Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/lxBXnG-4rYAQUCGbktacJsJcscU.roa
File: lxBXnG-4rYAQUCGbktacJsJcscU.roa (raw, json)
Hash identifier: d11nQxBRc+xMvxpKWxAVqfhsk9tCL6Ja3DwWQ6WsmPo=
Subject key identifier: 97:10:57:9C:6F:B8:AD:80:10:50:21:9B:92:D6:9C:26:C2:5C:B1:C5
Certificate issuer: /CN=a8153b3d5612234fe260fe60bc7ce028062227a3
Certificate serial: 0194258FC8AC07B0EF2FA2A935AEBE4B01A8
Authority key identifier: A8:15:3B:3D:56:12:23:4F:E2:60:FE:60:BC:7C:E0:28:06:22:27:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/lxBXnG-4rYAQUCGbktacJsJcscU.roa
Signing time: Thu 02 Jan 2025 05:49:27 +0000
ROA not before: Thu 02 Jan 2025 05:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205386
IP address blocks: 185.220.8.0/24 maxlen: 24
185.220.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c8:ac:07:b0:ef:2f:a2:a9:35:ae:be:4b:01:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8153b3d5612234fe260fe60bc7ce028062227a3
Validity
Not Before: Jan 2 05:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9710579c6fb8ad801050219b92d69c26c25cb1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d1:dc:f6:d5:b8:39:98:d4:55:27:84:e9:19:
bd:a7:4a:e3:41:32:8e:84:9c:82:4b:e2:b6:a9:f1:
ca:05:0a:6e:88:ed:38:c0:4f:50:f8:0d:28:ca:35:
a9:2d:44:d6:5b:f5:eb:a1:6b:ee:5c:d2:f7:0c:8a:
6a:7e:0d:ae:4d:1a:b6:75:4b:83:14:b8:f2:86:c3:
c8:ab:40:50:99:e4:7b:0d:f0:41:63:7f:73:bf:c2:
f2:b9:bb:dc:62:5a:37:91:bf:12:ba:85:0f:a0:35:
ed:22:ee:08:6c:51:ce:92:07:4a:74:fb:ac:4b:d3:
63:1b:29:db:98:8d:e1:48:75:4a:e4:44:2e:10:28:
e4:6a:02:0c:a3:53:1f:fc:6e:9e:71:69:b8:5d:57:
41:9d:94:c3:65:63:3d:ac:ea:62:3b:ea:ad:0c:97:
ee:c1:04:60:5c:30:63:50:40:76:81:80:98:24:e8:
4b:75:36:86:5c:66:02:84:54:45:5c:10:40:c1:37:
8f:8d:31:5a:35:88:85:2b:d4:c7:0a:7a:54:c9:27:
89:23:e9:cb:00:a9:2e:c8:29:91:89:ec:29:38:20:
83:ef:37:8f:82:a8:24:b6:d6:0f:17:df:a5:b3:42:
63:6b:5e:5d:7b:42:d7:fa:6d:b2:ca:d8:c5:ff:5a:
7c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:10:57:9C:6F:B8:AD:80:10:50:21:9B:92:D6:9C:26:C2:5C:B1:C5
X509v3 Authority Key Identifier:
keyid:A8:15:3B:3D:56:12:23:4F:E2:60:FE:60:BC:7C:E0:28:06:22:27:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/lxBXnG-4rYAQUCGbktacJsJcscU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.8.0/24
185.220.10.0/24
Signature Algorithm: sha256WithRSAEncryption
85:bd:d0:9f:10:a9:2b:52:b3:17:ba:ba:5e:e5:b2:43:bc:9f:
f0:90:fb:86:b7:ab:bf:43:8a:e2:e9:d8:a3:b1:27:c7:89:09:
39:d0:d6:02:a7:30:c3:a4:0b:5f:d4:8c:16:ba:40:1a:e4:ee:
9f:27:c6:b7:ef:82:c4:23:56:42:e8:a0:bf:27:c0:90:31:7c:
36:f5:46:35:76:83:dc:ae:cf:5f:8c:c8:65:cb:df:6b:e9:07:
22:2a:5a:e4:51:f7:56:44:56:d0:2d:c2:97:27:a8:e7:5b:e4:
d1:05:6f:99:4d:09:47:51:da:35:30:a3:3f:c0:d2:2b:78:83:
20:3f:94:22:4b:0a:17:1f:79:88:35:4a:a6:ae:39:37:f7:9a:
2c:9e:67:4c:20:ab:77:2f:9f:13:69:06:73:9a:65:e9:e6:11:
fa:8c:91:c8:23:56:de:90:ba:f2:80:94:38:56:af:95:47:04:
a9:f6:e0:59:96:4a:e8:08:e7:89:a5:f2:9e:32:32:b8:d3:ba:
7b:55:ce:41:a1:4c:47:a7:94:e5:aa:c2:09:5c:80:23:60:a5:
ce:e4:20:a8:a6:d6:ad:b9:0e:22:d6:01:b7:f6:3b:26:61:1d:
3e:eb:71:1e:a3:a6:11:24:b9:e7:11:ea:97:7c:62:d8:e8:d7:
1a:f6:0d:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj8isB7DvL6KpNa6+SwGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTUzYjNkNTYxMjIzNGZlMjYwZmU2MGJjN2NlMDI4MDYy
MjI3YTMwHhcNMjUwMTAyMDU0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzEwNTc5YzZmYjhhZDgwMTA1MDIxOWI5MmQ2OWMyNmMyNWNiMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstHc9tW4OZjUVSeE6Rm9p0rjQTKO
hJyCS+K2qfHKBQpuiO04wE9Q+A0oyjWpLUTWW/XroWvuXNL3DIpqfg2uTRq2dUuD
FLjyhsPIq0BQmeR7DfBBY39zv8LyubvcYlo3kb8SuoUPoDXtIu4IbFHOkgdKdPus
S9NjGynbmI3hSHVK5EQuECjkagIMo1Mf/G6ecWm4XVdBnZTDZWM9rOpiO+qtDJfu
wQRgXDBjUEB2gYCYJOhLdTaGXGYChFRFXBBAwTePjTFaNYiFK9THCnpUySeJI+nL
AKkuyCmRiewpOCCD7zePgqgkttYPF9+ls0Jja15de0LX+m2yytjF/1p8VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJcQV5xvuK2AEFAhm5LWnCbCXLHFMB8GA1UdIwQY
MBaAFKgVOz1WEiNP4mD+YLx84CgGIiejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJVN1BWWVNJMF9pWVA1Z3ZIemdLQVlpSjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kNGQ4ZGQtNTBkOC00M2M3LTliNTUt
OWFhN2NkNjUwNWU1LzEvbHhCWG5HLTRyWUFRVUNHYmt0YWNKc0pjc2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kNGQ4ZGQtNTBkOC00M2M3LTliNTUtOWFhN2NkNjUwNWU1
LzEvcUJVN1BWWVNJMF9pWVA1Z3ZIemdLQVlpSjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudwIAwQA
udwKMA0GCSqGSIb3DQEBCwUAA4IBAQCFvdCfEKkrUrMXurpe5bJDvJ/wkPuGt6u/
Q4ri6dijsSfHiQk50NYCpzDDpAtf1IwWukAa5O6fJ8a374LEI1ZC6KC/J8CQMXw2
9UY1doPcrs9fjMhly99r6QciKlrkUfdWRFbQLcKXJ6jnW+TRBW+ZTQlHUdo1MKM/
wNIreIMgP5QiSwoXH3mINUqmrjk395osnmdMIKt3L58TaQZzmmXp5hH6jJHII1be
kLrygJQ4Vq+VRwSp9uBZlkroCOeJpfKeMjK407p7Vc5BoUxHp5TlqsIJXIAjYKXO
5CCoptatuQ4i1gG39jsmYR0+63Eeo6YRJLnnEeqXfGLY6Nca9g0J
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net