Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/i3ThCtdNGW1cjUxQLhhdn5p0rJI.roa
File: i3ThCtdNGW1cjUxQLhhdn5p0rJI.roa (raw, json)
Hash identifier: GXqzqfOOBrl4UZP/OkbdiBzFUWkoVhn5KODt99i+lAc=
Subject key identifier: 8B:74:E1:0A:D7:4D:19:6D:5C:8D:4C:50:2E:18:5D:9F:9A:74:AC:92
Certificate issuer: /CN=099da06b80fa749068028b597be3e50e8b118786
Certificate serial: 0194228E300674D1EC5663D3B3B785CC1F6C
Authority key identifier: 09:9D:A0:6B:80:FA:74:90:68:02:8B:59:7B:E3:E5:0E:8B:11:87:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ2ga4D6dJBoAotZe-PlDosRh4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/i3ThCtdNGW1cjUxQLhhdn5p0rJI.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42034
IP address blocks: 185.135.32.0/22 maxlen: 22
193.108.181.0/24 maxlen: 24
2001:67c:274c::/48 maxlen: 48
2a06:f140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:30:06:74:d1:ec:56:63:d3:b3:b7:85:cc:1f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099da06b80fa749068028b597be3e50e8b118786
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b74e10ad74d196d5c8d4c502e185d9f9a74ac92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:09:14:58:28:d7:55:85:bd:0a:28:13:8e:29:
61:fc:c3:f4:c1:40:c2:f9:f9:46:6b:a2:14:20:2c:
3a:fb:32:7e:ae:ae:6a:b4:17:c7:8d:38:b3:ec:38:
f4:5e:01:1b:d8:a7:09:93:58:d9:8b:a6:26:19:1d:
92:34:1b:44:b9:8a:54:79:bb:71:4c:ea:51:e1:1e:
88:f5:62:91:e7:42:d0:f4:66:2d:b6:c8:58:28:a3:
21:ec:1a:94:f2:97:cb:f9:65:37:36:0d:41:1c:0a:
01:57:a0:bb:ef:dd:51:25:b7:37:c4:d9:74:de:57:
c3:16:02:6c:7a:a3:06:cd:8f:f8:6b:2c:83:fe:36:
f0:eb:87:8f:d9:36:42:43:00:6a:f8:af:0a:d5:e7:
88:d6:c0:61:e9:34:b2:d3:34:cf:ba:c8:f3:e5:f0:
d4:45:f6:ac:2c:77:77:37:e5:e2:60:ce:55:59:67:
8a:db:b5:f5:6a:74:17:23:3d:91:d9:c7:a1:c8:bd:
da:e3:ec:a3:f9:98:91:95:8a:54:da:f8:f2:24:74:
ed:9d:c5:cb:db:24:1e:d1:de:0e:89:a7:5d:c5:1d:
ef:81:54:91:1e:83:0b:e5:6b:3f:f3:d9:67:7a:19:
28:eb:27:d7:d6:f6:5d:0d:d1:c5:3c:68:20:e2:98:
10:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:74:E1:0A:D7:4D:19:6D:5C:8D:4C:50:2E:18:5D:9F:9A:74:AC:92
X509v3 Authority Key Identifier:
keyid:09:9D:A0:6B:80:FA:74:90:68:02:8B:59:7B:E3:E5:0E:8B:11:87:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ2ga4D6dJBoAotZe-PlDosRh4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/i3ThCtdNGW1cjUxQLhhdn5p0rJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/CZ2ga4D6dJBoAotZe-PlDosRh4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.32.0/22
193.108.181.0/24
IPv6:
2001:67c:274c::/48
2a06:f140::/29
Signature Algorithm: sha256WithRSAEncryption
3e:11:04:d5:2d:b1:da:65:f2:e6:c7:86:a3:90:7e:6d:1f:e5:
97:30:4a:3b:f2:67:08:33:e6:ce:0a:3a:1d:30:43:2b:11:ae:
15:29:d9:7f:c7:ed:75:0b:9f:f5:d2:c4:dc:58:f1:49:7f:14:
83:a5:27:17:6c:c0:ba:07:91:7b:ab:eb:1e:a4:e3:6b:d3:39:
95:a1:e5:52:a2:b9:91:80:12:1e:08:17:48:1b:2e:43:68:2a:
db:db:e0:04:c3:b5:a0:6b:fc:c7:7b:cb:4e:fd:b2:3e:98:e2:
43:1d:05:ed:b9:60:0c:0d:35:74:0a:32:0f:dd:e1:f8:04:2a:
54:1b:78:4f:4d:fb:52:90:bf:39:08:43:1d:e4:ca:30:70:77:
bc:4e:bc:9f:79:a1:82:98:4a:8b:31:8b:54:4a:5b:f0:71:8b:
3c:6a:28:f0:90:6f:da:55:18:1e:10:8f:52:5f:c9:ce:6f:a2:
d9:bf:80:c1:7d:3a:f8:f7:9d:27:8a:6c:4d:32:5b:f6:fd:f3:
f0:71:d9:a8:47:55:81:66:3c:43:e2:60:c4:84:58:e0:db:86:
53:b0:70:ce:65:6d:55:f8:1e:67:80:a6:42:bc:2d:03:ed:b9:
96:06:95:bc:d1:b5:cc:44:c1:ea:8f:af:7b:73:d9:a2:17:c9:
db:f8:03:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQijjAGdNHsVmPTs7eFzB9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWRhMDZiODBmYTc0OTA2ODAyOGI1OTdiZTNlNTBlOGIx
MTg3ODYwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc0ZTEwYWQ3NGQxOTZkNWM4ZDRjNTAyZTE4NWQ5ZjlhNzRhYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQkUWCjXVYW9CigTjilh/MP0wUDC
+flGa6IUICw6+zJ+rq5qtBfHjTiz7Dj0XgEb2KcJk1jZi6YmGR2SNBtEuYpUebtx
TOpR4R6I9WKR50LQ9GYttshYKKMh7BqU8pfL+WU3Ng1BHAoBV6C7791RJbc3xNl0
3lfDFgJseqMGzY/4ayyD/jbw64eP2TZCQwBq+K8K1eeI1sBh6TSy0zTPusjz5fDU
RfasLHd3N+XiYM5VWWeK27X1anQXIz2R2cehyL3a4+yj+ZiRlYpU2vjyJHTtncXL
2yQe0d4OiaddxR3vgVSRHoML5Ws/89lnehko6yfX1vZdDdHFPGgg4pgQPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIt04QrXTRltXI1MUC4YXZ+adKySMB8GA1UdIwQY
MBaAFAmdoGuA+nSQaAKLWXvj5Q6LEYeGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1oyZ2E0RDZkSkJvQW90WmUtUGxEb3NSaDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9iNDA0YzctYmQzZC00NzUyLThhZGUt
MzFmY2M0NTU1NzVlLzEvaTNUaEN0ZE5HVzFjalV4UUxoaGRuNXAwckpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9iNDA0YzctYmQzZC00NzUyLThhZGUtMzFmY2M0NTU1NzVl
LzEvQ1oyZ2E0RDZkSkJvQW90WmUtUGxEb3NSaDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuYcgAwQA
wWy1MBYEAgACMBADBwAgAQZ8J0wDBQMqBvFAMA0GCSqGSIb3DQEBCwUAA4IBAQA+
EQTVLbHaZfLmx4ajkH5tH+WXMEo78mcIM+bOCjodMEMrEa4VKdl/x+11C5/10sTc
WPFJfxSDpScXbMC6B5F7q+sepONr0zmVoeVSormRgBIeCBdIGy5DaCrb2+AEw7Wg
a/zHe8tO/bI+mOJDHQXtuWAMDTV0CjIP3eH4BCpUG3hPTftSkL85CEMd5MowcHe8
TryfeaGCmEqLMYtUSlvwcYs8aijwkG/aVRgeEI9SX8nOb6LZv4DBfTr4950nimxN
Mlv2/fPwcdmoR1WBZjxD4mDEhFjg24ZTsHDOZW1V+B5ngKZCvC0D7bmWBpW80bXM
RMHqj697c9miF8nb+ANa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:32 2025 by rpki-client on console.sobornost.net