Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/3NLIuHMmWgQs4wJxVy9Hy-aW-pg.roa
File: 3NLIuHMmWgQs4wJxVy9Hy-aW-pg.roa (raw, json)
Hash identifier: E1YEQO+V+WEVpKPvVd6pcBugEFAnXKdDCtGzwwDY3UY=
Subject key identifier: DC:D2:C8:B8:73:26:5A:04:2C:E3:02:71:57:2F:47:CB:E6:96:FA:98
Certificate issuer: /CN=4650c6c02a9bde4e17187f05b0eca950483bf92d
Certificate serial: 019424B3B4290EEEE76571F897721A4FE234
Authority key identifier: 46:50:C6:C0:2A:9B:DE:4E:17:18:7F:05:B0:EC:A9:50:48:3B:F9:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RlDGwCqb3k4XGH8FsOypUEg7-S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/3NLIuHMmWgQs4wJxVy9Hy-aW-pg.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202743
IP address blocks: 185.155.20.0/22 maxlen: 22
188.211.28.0/23 maxlen: 23
2a0a:b080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b4:29:0e:ee:e7:65:71:f8:97:72:1a:4f:e2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4650c6c02a9bde4e17187f05b0eca950483bf92d
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcd2c8b873265a042ce30271572f47cbe696fa98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5b:bb:09:b3:60:ae:5a:e4:8d:0d:7d:92:fa:
31:d9:e2:2d:b2:a0:e3:11:4a:5a:50:4e:20:78:9f:
8f:4a:b7:5a:13:34:a7:f8:26:82:42:84:a3:99:ba:
74:97:0a:d0:c8:e9:82:3c:21:b7:b3:78:0f:46:c7:
78:3a:59:bd:82:30:b1:43:ee:0d:a4:18:4a:6c:b7:
2a:83:b0:d2:95:6b:c0:07:5b:f3:7c:56:b8:a1:4c:
09:7f:9f:87:e9:c4:85:9a:d2:33:ab:8e:79:8f:ac:
69:8a:13:63:f6:b0:c2:f0:3c:36:3a:d5:2d:90:7a:
0f:d2:8b:44:d3:25:f9:e1:4c:70:3b:0a:d5:3a:b5:
5a:2d:89:e1:b3:e4:f4:e8:f6:32:4f:71:db:6d:a9:
e9:bc:33:3f:f0:9e:e9:02:40:0d:e2:e5:9d:96:50:
c1:e4:83:64:e9:45:22:eb:2d:b3:b0:d1:cd:21:49:
a5:bc:cc:48:ce:c2:0f:bd:c6:f8:e1:7b:ee:30:2a:
31:e7:a2:da:d9:70:47:7c:4e:82:bc:bf:62:33:a6:
c3:fd:27:43:b7:01:2f:a9:51:90:3f:76:d3:05:3b:
cb:25:5d:ca:0c:2e:8b:74:13:ec:7c:2c:1e:06:43:
88:6f:13:83:09:8d:ff:b5:31:d6:d8:40:bb:d4:c3:
22:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D2:C8:B8:73:26:5A:04:2C:E3:02:71:57:2F:47:CB:E6:96:FA:98
X509v3 Authority Key Identifier:
keyid:46:50:C6:C0:2A:9B:DE:4E:17:18:7F:05:B0:EC:A9:50:48:3B:F9:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlDGwCqb3k4XGH8FsOypUEg7-S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/3NLIuHMmWgQs4wJxVy9Hy-aW-pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/RlDGwCqb3k4XGH8FsOypUEg7-S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.20.0/22
188.211.28.0/23
IPv6:
2a0a:b080::/29
Signature Algorithm: sha256WithRSAEncryption
4e:93:f3:97:b7:5e:50:70:64:58:fa:0a:fe:aa:0a:e8:a4:8e:
f7:1e:bb:cf:1f:d4:73:8e:f1:27:2d:b3:d4:d9:f0:24:65:fb:
69:1c:8a:47:02:34:23:53:4a:b0:25:7e:16:3e:55:83:b1:27:
0b:a9:c1:a3:9f:ef:c7:8d:24:47:ad:92:a7:7a:d5:d6:25:ca:
e9:4d:e3:c7:a6:a7:8d:8c:05:53:6f:40:2b:83:00:d6:52:a8:
ee:c2:2c:4b:f2:f4:80:c3:33:77:78:66:56:11:25:63:35:9e:
ae:d6:dd:b9:1b:cd:16:dc:0b:95:fd:31:26:6c:fb:3c:5a:05:
0e:ad:2b:e2:6d:69:d4:96:48:ad:67:27:24:95:2f:25:77:35:
6c:8a:a0:1d:24:df:8f:b0:36:68:12:ee:bc:6c:0f:f6:98:0d:
ec:93:39:d0:9e:32:1b:35:60:75:b8:45:86:aa:c4:80:45:35:
fe:22:1c:1c:b3:3b:f9:ad:e4:8e:6a:76:7f:50:7d:40:51:88:
77:ad:71:62:f6:0d:92:6c:07:cd:dd:7a:b0:f3:98:e0:7b:b6:
ca:54:99:11:09:af:1b:cf:74:60:76:28:0c:95:b6:33:58:04:
e3:f6:9b:af:8e:ba:ef:24:12:83:9d:1a:e5:ae:6e:bf:57:4e:
31:02:23:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks7QpDu7nZXH4l3IaT+I0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTBjNmMwMmE5YmRlNGUxNzE4N2YwNWIwZWNhOTUwNDgz
YmY5MmQwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2QyYzhiODczMjY1YTA0MmNlMzAyNzE1NzJmNDdjYmU2OTZmYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Vu7CbNgrlrkjQ19kvox2eItsqDj
EUpaUE4geJ+PSrdaEzSn+CaCQoSjmbp0lwrQyOmCPCG3s3gPRsd4Olm9gjCxQ+4N
pBhKbLcqg7DSlWvAB1vzfFa4oUwJf5+H6cSFmtIzq455j6xpihNj9rDC8Dw2OtUt
kHoP0otE0yX54UxwOwrVOrVaLYnhs+T06PYyT3HbbanpvDM/8J7pAkAN4uWdllDB
5INk6UUi6y2zsNHNIUmlvMxIzsIPvcb44XvuMCox56La2XBHfE6CvL9iM6bD/SdD
twEvqVGQP3bTBTvLJV3KDC6LdBPsfCweBkOIbxODCY3/tTHW2EC71MMiqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNzSyLhzJloELOMCcVcvR8vmlvqYMB8GA1UdIwQY
MBaAFEZQxsAqm95OFxh/BbDsqVBIO/ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxER3dDcWIzazRYR0g4RnNPeXBVRWc3LVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zNzM0MTQtOWNlNC00NmY1LTk0MGUt
NDljMjQyOTJlOWJkLzEvM05MSXVITW1XZ1FzNHdKeFZ5OUh5LWFXLXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zNzM0MTQtOWNlNC00NmY1LTk0MGUtNDljMjQyOTJlOWJk
LzEvUmxER3dDcWIzazRYR0g4RnNPeXBVRWc3LVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZsUAwQB
vNMcMA0EAgACMAcDBQMqCrCAMA0GCSqGSIb3DQEBCwUAA4IBAQBOk/OXt15QcGRY
+gr+qgropI73HrvPH9RzjvEnLbPU2fAkZftpHIpHAjQjU0qwJX4WPlWDsScLqcGj
n+/HjSRHrZKnetXWJcrpTePHpqeNjAVTb0ArgwDWUqjuwixL8vSAwzN3eGZWESVj
NZ6u1t25G80W3AuV/TEmbPs8WgUOrSvibWnUlkitZycklS8ldzVsiqAdJN+PsDZo
Eu68bA/2mA3skznQnjIbNWB1uEWGqsSARTX+Ihwcszv5reSOanZ/UH1AUYh3rXFi
9g2SbAfN3Xqw85jge7bKVJkRCa8bz3RgdigMlbYzWATj9puvjrrvJBKDnRrlrm6/
V04xAiMu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:17 2025 by rpki-client on console.sobornost.net