Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/8Y6XKuO-_q-eZcd8PYJP4ppiukg.roa
File: 8Y6XKuO-_q-eZcd8PYJP4ppiukg.roa (raw, json)
Hash identifier: yAyB9mAE7fWNNJ4M45GAzvUfCPqHWuDqtJYIq1FJlDc=
Subject key identifier: F1:8E:97:2A:E3:BE:FE:AF:9E:65:C7:7C:3D:82:4F:E2:9A:62:BA:48
Certificate issuer: /CN=c42287c68458f980ca9b7c36d61f6af586464b28
Certificate serial: 0194214420CABE81BE74801E420C15952794
Authority key identifier: C4:22:87:C6:84:58:F9:80:CA:9B:7C:36:D6:1F:6A:F5:86:46:4B:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/8Y6XKuO-_q-eZcd8PYJP4ppiukg.roa
Signing time: Wed 01 Jan 2025 09:48:20 +0000
ROA not before: Wed 01 Jan 2025 09:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59414
IP address blocks: 185.72.20.0/23 maxlen: 24
185.72.22.0/23 maxlen: 24
2a05:3d80::/32 maxlen: 48
2a05:3d81::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:20:ca:be:81:be:74:80:1e:42:0c:15:95:27:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42287c68458f980ca9b7c36d61f6af586464b28
Validity
Not Before: Jan 1 09:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f18e972ae3befeaf9e65c77c3d824fe29a62ba48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:63:94:8e:ad:ff:2e:ee:f5:78:f8:0b:56:40:
70:1e:ed:e2:25:b9:6a:2b:58:2c:99:18:41:bf:0d:
57:d3:07:a8:7e:86:d3:85:bd:41:be:92:11:7f:63:
02:f3:b7:23:85:ea:ca:8e:a8:6b:4d:f7:32:54:02:
ae:04:7b:fb:6e:89:12:32:64:7f:72:e2:38:4d:c5:
cd:cd:1c:f3:25:46:6b:35:df:26:74:d6:15:d4:31:
bc:a5:3d:31:77:9a:09:15:47:fa:fb:5d:12:50:a1:
0e:cc:d9:cc:9a:3e:30:79:a3:2a:9a:f5:44:41:67:
5b:c6:26:20:f2:f1:a6:30:c5:b1:67:b8:f2:bb:a3:
59:b3:f5:18:8d:10:b4:61:f8:fd:3c:cf:b8:86:b1:
fb:11:fd:08:c5:90:49:36:af:e5:7b:0a:10:4f:19:
4a:94:6f:ea:da:8c:16:36:49:54:87:6b:29:8f:f1:
42:94:31:bf:cd:e9:66:e8:6a:c5:58:fa:db:f9:b8:
7b:65:62:c1:85:1f:ae:79:c5:ba:c0:44:2d:46:f2:
1f:dd:37:43:d0:4c:c1:54:7d:c8:61:6f:76:a5:a6:
4b:62:e3:72:84:80:b0:25:ff:34:54:02:56:f1:27:
fb:63:b8:aa:de:d0:ad:52:14:09:7b:b4:8a:f2:e2:
ef:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8E:97:2A:E3:BE:FE:AF:9E:65:C7:7C:3D:82:4F:E2:9A:62:BA:48
X509v3 Authority Key Identifier:
keyid:C4:22:87:C6:84:58:F9:80:CA:9B:7C:36:D6:1F:6A:F5:86:46:4B:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/8Y6XKuO-_q-eZcd8PYJP4ppiukg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/xCKHxoRY-YDKm3w21h9q9YZGSyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.20.0/22
IPv6:
2a05:3d80::/31
Signature Algorithm: sha256WithRSAEncryption
7f:d2:a6:0d:60:7b:bc:f7:9e:ca:3c:cf:ed:a8:87:a9:04:e1:
57:06:fb:c4:3a:6f:de:48:a9:9d:83:a2:a0:3f:28:5a:36:6b:
b1:2a:5b:7a:34:2c:bf:9d:e9:bc:d8:df:12:83:71:e8:89:90:
87:c4:4d:0d:97:53:0c:08:89:00:24:ce:0c:33:32:48:b6:a0:
5a:18:2d:73:c8:12:a3:18:20:7f:bd:92:74:bc:e5:31:ec:1e:
52:77:06:bb:69:05:55:e8:dd:00:87:61:8f:00:92:81:60:b3:
d0:a3:ce:20:28:f9:9f:6c:dd:a2:74:c6:6a:27:e8:97:bc:8b:
aa:b3:e2:7d:b9:11:eb:12:50:16:03:9b:fe:a3:66:50:15:82:
0c:23:a7:d4:93:2f:6b:a4:50:6f:d2:37:da:fa:c2:3b:bc:3b:
85:0a:08:d7:b7:ea:04:f4:18:91:f2:09:84:74:4c:bc:28:8f:
8e:f6:fa:55:0e:74:9b:06:23:b6:a4:17:56:d2:0e:6c:fe:a8:
72:10:4a:68:f8:6a:6b:f6:b1:8b:9e:d6:7c:9a:33:48:53:8e:
b3:1a:6f:e1:ff:a6:8f:22:57:ba:f2:81:70:f0:49:d4:77:80:
7f:84:1c:47:fa:7f:3d:57:12:0c:25:09:1f:44:6f:59:85:51:
f7:41:ac:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRCDKvoG+dIAeQgwVlSeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjI4N2M2ODQ1OGY5ODBjYTliN2MzNmQ2MWY2YWY1ODY0
NjRiMjgwHhcNMjUwMTAxMDk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMThlOTcyYWUzYmVmZWFmOWU2NWM3N2MzZDgyNGZlMjlhNjJiYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmOUjq3/Lu71ePgLVkBwHu3iJblq
K1gsmRhBvw1X0weofobThb1BvpIRf2MC87cjherKjqhrTfcyVAKuBHv7bokSMmR/
cuI4TcXNzRzzJUZrNd8mdNYV1DG8pT0xd5oJFUf6+10SUKEOzNnMmj4weaMqmvVE
QWdbxiYg8vGmMMWxZ7jyu6NZs/UYjRC0Yfj9PM+4hrH7Ef0IxZBJNq/lewoQTxlK
lG/q2owWNklUh2spj/FClDG/zelm6GrFWPrb+bh7ZWLBhR+uecW6wEQtRvIf3TdD
0EzBVH3IYW92paZLYuNyhICwJf80VAJW8Sf7Y7iq3tCtUhQJe7SK8uLvgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPGOlyrjvv6vnmXHfD2CT+KaYrpIMB8GA1UdIwQY
MBaAFMQih8aEWPmAypt8NtYfavWGRksoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENLSHhvUlktWURLbTN3MjFoOXE5WVpHU3lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NWYzYmMtOTNjOC00YmI5LThkNGMt
YjEyZDdmODkyZjViLzEvOFk2WEt1Ty1fcS1lWmNkOFBZSlA0cHBpdWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80NWYzYmMtOTNjOC00YmI5LThkNGMtYjEyZDdmODkyZjVi
LzEveENLSHhvUlktWURLbTN3MjFoOXE5WVpHU3lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUgUMA0E
AgACMAcDBQEqBT2AMA0GCSqGSIb3DQEBCwUAA4IBAQB/0qYNYHu8957KPM/tqIep
BOFXBvvEOm/eSKmdg6KgPyhaNmuxKlt6NCy/nem82N8Sg3HoiZCHxE0Nl1MMCIkA
JM4MMzJItqBaGC1zyBKjGCB/vZJ0vOUx7B5Sdwa7aQVV6N0Ah2GPAJKBYLPQo84g
KPmfbN2idMZqJ+iXvIuqs+J9uRHrElAWA5v+o2ZQFYIMI6fUky9rpFBv0jfa+sI7
vDuFCgjXt+oE9BiR8gmEdEy8KI+O9vpVDnSbBiO2pBdW0g5s/qhyEEpo+Gpr9rGL
ntZ8mjNIU46zGm/h/6aPIle68oFw8EnUd4B/hBxH+n89VxIMJQkfRG9ZhVH3QazE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net