Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/oYCCEaHZDFeU07vWfgI3VuJzA2k.roa
File: oYCCEaHZDFeU07vWfgI3VuJzA2k.roa (raw, json)
Hash identifier: ZelDCAPq5Lk9TPNRJeopu8e/ZIbjOUyl0w35TbZibt4=
Subject key identifier: A1:80:82:11:A1:D9:0C:57:94:D3:BB:D6:7E:02:37:56:E2:73:03:69
Certificate issuer: /CN=ebc8c4a066e2c150313ee1c087471f3c8b0de054
Certificate serial: 019427B511FD1C346507F35B472695B79D08
Authority key identifier: EB:C8:C4:A0:66:E2:C1:50:31:3E:E1:C0:87:47:1F:3C:8B:0D:E0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/oYCCEaHZDFeU07vWfgI3VuJzA2k.roa
Signing time: Thu 02 Jan 2025 15:49:25 +0000
ROA not before: Thu 02 Jan 2025 15:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42828
IP address blocks: 185.84.104.0/24 maxlen: 24
185.84.105.0/24 maxlen: 24
185.84.106.0/24 maxlen: 24
185.84.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:11:fd:1c:34:65:07:f3:5b:47:26:95:b7:9d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebc8c4a066e2c150313ee1c087471f3c8b0de054
Validity
Not Before: Jan 2 15:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1808211a1d90c5794d3bbd67e023756e2730369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2b:e4:2f:4d:fe:9e:31:2d:6f:21:c5:f5:30:
50:84:e7:39:ac:c6:fa:d7:de:1f:e5:6e:a2:10:59:
8b:d9:1a:9d:dd:14:50:4c:1a:bb:0a:59:75:3b:a7:
ef:39:65:77:51:68:0f:b7:da:f7:84:58:79:53:be:
be:02:b2:c0:04:4e:88:0b:09:1a:25:a6:a7:75:f7:
39:41:84:59:04:cd:01:73:ea:77:bd:6f:cc:f3:95:
0b:13:b4:c2:63:0f:f7:9a:56:50:43:d5:5a:5e:89:
4f:a3:e1:14:4f:e3:f9:a4:97:8e:19:88:0a:6f:d7:
0d:ac:d6:05:79:9d:27:24:5e:ea:ea:aa:8d:dd:6c:
22:f4:7b:db:7f:69:44:49:d8:a9:23:d7:e8:4a:5b:
81:fc:8b:e2:0b:ca:9b:78:4d:07:6f:b3:2d:8b:a2:
67:67:2f:d0:c4:3a:2e:b8:00:09:8b:7a:ce:12:8f:
62:c8:a2:fd:36:d0:c2:8d:63:3b:3c:eb:98:d7:e8:
06:7c:86:20:81:1a:ad:cc:6e:bf:70:ea:5a:b7:42:
e4:21:4f:1f:d0:97:e6:27:e1:f7:11:8d:a6:46:a8:
57:0a:05:11:df:8d:08:2c:28:67:ed:6a:40:c7:d1:
b9:54:9b:b5:73:b1:23:e2:78:1d:c4:71:8c:08:58:
4c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:80:82:11:A1:D9:0C:57:94:D3:BB:D6:7E:02:37:56:E2:73:03:69
X509v3 Authority Key Identifier:
keyid:EB:C8:C4:A0:66:E2:C1:50:31:3E:E1:C0:87:47:1F:3C:8B:0D:E0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/oYCCEaHZDFeU07vWfgI3VuJzA2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.104.0/22
Signature Algorithm: sha256WithRSAEncryption
82:17:7e:e1:94:9f:8f:5a:de:4c:a9:19:dd:13:48:7b:45:89:
cc:db:72:2d:4a:c6:ad:a8:3b:04:72:72:f2:32:b5:5e:b4:5f:
59:33:52:2d:9f:0b:b9:b8:9b:a7:91:39:e2:cd:c7:fa:1d:6e:
33:a4:d4:64:48:e8:80:8b:66:b2:29:a2:04:15:1b:02:e4:e2:
cb:c6:63:45:49:17:cd:0a:31:4b:8c:1f:92:6e:14:87:32:6b:
ba:92:e4:24:65:5d:2b:b4:7e:a6:87:fc:17:65:29:f2:f7:f2:
e6:e6:60:2a:4b:07:09:95:db:bb:3b:3a:ac:d0:9f:1c:35:65:
54:1f:b2:49:58:c4:e5:03:3e:60:6c:36:84:72:4b:f5:07:75:
56:63:61:f5:4e:26:dc:38:0a:00:99:bb:44:2f:6e:ae:b5:06:
42:dd:39:73:8f:92:97:32:43:f0:8e:b4:8d:1c:91:ec:ba:ab:
47:8c:0a:ba:cc:05:c4:c7:b7:83:2f:37:9a:0c:b4:13:05:db:
c7:97:55:8b:ea:b3:39:a7:dd:d1:ff:56:03:73:88:5a:b8:11:
08:c5:f4:c8:c0:77:0e:5a:83:78:f5:a0:f0:32:22:ad:ee:12:
76:7d:6c:55:15:f7:bd:36:24:69:90:07:32:62:8b:e4:ca:d4:
a8:3b:b7:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntRH9HDRlB/NbRyaVt50IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzhjNGEwNjZlMmMxNTAzMTNlZTFjMDg3NDcxZjNjOGIw
ZGUwNTQwHhcNMjUwMTAyMTU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgwODIxMWExZDkwYzU3OTRkM2JiZDY3ZTAyMzc1NmUyNzMwMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCvkL03+njEtbyHF9TBQhOc5rMb6
194f5W6iEFmL2Rqd3RRQTBq7Cll1O6fvOWV3UWgPt9r3hFh5U76+ArLABE6ICwka
Jaandfc5QYRZBM0Bc+p3vW/M85ULE7TCYw/3mlZQQ9VaXolPo+EUT+P5pJeOGYgK
b9cNrNYFeZ0nJF7q6qqN3Wwi9Hvbf2lESdipI9foSluB/IviC8qbeE0Hb7Mti6Jn
Zy/QxDouuAAJi3rOEo9iyKL9NtDCjWM7POuY1+gGfIYggRqtzG6/cOpat0LkIU8f
0JfmJ+H3EY2mRqhXCgUR340ILChn7WpAx9G5VJu1c7Ej4ngdxHGMCFhMZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGAghGh2QxXlNO71n4CN1bicwNpMB8GA1UdIwQY
MBaAFOvIxKBm4sFQMT7hwIdHHzyLDeBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84ZTQ0ZTMtMWI1NC00NzllLWE1NGMt
NDdlYWQ1MzcyYmZiLzEvb1lDQ0VhSFpERmVVMDd2V2ZnSTNWdUp6QTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84ZTQ0ZTMtMWI1NC00NzllLWE1NGMtNDdlYWQ1MzcyYmZi
LzEvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVRoMA0G
CSqGSIb3DQEBCwUAA4IBAQCCF37hlJ+PWt5MqRndE0h7RYnM23ItSsatqDsEcnLy
MrVetF9ZM1Itnwu5uJunkTnizcf6HW4zpNRkSOiAi2ayKaIEFRsC5OLLxmNFSRfN
CjFLjB+SbhSHMmu6kuQkZV0rtH6mh/wXZSny9/Lm5mAqSwcJldu7Ozqs0J8cNWVU
H7JJWMTlAz5gbDaEckv1B3VWY2H1TibcOAoAmbtEL26utQZC3Tlzj5KXMkPwjrSN
HJHsuqtHjAq6zAXEx7eDLzeaDLQTBdvHl1WL6rM5p93R/1YDc4hauBEIxfTIwHcO
WoN49aDwMiKt7hJ2fWxVFfe9NiRpkAcyYovkytSoO7fa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net