Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/ad0B85jvjdQ5awOY3wMvIUJWKS0.roa
File: ad0B85jvjdQ5awOY3wMvIUJWKS0.roa (raw, json)
Hash identifier: TTcNh3M53FShxBm0xKV5WZZn8GR6GuYGWd3G/MpA0dY=
Subject key identifier: 69:DD:01:F3:98:EF:8D:D4:39:6B:03:98:DF:03:2F:21:42:56:29:2D
Certificate issuer: /CN=5b3358110dadf224e719914161731df5e56c4188
Certificate serial: 019426D97F4FC090FCBD4C426FDFB448E598
Authority key identifier: 5B:33:58:11:0D:AD:F2:24:E7:19:91:41:61:73:1D:F5:E5:6C:41:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/ad0B85jvjdQ5awOY3wMvIUJWKS0.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28979
IP address blocks: 185.204.240.0/23 maxlen: 23
185.204.242.0/23 maxlen: 23
194.127.215.0/24 maxlen: 24
194.127.216.0/21 maxlen: 21
194.127.217.0/24 maxlen: 24
194.127.218.0/24 maxlen: 24
194.127.219.0/24 maxlen: 24
2a04:b647::/32 maxlen: 32
2a04:b647:fffe::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7f:4f:c0:90:fc:bd:4c:42:6f:df:b4:48:e5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b3358110dadf224e719914161731df5e56c4188
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69dd01f398ef8dd4396b0398df032f214256292d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a4:9f:16:32:d8:9a:6a:ad:2e:8a:b2:f6:39:
cf:75:ef:e9:ec:f6:f7:d1:18:69:83:52:0d:33:a2:
98:4e:51:48:02:3f:b3:2d:21:2e:42:40:39:0b:ab:
15:6b:04:64:b0:36:42:da:00:d0:e0:f1:bb:50:e4:
c1:b2:85:ac:9a:3c:d4:e0:1c:93:44:03:4e:ff:b4:
6d:10:c7:a4:0e:81:74:ad:e2:5d:8f:e1:d4:bb:c8:
f8:aa:cf:4a:3b:f2:8c:d5:45:8b:1b:91:36:ec:12:
ec:0f:80:d3:53:6f:5f:12:fb:a3:83:0a:92:28:98:
44:33:aa:d4:02:b8:88:e2:79:be:8d:0d:79:7e:20:
ea:2d:6e:42:5b:44:93:93:ae:f4:e0:dd:ed:98:da:
35:13:e2:42:7f:25:e5:5c:f5:f1:bd:8e:cc:9d:ef:
36:a1:7e:4a:8b:9f:58:4e:fd:be:9f:d4:e3:e2:cd:
20:38:d7:87:89:66:93:d0:eb:65:96:aa:54:91:1c:
26:df:b9:15:44:4e:d0:73:61:75:6c:08:10:64:da:
05:d5:52:50:48:f7:7e:96:f1:6c:4c:c6:d5:32:4c:
94:bb:ee:fc:ee:f3:c4:49:61:09:bf:7b:3f:ed:e8:
f3:90:b2:e3:21:21:35:53:64:a8:61:65:bf:6a:da:
e5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DD:01:F3:98:EF:8D:D4:39:6B:03:98:DF:03:2F:21:42:56:29:2D
X509v3 Authority Key Identifier:
keyid:5B:33:58:11:0D:AD:F2:24:E7:19:91:41:61:73:1D:F5:E5:6C:41:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/ad0B85jvjdQ5awOY3wMvIUJWKS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.240.0/22
194.127.215.0-194.127.223.255
IPv6:
2a04:b647::/32
Signature Algorithm: sha256WithRSAEncryption
04:b0:71:c5:64:12:15:b9:4e:8f:3b:92:b1:e2:cf:a5:03:7d:
ef:c3:88:19:4d:ce:ca:ab:4b:46:96:18:d5:f7:8d:61:2a:36:
90:8f:9b:3b:07:0e:74:de:1a:7d:c2:f9:60:0e:ca:26:11:70:
72:51:80:d7:2f:22:b4:6e:09:71:f7:2b:c6:b4:f7:9e:ef:02:
8f:87:f1:dd:72:ae:77:0f:44:03:85:90:94:75:36:e1:3a:c4:
22:5e:63:3d:59:07:9b:b5:5e:72:37:20:60:60:f5:1a:db:27:
bc:c7:17:09:71:56:2e:0f:01:47:05:78:f1:c3:1b:b4:8e:7c:
d2:18:40:34:4c:65:00:2b:54:19:5d:14:76:41:e7:27:20:65:
c9:3c:88:7d:7e:7c:cc:7f:7c:3a:e8:7f:45:0b:a4:f3:c1:1c:
ac:1e:29:c9:8c:b5:87:96:8e:e3:c9:c9:4f:23:10:3a:f9:17:
d6:5c:08:85:cf:28:92:42:26:d5:5c:e7:16:a4:42:6b:55:e7:
25:10:ac:a7:8a:22:ef:aa:0d:45:e4:79:90:bd:1b:a3:a3:6c:
94:c1:d3:4f:46:e9:0d:a7:1e:59:86:51:db:97:d3:95:83:16:
e4:65:8b:91:38:3e:44:63:67:0b:fd:f8:7e:86:4f:73:56:af:
88:aa:48:7c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQm2X9PwJD8vUxCb9+0SOWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMzM1ODExMGRhZGYyMjRlNzE5OTE0MTYxNzMxZGY1ZTU2
YzQxODgwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWRkMDFmMzk4ZWY4ZGQ0Mzk2YjAzOThkZjAzMmYyMTQyNTYyOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKSfFjLYmmqtLoqy9jnPde/p7Pb3
0Rhpg1INM6KYTlFIAj+zLSEuQkA5C6sVawRksDZC2gDQ4PG7UOTBsoWsmjzU4ByT
RANO/7RtEMekDoF0reJdj+HUu8j4qs9KO/KM1UWLG5E27BLsD4DTU29fEvujgwqS
KJhEM6rUAriI4nm+jQ15fiDqLW5CW0STk6704N3tmNo1E+JCfyXlXPXxvY7Mne82
oX5Ki59YTv2+n9Tj4s0gONeHiWaT0OtllqpUkRwm37kVRE7Qc2F1bAgQZNoF1VJQ
SPd+lvFsTMbVMkyUu+787vPESWEJv3s/7ejzkLLjISE1U2SoYWW/atrlJQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGndAfOY743UOWsDmN8DLyFCViktMB8GA1UdIwQY
MBaAFFszWBENrfIk5xmRQWFzHfXlbEGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3pOWUVRMnQ4aVRuR1pGQllYTWQ5ZVZzUVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83OTIzNzItM2QyYS00NGZkLTkxYTAt
ZjQyNzJlZWMyODBkLzEvYWQwQjg1anZqZFE1YXdPWTN3TXZJVUpXS1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83OTIzNzItM2QyYS00NGZkLTkxYTAtZjQyNzJlZWMyODBk
LzEvV3pOWUVRMnQ4aVRuR1pGQllYTWQ5ZVZzUVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuczwMAwD
BADCf9cDBAXCf8AwDQQCAAIwBwMFACoEtkcwDQYJKoZIhvcNAQELBQADggEBAASw
ccVkEhW5To87krHiz6UDfe/DiBlNzsqrS0aWGNX3jWEqNpCPmzsHDnTeGn3C+WAO
yiYRcHJRgNcvIrRuCXH3K8a0957vAo+H8d1yrncPRAOFkJR1NuE6xCJeYz1ZB5u1
XnI3IGBg9RrbJ7zHFwlxVi4PAUcFePHDG7SOfNIYQDRMZQArVBldFHZB5ycgZck8
iH1+fMx/fDrof0ULpPPBHKweKcmMtYeWjuPJyU8jEDr5F9ZcCIXPKJJCJtVc5xak
QmtV5yUQrKeKIu+qDUXkeZC9G6OjbJTB009G6Q2nHlmGUduX05WDFuRli5E4PkRj
Zwv9+H6GT3NWr4iqSHw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net