Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Q_XBBiAk4qHgl5xyRFCeUl8e3VE.roa
File: Q_XBBiAk4qHgl5xyRFCeUl8e3VE.roa (raw, json)
Hash identifier: sADh7knGI+0KPR0TD0XBdBdTNm9tN3/eGMw1gHZe2VI=
Subject key identifier: 43:F5:C1:06:20:24:E2:A1:E0:97:9C:72:44:50:9E:52:5F:1E:DD:51
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 019427482066F937C14D447027D28EA4DA86
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Q_XBBiAk4qHgl5xyRFCeUl8e3VE.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202766
IP address blocks: 185.123.120.0/22 maxlen: 24
212.66.160.0/24 maxlen: 24
212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:20:66:f9:37:c1:4d:44:70:27:d2:8e:a4:da:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43f5c1062024e2a1e0979c7244509e525f1edd51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:83:c2:d5:06:b4:ef:8c:b3:32:37:5a:17:
0a:b6:57:fe:d0:9c:e8:48:ea:96:d3:03:a7:94:5a:
37:fe:f5:0f:89:e7:77:ca:90:7a:07:7c:ce:9b:15:
73:d3:85:8d:e5:06:40:a7:a0:89:20:52:fc:5b:8a:
3c:87:c7:f3:d8:75:1a:58:b0:c7:48:24:15:61:ec:
28:36:21:cf:de:83:9b:72:3b:c3:3e:74:30:31:3b:
14:d7:ff:f2:4e:40:d3:a7:9b:e0:48:2e:22:62:b9:
88:83:ef:23:25:b6:be:82:63:6a:c1:1e:c1:87:92:
2d:be:8c:18:6b:dc:e3:0c:8b:7e:eb:5c:d5:44:c1:
94:89:61:77:82:87:fb:a1:66:be:f9:d5:d0:13:fa:
13:a6:58:ab:c2:64:5d:7b:5b:ef:4f:b8:1f:24:79:
c6:fa:9f:a2:74:b5:65:be:aa:d4:7b:0e:d8:b3:d8:
a1:96:00:a1:b0:40:b0:fb:80:08:11:87:f7:e5:79:
07:40:b2:f4:cc:43:9c:9c:7d:4f:c7:5c:21:b9:fc:
c7:2d:59:d8:c2:f1:96:67:57:7b:d7:44:ff:a0:46:
41:a1:9e:1f:44:ec:e1:17:7f:2b:69:91:22:8c:9a:
de:66:91:03:95:7e:f9:91:49:9b:a2:2c:0a:ef:2b:
de:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F5:C1:06:20:24:E2:A1:E0:97:9C:72:44:50:9E:52:5F:1E:DD:51
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Q_XBBiAk4qHgl5xyRFCeUl8e3VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
68:e5:e7:5d:e1:d3:21:86:91:10:1e:fb:2c:c9:e8:81:c8:ac:
06:98:39:26:b4:d6:63:07:f6:b5:8b:07:86:0e:c0:e7:f5:00:
05:af:32:d8:da:5e:9c:b7:68:47:fb:d2:9c:4e:ea:06:eb:4f:
25:ad:89:7d:89:fb:d2:a9:bd:78:59:32:bc:a3:0a:b4:d8:d9:
d1:3f:38:86:22:68:0a:ee:c2:6e:2a:78:1d:55:54:c8:6d:8d:
4c:68:b3:e9:2c:1b:a9:64:22:cc:cb:93:30:97:b5:cb:93:47:
53:dd:1c:54:89:49:dd:88:0f:ca:c6:89:6b:f2:e2:cf:29:7a:
d7:4b:23:67:80:8f:f4:13:28:30:9f:3d:5f:e2:fd:bc:5d:41:
3d:06:06:c9:10:4c:85:c3:3f:77:73:d9:d2:62:25:b6:5d:a8:
bc:ca:06:ae:4a:a0:4d:72:5a:70:b5:f4:32:4c:89:55:3c:c9:
63:e0:84:ce:7e:5b:fa:5e:9a:28:d3:8e:14:be:2e:11:9a:f7:
18:f3:9c:a3:c9:d4:f4:c8:18:14:db:49:82:78:da:b5:3f:a8:
fd:10:23:38:cc:95:ce:05:01:6d:30:8a:4c:89:5d:19:3c:9b:
1c:bb:73:ba:aa:04:17:5f:a0:56:df:3e:e3:21:5d:66:ce:37:
af:08:e5:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSCBm+TfBTURwJ9KOpNqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y1YzEwNjIwMjRlMmExZTA5NzljNzI0NDUwOWU1MjVmMWVkZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqSDwtUGtO+MszI3WhcKtlf+0Jzo
SOqW0wOnlFo3/vUPied3ypB6B3zOmxVz04WN5QZAp6CJIFL8W4o8h8fz2HUaWLDH
SCQVYewoNiHP3oObcjvDPnQwMTsU1//yTkDTp5vgSC4iYrmIg+8jJba+gmNqwR7B
h5ItvowYa9zjDIt+61zVRMGUiWF3gof7oWa++dXQE/oTplirwmRde1vvT7gfJHnG
+p+idLVlvqrUew7Ys9ihlgChsECw+4AIEYf35XkHQLL0zEOcnH1Px1whufzHLVnY
wvGWZ1d710T/oEZBoZ4fROzhF38raZEijJreZpEDlX75kUmboiwK7yve7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEP1wQYgJOKh4JecckRQnlJfHt1RMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvUV9YQkJpQWs0cUhnbDV4eVJGQ2VVbDhlM1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQBo5edd4dMhhpEQHvss
yeiByKwGmDkmtNZjB/a1iweGDsDn9QAFrzLY2l6ct2hH+9KcTuoG608lrYl9ifvS
qb14WTK8owq02NnRPziGImgK7sJuKngdVVTIbY1MaLPpLBupZCLMy5Mwl7XLk0dT
3RxUiUndiA/Kxolr8uLPKXrXSyNngI/0Eygwnz1f4v28XUE9BgbJEEyFwz93c9nS
YiW2Xai8ygauSqBNclpwtfQyTIlVPMlj4ITOflv6Xpoo044Uvi4RmvcY85yjydT0
yBgU20mCeNq1P6j9ECM4zJXOBQFtMIpMiV0ZPJscu3O6qgQXX6BW3z7jIV1mzjev
COUl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net