Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_Et3WZpcwoWVB2xk7eSq0CrncXA.roa
File: _Et3WZpcwoWVB2xk7eSq0CrncXA.roa (raw, json)
Hash identifier: RG7i5qg8mYIgeAWtibnmsSIPcBOqZ1LJKeVorGbxchg=
Subject key identifier: FC:4B:77:59:9A:5C:C2:85:95:07:6C:64:ED:E4:AA:D0:2A:E7:71:70
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01960C1D9F945E91E2F4EB5466BB265EE479
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_Et3WZpcwoWVB2xk7eSq0CrncXA.roa
Signing time: Sun 06 Apr 2025 17:19:49 +0000
ROA not before: Sun 06 Apr 2025 17:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0c:1d:9f:94:5e:91:e2:f4:eb:54:66:bb:26:5e:e4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 6 17:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc4b77599a5cc28595076c64ede4aad02ae77170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4e:b8:65:e7:83:e5:4f:96:65:27:35:53:5e:
b3:37:14:df:74:3b:33:73:ee:a6:3f:18:0b:ec:d4:
d2:78:15:b9:22:a8:94:82:8a:b4:f4:15:65:e3:b0:
f2:d8:96:f9:5a:c0:da:c5:16:55:48:9f:02:04:88:
1d:8a:8b:08:9d:dc:c5:9a:0b:57:53:0c:48:ec:14:
e6:31:9a:11:42:ed:a0:c1:4e:cf:73:52:a2:5c:8f:
80:c9:2b:b3:bc:ba:8e:6e:8f:00:8c:b7:12:d6:74:
23:92:43:66:a6:2c:4b:f6:1a:46:ea:81:e6:43:c0:
2c:9f:f4:60:a2:82:c0:e2:bb:54:72:c0:dc:2d:e3:
ef:c5:d5:dc:48:58:be:fb:d4:1c:e5:12:1a:39:89:
e2:83:fa:2f:04:a2:d5:df:5c:65:cc:52:40:ea:2a:
43:66:c2:f1:5c:3f:23:a0:bb:b1:49:ac:0b:b5:6b:
28:6d:ce:13:61:70:51:37:34:1d:16:46:87:a7:b2:
2f:c4:e9:fc:40:76:af:19:26:e8:f1:ae:b4:c0:0d:
47:c6:da:8a:fd:58:06:d2:77:11:fc:97:a0:e5:48:
ee:75:47:e9:33:4d:4c:99:4d:b9:61:23:4e:75:7f:
8e:43:10:62:7f:63:9f:97:5a:fe:c3:2c:f6:37:b1:
9d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:4B:77:59:9A:5C:C2:85:95:07:6C:64:ED:E4:AA:D0:2A:E7:71:70
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_Et3WZpcwoWVB2xk7eSq0CrncXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/24
185.209.73.0/24
185.210.233.0/24
185.210.235.0/24
185.218.20.0/24
185.220.248.0/24
185.222.29.0-185.222.30.255
Signature Algorithm: sha256WithRSAEncryption
08:97:81:98:ea:33:f0:d5:8b:c7:6b:1a:8f:7c:6e:ce:19:00:
9c:0d:09:2f:ef:f8:94:19:6a:37:a8:40:cf:0a:f1:c4:8c:60:
63:65:17:da:78:c3:7a:08:8f:55:42:22:b3:08:7b:a8:36:89:
cc:95:01:a8:48:9a:b0:35:de:9b:aa:3a:58:67:f8:4d:f2:01:
59:c7:82:2c:53:7e:a3:24:e3:99:b6:f2:c8:02:9a:c7:8b:7c:
17:9f:8a:eb:10:b8:3e:80:94:46:f3:90:b6:3a:2c:5a:e6:c2:
a0:f4:57:6f:e3:d9:f0:44:e8:38:99:d3:c0:d3:cb:3d:f3:8f:
3a:ab:52:00:62:83:17:17:8a:56:16:f7:4a:19:51:dd:07:79:
7c:f6:c6:0c:e2:08:43:ff:21:71:fd:a1:e8:28:2d:ff:b9:49:
17:10:a6:4b:7d:d2:de:5c:24:c2:44:c5:da:e3:68:a9:96:e7:
c4:69:8a:ab:f7:f4:51:9d:38:c8:d9:ba:04:86:41:c8:d6:e7:
33:b2:19:1d:9e:48:b2:04:13:39:a9:1a:b0:2f:d2:d5:a9:87:
3b:b8:ab:d8:21:2b:5a:ba:0a:0a:2b:9b:e1:4a:45:05:cf:f3:
13:56:38:0b:c9:88:a7:dc:a3:ed:fe:43:0c:93:16:b4:6f:95:
77:25:0c:c3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZYMHZ+UXpHi9OtUZrsmXuR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDA2MTcxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzRiNzc1OTlhNWNjMjg1OTUwNzZjNjRlZGU0YWFkMDJhZTc3MTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k64ZeeD5U+WZSc1U16zNxTfdDsz
c+6mPxgL7NTSeBW5IqiUgoq09BVl47Dy2Jb5WsDaxRZVSJ8CBIgdiosIndzFmgtX
UwxI7BTmMZoRQu2gwU7Pc1KiXI+AySuzvLqObo8AjLcS1nQjkkNmpixL9hpG6oHm
Q8Asn/RgooLA4rtUcsDcLePvxdXcSFi++9Qc5RIaOYnig/ovBKLV31xlzFJA6ipD
ZsLxXD8joLuxSawLtWsobc4TYXBRNzQdFkaHp7IvxOn8QHavGSbo8a60wA1HxtqK
/VgG0ncR/Jeg5UjudUfpM01MmU25YSNOdX+OQxBif2Ofl1r+wyz2N7GdlQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPxLd1maXMKFlQdsZO3kqtAq53FwMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvX0V0M1dacGN3b1dWQjJ4azdlU3EwQ3JuY1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAudEmAwQA
udFJAwQAudLpAwQAudLrAwQAudoUAwQAudz4MAwDBAC53h0DBAC53h4wDQYJKoZI
hvcNAQELBQADggEBAAiXgZjqM/DVi8drGo98bs4ZAJwNCS/v+JQZajeoQM8K8cSM
YGNlF9p4w3oIj1VCIrMIe6g2icyVAahImrA13puqOlhn+E3yAVnHgixTfqMk45m2
8sgCmseLfBefiusQuD6AlEbzkLY6LFrmwqD0V2/j2fBE6DiZ08DTyz3zjzqrUgBi
gxcXilYW90oZUd0HeXz2xgziCEP/IXH9oegoLf+5SRcQpkt90t5cJMJExdrjaKmW
58Rpiqv39FGdOMjZugSGQcjW5zOyGR2eSLIEEzmpGrAv0tWphzu4q9ghK1q6Cgor
m+FKRQXP8xNWOAvJiKfco+3+QwyTFrRvlXclDMM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:12 2025 by rpki-client on console.sobornost.net