Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/aoPilv5n5CJ_hoE4hhIg-yOODEg.roa
File: aoPilv5n5CJ_hoE4hhIg-yOODEg.roa (raw, json)
Hash identifier: mUjFO9yZy5mYwcYcLvHaIain98TW2y4wajIxqcvRaFw=
Subject key identifier: 6A:83:E2:96:FE:67:E4:22:7F:86:81:38:86:12:20:FB:23:8E:0C:48
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0194214444F0265FD7A2039A53CC1C8CF0C4
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/aoPilv5n5CJ_hoE4hhIg-yOODEg.roa
Signing time: Wed 01 Jan 2025 09:48:29 +0000
ROA not before: Wed 01 Jan 2025 09:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203954
IP address blocks: 185.118.240.0/24 maxlen: 24
2a06:9681::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:44:f0:26:5f:d7:a2:03:9a:53:cc:1c:8c:f0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 1 09:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a83e296fe67e4227f868138861220fb238e0c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:67:64:b3:f9:3e:8b:cb:99:5d:37:c3:db:8f:
9d:d6:b3:83:ff:87:e6:e2:25:39:c4:eb:7b:b1:5d:
a5:6b:5f:1f:df:c0:a3:b2:be:df:9f:db:a4:1e:88:
7e:0f:bb:50:8f:26:fe:71:eb:30:7d:7e:c5:3c:79:
8c:37:5d:f1:6a:d7:39:1d:43:1d:1c:30:b5:27:e2:
87:42:1f:58:61:60:74:6e:ff:c7:33:5a:99:46:65:
80:4f:55:21:13:3e:c6:2b:92:54:22:f1:9d:f2:0f:
ca:d1:a7:d7:72:19:5c:c1:1a:40:af:36:34:4e:af:
1a:15:57:c4:7c:7e:b4:08:8a:9f:7e:35:03:08:7c:
f4:4c:ee:ac:1d:a1:43:d8:7e:a1:17:af:b2:ea:4a:
56:d4:c4:6c:81:05:4e:a2:c0:a9:5e:e2:67:4a:48:
41:db:fb:d0:bf:7e:a3:89:a1:3e:45:d1:73:75:d6:
39:c1:5a:a2:20:b4:59:48:52:c3:3d:be:e0:0d:31:
84:e6:2c:e3:11:50:52:f6:6b:04:cd:f1:4b:ac:b6:
11:ab:60:5f:3a:85:21:15:48:80:73:43:b7:5b:81:
eb:f9:51:b0:64:bd:97:c5:67:ff:c3:41:0f:eb:4e:
aa:c6:0f:82:bb:0e:48:7b:55:cb:38:2a:32:64:77:
ea:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:83:E2:96:FE:67:E4:22:7F:86:81:38:86:12:20:FB:23:8E:0C:48
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/aoPilv5n5CJ_hoE4hhIg-yOODEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.240.0/24
IPv6:
2a06:9681::/32
Signature Algorithm: sha256WithRSAEncryption
57:45:b4:29:83:08:ad:db:90:cf:55:82:46:52:4a:23:33:c2:
43:83:86:f2:36:0d:5f:fe:8a:5a:c7:5b:4f:84:f1:52:a7:22:
2f:1e:9a:b1:78:34:53:b9:95:c4:cb:34:3c:69:24:92:e5:1b:
01:c6:5d:87:49:72:f7:5c:f6:bd:eb:92:b6:52:18:4d:fd:48:
74:d2:2e:cf:86:d7:f1:c2:05:f1:c2:c8:c2:ee:ab:26:9f:50:
5e:c9:dc:9f:d9:6b:a1:5d:52:96:68:2f:e8:29:7e:d3:31:0a:
00:c3:40:69:2d:98:e7:7d:d9:62:dc:86:91:e7:12:88:0f:b1:
86:be:fc:23:01:b0:bb:b1:32:b1:41:d1:fb:85:b8:25:8a:9e:
dc:31:93:aa:0d:a0:ba:0d:af:cc:31:ec:05:33:e3:6f:1f:c4:
27:6e:8f:54:12:51:90:f9:ec:8a:b5:25:b0:c5:f3:7c:6b:7d:
c7:19:61:3f:c7:1c:b0:a0:8a:1b:b6:27:1b:d3:77:f6:9b:17:
f7:70:7e:2b:d6:ac:ab:ca:1e:cb:ae:7e:a1:e3:cc:6a:fc:82:
e3:b7:54:a2:4b:1a:bf:50:01:4e:68:0c:5d:bc:aa:6c:9a:5c:
cc:dc:2e:d7:50:ff:21:4c:48:fe:12:9b:d2:81:48:d3:09:42:
a4:3f:70:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRETwJl/XogOaU8wcjPDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjUwMTAxMDk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgzZTI5NmZlNjdlNDIyN2Y4NjgxMzg4NjEyMjBmYjIzOGUwYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGdks/k+i8uZXTfD24+d1rOD/4fm
4iU5xOt7sV2la18f38Cjsr7fn9ukHoh+D7tQjyb+ceswfX7FPHmMN13xatc5HUMd
HDC1J+KHQh9YYWB0bv/HM1qZRmWAT1UhEz7GK5JUIvGd8g/K0afXchlcwRpArzY0
Tq8aFVfEfH60CIqffjUDCHz0TO6sHaFD2H6hF6+y6kpW1MRsgQVOosCpXuJnSkhB
2/vQv36jiaE+RdFzddY5wVqiILRZSFLDPb7gDTGE5izjEVBS9msEzfFLrLYRq2Bf
OoUhFUiAc0O3W4Hr+VGwZL2XxWf/w0EP606qxg+Cuw5Ie1XLOCoyZHfqkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGqD4pb+Z+Qif4aBOIYSIPsjjgxIMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvYW9QaWx2NW41Q0pfaG9FNGhoSWcteU9PREVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXbwMA0E
AgACMAcDBQAqBpaBMA0GCSqGSIb3DQEBCwUAA4IBAQBXRbQpgwit25DPVYJGUkoj
M8JDg4byNg1f/opax1tPhPFSpyIvHpqxeDRTuZXEyzQ8aSSS5RsBxl2HSXL3XPa9
65K2UhhN/Uh00i7PhtfxwgXxwsjC7qsmn1Beydyf2WuhXVKWaC/oKX7TMQoAw0Bp
LZjnfdli3IaR5xKID7GGvvwjAbC7sTKxQdH7hbglip7cMZOqDaC6Da/MMewFM+Nv
H8Qnbo9UElGQ+eyKtSWwxfN8a33HGWE/xxywoIobticb03f2mxf3cH4r1qyryh7L
rn6h48xq/ILjt1SiSxq/UAFOaAxdvKpsmlzM3C7XUP8hTEj+EpvSgUjTCUKkP3DL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net