Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/f6ghH_7B3PzM3ktCIJpbMer11MQ.roa
File: f6ghH_7B3PzM3ktCIJpbMer11MQ.roa (raw, json)
Hash identifier: gQOe3jDJjm6Z8U0Sg1BUTciGU/YhoqXEIyyDOVhhKCY=
Subject key identifier: 7F:A8:21:1F:FE:C1:DC:FC:CC:DE:4B:42:20:9A:5B:31:EA:F5:D4:C4
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01941FFA7418F828C84EDC0608FCC375DE6D
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/f6ghH_7B3PzM3ktCIJpbMer11MQ.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49562
IP address blocks: 185.2.172.0/22 maxlen: 22
185.2.172.0/23 maxlen: 23
2a02:80c0::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:74:18:f8:28:c8:4e:dc:06:08:fc:c3:75:de:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fa8211ffec1dcfcccde4b42209a5b31eaf5d4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:62:22:d0:61:57:f6:77:a9:d1:95:73:de:
54:69:8e:6b:a9:84:94:e5:27:c2:0d:46:b4:75:39:
c7:17:53:d9:2a:b2:03:35:fb:dc:1c:46:83:24:81:
f0:47:24:24:fa:b2:70:c3:38:9b:bd:8e:62:b0:90:
3a:e3:14:8b:65:e2:0f:b7:44:81:c1:0c:d9:7f:93:
d9:e8:5a:34:87:9d:cf:19:e8:85:76:13:79:43:90:
61:d7:2e:68:4a:69:78:25:15:c6:8b:75:e0:32:c6:
0b:65:fc:2d:9e:7c:34:20:81:b8:ee:28:8d:e1:b6:
f5:cd:cd:49:83:3d:42:3a:6c:d3:68:8e:0f:0d:66:
fb:26:9e:78:e2:50:94:fc:07:ce:0f:ef:92:84:e9:
23:39:44:19:a5:53:10:c5:83:fa:7c:93:ec:e5:89:
90:6f:46:f8:05:24:5f:67:9d:ca:84:91:9c:98:41:
5c:7b:ee:44:f6:b9:0d:7e:2e:33:fe:ed:13:b3:a9:
ea:30:1a:26:3c:3f:f4:97:6c:5e:6c:6a:af:b1:2d:
b7:8d:88:c6:fe:f7:a8:c8:88:cc:70:ba:75:6b:73:
d1:6b:51:57:6b:1b:73:43:3f:fe:44:3d:ca:46:58:
da:af:ac:bb:4e:62:5b:82:ff:a8:bb:ed:1d:29:9a:
c5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A8:21:1F:FE:C1:DC:FC:CC:DE:4B:42:20:9A:5B:31:EA:F5:D4:C4
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/f6ghH_7B3PzM3ktCIJpbMer11MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.172.0/22
IPv6:
2a02:80c0::/30
Signature Algorithm: sha256WithRSAEncryption
8b:5c:00:ce:99:50:f0:1a:ca:f4:c7:96:4f:52:75:bc:f8:97:
9a:ef:63:99:6b:44:31:b4:3b:e4:ee:6e:40:a5:7a:d2:86:98:
c7:0f:59:23:58:95:57:ba:4b:60:09:c1:43:a2:4d:91:5f:9f:
ea:0e:5a:89:83:71:eb:8c:7e:ca:5c:23:d9:9f:d2:b0:c2:bc:
04:28:93:b5:ca:35:a1:00:95:d1:db:ea:c8:56:36:75:64:47:
62:d1:a3:a8:46:5f:8c:62:f0:84:b6:7d:a9:97:9c:94:7a:fe:
53:fe:39:8b:6a:96:91:3a:70:96:9e:99:76:cc:e2:cb:99:5c:
f5:73:2e:76:a1:7f:2c:14:0e:ab:88:2d:8c:cb:02:93:44:c8:
3a:27:58:f4:a7:46:ff:c9:c6:ee:c1:f9:9f:da:06:f1:c1:50:
03:5f:5e:be:b6:43:75:4b:02:84:ec:42:fd:56:96:ad:b1:8d:
0a:aa:f1:30:30:cc:66:e6:4e:dd:86:6f:64:e3:47:f5:e8:bc:
f9:00:5e:c6:bb:ab:9e:e4:cd:1e:66:02:6d:65:50:0a:19:35:
54:be:96:45:12:98:78:9b:22:f9:63:30:0b:4e:36:37:1b:23:
ce:24:5d:c8:99:af:bb:e2:2c:a1:9e:ea:bb:8f:df:5b:a7:7c:
c1:31:4a:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+nQY+CjITtwGCPzDdd5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmE4MjExZmZlYzFkY2ZjY2NkZTRiNDIyMDlhNWIzMWVhZjVkNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr1iItBhV/Z3qdGVc95UaY5rqYSU
5SfCDUa0dTnHF1PZKrIDNfvcHEaDJIHwRyQk+rJwwzibvY5isJA64xSLZeIPt0SB
wQzZf5PZ6Fo0h53PGeiFdhN5Q5Bh1y5oSml4JRXGi3XgMsYLZfwtnnw0IIG47iiN
4bb1zc1Jgz1COmzTaI4PDWb7Jp544lCU/AfOD++ShOkjOUQZpVMQxYP6fJPs5YmQ
b0b4BSRfZ53KhJGcmEFce+5E9rkNfi4z/u0Ts6nqMBomPD/0l2xebGqvsS23jYjG
/veoyIjMcLp1a3PRa1FXaxtzQz/+RD3KRljar6y7TmJbgv+ou+0dKZrFrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH+oIR/+wdz8zN5LQiCaWzHq9dTEMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvZjZnaEhfN0IzUHpNM2t0Q0lKcGJNZXIxMU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQKsMA0E
AgACMAcDBQIqAoDAMA0GCSqGSIb3DQEBCwUAA4IBAQCLXADOmVDwGsr0x5ZPUnW8
+Jea72OZa0QxtDvk7m5ApXrShpjHD1kjWJVXuktgCcFDok2RX5/qDlqJg3HrjH7K
XCPZn9KwwrwEKJO1yjWhAJXR2+rIVjZ1ZEdi0aOoRl+MYvCEtn2pl5yUev5T/jmL
apaROnCWnpl2zOLLmVz1cy52oX8sFA6riC2MywKTRMg6J1j0p0b/ycbuwfmf2gbx
wVADX16+tkN1SwKE7EL9VpatsY0KqvEwMMxm5k7dhm9k40f16Lz5AF7Gu6ue5M0e
ZgJtZVAKGTVUvpZFEph4myL5YzALTjY3GyPOJF3Ima+74iyhnuq7j99bp3zBMUom
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net