Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e23969-ffb0-4e57-a36a-760f6b6aabc1/1/I5Xu8_YbkRGpwTMlPEbzbNadX4o.roa
File: I5Xu8_YbkRGpwTMlPEbzbNadX4o.roa (raw, json)
Hash identifier: B6r1juc4mX6gmzIU2gNZpN65PXm/XHcIEb2Ag0utzNw=
Subject key identifier: 23:95:EE:F3:F6:1B:91:11:A9:C1:33:25:3C:46:F3:6C:D6:9D:5F:8A
Certificate issuer: /CN=1d10e38ed55e3185aed6f079f8bb9bf12d4448db
Certificate serial: 0194258F26F37C18117102B3313D5E218998
Authority key identifier: 1D:10:E3:8E:D5:5E:31:85:AE:D6:F0:79:F8:BB:9B:F1:2D:44:48:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRDjjtVeMYWu1vB5-Lub8S1ESNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e23969-ffb0-4e57-a36a-760f6b6aabc1/1/I5Xu8_YbkRGpwTMlPEbzbNadX4o.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64443
IP address blocks: 185.164.104.0/24 maxlen: 24
185.164.105.0/24 maxlen: 24
185.164.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:26:f3:7c:18:11:71:02:b3:31:3d:5e:21:89:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d10e38ed55e3185aed6f079f8bb9bf12d4448db
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2395eef3f61b9111a9c133253c46f36cd69d5f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:29:7d:94:d2:ae:ff:e8:89:c8:ac:1c:07:f1:
03:44:72:e4:33:56:a1:f3:87:ff:a5:3a:b7:f6:c9:
f1:2e:cc:37:3a:04:d6:b5:b6:ae:a8:37:8e:bc:15:
14:9d:bc:50:a3:4d:45:3f:e0:b4:d0:09:70:8c:d3:
2f:8f:5e:ff:56:70:67:bf:1b:b6:5a:ab:c0:c4:0f:
fa:48:74:57:e6:3e:9d:7a:22:6d:6f:0d:9a:84:01:
1e:93:34:dd:34:93:eb:ac:bc:48:ff:02:80:63:f3:
d9:29:c2:61:51:b8:00:8a:df:61:2b:70:a8:ef:63:
ee:a1:80:09:a8:32:5a:23:bb:c1:5e:94:1b:19:60:
6f:ca:af:7a:ff:41:b5:aa:d5:c2:36:cc:ab:5a:6e:
56:43:1b:20:74:4b:99:f5:2a:9a:23:d1:35:63:69:
44:97:89:07:37:9a:45:98:0b:aa:5a:3c:f9:00:ce:
75:43:48:cf:8a:9f:8c:16:3a:2f:3d:2e:37:0b:6e:
23:0d:b7:fe:6a:84:e2:d8:8b:e9:37:0e:71:46:d7:
df:fe:0e:fa:c1:92:e3:cd:7b:3c:3b:28:63:a4:32:
31:96:b9:23:6f:ff:63:dd:25:b0:bb:da:b8:6d:84:
45:e1:56:cc:1c:8a:94:9b:2f:9f:6b:36:95:52:e2:
33:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:95:EE:F3:F6:1B:91:11:A9:C1:33:25:3C:46:F3:6C:D6:9D:5F:8A
X509v3 Authority Key Identifier:
keyid:1D:10:E3:8E:D5:5E:31:85:AE:D6:F0:79:F8:BB:9B:F1:2D:44:48:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRDjjtVeMYWu1vB5-Lub8S1ESNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e23969-ffb0-4e57-a36a-760f6b6aabc1/1/I5Xu8_YbkRGpwTMlPEbzbNadX4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e23969-ffb0-4e57-a36a-760f6b6aabc1/1/HRDjjtVeMYWu1vB5-Lub8S1ESNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.104.0/23
185.164.107.0/24
Signature Algorithm: sha256WithRSAEncryption
11:7a:06:2b:db:6d:87:0b:0d:f9:04:fa:7f:64:36:f0:59:95:
e4:69:7d:e4:7d:eb:bf:f3:ad:dd:6f:88:fb:f1:7d:96:14:7b:
1a:82:05:c4:e0:96:6d:49:7a:00:38:6c:25:0e:3f:5f:4f:a2:
3d:d6:d6:95:dc:e2:63:40:54:90:7a:4e:28:8b:c4:51:4a:45:
f3:da:b2:cb:4d:6e:74:b6:ca:85:0e:78:24:3f:39:3d:76:44:
b1:1e:ab:74:7a:10:32:6e:ce:fb:77:04:72:f1:83:d1:7c:3b:
43:8c:94:a3:e1:65:90:ba:61:8c:97:6a:cb:9d:27:7a:78:db:
52:b4:1e:86:8f:16:d9:74:24:aa:68:65:46:cb:60:df:97:3a:
aa:20:43:d1:dd:db:12:a3:7b:95:84:02:0a:9a:7b:bd:6d:23:
11:6f:19:88:89:fc:a8:e0:e4:e7:2b:68:d3:a6:b8:aa:72:f8:
ac:49:a6:73:1b:b6:3b:bc:b2:5e:9e:a4:5e:7a:ef:0a:e8:4a:
a8:3a:d3:f3:db:3b:6b:32:24:4d:32:b1:ab:66:2b:6c:ab:b6:
3f:47:c8:57:df:25:32:0c:ab:61:f0:a7:c6:a4:d5:0c:18:09:
69:52:c0:97:fc:6a:fc:ff:52:38:26:85:f7:03:19:05:9d:8b:
df:4b:3c:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljybzfBgRcQKzMT1eIYmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTBlMzhlZDU1ZTMxODVhZWQ2ZjA3OWY4YmI5YmYxMmQ0
NDQ4ZGIwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk1ZWVmM2Y2MWI5MTExYTljMTMzMjUzYzQ2ZjM2Y2Q2OWQ1ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyl9lNKu/+iJyKwcB/EDRHLkM1ah
84f/pTq39snxLsw3OgTWtbauqDeOvBUUnbxQo01FP+C00AlwjNMvj17/VnBnvxu2
WqvAxA/6SHRX5j6deiJtbw2ahAEekzTdNJPrrLxI/wKAY/PZKcJhUbgAit9hK3Co
72PuoYAJqDJaI7vBXpQbGWBvyq96/0G1qtXCNsyrWm5WQxsgdEuZ9SqaI9E1Y2lE
l4kHN5pFmAuqWjz5AM51Q0jPip+MFjovPS43C24jDbf+aoTi2IvpNw5xRtff/g76
wZLjzXs8OyhjpDIxlrkjb/9j3SWwu9q4bYRF4VbMHIqUmy+fazaVUuIzAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCOV7vP2G5ERqcEzJTxG82zWnV+KMB8GA1UdIwQY
MBaAFB0Q447VXjGFrtbwefi7m/EtREjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJEamp0VmVNWVd1MXZCNS1MdWI4UzFFU05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lMjM5NjktZmZiMC00ZTU3LWEzNmEt
NzYwZjZiNmFhYmMxLzEvSTVYdThfWWJrUkdwd1RNbFBFYnpiTmFkWDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lMjM5NjktZmZiMC00ZTU3LWEzNmEtNzYwZjZiNmFhYmMx
LzEvSFJEamp0VmVNWVd1MXZCNS1MdWI4UzFFU05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaRoAwQA
uaRrMA0GCSqGSIb3DQEBCwUAA4IBAQARegYr222HCw35BPp/ZDbwWZXkaX3kfeu/
863db4j78X2WFHsaggXE4JZtSXoAOGwlDj9fT6I91taV3OJjQFSQek4oi8RRSkXz
2rLLTW50tsqFDngkPzk9dkSxHqt0ehAybs77dwRy8YPRfDtDjJSj4WWQumGMl2rL
nSd6eNtStB6GjxbZdCSqaGVGy2DflzqqIEPR3dsSo3uVhAIKmnu9bSMRbxmIifyo
4OTnK2jTpriqcvisSaZzG7Y7vLJenqReeu8K6EqoOtPz2ztrMiRNMrGrZitsq7Y/
R8hX3yUyDKth8KfGpNUMGAlpUsCX/Gr8/1I4JoX3AxkFnYvfSzwJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net