Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/691mCGSXoSch_5n-_pfK7VBK24U.roa
File: 691mCGSXoSch_5n-_pfK7VBK24U.roa (raw, json)
Hash identifier: Wd9PO6+/FM13l9qBnW2wnUGn1u/XUolVRvwtK5oFjWQ=
Subject key identifier: EB:DD:66:08:64:97:A1:27:21:FF:99:FE:FE:97:CA:ED:50:4A:DB:85
Certificate issuer: /CN=7e1540fdd5add6b775498c1e3f25c90e213a612f
Certificate serial: 019427480513E832CD3E29B8B5A3D3582735
Authority key identifier: 7E:15:40:FD:D5:AD:D6:B7:75:49:8C:1E:3F:25:C9:0E:21:3A:61:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhVA_dWt1rd1SYwePyXJDiE6YS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/691mCGSXoSch_5n-_pfK7VBK24U.roa
Signing time: Thu 02 Jan 2025 13:50:18 +0000
ROA not before: Thu 02 Jan 2025 13:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44821
IP address blocks: 185.148.252.0/22 maxlen: 22
2a07:6380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:05:13:e8:32:cd:3e:29:b8:b5:a3:d3:58:27:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1540fdd5add6b775498c1e3f25c90e213a612f
Validity
Not Before: Jan 2 13:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebdd66086497a12721ff99fefe97caed504adb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6c:b2:57:0c:99:b7:87:42:da:62:9a:10:48:
a4:10:9d:2e:a5:b8:7c:46:42:27:58:5b:0b:f6:b1:
19:97:84:58:9d:a2:39:8a:00:d4:2e:cd:64:cb:41:
6a:89:7a:86:16:2d:d4:c6:11:ac:46:b0:a1:5d:28:
3a:4f:e9:fa:0a:df:9c:17:0b:a2:f7:d8:19:88:f5:
95:8b:92:72:85:aa:12:7e:12:8c:85:55:81:ca:0a:
63:13:31:f2:9c:ba:6b:27:75:17:ba:8f:72:cb:4a:
3a:5d:6d:cd:40:7f:8f:4c:31:e2:5c:fd:d2:88:a1:
a6:2d:43:bf:5c:53:55:66:89:6d:21:ac:2f:5c:19:
bc:7f:a3:bb:56:ee:a2:1a:6e:8e:28:4c:f4:ba:2b:
ae:7a:a6:67:ab:60:b9:e3:e6:c8:5e:84:fb:a6:bc:
bf:bd:52:8d:6f:5e:99:66:17:3c:64:e0:ae:60:e2:
35:90:22:43:19:98:29:ff:9b:d7:7e:08:20:34:4e:
fd:73:83:e2:d3:58:ea:73:1e:04:ec:7a:f6:2e:bf:
75:db:da:9d:53:88:0f:98:cd:a8:68:f0:6d:bd:28:
33:4e:31:fe:20:40:aa:24:81:fc:dc:61:c8:33:fc:
9f:93:79:80:11:0c:98:e2:8b:7b:0a:db:3a:f6:b9:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DD:66:08:64:97:A1:27:21:FF:99:FE:FE:97:CA:ED:50:4A:DB:85
X509v3 Authority Key Identifier:
keyid:7E:15:40:FD:D5:AD:D6:B7:75:49:8C:1E:3F:25:C9:0E:21:3A:61:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhVA_dWt1rd1SYwePyXJDiE6YS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/691mCGSXoSch_5n-_pfK7VBK24U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/fhVA_dWt1rd1SYwePyXJDiE6YS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.252.0/22
IPv6:
2a07:6380::/29
Signature Algorithm: sha256WithRSAEncryption
ab:2a:19:e5:a4:7c:f5:f0:46:5a:37:e6:3c:b9:43:55:99:10:
23:8d:55:05:ba:d1:97:3f:6f:66:58:72:8e:9c:77:50:e4:9a:
23:6a:92:fe:d4:86:f0:49:6d:0b:56:58:6d:44:5e:fc:5b:23:
55:35:57:ca:24:75:48:74:15:a0:52:2d:ee:fe:e0:91:01:8d:
43:ea:d6:d9:22:de:9d:2c:98:08:7a:1e:7d:4a:13:19:71:19:
52:2f:ec:07:36:8b:f5:79:c6:d7:e2:4f:58:c1:cf:8a:50:07:
2a:4f:f9:a8:a5:bb:e8:e7:95:69:b3:47:7e:33:b2:98:1c:5e:
55:3c:e6:3c:97:01:83:67:62:d5:11:d3:2d:3e:5d:44:19:f0:
3a:b0:ad:01:23:59:81:62:c7:25:f3:0a:48:99:f7:11:8e:5b:
71:61:79:7e:f3:b3:22:cd:ff:bb:7d:e5:4d:85:70:c1:5d:fd:
c7:bc:f6:ce:f0:cb:45:67:18:e4:e2:c0:60:b1:2d:d2:d5:9c:
1e:b7:6f:1d:6e:65:00:d2:9e:bd:37:e5:57:aa:c9:67:9f:4e:
11:fd:2e:fe:33:03:0a:7e:77:4b:2d:00:a3:7e:07:d2:ae:f2:
64:7d:24:f2:d6:60:22:b8:81:54:48:61:c2:73:fa:9f:bc:98:
8b:11:f5:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSAUT6DLNPim4taPTWCc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTU0MGZkZDVhZGQ2Yjc3NTQ5OGMxZTNmMjVjOTBlMjEz
YTYxMmYwHhcNMjUwMTAyMTM1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRkNjYwODY0OTdhMTI3MjFmZjk5ZmVmZTk3Y2FlZDUwNGFkYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmyyVwyZt4dC2mKaEEikEJ0upbh8
RkInWFsL9rEZl4RYnaI5igDULs1ky0FqiXqGFi3UxhGsRrChXSg6T+n6Ct+cFwui
99gZiPWVi5JyhaoSfhKMhVWBygpjEzHynLprJ3UXuo9yy0o6XW3NQH+PTDHiXP3S
iKGmLUO/XFNVZoltIawvXBm8f6O7Vu6iGm6OKEz0uiuueqZnq2C54+bIXoT7pry/
vVKNb16ZZhc8ZOCuYOI1kCJDGZgp/5vXfgggNE79c4Pi01jqcx4E7Hr2Lr9129qd
U4gPmM2oaPBtvSgzTjH+IECqJIH83GHIM/yfk3mAEQyY4ot7Cts69rk19wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOvdZghkl6EnIf+Z/v6Xyu1QStuFMB8GA1UdIwQY
MBaAFH4VQP3Vrda3dUmMHj8lyQ4hOmEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhWQV9kV3QxcmQxU1l3ZVB5WEpEaUU2WVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hNGRlYmItMjdiNy00MTQwLWIyN2Ut
ZWE2NTM4MjRiMWYyLzEvNjkxbUNHU1hvU2NoXzVuLV9wZks3VkJLMjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hNGRlYmItMjdiNy00MTQwLWIyN2UtZWE2NTM4MjRiMWYy
LzEvZmhWQV9kV3QxcmQxU1l3ZVB5WEpEaUU2WVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZT8MA0E
AgACMAcDBQMqB2OAMA0GCSqGSIb3DQEBCwUAA4IBAQCrKhnlpHz18EZaN+Y8uUNV
mRAjjVUFutGXP29mWHKOnHdQ5JojapL+1IbwSW0LVlhtRF78WyNVNVfKJHVIdBWg
Ui3u/uCRAY1D6tbZIt6dLJgIeh59ShMZcRlSL+wHNov1ecbX4k9Ywc+KUAcqT/mo
pbvo55Vps0d+M7KYHF5VPOY8lwGDZ2LVEdMtPl1EGfA6sK0BI1mBYscl8wpImfcR
jltxYXl+87Mizf+7feVNhXDBXf3HvPbO8MtFZxjk4sBgsS3S1Zwet28dbmUA0p69
N+VXqslnn04R/S7+MwMKfndLLQCjfgfSrvJkfSTy1mAiuIFUSGHCc/qfvJiLEfUf
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:34 2025 by rpki-client on console.sobornost.net