Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/_KHg3bXa9OxyNbTDh04ollD9Gr0.roa
File: _KHg3bXa9OxyNbTDh04ollD9Gr0.roa (raw, json)
Hash identifier: 900x152pUjsKPVS3aFln9ganwlnbDDzEuriCrJ/+ejg=
Subject key identifier: FC:A1:E0:DD:B5:DA:F4:EC:72:35:B4:C3:87:4E:28:96:50:FD:1A:BD
Certificate issuer: /CN=92214a90d4095fd26765cc0e4df899e8c46c06df
Certificate serial: 0194236A105FFFC85AC3473AF847790AA9FC
Authority key identifier: 92:21:4A:90:D4:09:5F:D2:67:65:CC:0E:4D:F8:99:E8:C4:6C:06:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiFKkNQJX9JnZcwOTfiZ6MRsBt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/_KHg3bXa9OxyNbTDh04ollD9Gr0.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206978
IP address blocks: 185.196.29.0/24 maxlen: 24
2a03:e440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:10:5f:ff:c8:5a:c3:47:3a:f8:47:79:0a:a9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92214a90d4095fd26765cc0e4df899e8c46c06df
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fca1e0ddb5daf4ec7235b4c3874e289650fd1abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0d:0b:6e:bb:92:a4:e9:9b:ce:12:ab:8e:6d:
3b:a0:4d:9b:6e:f4:20:44:fd:6b:93:8e:2b:c3:6f:
68:f8:90:dd:56:96:9b:10:82:7a:46:4a:df:4b:6e:
b8:f2:c3:19:95:54:70:62:37:c2:0d:cd:fe:ba:e9:
77:4c:0f:2d:53:10:e8:a6:c2:7f:8e:52:31:fe:9a:
6a:85:d8:e7:ef:a5:8a:12:84:5f:12:2d:42:15:69:
c6:b0:15:66:14:f3:5b:1a:7a:24:44:bd:2c:87:a6:
4c:a7:34:0a:b9:ed:35:43:b2:ee:3f:4a:7f:89:8e:
1f:50:de:56:e2:36:d7:b1:35:43:08:bc:b3:e7:00:
5d:d5:8e:ff:bd:07:51:0a:84:6e:79:e3:db:eb:ff:
42:39:27:e6:82:1d:d7:4d:7f:31:b6:ea:96:58:84:
6d:2d:ea:49:45:72:74:e8:f9:08:94:2c:29:9c:1d:
ac:71:a0:f5:45:7d:69:17:66:02:a6:d4:aa:88:f2:
31:57:b9:08:39:87:14:80:dd:55:8c:df:c8:99:df:
56:a2:f3:d6:3a:d6:e1:7e:49:28:c1:f3:f2:59:9b:
98:92:5d:f6:c1:2e:45:16:51:d2:29:f9:61:60:71:
63:08:ff:c8:22:b6:09:96:95:f0:c7:f7:41:ea:4c:
a2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A1:E0:DD:B5:DA:F4:EC:72:35:B4:C3:87:4E:28:96:50:FD:1A:BD
X509v3 Authority Key Identifier:
keyid:92:21:4A:90:D4:09:5F:D2:67:65:CC:0E:4D:F8:99:E8:C4:6C:06:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiFKkNQJX9JnZcwOTfiZ6MRsBt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/_KHg3bXa9OxyNbTDh04ollD9Gr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/9ae9ad-6a8c-47cb-bdd1-57d8030b61e1/1/kiFKkNQJX9JnZcwOTfiZ6MRsBt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.29.0/24
IPv6:
2a03:e440::/29
Signature Algorithm: sha256WithRSAEncryption
37:48:37:cd:8b:d8:58:b1:03:7c:29:a1:09:f1:24:e8:84:1c:
8c:ab:0a:06:39:d7:56:15:97:c2:90:c2:41:14:0f:16:e0:86:
11:4c:9c:30:a8:5e:5e:91:bc:a9:2d:eb:1f:e6:a5:d2:78:7a:
9d:62:1c:6e:3c:55:50:04:04:37:56:a3:98:2a:c4:73:a2:4a:
8a:59:b7:e3:6e:a9:1b:fb:01:8d:7e:b4:2c:7f:2c:6d:30:77:
34:66:1a:8a:56:a9:23:a8:92:97:7b:32:bf:23:5a:65:f1:35:
ab:ae:45:e7:02:fa:cb:c3:e4:77:ac:18:ed:90:8e:84:2c:12:
b0:08:15:fc:17:5c:36:f6:ac:11:a7:8a:2b:df:bc:cb:b7:53:
c4:f0:60:20:b1:ab:17:f4:8a:b9:3f:08:5d:82:e7:c6:60:6d:
58:00:1a:a0:82:cf:cc:8b:03:cf:9d:7a:be:49:95:2d:39:68:
9f:c7:4e:46:8e:e4:1a:18:9f:08:8f:7f:c9:0f:7c:58:ed:5f:
c1:97:c7:f6:4b:9f:f5:a8:07:30:9d:04:7e:21:9b:4c:f2:c7:
57:00:ce:37:c5:b5:cb:96:7e:14:aa:50:d5:6d:62:8d:04:ce:
9a:6b:34:0a:dc:2d:8a:12:15:f7:fc:4a:a7:77:e0:9b:ab:6f:
b3:5b:6f:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjahBf/8haw0c6+Ed5Cqn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjE0YTkwZDQwOTVmZDI2NzY1Y2MwZTRkZjg5OWU4YzQ2
YzA2ZGYwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2ExZTBkZGI1ZGFmNGVjNzIzNWI0YzM4NzRlMjg5NjUwZmQxYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6w0LbruSpOmbzhKrjm07oE2bbvQg
RP1rk44rw29o+JDdVpabEIJ6RkrfS2648sMZlVRwYjfCDc3+uul3TA8tUxDopsJ/
jlIx/ppqhdjn76WKEoRfEi1CFWnGsBVmFPNbGnokRL0sh6ZMpzQKue01Q7LuP0p/
iY4fUN5W4jbXsTVDCLyz5wBd1Y7/vQdRCoRueePb6/9COSfmgh3XTX8xtuqWWIRt
LepJRXJ06PkIlCwpnB2scaD1RX1pF2YCptSqiPIxV7kIOYcUgN1VjN/Imd9WovPW
OtbhfkkowfPyWZuYkl32wS5FFlHSKflhYHFjCP/IIrYJlpXwx/dB6kyiRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPyh4N212vTscjW0w4dOKJZQ/Rq9MB8GA1UdIwQY
MBaAFJIhSpDUCV/SZ2XMDk34mejEbAbfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lGS2tOUUpYOUpuWmN3T1RmaVo2TVJzQnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi85YWU5YWQtNmE4Yy00N2NiLWJkZDEt
NTdkODAzMGI2MWUxLzEvX0tIZzNiWGE5T3h5TmJURGgwNG9sbEQ5R3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi85YWU5YWQtNmE4Yy00N2NiLWJkZDEtNTdkODAzMGI2MWUx
LzEva2lGS2tOUUpYOUpuWmN3T1RmaVo2TVJzQnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucQdMA0E
AgACMAcDBQMqA+RAMA0GCSqGSIb3DQEBCwUAA4IBAQA3SDfNi9hYsQN8KaEJ8STo
hByMqwoGOddWFZfCkMJBFA8W4IYRTJwwqF5ekbypLesf5qXSeHqdYhxuPFVQBAQ3
VqOYKsRzokqKWbfjbqkb+wGNfrQsfyxtMHc0ZhqKVqkjqJKXezK/I1pl8TWrrkXn
AvrLw+R3rBjtkI6ELBKwCBX8F1w29qwRp4or37zLt1PE8GAgsasX9Iq5PwhdgufG
YG1YABqggs/MiwPPnXq+SZUtOWifx05GjuQaGJ8Ij3/JD3xY7V/Bl8f2S5/1qAcw
nQR+IZtM8sdXAM43xbXLln4UqlDVbWKNBM6aazQK3C2KEhX3/Eqnd+Cbq2+zW2++
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:28 2025 by rpki-client on console.sobornost.net