Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/Iq8sBOoYl2FdEDuOs7ZjqubA0mo.roa
File: Iq8sBOoYl2FdEDuOs7ZjqubA0mo.roa (raw, json)
Hash identifier: cKH71Gw8ENbKfDC7hsHD0Ixm5ykhTLruun3w+xwHV3U=
Subject key identifier: 22:AF:2C:04:EA:18:97:61:5D:10:3B:8E:B3:B6:63:AA:E6:C0:D2:6A
Certificate issuer: /CN=cb36180ab4542d6eee66d9f99030df71236ce264
Certificate serial: 019424B38DED34F483CFB265968C1B944542
Authority key identifier: CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/Iq8sBOoYl2FdEDuOs7ZjqubA0mo.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199995
IP address blocks: 185.76.68.0/22 maxlen: 22
185.109.52.0/24 maxlen: 24
185.109.53.0/24 maxlen: 24
185.109.54.0/23 maxlen: 23
185.151.84.0/24 maxlen: 24
185.151.85.0/24 maxlen: 24
185.151.86.0/24 maxlen: 24
185.151.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8d:ed:34:f4:83:cf:b2:65:96:8c:1b:94:45:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb36180ab4542d6eee66d9f99030df71236ce264
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22af2c04ea1897615d103b8eb3b663aae6c0d26a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7b:a5:b9:61:04:ad:0e:00:51:1d:d4:3d:95:
12:99:78:2b:d1:ce:b5:2e:12:21:f3:e9:d3:e1:21:
0e:5b:f2:b0:c5:88:dd:b5:19:d9:0c:d9:14:75:38:
16:54:2f:a8:a0:be:e5:fd:ad:23:cb:19:2f:93:a7:
98:25:1c:d2:23:68:ae:b7:f3:96:69:16:f8:7a:3b:
99:26:2d:e4:9a:e7:d3:a0:79:5f:d9:1d:1d:33:9a:
94:cd:15:2a:d5:db:07:c6:d0:8e:35:7d:8b:1d:cd:
a4:bb:4c:0f:9f:17:ed:6b:ea:ea:cc:66:b2:a0:2a:
5e:7b:1f:9a:b5:1b:f5:ab:b1:87:99:14:52:60:60:
e1:09:1f:09:a6:56:45:b9:c1:7e:3e:33:7e:be:24:
d5:ad:e6:15:f9:85:03:53:93:12:0e:41:af:94:ec:
96:ad:89:6e:7f:b9:4e:de:77:93:4f:90:a4:6f:2c:
66:bb:24:54:b4:9d:88:56:58:5c:9c:e9:a7:0d:fa:
b2:ba:a7:e6:6f:0b:4d:0d:23:07:94:0d:36:1f:7d:
7e:79:86:a1:41:ea:58:e4:73:0c:23:9a:07:51:14:
b1:69:10:60:fc:f4:40:d8:65:93:7f:e9:1d:ce:ad:
62:b5:2f:d7:3b:32:10:74:4e:24:90:31:6a:2b:7d:
3a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AF:2C:04:EA:18:97:61:5D:10:3B:8E:B3:B6:63:AA:E6:C0:D2:6A
X509v3 Authority Key Identifier:
keyid:CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/Iq8sBOoYl2FdEDuOs7ZjqubA0mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.68.0/22
185.109.52.0/22
185.151.84.0/22
Signature Algorithm: sha256WithRSAEncryption
99:20:a6:b3:cd:9d:0d:56:7f:3a:56:30:db:5a:52:b4:b8:b1:
6e:26:02:39:4e:d6:e5:e7:04:39:9f:c0:89:ac:73:4f:b0:d5:
d6:10:08:26:16:c1:50:02:26:53:5e:2d:94:44:49:c4:7b:0b:
1a:87:31:5f:b4:5e:f2:4a:94:75:fb:fd:ac:91:6f:96:70:d4:
ba:ef:24:70:59:ab:b5:03:ef:03:5f:79:ca:71:28:a0:ee:3d:
19:53:92:db:a8:c1:8a:d6:88:44:26:13:ed:02:df:66:1d:85:
47:7d:8a:e7:d5:5a:54:a1:e7:26:1f:7f:5b:f4:45:70:6a:7c:
f2:65:cc:e4:1e:6d:0f:a1:58:a9:29:6b:29:80:52:6a:9e:96:
40:6d:72:8a:86:a6:95:ff:29:d1:7b:d8:c5:7f:d3:62:c7:30:
58:80:26:de:a3:f8:47:c6:78:60:e6:7f:09:bf:93:b1:97:31:
c3:9d:6d:07:a5:db:45:af:bb:49:12:0b:79:95:ce:f3:19:b4:
28:83:fc:54:80:6f:82:fe:5f:48:44:ca:1e:49:79:b2:18:24:
16:1d:69:cb:f4:9b:c6:e5:33:87:90:75:50:4c:1e:90:93:79:
34:70:48:a9:83:f8:e5:4f:01:d6:d6:e5:4d:1e:fc:4f:51:e1:
b5:6d:cf:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks43tNPSDz7JllowblEVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzYxODBhYjQ1NDJkNmVlZTY2ZDlmOTkwMzBkZjcxMjM2
Y2UyNjQwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFmMmMwNGVhMTg5NzYxNWQxMDNiOGViM2I2NjNhYWU2YzBkMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXuluWEErQ4AUR3UPZUSmXgr0c61
LhIh8+nT4SEOW/KwxYjdtRnZDNkUdTgWVC+ooL7l/a0jyxkvk6eYJRzSI2iut/OW
aRb4ejuZJi3kmufToHlf2R0dM5qUzRUq1dsHxtCONX2LHc2ku0wPnxfta+rqzGay
oCpeex+atRv1q7GHmRRSYGDhCR8JplZFucF+PjN+viTVreYV+YUDU5MSDkGvlOyW
rYluf7lO3neTT5CkbyxmuyRUtJ2IVlhcnOmnDfqyuqfmbwtNDSMHlA02H31+eYah
QepY5HMMI5oHURSxaRBg/PRA2GWTf+kdzq1itS/XOzIQdE4kkDFqK306WQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCKvLATqGJdhXRA7jrO2Y6rmwNJqMB8GA1UdIwQY
MBaAFMs2GAq0VC1u7mbZ+ZAw33EjbOJkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWIt
NjY3ZGIxZGMxYjg2LzEvSXE4c0JPb1lsMkZkRUR1T3M3WmpxdWJBMG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWItNjY3ZGIxZGMxYjg2
LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUxEAwQC
uW00AwQCuZdUMA0GCSqGSIb3DQEBCwUAA4IBAQCZIKazzZ0NVn86VjDbWlK0uLFu
JgI5Ttbl5wQ5n8CJrHNPsNXWEAgmFsFQAiZTXi2UREnEewsahzFftF7ySpR1+/2s
kW+WcNS67yRwWau1A+8DX3nKcSig7j0ZU5LbqMGK1ohEJhPtAt9mHYVHfYrn1VpU
oecmH39b9EVwanzyZczkHm0PoVipKWspgFJqnpZAbXKKhqaV/ynRe9jFf9NixzBY
gCbeo/hHxnhg5n8Jv5OxlzHDnW0HpdtFr7tJEgt5lc7zGbQog/xUgG+C/l9IRMoe
SXmyGCQWHWnL9JvG5TOHkHVQTB6Qk3k0cEipg/jlTwHW1uVNHvxPUeG1bc+6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net