Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/076d37-4ab4-4ec3-a4b0-524025e13202/1/KMs7aUSS9LqAFlnC_o5ElLedNIc.roa
File: KMs7aUSS9LqAFlnC_o5ElLedNIc.roa (raw, json)
Hash identifier: /x7zWDBe20WK1XP4EQ8MfhJthk5BD7GGqFW7sL/0M74=
Subject key identifier: 28:CB:3B:69:44:92:F4:BA:80:16:59:C2:FE:8E:44:94:B7:9D:34:87
Certificate issuer: /CN=f8a2b605c58e0746aadc5bf0d7cbc36c9307f74d
Certificate serial: 0194D51A20F1967F46643E6E447196B9567A
Authority key identifier: F8:A2:B6:05:C5:8E:07:46:AA:DC:5B:F0:D7:CB:C3:6C:93:07:F7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KK2BcWOB0aq3Fvw18vDbJMH900.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/076d37-4ab4-4ec3-a4b0-524025e13202/1/KMs7aUSS9LqAFlnC_o5ElLedNIc.roa
Signing time: Wed 05 Feb 2025 07:54:06 +0000
ROA not before: Wed 05 Feb 2025 07:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13215
IP address blocks: 185.97.164.0/22 maxlen: 22
185.97.164.0/24 maxlen: 24
185.97.165.0/24 maxlen: 24
185.97.166.0/24 maxlen: 24
185.97.167.0/24 maxlen: 24
2a0b:a8c0::/29 maxlen: 29
2a0b:a8c0:cdc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:1a:20:f1:96:7f:46:64:3e:6e:44:71:96:b9:56:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a2b605c58e0746aadc5bf0d7cbc36c9307f74d
Validity
Not Before: Feb 5 07:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28cb3b694492f4ba801659c2fe8e4494b79d3487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d9:05:c9:ca:bf:3f:7d:85:16:61:97:ea:a0:
2c:35:4f:c8:8d:5a:0c:52:db:5c:3d:9f:5b:62:02:
cd:8d:56:18:43:2f:42:8f:15:c1:ee:83:24:94:c6:
15:ea:ed:e6:87:11:30:82:fa:26:28:0d:43:f2:8b:
31:9c:f1:e1:25:05:2b:97:f1:f3:80:2a:b4:30:2c:
76:2c:d9:06:58:b2:a1:87:45:bc:4f:d5:9b:5b:71:
94:5d:38:85:36:63:e7:73:eb:95:31:79:c2:a7:34:
70:30:52:3c:87:02:7e:c1:e1:8c:49:f7:f6:be:ab:
a7:79:55:b6:44:1e:05:2a:4a:de:03:0f:f5:a3:96:
09:7d:c8:6d:e8:52:2b:b8:41:a8:03:16:d4:9c:e5:
c0:a6:ad:ba:ba:dc:9e:20:e0:e6:56:56:70:77:7a:
ac:9a:2b:3e:5a:ef:94:ad:9d:a6:56:57:72:f7:72:
db:aa:a5:dc:73:20:e7:91:d7:c4:5e:22:d3:31:57:
c3:b7:83:16:89:9f:03:ec:43:23:c3:52:7b:04:d5:
78:81:47:34:4f:7d:02:9a:0d:82:91:d1:a7:19:40:
01:77:62:2d:eb:fa:88:e6:c5:87:92:e1:6a:f2:72:
03:34:22:82:b3:74:fa:e2:3f:44:d1:5d:24:13:de:
2b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:3B:69:44:92:F4:BA:80:16:59:C2:FE:8E:44:94:B7:9D:34:87
X509v3 Authority Key Identifier:
keyid:F8:A2:B6:05:C5:8E:07:46:AA:DC:5B:F0:D7:CB:C3:6C:93:07:F7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KK2BcWOB0aq3Fvw18vDbJMH900.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/076d37-4ab4-4ec3-a4b0-524025e13202/1/KMs7aUSS9LqAFlnC_o5ElLedNIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/076d37-4ab4-4ec3-a4b0-524025e13202/1/1-KK2BcWOB0aq3Fvw18vDbJMH900.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.164.0/22
IPv6:
2a0b:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:df:a7:3d:29:94:c4:8b:d6:56:13:c3:b0:79:4c:f7:28:af:
08:c5:f1:9a:55:70:b6:c8:ca:d2:59:fc:56:c5:db:40:e4:b3:
5b:b4:7d:83:a2:af:ae:34:d6:fa:62:d5:b3:b1:9a:20:bd:f0:
bb:c4:d9:15:27:44:9f:ab:4b:64:08:72:82:6a:1a:8c:da:16:
ee:55:08:59:a7:6b:db:0e:07:33:ae:e6:41:43:c5:99:24:b9:
70:ee:ba:81:af:b9:c2:1b:b0:ae:24:a2:e9:8a:24:63:7f:36:
79:31:d2:9a:a7:bc:35:2b:3f:8a:a8:f2:af:42:8d:6e:f0:00:
5e:4b:de:a6:00:2e:32:0b:82:3d:3c:06:b4:ae:44:89:f1:57:
2b:bf:13:18:03:bc:fb:42:3f:27:4c:46:9f:00:de:b1:ae:68:
59:e8:da:93:c0:80:45:f1:39:15:1a:04:20:be:15:cc:51:07:
aa:73:1b:3d:37:81:2d:c6:2b:70:3f:b8:e2:46:12:76:50:a9:
5d:8e:60:df:71:5e:98:14:46:4f:50:df:22:7f:a0:05:6f:1c:
70:9e:39:ef:fd:e1:14:68:b0:6b:64:41:d0:81:41:0e:a6:da:
35:04:f4:0b:e3:fe:32:17:fa:a7:b8:2f:4c:3d:ac:c1:24:6c:
c2:db:64:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZTVGiDxln9GZD5uRHGWuVZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTJiNjA1YzU4ZTA3NDZhYWRjNWJmMGQ3Y2JjMzZjOTMw
N2Y3NGQwHhcNMjUwMjA1MDc1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNiM2I2OTQ0OTJmNGJhODAxNjU5YzJmZThlNDQ5NGI3OWQzNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNkFycq/P32FFmGX6qAsNU/IjVoM
UttcPZ9bYgLNjVYYQy9CjxXB7oMklMYV6u3mhxEwgvomKA1D8osxnPHhJQUrl/Hz
gCq0MCx2LNkGWLKhh0W8T9WbW3GUXTiFNmPnc+uVMXnCpzRwMFI8hwJ+weGMSff2
vquneVW2RB4FKkreAw/1o5YJfcht6FIruEGoAxbUnOXApq26utyeIODmVlZwd3qs
mis+Wu+UrZ2mVldy93LbqqXccyDnkdfEXiLTMVfDt4MWiZ8D7EMjw1J7BNV4gUc0
T30Cmg2CkdGnGUABd2It6/qI5sWHkuFq8nIDNCKCs3T64j9E0V0kE94rMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjLO2lEkvS6gBZZwv6ORJS3nTSHMB8GA1UdIwQY
MBaAFPiitgXFjgdGqtxb8NfLw2yTB/dNMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LSzJCY1dPQjBhcTNGdncxOHZEYkpNSDkwMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIvMDc2ZDM3LTRhYjQtNGVjMy1hNGIw
LTUyNDAyNWUxMzIwMi8xL0tNczdhVVNTOUxxQUZsbkNfbzVFbExlZE5JYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvMDc2ZDM3LTRhYjQtNGVjMy1hNGIwLTUyNDAyNWUxMzIw
Mi8xLzEtS0syQmNXT0IwYXEzRnZ3MTh2RGJKTUg5MDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5YaQw
DQQCAAIwBwMFAyoLqMAwDQYJKoZIhvcNAQELBQADggEBAH7fpz0plMSL1lYTw7B5
TPcorwjF8ZpVcLbIytJZ/FbF20Dks1u0fYOir6401vpi1bOxmiC98LvE2RUnRJ+r
S2QIcoJqGozaFu5VCFmna9sOBzOu5kFDxZkkuXDuuoGvucIbsK4koumKJGN/Nnkx
0pqnvDUrP4qo8q9CjW7wAF5L3qYALjILgj08BrSuRInxVyu/ExgDvPtCPydMRp8A
3rGuaFno2pPAgEXxORUaBCC+FcxRB6pzGz03gS3GK3A/uOJGEnZQqV2OYN9xXpgU
Rk9Q3yJ/oAVvHHCeOe/94RRosGtkQdCBQQ6m2jUE9Avj/jIX+qe4L0w9rMEkbMLb
ZKo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:41 2025 by rpki-client on console.sobornost.net