Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/CdS0S5h1e306IjdNNYaIbNOac9U.roa
File: CdS0S5h1e306IjdNNYaIbNOac9U.roa (raw, json)
Hash identifier: ns5KjwP5PT64eyVqbgP83KTbHXq14r1yzW0yvkof0v8=
Subject key identifier: 09:D4:B4:4B:98:75:7B:7D:3A:22:37:4D:35:86:88:6C:D3:9A:73:D5
Certificate issuer: /CN=fe3d23a39ed3656f9a6064b609d02a2f6e4a3827
Certificate serial: 019424B37B7A35826EDAA1C68385B0E2730C
Authority key identifier: FE:3D:23:A3:9E:D3:65:6F:9A:60:64:B6:09:D0:2A:2F:6E:4A:38:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_j0jo57TZW-aYGS2CdAqL25KOCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/CdS0S5h1e306IjdNNYaIbNOac9U.roa
Signing time: Thu 02 Jan 2025 01:48:49 +0000
ROA not before: Thu 02 Jan 2025 01:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198371
IP address blocks: 185.96.208.0/24 maxlen: 24
185.96.209.0/24 maxlen: 24
185.96.210.0/24 maxlen: 24
185.96.211.0/24 maxlen: 24
2a06:180::/32 maxlen: 32
2a06:181::/32 maxlen: 32
2a06:182::/32 maxlen: 32
2a06:183::/32 maxlen: 32
2a06:184::/32 maxlen: 32
2a06:185::/32 maxlen: 32
2a06:186::/32 maxlen: 32
2a06:187::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7b:7a:35:82:6e:da:a1:c6:83:85:b0:e2:73:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe3d23a39ed3656f9a6064b609d02a2f6e4a3827
Validity
Not Before: Jan 2 01:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09d4b44b98757b7d3a22374d3586886cd39a73d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:09:64:78:fc:99:12:21:4f:90:fa:6b:c3:44:
fa:55:d1:52:ad:a1:76:d3:61:9b:5a:03:05:6a:9e:
dc:06:fd:63:52:7f:be:3e:63:ba:64:2b:1f:19:61:
a8:16:03:7f:8c:77:18:29:e4:ec:55:69:94:ef:3e:
75:cc:1b:50:fb:3f:27:0a:2d:53:ec:cb:a5:1a:93:
51:30:1a:41:27:de:07:de:75:df:93:d0:97:18:a5:
5c:b8:a0:35:29:be:ee:50:bb:94:f1:02:4c:13:cf:
d1:e3:a1:1b:8b:cb:4b:45:dd:e8:37:fb:64:a5:c2:
62:8f:be:f0:b1:12:9a:2e:f3:fa:db:ce:c1:7a:e7:
58:d6:62:de:e3:39:21:aa:3d:45:aa:d6:6f:9b:a1:
f9:41:73:ae:b1:78:81:9e:03:82:09:b7:54:19:fb:
5c:61:c3:6b:d1:a4:03:e5:21:a5:cb:de:e6:c0:12:
3e:5c:00:30:c2:37:24:d5:b8:45:b3:b4:59:b1:de:
06:a5:c2:97:ee:3d:64:4b:fb:4d:84:c1:e3:8c:14:
e5:b0:56:19:4e:97:e9:05:2e:92:a6:31:51:7a:e2:
19:a6:58:5e:fe:16:c7:b9:6e:2e:ad:ef:34:93:1c:
ed:1c:c5:f3:47:fa:29:99:10:d3:cc:2f:8d:f2:bb:
07:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D4:B4:4B:98:75:7B:7D:3A:22:37:4D:35:86:88:6C:D3:9A:73:D5
X509v3 Authority Key Identifier:
keyid:FE:3D:23:A3:9E:D3:65:6F:9A:60:64:B6:09:D0:2A:2F:6E:4A:38:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_j0jo57TZW-aYGS2CdAqL25KOCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/CdS0S5h1e306IjdNNYaIbNOac9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/_j0jo57TZW-aYGS2CdAqL25KOCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.208.0/22
IPv6:
2a06:180::/29
Signature Algorithm: sha256WithRSAEncryption
6b:b0:cd:ab:3a:26:98:39:d0:78:95:f3:a7:b4:0a:f8:55:d7:
2c:4c:71:a6:01:19:cb:aa:8b:1f:3f:3a:96:ef:ec:b4:b1:de:
14:c6:f2:ac:bc:e3:7f:72:31:4d:73:f0:5e:6a:0d:31:ec:c7:
0e:51:3a:b1:15:f6:dd:36:5b:37:0d:6f:4b:c5:78:4f:62:51:
a2:06:18:0c:6e:b7:98:ff:1e:99:36:91:5b:ab:dd:13:b1:f1:
0b:d5:5f:17:6b:fa:2e:4f:66:28:4a:06:ed:33:8d:33:24:47:
e1:05:af:64:f1:d3:53:af:5d:53:c6:c6:b3:8c:8d:3e:a7:81:
2f:c7:4c:60:a2:d8:2b:d2:a9:b9:ab:2b:56:3c:5a:72:0a:a0:
00:d9:4a:b0:23:45:1d:4f:36:d6:08:97:a1:f0:03:fb:29:77:
5e:6a:ae:77:db:10:68:f0:ef:1d:82:2b:ba:a0:19:c2:5b:da:
14:00:8a:8b:5b:4b:3c:a6:29:ee:eb:d3:53:24:ec:19:1e:ab:
f8:7c:d7:6c:e8:91:83:ee:22:64:19:17:a8:3b:87:e8:9f:80:
c8:1d:ef:7a:eb:77:25:79:a9:6e:61:bf:d2:cc:fd:cf:63:fc:
48:5c:eb:0c:c4:4d:90:ff:45:ba:9c:7b:fb:64:3b:39:26:7e:
87:fc:dc:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks3t6NYJu2qHGg4Ww4nMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlM2QyM2EzOWVkMzY1NmY5YTYwNjRiNjA5ZDAyYTJmNmU0
YTM4MjcwHhcNMjUwMTAyMDE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ0YjQ0Yjk4NzU3YjdkM2EyMjM3NGQzNTg2ODg2Y2QzOWE3M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAlkePyZEiFPkPprw0T6VdFSraF2
02GbWgMFap7cBv1jUn++PmO6ZCsfGWGoFgN/jHcYKeTsVWmU7z51zBtQ+z8nCi1T
7MulGpNRMBpBJ94H3nXfk9CXGKVcuKA1Kb7uULuU8QJME8/R46Ebi8tLRd3oN/tk
pcJij77wsRKaLvP6287BeudY1mLe4zkhqj1FqtZvm6H5QXOusXiBngOCCbdUGftc
YcNr0aQD5SGly97mwBI+XAAwwjck1bhFs7RZsd4GpcKX7j1kS/tNhMHjjBTlsFYZ
TpfpBS6SpjFReuIZplhe/hbHuW4ure80kxztHMXzR/opmRDTzC+N8rsHSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAnUtEuYdXt9OiI3TTWGiGzTmnPVMB8GA1UdIwQY
MBaAFP49I6Oe02VvmmBktgnQKi9uSjgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2owam81N1RaVy1hWUdTMkNkQXFMMjVLT0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy84ZTYyZTktNDA2ZC00YWIwLThmZGIt
ZDlhODA4ZWMxYWIxLzEvQ2RTMFM1aDFlMzA2SWpkTk5ZYUliTk9hYzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy84ZTYyZTktNDA2ZC00YWIwLThmZGItZDlhODA4ZWMxYWIx
LzEvX2owam81N1RaVy1hWUdTMkNkQXFMMjVLT0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWDQMA0E
AgACMAcDBQMqBgGAMA0GCSqGSIb3DQEBCwUAA4IBAQBrsM2rOiaYOdB4lfOntAr4
VdcsTHGmARnLqosfPzqW7+y0sd4UxvKsvON/cjFNc/Beag0x7McOUTqxFfbdNls3
DW9LxXhPYlGiBhgMbreY/x6ZNpFbq90TsfEL1V8Xa/ouT2YoSgbtM40zJEfhBa9k
8dNTr11TxsazjI0+p4Evx0xgotgr0qm5qytWPFpyCqAA2UqwI0UdTzbWCJeh8AP7
KXdeaq532xBo8O8dgiu6oBnCW9oUAIqLW0s8pinu69NTJOwZHqv4fNds6JGD7iJk
GReoO4fon4DIHe9663clealuYb/SzP3PY/xIXOsMxE2Q/0W6nHv7ZDs5Jn6H/NzV
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:05 2025 by rpki-client on console.sobornost.net