Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/OBaSZfmehcZUBqMMFijQNwThNdI.roa
File: OBaSZfmehcZUBqMMFijQNwThNdI.roa (raw, json)
Hash identifier: 7APqv18WVWke1FDylnRooW5eMht73lWY6YprLban2L8=
Subject key identifier: 38:16:92:65:F9:9E:85:C6:54:06:A3:0C:16:28:D0:37:04:E1:35:D2
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 0195A92E78B7184995A1F9A6CCA6EA73D79E
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/OBaSZfmehcZUBqMMFijQNwThNdI.roa
Signing time: Tue 18 Mar 2025 12:15:49 +0000
ROA not before: Tue 18 Mar 2025 12:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201500
IP address blocks: 185.72.212.0/22 maxlen: 22
185.72.212.0/24 maxlen: 24
185.72.213.0/24 maxlen: 24
185.72.214.0/24 maxlen: 24
185.72.215.0/24 maxlen: 24
185.137.69.0/24 maxlen: 24
185.174.213.0/24 maxlen: 24
185.174.214.0/23 maxlen: 23
185.174.214.0/24 maxlen: 24
185.174.215.0/24 maxlen: 24
185.236.12.0/22 maxlen: 22
185.236.12.0/24 maxlen: 24
185.236.13.0/24 maxlen: 24
185.236.14.0/24 maxlen: 24
185.236.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:2e:78:b7:18:49:95:a1:f9:a6:cc:a6:ea:73:d7:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Mar 18 12:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38169265f99e85c65406a30c1628d03704e135d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a0:53:e0:b4:4b:69:2f:07:7d:6b:57:b2:6e:
6f:9a:10:0b:cc:87:f3:27:9f:7c:3c:65:b3:e1:ee:
82:fb:a0:fc:49:bf:3b:af:96:0a:b7:69:40:c0:93:
c2:ef:df:ce:2a:55:5b:96:7e:22:fd:33:ee:81:30:
07:0d:ea:fc:c9:64:f9:01:55:0f:76:e3:f2:78:33:
39:8a:98:99:98:5c:85:56:b1:91:6a:22:eb:29:21:
4f:a3:58:20:e1:6e:ca:3e:69:ba:6b:a5:92:93:33:
68:0b:2d:f4:68:35:f8:f6:c3:46:fa:28:ba:77:72:
a6:a6:45:0d:81:fd:c2:17:10:9e:8f:84:d3:ca:81:
ea:bf:b3:18:27:4f:4f:c6:1e:42:a1:a4:69:f5:1a:
5e:0f:19:34:e2:e5:7b:46:8b:3d:c1:a4:12:4f:6a:
37:a0:66:67:bd:7e:14:31:be:a2:e6:3d:1e:c1:da:
3d:90:21:f2:d2:4e:7e:e5:7e:97:a9:dd:77:ce:b4:
3a:1d:52:61:ff:10:5a:38:bc:d5:fa:29:fc:de:02:
26:34:cf:7d:af:ed:d1:3b:3f:46:fe:4c:4d:c4:53:
37:98:c0:78:78:24:3d:8b:29:82:4e:31:7c:6b:ab:
19:50:3c:3c:58:81:4a:18:25:cf:5d:03:7e:50:1b:
35:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:16:92:65:F9:9E:85:C6:54:06:A3:0C:16:28:D0:37:04:E1:35:D2
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/OBaSZfmehcZUBqMMFijQNwThNdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.212.0/22
185.137.69.0/24
185.174.213.0-185.174.215.255
185.236.12.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:e6:01:75:90:3d:11:4b:66:94:30:0d:89:a7:cc:04:53:b9:
10:ec:4e:ae:cb:05:04:ca:c4:60:d7:ff:17:de:20:6b:6c:43:
81:88:ee:d0:32:ae:cc:e1:a3:d4:f3:6a:12:07:d6:ca:42:b5:
b0:24:33:31:d9:9d:89:77:18:5d:30:a1:fa:bd:24:d2:29:bb:
25:fe:15:8b:24:0f:86:cc:1f:06:d0:93:5c:26:d9:25:db:65:
13:a8:c4:2d:fd:85:05:b5:0d:d5:5b:c8:e4:61:2b:f4:e3:8b:
36:73:77:a7:64:4a:86:0a:3b:e3:e5:50:0e:7b:da:cb:78:d0:
77:fa:28:ec:d6:d4:c6:6d:2e:7b:08:e9:79:8c:56:fc:0c:d2:
4e:a9:3d:98:09:c5:98:62:59:f4:f9:61:46:3a:1f:c2:e9:07:
2f:6f:fc:27:ce:88:91:f0:09:6c:83:d7:5c:a8:8b:5a:db:7e:
42:bd:02:f6:d1:ca:21:e3:7d:2e:f0:e8:ee:6e:96:3f:e3:9f:
c2:76:1e:e8:05:92:d5:de:b2:f9:93:c0:8b:df:29:28:e6:2c:
e8:de:eb:db:e6:7c:2e:ba:56:70:47:18:58:67:31:35:ba:84:
5d:53:1c:0f:7c:35:b6:21:22:e2:7b:48:b5:8c:31:f2:79:96:
7b:4e:3e:30
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZWpLni3GEmVofmmzKbqc9eeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjUwMzE4MTIxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE2OTI2NWY5OWU4NWM2NTQwNmEzMGMxNjI4ZDAzNzA0ZTEzNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqBT4LRLaS8HfWtXsm5vmhALzIfz
J598PGWz4e6C+6D8Sb87r5YKt2lAwJPC79/OKlVbln4i/TPugTAHDer8yWT5AVUP
duPyeDM5ipiZmFyFVrGRaiLrKSFPo1gg4W7KPmm6a6WSkzNoCy30aDX49sNG+ii6
d3KmpkUNgf3CFxCej4TTyoHqv7MYJ09Pxh5CoaRp9RpeDxk04uV7Ros9waQST2o3
oGZnvX4UMb6i5j0ewdo9kCHy0k5+5X6Xqd13zrQ6HVJh/xBaOLzV+in83gImNM99
r+3ROz9G/kxNxFM3mMB4eCQ9iymCTjF8a6sZUDw8WIFKGCXPXQN+UBs1SQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDgWkmX5noXGVAajDBYo0DcE4TXSMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvT0JhU1pmbWVoY1pVQnFNTUZpalFOd1RoTmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCuUjUAwQA
uYlFMAwDBAC5rtUDBAO5rtADBAK57AwwDQYJKoZIhvcNAQELBQADggEBAJ7mAXWQ
PRFLZpQwDYmnzARTuRDsTq7LBQTKxGDX/xfeIGtsQ4GI7tAyrszho9TzahIH1spC
tbAkMzHZnYl3GF0wofq9JNIpuyX+FYskD4bMHwbQk1wm2SXbZROoxC39hQW1DdVb
yORhK/TjizZzd6dkSoYKO+PlUA572st40Hf6KOzW1MZtLnsI6XmMVvwM0k6pPZgJ
xZhiWfT5YUY6H8LpBy9v/CfOiJHwCWyD11yoi1rbfkK9AvbRyiHjfS7w6O5ulj/j
n8J2HugFktXesvmTwIvfKSjmLOje69vmfC66VnBHGFhnMTW6hF1THA98NbYhIuJ7
SLWMMfJ5lntOPjA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net