Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/leblj7LAsmNQvo4mPAk6nZp18TI.roa
File: leblj7LAsmNQvo4mPAk6nZp18TI.roa (raw, json)
Hash identifier: BN8Nv/xxMQaspAlU30+6jiR1kkLgITKVXHRbqi9/XpE=
Subject key identifier: 95:E6:E5:8F:B2:C0:B2:63:50:BE:8E:26:3C:09:3A:9D:9A:75:F1:32
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 019427B5B0D56907C1238BD8858A1FF815EE
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/leblj7LAsmNQvo4mPAk6nZp18TI.roa
Signing time: Thu 02 Jan 2025 15:50:06 +0000
ROA not before: Thu 02 Jan 2025 15:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201689
IP address blocks: 185.66.228.0/22 maxlen: 22
185.66.228.0/24 maxlen: 24
185.66.229.0/24 maxlen: 24
185.66.230.0/24 maxlen: 24
185.66.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b0:d5:69:07:c1:23:8b:d8:85:8a:1f:f8:15:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 2 15:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e6e58fb2c0b26350be8e263c093a9d9a75f132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:68:27:77:98:65:ae:b6:5b:42:79:e7:37:8a:
05:35:52:67:ef:e2:25:80:a0:65:47:e0:9e:28:b3:
2a:01:dc:b7:48:b5:4b:48:07:91:87:0e:93:8f:54:
a5:1f:8b:f1:48:71:77:86:65:4e:df:85:71:a0:83:
72:c4:a4:4c:49:b3:c4:d2:b6:35:40:81:b4:3f:de:
73:f5:44:f1:74:37:38:5a:0b:c3:68:c1:f6:f7:bf:
34:11:7a:d8:dd:07:77:22:39:e7:99:30:b9:eb:10:
9f:d3:95:a2:75:0c:2c:57:3f:d8:08:a0:5a:48:7d:
88:76:aa:1b:4c:c6:9c:d5:53:1d:53:d0:51:99:22:
bb:95:1a:58:9c:31:64:86:e7:7c:95:9a:c9:ad:7f:
91:a8:47:7f:2d:79:ab:f0:e3:4c:26:80:49:16:6b:
ab:f4:09:72:c3:7d:3b:3b:63:92:ba:41:6b:9d:70:
66:e3:42:ce:49:cf:ae:aa:fb:f6:7d:f6:00:c7:fd:
70:cf:5f:ac:a7:41:99:71:6f:b1:f6:c2:17:ec:b8:
74:72:83:2e:58:7e:a8:18:19:05:80:c4:ab:5d:8d:
ba:0f:a9:a5:a0:89:b6:7f:a8:fa:e2:48:59:6a:a5:
da:c7:0f:37:af:17:5e:0f:73:3c:0e:02:86:0b:60:
65:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E6:E5:8F:B2:C0:B2:63:50:BE:8E:26:3C:09:3A:9D:9A:75:F1:32
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/leblj7LAsmNQvo4mPAk6nZp18TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:f4:49:96:ab:ec:2e:f2:80:8f:5a:4e:50:3a:9e:65:b3:02:
df:67:33:bb:5c:95:2a:94:1c:ea:28:a3:ef:d8:13:ae:ea:cc:
db:3e:52:bf:47:af:4e:09:7c:df:cc:1f:74:4f:a0:3b:34:11:
da:d2:cd:13:a3:63:76:60:b9:5d:48:f3:c7:46:27:9a:1c:26:
11:e1:22:61:ef:dd:b2:f8:66:19:b8:2a:f3:02:36:0d:98:4f:
28:d6:6c:8c:94:4b:e4:28:51:cb:d1:21:f9:b5:f8:54:4d:13:
9f:58:84:8d:65:5c:88:bb:1b:17:a1:3c:63:e5:db:06:c6:b2:
1e:b0:30:f2:be:96:29:1e:55:1b:f7:b4:50:7f:ff:e4:01:af:
ba:b9:b1:b8:ad:67:6d:3e:63:7c:24:86:3d:37:57:07:b0:95:
54:5f:f2:94:c5:25:e0:5b:6b:80:d8:a2:dd:3d:08:2a:6e:e8:
8f:e0:5e:80:57:df:aa:45:f5:6b:27:5a:1b:a8:50:87:39:c6:
80:58:09:49:38:8f:61:56:05:ad:5d:d9:7b:6b:2e:bb:11:94:
4b:62:c6:c2:80:45:02:57:9a:2c:59:7e:32:fe:c6:40:95:db:
b3:c9:8c:94:76:fa:5f:c0:08:1a:4f:2d:a8:7c:c2:43:6f:f6:
af:d7:28:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntbDVaQfBI4vYhYof+BXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjUwMTAyMTU1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWU2ZTU4ZmIyYzBiMjYzNTBiZThlMjYzYzA5M2E5ZDlhNzVmMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmgnd5hlrrZbQnnnN4oFNVJn7+Il
gKBlR+CeKLMqAdy3SLVLSAeRhw6Tj1SlH4vxSHF3hmVO34VxoINyxKRMSbPE0rY1
QIG0P95z9UTxdDc4WgvDaMH29780EXrY3Qd3IjnnmTC56xCf05WidQwsVz/YCKBa
SH2IdqobTMac1VMdU9BRmSK7lRpYnDFkhud8lZrJrX+RqEd/LXmr8ONMJoBJFmur
9Alyw307O2OSukFrnXBm40LOSc+uqvv2ffYAx/1wz1+sp0GZcW+x9sIX7Lh0coMu
WH6oGBkFgMSrXY26D6mloIm2f6j64khZaqXaxw83rxdeD3M8DgKGC2Bl5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXm5Y+ywLJjUL6OJjwJOp2adfEyMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvbGVibGo3TEFzbU5Rdm80bVBBazZuWnAxOFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuULkMA0G
CSqGSIb3DQEBCwUAA4IBAQAq9EmWq+wu8oCPWk5QOp5lswLfZzO7XJUqlBzqKKPv
2BOu6szbPlK/R69OCXzfzB90T6A7NBHa0s0To2N2YLldSPPHRieaHCYR4SJh792y
+GYZuCrzAjYNmE8o1myMlEvkKFHL0SH5tfhUTROfWISNZVyIuxsXoTxj5dsGxrIe
sDDyvpYpHlUb97RQf//kAa+6ubG4rWdtPmN8JIY9N1cHsJVUX/KUxSXgW2uA2KLd
PQgqbuiP4F6AV9+qRfVrJ1obqFCHOcaAWAlJOI9hVgWtXdl7ay67EZRLYsbCgEUC
V5osWX4y/sZAlduzyYyUdvpfwAgaTy2ofMJDb/av1yiO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:01 2025 by rpki-client on console.sobornost.net