Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/epRoE1oSS28-kMoVUvbovqDaftI.roa
File: epRoE1oSS28-kMoVUvbovqDaftI.roa (raw, json)
Hash identifier: vf7QEJn0ywPdqhUagZXAfAdq0fp3vefGorgZKG9IKIg=
Subject key identifier: 7A:94:68:13:5A:12:4B:6F:3E:90:CA:15:52:F6:E8:BE:A0:DA:7E:D2
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 019421440BF4660D46CCC62AC2F2286440C0
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/epRoE1oSS28-kMoVUvbovqDaftI.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206376
IP address blocks: 185.106.240.0/24 maxlen: 24
185.106.242.0/24 maxlen: 24
2a06:4100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0b:f4:66:0d:46:cc:c6:2a:c2:f2:28:64:40:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a9468135a124b6f3e90ca1552f6e8bea0da7ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:4d:cd:7d:d1:74:f2:db:6d:5b:d7:bd:09:
a9:b1:ad:24:cc:1a:99:ba:80:f4:dc:31:3a:19:92:
61:0c:87:86:c6:ed:3b:35:d5:18:63:37:e7:f0:70:
4d:64:b2:52:8d:34:71:50:2e:b1:ef:67:1e:bc:bc:
ae:50:8b:44:44:24:d7:f2:0f:80:8a:21:0d:da:07:
83:3c:8e:78:df:71:37:98:bb:50:31:33:73:fc:11:
a0:e2:48:39:c6:6b:c9:0b:37:2f:17:76:0d:ab:d1:
c0:42:de:e1:d3:94:8a:d8:79:a9:0c:a4:15:e4:62:
97:cb:eb:56:b5:ef:bc:d1:39:e6:1f:9a:c0:90:71:
aa:7b:66:ec:91:ee:8d:ee:c0:af:58:ae:5d:65:ed:
bd:41:ba:2f:3f:f6:d9:de:63:3f:08:d3:04:79:70:
0e:5f:bc:1b:94:48:ef:5b:49:a3:23:30:72:3f:91:
0b:9e:b3:63:5a:6c:5a:5e:d0:b1:ed:4f:ed:6a:06:
15:e9:cc:75:3e:82:83:ee:59:c2:ac:0f:38:56:e4:
c0:29:25:7e:26:c1:a6:b7:fe:cc:72:60:e4:35:95:
5e:e1:6f:5f:98:e5:22:ad:ed:bf:ef:9e:d7:49:06:
8c:3f:8f:3e:03:4d:2e:92:98:1f:6e:cf:1a:a2:13:
30:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:94:68:13:5A:12:4B:6F:3E:90:CA:15:52:F6:E8:BE:A0:DA:7E:D2
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/epRoE1oSS28-kMoVUvbovqDaftI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.240.0/24
185.106.242.0/24
IPv6:
2a06:4100::/32
Signature Algorithm: sha256WithRSAEncryption
1e:7e:94:4f:22:73:ec:be:a5:4d:26:1a:ec:3c:6d:8e:31:ee:
d6:04:56:66:8d:b5:85:ed:c8:ed:6e:c4:7e:1f:cc:bd:61:8c:
75:80:0a:6a:9b:30:6b:2e:31:92:62:5d:68:8d:5e:e7:0f:45:
03:f5:72:f2:80:1b:1c:b1:60:47:ce:be:fa:cf:d9:44:b9:7e:
bd:da:0a:24:39:ad:98:d6:ec:31:13:47:29:19:34:87:fe:03:
d9:48:77:fe:3b:5f:0d:47:d7:5c:a5:f9:ff:fa:59:af:f1:d2:
f9:43:d7:bf:57:d4:ec:1e:bf:f8:a5:be:e5:07:6f:20:4c:5a:
72:ac:70:e7:2f:f3:db:2c:d4:53:51:81:a2:68:1b:77:33:3b:
ea:61:5f:e7:41:69:39:02:76:97:46:b7:16:9d:5c:ab:ee:43:
6d:96:80:03:a0:34:57:38:35:26:36:8d:20:d7:d3:56:9b:6a:
82:09:d2:f5:d6:0c:7f:5c:44:2a:91:6d:b2:8f:e3:66:db:5a:
f8:7b:64:3d:d9:64:15:81:de:c5:32:6e:fe:53:9e:11:79:cb:
ae:22:1a:87:d6:bf:ff:bc:b3:aa:fc:26:33:db:b7:47:73:0a:
59:ff:99:f6:ba:7a:51:a6:37:29:e8:0b:0a:6e:1b:73:97:49:
45:cd:d7:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRAv0Zg1GzMYqwvIoZEDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk0NjgxMzVhMTI0YjZmM2U5MGNhMTU1MmY2ZThiZWEwZGE3ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF5NzX3RdPLbbVvXvQmpsa0kzBqZ
uoD03DE6GZJhDIeGxu07NdUYYzfn8HBNZLJSjTRxUC6x72cevLyuUItERCTX8g+A
iiEN2geDPI5433E3mLtQMTNz/BGg4kg5xmvJCzcvF3YNq9HAQt7h05SK2HmpDKQV
5GKXy+tWte+80TnmH5rAkHGqe2bske6N7sCvWK5dZe29QbovP/bZ3mM/CNMEeXAO
X7wblEjvW0mjIzByP5ELnrNjWmxaXtCx7U/tagYV6cx1PoKD7lnCrA84VuTAKSV+
JsGmt/7McmDkNZVe4W9fmOUire2/757XSQaMP48+A00ukpgfbs8aohMw3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHqUaBNaEktvPpDKFVL26L6g2n7SMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvZXBSb0Uxb1NTMjgta01vVlV2Ym92cURhZnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuWrwAwQA
uWryMA0EAgACMAcDBQAqBkEAMA0GCSqGSIb3DQEBCwUAA4IBAQAefpRPInPsvqVN
JhrsPG2OMe7WBFZmjbWF7cjtbsR+H8y9YYx1gApqmzBrLjGSYl1ojV7nD0UD9XLy
gBscsWBHzr76z9lEuX692gokOa2Y1uwxE0cpGTSH/gPZSHf+O18NR9dcpfn/+lmv
8dL5Q9e/V9TsHr/4pb7lB28gTFpyrHDnL/PbLNRTUYGiaBt3MzvqYV/nQWk5AnaX
RrcWnVyr7kNtloADoDRXODUmNo0g19NWm2qCCdL11gx/XEQqkW2yj+Nm21r4e2Q9
2WQVgd7FMm7+U54RecuuIhqH1r//vLOq/CYz27dHcwpZ/5n2unpRpjcp6AsKbhtz
l0lFzdfy
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:57 2025 by rpki-client on console.sobornost.net