Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/xE_JDYJwb1MCr7C57Rm2iLhdKIw.roa
File: xE_JDYJwb1MCr7C57Rm2iLhdKIw.roa (raw, json)
Hash identifier: sRhgH4Cj24QxldRTdKVZiNUSEzN+8JXEsh8ETe2KACg=
Subject key identifier: C4:4F:C9:0D:82:70:6F:53:02:AF:B0:B9:ED:19:B6:88:B8:5D:28:8C
Certificate issuer: /CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Certificate serial: 01942747672FF3DD08BCBC7EAF23309C8080
Authority key identifier: EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/xE_JDYJwb1MCr7C57Rm2iLhdKIw.roa
Signing time: Thu 02 Jan 2025 13:49:38 +0000
ROA not before: Thu 02 Jan 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204189
IP address blocks: 157.97.184.0/21 maxlen: 24
185.111.148.0/22 maxlen: 24
2a0d:ce80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:67:2f:f3:dd:08:bc:bc:7e:af:23:30:9c:80:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec51314e04ec9676f2b60248e1b9bd02ef00e168
Validity
Not Before: Jan 2 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c44fc90d82706f5302afb0b9ed19b688b85d288c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8a:0d:33:f2:da:12:9c:2f:48:26:4f:45:d3:
92:a6:42:12:81:67:02:2f:b8:12:c3:9b:a0:b3:04:
2c:c3:c0:b7:d2:56:25:5f:9a:89:21:4f:3e:b8:3d:
7b:06:2f:46:44:bc:b5:81:f7:c2:c2:5f:ea:2d:95:
a7:c1:72:eb:20:c4:47:9e:bd:a8:37:86:70:6c:f1:
bb:ba:bd:12:f1:92:c5:db:e5:8c:69:43:23:b9:79:
1c:74:28:9c:92:07:cb:ce:55:b8:43:40:48:ca:c0:
a5:43:44:70:a1:61:c0:b4:ca:e3:50:31:0b:86:81:
f1:08:ff:1d:9c:a9:85:84:39:c4:75:b7:35:99:d0:
e5:22:54:6e:45:26:ad:16:c4:60:bd:dc:c9:d4:46:
03:78:3f:4c:91:fd:41:8b:e2:db:0a:cf:ee:9b:cc:
b1:f7:68:18:74:b4:fb:1a:3a:f4:92:e1:fc:46:9f:
0f:1e:a8:3a:5e:d4:c4:21:f3:63:cc:b1:2e:42:9b:
e4:f8:39:0b:61:e2:b0:fd:38:59:f5:04:20:e4:36:
78:7c:d3:f9:8b:73:d1:b1:ce:87:ce:4b:45:c5:42:
cc:c7:68:1f:c6:21:f8:1d:eb:52:ce:f7:32:f4:14:
18:5f:08:bd:af:4b:63:c2:68:75:94:cc:2a:4b:47:
a4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4F:C9:0D:82:70:6F:53:02:AF:B0:B9:ED:19:B6:88:B8:5D:28:8C
X509v3 Authority Key Identifier:
keyid:EC:51:31:4E:04:EC:96:76:F2:B6:02:48:E1:B9:BD:02:EF:00:E1:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FExTgTslnbytgJI4bm9Au8A4Wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/xE_JDYJwb1MCr7C57Rm2iLhdKIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db5399-6fbb-4ce2-897b-3bbbca310d71/1/7FExTgTslnbytgJI4bm9Au8A4Wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.184.0/21
185.111.148.0/22
IPv6:
2a0d:ce80::/29
Signature Algorithm: sha256WithRSAEncryption
08:35:40:eb:2d:c2:2e:44:61:05:3b:dc:ad:74:19:3c:14:84:
b8:64:c3:1c:38:ac:29:9d:f4:8b:d2:ea:5c:38:72:1e:aa:5c:
bd:80:e4:92:30:e3:db:76:ed:87:6c:b0:04:26:30:ae:6f:ab:
de:8f:04:44:ff:d6:8a:31:c1:50:d1:65:cd:56:5b:f1:d4:04:
db:ff:ef:25:62:6d:ce:40:5d:61:9d:13:7f:7d:59:a3:3e:d2:
c5:54:74:82:1b:9a:34:14:8d:ab:77:dc:bf:64:5c:75:0a:6f:
0c:6d:e8:e0:10:f6:37:74:91:23:eb:d0:b3:24:25:72:73:1e:
d5:66:7a:a2:6b:66:8b:6f:76:4f:40:1c:c6:96:1c:cb:f6:07:
e0:eb:a0:e8:8a:85:23:bf:0e:fa:05:b0:55:d0:73:62:e7:aa:
ba:cc:c1:74:6d:a7:a8:6f:90:ba:5e:4a:27:70:ba:ae:4d:f2:
f6:18:6f:86:c3:2f:f8:c7:85:d0:6e:e5:70:e8:47:96:b8:cf:
6b:cc:44:b8:77:07:2d:01:b5:96:30:65:b0:29:63:be:4e:2e:
c2:31:d6:88:db:79:5a:a5:c4:2f:89:1a:f0:86:a2:36:6e:15:
ad:96:c5:96:33:39:37:f9:32:d9:31:58:c6:f0:b5:1d:fe:44:
d5:bb:27:fd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnR2cv890IvLx+ryMwnICAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNTEzMTRlMDRlYzk2NzZmMmI2MDI0OGUxYjliZDAyZWYw
MGUxNjgwHhcNMjUwMTAyMTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRmYzkwZDgyNzA2ZjUzMDJhZmIwYjllZDE5YjY4OGI4NWQyODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqooNM/LaEpwvSCZPRdOSpkISgWcC
L7gSw5ugswQsw8C30lYlX5qJIU8+uD17Bi9GRLy1gffCwl/qLZWnwXLrIMRHnr2o
N4ZwbPG7ur0S8ZLF2+WMaUMjuXkcdCickgfLzlW4Q0BIysClQ0RwoWHAtMrjUDEL
hoHxCP8dnKmFhDnEdbc1mdDlIlRuRSatFsRgvdzJ1EYDeD9Mkf1Bi+LbCs/um8yx
92gYdLT7Gjr0kuH8Rp8PHqg6XtTEIfNjzLEuQpvk+DkLYeKw/ThZ9QQg5DZ4fNP5
i3PRsc6HzktFxULMx2gfxiH4HetSzvcy9BQYXwi9r0tjwmh1lMwqS0ekPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMRPyQ2CcG9TAq+wue0Ztoi4XSiMMB8GA1UdIwQY
MBaAFOxRMU4E7JZ28rYCSOG5vQLvAOFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZFeFRnVHNsbmJ5dGdKSTRibTlBdThBNFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kYjUzOTktNmZiYi00Y2UyLTg5N2It
M2JiYmNhMzEwZDcxLzEveEVfSkRZSndiMU1DcjdDNTdSbTJpTGhkS0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kYjUzOTktNmZiYi00Y2UyLTg5N2ItM2JiYmNhMzEwZDcx
LzEvN0ZFeFRnVHNsbmJ5dGdKSTRibTlBdThBNFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnWG4AwQC
uW+UMA0EAgACMAcDBQMqDc6AMA0GCSqGSIb3DQEBCwUAA4IBAQAINUDrLcIuRGEF
O9ytdBk8FIS4ZMMcOKwpnfSL0upcOHIeqly9gOSSMOPbdu2HbLAEJjCub6vejwRE
/9aKMcFQ0WXNVlvx1ATb/+8lYm3OQF1hnRN/fVmjPtLFVHSCG5o0FI2rd9y/ZFx1
Cm8MbejgEPY3dJEj69CzJCVycx7VZnqia2aLb3ZPQBzGlhzL9gfg66DoioUjvw76
BbBV0HNi56q6zMF0baeob5C6XkoncLquTfL2GG+Gwy/4x4XQbuVw6EeWuM9rzES4
dwctAbWWMGWwKWO+Ti7CMdaI23lapcQviRrwhqI2bhWtlsWWMzk3+TLZMVjG8LUd
/kTVuyf9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net