Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/fc650b5-Hy28l_7CM0InWSbhHHA.roa
File: fc650b5-Hy28l_7CM0InWSbhHHA.roa (raw, json)
Hash identifier: I0jfOZTYpGZasFE0U01uqVVs9byyAIXg5OzAj9nSBPE=
Subject key identifier: 7D:CE:B9:D1:BE:7E:1F:2D:BC:97:FE:C2:33:42:27:59:26:E1:1C:70
Certificate issuer: /CN=209da783cdfb3cb6d9bc82c192d6d72abb4a336d
Certificate serial: 01957CB658E0E04DCB0125C2C0E392B99C8F
Authority key identifier: 20:9D:A7:83:CD:FB:3C:B6:D9:BC:82:C1:92:D6:D7:2A:BB:4A:33:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/fc650b5-Hy28l_7CM0InWSbhHHA.roa
Signing time: Sun 09 Mar 2025 21:01:19 +0000
ROA not before: Sun 09 Mar 2025 21:01:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62317
IP address blocks: 185.40.132.0/22 maxlen: 22
185.66.76.0/23 maxlen: 23
185.66.78.0/24 maxlen: 24
185.69.200.0/22 maxlen: 22
2a01:4b20::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7c:b6:58:e0:e0:4d:cb:01:25:c2:c0:e3:92:b9:9c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=209da783cdfb3cb6d9bc82c192d6d72abb4a336d
Validity
Not Before: Mar 9 21:01:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dceb9d1be7e1f2dbc97fec23342275926e11c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b2:cb:01:58:f9:ca:34:ce:ee:7f:eb:29:8a:
f6:b0:73:b7:23:ee:88:88:58:c3:99:fc:c5:53:8e:
cb:37:8c:05:ad:64:90:f7:8c:fc:a1:12:10:66:4b:
62:49:c7:a8:cb:99:7f:16:cf:b0:58:ab:9c:1d:11:
31:29:7a:a3:63:6e:b9:30:99:6d:d5:2e:25:e1:19:
ba:38:89:59:e0:4a:db:41:3d:85:ef:f9:c0:26:15:
3d:cc:f9:97:2e:13:43:19:5b:11:38:51:cc:b9:8d:
9b:71:b8:1d:36:00:f2:e9:22:af:85:3a:a4:0d:94:
4b:0b:77:27:12:a4:9e:74:bd:30:92:94:58:a6:85:
50:ab:f9:4b:1a:92:43:77:72:e5:8e:29:bb:0f:dc:
85:53:b7:3b:ec:76:52:b5:27:41:95:ad:02:62:c8:
66:0c:74:bb:f6:c6:9c:f2:70:5e:27:eb:bf:28:b8:
92:18:fe:32:2e:09:91:9a:13:bd:e7:24:e5:11:63:
f1:9c:6c:ed:b7:a1:31:22:9f:cb:6c:b5:66:d7:55:
71:83:cd:b3:c6:52:03:a1:28:40:1b:84:8b:65:44:
6d:46:d8:53:05:76:dc:31:6c:60:6c:d5:8e:3e:f6:
45:24:08:3e:b3:23:69:00:b6:08:20:22:12:be:52:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CE:B9:D1:BE:7E:1F:2D:BC:97:FE:C2:33:42:27:59:26:E1:1C:70
X509v3 Authority Key Identifier:
keyid:20:9D:A7:83:CD:FB:3C:B6:D9:BC:82:C1:92:D6:D7:2A:BB:4A:33:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/fc650b5-Hy28l_7CM0InWSbhHHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/IJ2ng837PLbZvILBktbXKrtKM20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.132.0/22
185.66.76.0-185.66.78.255
185.69.200.0/22
IPv6:
2a01:4b20::/29
Signature Algorithm: sha256WithRSAEncryption
a6:a5:e2:3d:c5:38:4c:a3:d5:2a:ac:ee:8b:6d:b5:55:0a:b8:
45:ac:a0:e5:4d:96:32:f6:e9:d2:b5:7b:82:cc:e0:74:ec:b7:
2a:04:2c:b0:32:ac:64:6e:7a:99:dd:d7:13:c4:db:f2:a5:0d:
72:9b:65:04:37:67:78:2d:b5:a5:52:bd:64:a1:a5:d8:eb:e3:
b1:93:b0:97:b0:b9:0d:19:15:34:d2:9d:83:0d:58:e7:55:c1:
d1:29:e8:81:8f:a8:b3:a5:f4:60:19:c2:87:df:d8:f8:a6:5f:
df:32:ef:ba:ed:75:e9:7a:e5:36:a7:2a:fb:ef:4f:24:31:86:
f7:8b:c8:d0:d0:68:ff:58:97:08:ed:c7:e3:e8:88:15:8c:5d:
69:26:a5:a4:26:25:17:36:ac:da:60:8e:42:34:10:b2:c3:3a:
cc:c5:01:fb:00:6c:fd:dd:13:3f:c8:aa:52:ac:94:b4:25:ff:
c8:28:b9:2a:a8:61:63:85:b1:48:d6:f4:90:99:d1:b3:ac:b6:
e9:5b:55:1a:54:7c:5a:31:90:a8:64:15:cc:3e:b5:89:db:05:
71:c7:6a:d8:5a:f6:12:9a:12:61:c6:79:09:62:a1:7f:af:73:
1e:72:27:c7:ae:6c:4e:00:81:c7:c9:e2:fb:3a:b3:d2:86:a5:
65:51:3b:f7
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZV8tljg4E3LASXCwOOSuZyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOWRhNzgzY2RmYjNjYjZkOWJjODJjMTkyZDZkNzJhYmI0
YTMzNmQwHhcNMjUwMzA5MjEwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNlYjlkMWJlN2UxZjJkYmM5N2ZlYzIzMzQyMjc1OTI2ZTExYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37LLAVj5yjTO7n/rKYr2sHO3I+6I
iFjDmfzFU47LN4wFrWSQ94z8oRIQZktiSceoy5l/Fs+wWKucHRExKXqjY265MJlt
1S4l4Rm6OIlZ4ErbQT2F7/nAJhU9zPmXLhNDGVsROFHMuY2bcbgdNgDy6SKvhTqk
DZRLC3cnEqSedL0wkpRYpoVQq/lLGpJDd3Lljim7D9yFU7c77HZStSdBla0CYshm
DHS79sac8nBeJ+u/KLiSGP4yLgmRmhO95yTlEWPxnGztt6ExIp/LbLVm11Vxg82z
xlIDoShAG4SLZURtRthTBXbcMWxgbNWOPvZFJAg+syNpALYIICISvlL0kwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFH3OudG+fh8tvJf+wjNCJ1km4RxwMB8GA1UdIwQY
MBaAFCCdp4PN+zy22byCwZLW1yq7SjNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUoybmc4MzdQTGJadklMQmt0YlhLcnRLTTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZDU5YzYtZjA4OS00NTMwLWEwOTct
Mjg0NjFiZTg5NzQwLzEvZmM2NTBiNS1IeTI4bF83Q00wSW5XU2JoSEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZDU5YzYtZjA4OS00NTMwLWEwOTctMjg0NjFiZTg5NzQw
LzEvSUoybmc4MzdQTGJadklMQmt0YlhLcnRLTTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuSiEMAwD
BAK5QkwDBAC5Qk4DBAK5RcgwDQQCAAIwBwMFAyoBSyAwDQYJKoZIhvcNAQELBQAD
ggEBAKal4j3FOEyj1Sqs7otttVUKuEWsoOVNljL26dK1e4LM4HTstyoELLAyrGRu
epnd1xPE2/KlDXKbZQQ3Z3gttaVSvWShpdjr47GTsJewuQ0ZFTTSnYMNWOdVwdEp
6IGPqLOl9GAZwoff2PimX98y77rtdel65TanKvvvTyQxhveLyNDQaP9Ylwjtx+Po
iBWMXWkmpaQmJRc2rNpgjkI0ELLDOszFAfsAbP3dEz/IqlKslLQl/8gouSqoYWOF
sUjW9JCZ0bOstulbVRpUfFoxkKhkFcw+tYnbBXHHatha9hKaEmHGeQlioX+vcx5y
J8eubE4AgcfJ4vs6s9KGpWVRO/c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:57 2025 by rpki-client on console.sobornost.net