:e0:
d9:a8:bb:75:bf:ec:b2:e7:47:b8:44:3c:f8:2c:e4:
f5:b2:d1:e4:b8:f1:36:1f:a8:11:35:c7:45:42:06:
a1:88:da:20:33:ba:c6:1e:70:79:71:1e:43:d9:4e:
5d:34:db:48:6f:ba:e8:9e:83:d6:d9:91:d2:2b:30:
23:2b:96:2b:5a:e0:01:e1:5c:ef:f6:ff:71:fb:f9:
a8:df:b6:f7:e6:4f:f1:5b:99:bf:c0:97:eb:4e:0c:
af:82:6a:f1:2a:56:21:44:ef:d2:19:12:72:de:6d:
fb:72:83:e7:c9:ef:15:be:0e:fd:bd:af:15:b6:76:
67:66:9d:be:42:37:cc:e8:09:d7:f3:1c:ec:c7:13:
8e:76:c9:2c:d7:8c:fd:c1:66:92:e5:ca:2d:65:34:
9d:7e:0d:6a:29:c2:7f:b4:e1:d3:65:2c:68:2f:a1:
89:9b:45:2c:dc:2d:00:62:30:80:ba:e2:ae:91:89:
64:57:8e:5b:86:b5:76:93:9a:b6:6c:f9:f6:0b:ca:
44:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DA:AD:DA:B3:7A:77:8C:CC:4E:BD:F4:84:BD:B5:B8:70:FC:9A:0B
X509v3 Authority Key Identifier:
keyid:88:D7:59:2F:41:19:00:C0:67:B5:E7:A2:19:A3:45:AB:FD:BA:A4:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iNdZL0EZAMBnteeiGaNFq_26pA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/88b5c3-341c-4ea9-a948-6e8e9d52dd48/1/1-dqt2rN6d4zMTr30hL21uHD8mgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/88b5c3-341c-4ea9-a948-6e8e9d52dd48/1/iNdZL0EZAMBnteeiGaNFq_26pA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.156.0/22
IPv6:
2a02:6080::/32
Signature Algorithm: sha256WithRSAEncryption
1e:79:5f:cf:00:9f:e2:58:c5:6d:9c:0a:ed:ff:3c:aa:fd:3c:
fc:6d:50:55:c2:db:34:cd:23:01:36:dd:47:db:11:9e:81:7b:
b2:9f:61:0e:7d:5e:84:04:5c:ec:5c:55:e2:07:84:01:f3:21:
3a:73:ac:fe:55:f2:52:aa:be:0c:ef:59:33:17:ff:ac:c7:97:
04:b8:c2:88:6f:68:b8:28:1c:ca:50:da:3e:a9:74:d8:64:db:
85:2f:2e:4c:c9:32:47:58:7e:31:c6:a6:6e:86:97:75:0c:37:
ef:f8:ea:84:8e:59:39:52:18:8a:9b:6f:aa:4a:b6:62:b7:3e:
6d:12:41:4d:85:cf:c1:f9:63:5f:f6:48:dd:1b:d4:89:9a:ec:
c5:6e:cf:04:fc:75:e3:ac:f1:fa:c2:20:d0:0d:67:62:f8:29:
ed:38:9b:22:1e:0e:af:2c:43:d9:34:99:07:a2:63:29:dc:b7:
45:df:87:02:22:15:4f:7c:02:78:b6:d1:40:e5:5e:e0:66:dc:
b4:b8:5b:bf:01:e2:2c:08:bb:54:8e:8c:de:4d:a3:ea:2d:a7:
87:25:7c:10:4a:8b:c7:68:3c:33:89:93:95:dd:bd:f3:f9:21:
ba:98:05:cf:f8:32:b0:47:e1:d4:21:36:72:f9:ff:77:50:ec:
81:9a:5a:8a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQi+wqJplB+C27yA6yoP2UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZDc1OTJmNDExOTAwYzA2N2I1ZTdhMjE5YTM0NWFiZmRi
YWE0MGYwHhcNMjUwMTAxMTc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRhYWRkYWIzN2E3NzhjY2M0ZWJkZjQ4NGJkYjViODcwZmM5YTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK7iKeSrF+N2j4d2Cya75tNdYPaK
cYzPVc79duiTcDD0RdsB5kJxXcetFTA7/thQK1aETkGL5J1EquDZqLt1v+yy50e4
RDz4LOT1stHkuPE2H6gRNcdFQgahiNogM7rGHnB5cR5D2U5dNNtIb7ronoPW2ZHS
KzAjK5YrWuAB4Vzv9v9x+/mo37b35k/xW5m/wJfrTgyvgmrxKlYhRO/SGRJy3m37
coPnye8Vvg79va8VtnZnZp2+QjfM6AnX8xzsxxOOdsks14z9wWaS5cotZTSdfg1q
KcJ/tOHTZSxoL6GJm0Us3C0AYjCAuuKukYlkV45bhrV2k5q2bPn2C8pESQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPnardqzeneMzE699IS9tbhw/JoLMB8GA1UdIwQY
MBaAFIjXWS9BGQDAZ7XnohmjRav9uqQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU5kWkwwRVpBTUJudGVlaUdhTkZxXzI2cEE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84OGI1YzMtMzQxYy00ZWE5LWE5NDgt
NmU4ZTlkNTJkZDQ4LzEvMS1kcXQyck42ZDR6TVRyMzBoTDIxdUhEOG1ncy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvODhiNWMzLTM0MWMtNGVhOS1hOTQ4LTZlOGU5ZDUyZGQ0
OC8xL2lOZFpMMEVaQU1CbnRlZWlHYU5GcV8yNnBBOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlwnDAN
BAIAAjAHAwUAKgJggDANBgkqhkiG9w0BAQsFAAOCAQEAHnlfzwCf4ljFbZwK7f88
qv08/G1QVcLbNM0jATbdR9sRnoF7sp9hDn1ehARc7FxV4geEAfMhOnOs/lXyUqq+
DO9ZMxf/rMeXBLjCiG9ouCgcylDaPql02GTbhS8uTMkyR1h+McamboaXdQw37/jq
hI5ZOVIYiptvqkq2Yrc+bRJBTYXPwfljX/ZI3RvUiZrsxW7PBPx146zx+sIg0A1n
Yvgp7TibIh4OryxD2TSZB6JjKdy3Rd+HAiIVT3wCeLbRQOVe4GbctLhbvwHiLAi7
VI6M3k2j6i2nhyV8EEqLx2g8M4mTld298/khupgFz/gysEfh1CE2cvn/d1DsgZpa
ig==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:54 2025 by rpki-client on console.sobornost.net