Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85ca8e-d74b-4c05-81b6-770f0572c0e7/1/PHw1GAOmBnBvGouxlCLHPCg3QCo.roa
File: PHw1GAOmBnBvGouxlCLHPCg3QCo.roa (raw, json)
Hash identifier: M7Tf/O06Ds+1gFag6lHjuDXeoUB2izemcywbR990N8U=
Subject key identifier: 3C:7C:35:18:03:A6:06:70:6F:1A:8B:B1:94:22:C7:3C:28:37:40:2A
Certificate issuer: /CN=6fa32e6581183f2c4897a7652333901f7f5bee73
Certificate serial: 019423D6A83E22970B7077B1035F73DFAEAB
Authority key identifier: 6F:A3:2E:65:81:18:3F:2C:48:97:A7:65:23:33:90:1F:7F:5B:EE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6MuZYEYPyxIl6dlIzOQH39b7nM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85ca8e-d74b-4c05-81b6-770f0572c0e7/1/PHw1GAOmBnBvGouxlCLHPCg3QCo.roa
Signing time: Wed 01 Jan 2025 21:47:37 +0000
ROA not before: Wed 01 Jan 2025 21:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39138
IP address blocks: 185.218.107.0/24 maxlen: 24
2a10:d1c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a8:3e:22:97:0b:70:77:b1:03:5f:73:df:ae:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa32e6581183f2c4897a7652333901f7f5bee73
Validity
Not Before: Jan 1 21:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c7c351803a606706f1a8bb19422c73c2837402a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:43:9d:be:74:e7:e3:a7:07:d9:04:97:3c:
27:d4:fc:ac:f1:25:8f:e2:71:0c:b8:83:85:35:f9:
f1:31:cc:39:f5:83:f2:1f:bc:23:d6:cf:db:22:71:
65:cc:c9:ab:59:bc:45:8a:3b:97:8f:6a:56:66:84:
38:3e:97:f1:95:7d:b9:9d:e5:1a:e6:4a:e9:9d:1d:
59:48:95:d3:c3:94:7b:ab:07:90:75:05:40:16:01:
a9:ef:77:57:f2:28:43:49:43:f3:0f:7e:5e:4d:a8:
f2:94:63:b2:1f:3e:10:23:3a:89:4f:8b:5b:a8:5e:
f4:d8:49:43:07:ea:95:7a:7b:17:fe:d0:0d:a4:b3:
e5:97:27:ff:cf:0b:54:fe:4a:db:7c:60:f1:e0:f0:
67:c0:73:bf:9b:31:e5:be:2b:0b:bc:0d:df:15:c1:
e6:3d:06:97:1a:c4:c8:9d:51:1b:e7:c7:5e:f8:68:
85:b0:0b:14:e0:3b:7f:e8:c2:07:ce:f3:e3:07:f2:
72:f2:44:57:c8:87:d9:17:db:81:33:58:01:27:58:
08:b7:94:6b:68:46:04:a5:d2:20:aa:5a:22:c9:de:
0b:59:e5:ad:42:8d:e7:19:69:44:06:cf:89:56:2f:
dd:7b:4a:6e:5f:3e:fb:c5:27:46:33:62:b4:21:7c:
24:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7C:35:18:03:A6:06:70:6F:1A:8B:B1:94:22:C7:3C:28:37:40:2A
X509v3 Authority Key Identifier:
keyid:6F:A3:2E:65:81:18:3F:2C:48:97:A7:65:23:33:90:1F:7F:5B:EE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6MuZYEYPyxIl6dlIzOQH39b7nM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85ca8e-d74b-4c05-81b6-770f0572c0e7/1/PHw1GAOmBnBvGouxlCLHPCg3QCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85ca8e-d74b-4c05-81b6-770f0572c0e7/1/b6MuZYEYPyxIl6dlIzOQH39b7nM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.107.0/24
IPv6:
2a10:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
35:3b:a3:d4:3d:60:2a:51:12:c9:7d:24:d0:b3:02:93:ce:17:
cf:30:f6:aa:a0:0f:d9:3e:60:f4:45:c5:95:ad:05:e0:01:b0:
82:23:69:08:01:5e:8b:0c:30:97:fe:bb:77:6c:2f:64:79:81:
1b:03:4b:e4:4f:17:dd:62:c5:3f:c5:0c:7f:32:f6:fd:01:5a:
ec:de:95:4c:41:fb:bf:ee:30:0d:7e:04:dd:0a:49:50:1c:e7:
2d:d4:d8:a8:aa:10:a8:08:4e:f4:0e:dc:d6:36:60:c9:82:a8:
9e:01:63:cd:b7:aa:b5:db:c7:b2:a4:2f:57:39:24:25:98:14:
2e:c6:e3:d7:1d:da:00:59:fe:a8:30:ea:e3:97:2d:53:34:c2:
3d:aa:80:06:ba:53:69:c2:b1:b8:b0:21:2d:99:94:9a:df:b4:
78:da:97:8c:6e:a4:cb:2b:33:d4:f8:08:36:56:4f:0a:93:59:
a7:0c:7f:e1:40:e8:0c:96:8d:a8:8c:6b:03:0b:60:54:2b:9e:
d4:83:b2:d0:16:3c:cf:fd:b0:2d:38:54:82:96:e2:0f:ba:fc:
49:cc:29:8c:9d:56:5f:4e:e7:4d:91:ea:05:6d:f7:31:e8:c6:
18:54:92:15:c4:9c:4b:db:f4:a8:0d:b2:2a:85:a1:14:a6:d8:
4b:66:1e:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1qg+IpcLcHexA19z366rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTMyZTY1ODExODNmMmM0ODk3YTc2NTIzMzM5MDFmN2Y1
YmVlNzMwHhcNMjUwMTAxMjE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzdjMzUxODAzYTYwNjcwNmYxYThiYjE5NDIyYzczYzI4Mzc0MDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNtDnb505+OnB9kElzwn1Pys8SWP
4nEMuIOFNfnxMcw59YPyH7wj1s/bInFlzMmrWbxFijuXj2pWZoQ4PpfxlX25neUa
5krpnR1ZSJXTw5R7qweQdQVAFgGp73dX8ihDSUPzD35eTajylGOyHz4QIzqJT4tb
qF702ElDB+qVensX/tANpLPllyf/zwtU/krbfGDx4PBnwHO/mzHlvisLvA3fFcHm
PQaXGsTInVEb58de+GiFsAsU4Dt/6MIHzvPjB/Jy8kRXyIfZF9uBM1gBJ1gIt5Rr
aEYEpdIgqloiyd4LWeWtQo3nGWlEBs+JVi/de0puXz77xSdGM2K0IXwkkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDx8NRgDpgZwbxqLsZQixzwoN0AqMB8GA1UdIwQY
MBaAFG+jLmWBGD8sSJenZSMzkB9/W+5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZNdVpZRVlQeXhJbDZkbEl6T1FIMzliN25NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NWNhOGUtZDc0Yi00YzA1LTgxYjYt
NzcwZjA1NzJjMGU3LzEvUEh3MUdBT21CbkJ2R291eGxDTEhQQ2czUUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NWNhOGUtZDc0Yi00YzA1LTgxYjYtNzcwZjA1NzJjMGU3
LzEvYjZNdVpZRVlQeXhJbDZkbEl6T1FIMzliN25NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudprMA0E
AgACMAcDBQAqENHAMA0GCSqGSIb3DQEBCwUAA4IBAQA1O6PUPWAqURLJfSTQswKT
zhfPMPaqoA/ZPmD0RcWVrQXgAbCCI2kIAV6LDDCX/rt3bC9keYEbA0vkTxfdYsU/
xQx/Mvb9AVrs3pVMQfu/7jANfgTdCklQHOct1NioqhCoCE70DtzWNmDJgqieAWPN
t6q128eypC9XOSQlmBQuxuPXHdoAWf6oMOrjly1TNMI9qoAGulNpwrG4sCEtmZSa
37R42peMbqTLKzPU+Ag2Vk8Kk1mnDH/hQOgMlo2ojGsDC2BUK57Ug7LQFjzP/bAt
OFSCluIPuvxJzCmMnVZfTudNkeoFbfcx6MYYVJIVxJxL2/SoDbIqhaEUpthLZh7c
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net