Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/G4W66DIS-tOhTOL4rAP2DQwRdL0.roa
File: G4W66DIS-tOhTOL4rAP2DQwRdL0.roa (raw, json)
Hash identifier: T0yTA2cPiVodR8G3AqqlUGuyKJW1C3bce+LSKeiweEY=
Subject key identifier: 1B:85:BA:E8:32:12:FA:D3:A1:4C:E2:F8:AC:03:F6:0D:0C:11:74:BD
Certificate issuer: /CN=dfa69c3d98385d415405fc6fd30a800363c017c1
Certificate serial: 0194206800008E8392FD64C276B870398F50
Authority key identifier: DF:A6:9C:3D:98:38:5D:41:54:05:FC:6F:D3:0A:80:03:63:C0:17:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36acPZg4XUFUBfxv0wqAA2PAF8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/G4W66DIS-tOhTOL4rAP2DQwRdL0.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44466
IP address blocks: 185.160.160.0/23 maxlen: 24
185.160.162.0/23 maxlen: 24
188.215.108.0/24 maxlen: 24
188.215.109.0/24 maxlen: 24
188.215.110.0/24 maxlen: 24
188.215.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:00:00:8e:83:92:fd:64:c2:76:b8:70:39:8f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa69c3d98385d415405fc6fd30a800363c017c1
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b85bae83212fad3a14ce2f8ac03f60d0c1174bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:0e:fb:59:ff:75:fc:eb:ca:24:48:5f:5c:
7a:a8:75:68:01:3c:56:1c:cc:d6:9c:b8:42:e6:c2:
51:f9:0c:91:2a:a4:3c:c9:9d:63:9d:33:07:e6:f7:
ca:f7:c9:4f:31:8c:54:fc:6e:52:7e:ed:17:da:c2:
f3:29:d7:96:a8:71:64:cd:09:5e:73:38:2d:7a:e1:
31:72:87:ca:cd:1e:15:e7:fc:b2:22:6d:14:35:a5:
39:8a:d4:e0:5f:53:42:85:6c:3a:94:00:94:16:16:
7e:35:92:c5:ea:18:4d:57:df:3e:c9:e4:fd:82:4d:
ee:27:a1:33:53:2d:af:e9:29:3d:d4:82:38:13:3d:
d8:24:68:da:66:9b:1a:d2:05:ee:22:72:c5:3e:e0:
0c:7d:a1:c0:a7:6b:92:89:68:92:68:7a:ef:46:cd:
da:0a:e2:b8:c5:98:c1:6f:41:99:27:2c:32:a8:e4:
e6:72:e5:99:29:3b:5f:52:bb:9d:be:05:c7:47:1c:
43:be:b5:04:d4:b2:f9:0f:5f:8a:fd:1b:d0:81:42:
ae:c3:98:68:2c:b2:cd:7b:53:91:ac:20:5f:64:f6:
1b:6e:04:00:38:18:a5:40:2e:3c:e2:cb:0a:4e:5f:
0b:98:e4:c2:69:50:b1:a2:4d:cb:39:19:70:8e:d5:
e0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:85:BA:E8:32:12:FA:D3:A1:4C:E2:F8:AC:03:F6:0D:0C:11:74:BD
X509v3 Authority Key Identifier:
keyid:DF:A6:9C:3D:98:38:5D:41:54:05:FC:6F:D3:0A:80:03:63:C0:17:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36acPZg4XUFUBfxv0wqAA2PAF8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/G4W66DIS-tOhTOL4rAP2DQwRdL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/36acPZg4XUFUBfxv0wqAA2PAF8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.160.0/22
188.215.108.0/22
Signature Algorithm: sha256WithRSAEncryption
64:68:7a:b7:e5:24:76:d2:a6:9b:b8:c7:2b:27:ee:01:18:63:
6f:6d:9b:4e:75:78:82:17:81:7e:78:6c:a7:1b:de:3e:2b:4f:
9c:b5:35:34:5a:fd:b8:3f:69:25:8d:ff:c2:87:89:4b:b8:2e:
57:f7:14:04:8e:c8:af:cc:82:8b:cf:45:eb:ff:1b:bc:7e:0f:
9b:6b:73:94:8a:b9:a9:e9:de:79:c1:f7:56:bb:b2:8e:7a:67:
85:69:94:0e:17:76:ee:cc:67:bb:a0:25:81:c2:47:6a:b5:39:
80:94:33:9b:49:0b:c1:8f:38:63:78:6b:75:4c:fa:40:56:ea:
c0:4a:5a:41:cd:50:10:42:0a:1e:ee:0f:1f:6e:57:16:cd:e1:
c0:58:44:15:20:a1:dc:7b:2a:47:94:5d:3f:62:c5:b9:10:07:
b0:9f:92:c3:b7:68:70:e9:d2:ea:cf:eb:2b:db:77:a4:4c:4d:
52:25:c9:c2:de:ce:00:54:1e:45:bf:45:4f:9e:b5:6b:5b:c3:
b5:79:35:12:ab:65:2c:bf:86:fe:d2:5f:13:18:e3:ea:dd:ee:
f6:db:40:97:87:1f:d9:b3:f0:70:bd:d9:c6:ca:2d:42:70:74:
99:ae:09:ba:dc:f8:2b:96:8c:7c:99:db:51:2e:81:e5:8e:4f:
f8:be:cb:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaAAAjoOS/WTCdrhwOY9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTY5YzNkOTgzODVkNDE1NDA1ZmM2ZmQzMGE4MDAzNjNj
MDE3YzEwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg1YmFlODMyMTJmYWQzYTE0Y2UyZjhhYzAzZjYwZDBjMTE3NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWwO+1n/dfzryiRIX1x6qHVoATxW
HMzWnLhC5sJR+QyRKqQ8yZ1jnTMH5vfK98lPMYxU/G5Sfu0X2sLzKdeWqHFkzQle
czgteuExcofKzR4V5/yyIm0UNaU5itTgX1NChWw6lACUFhZ+NZLF6hhNV98+yeT9
gk3uJ6EzUy2v6Sk91II4Ez3YJGjaZpsa0gXuInLFPuAMfaHAp2uSiWiSaHrvRs3a
CuK4xZjBb0GZJywyqOTmcuWZKTtfUrudvgXHRxxDvrUE1LL5D1+K/RvQgUKuw5ho
LLLNe1ORrCBfZPYbbgQAOBilQC484ssKTl8LmOTCaVCxok3LORlwjtXg4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBuFuugyEvrToUzi+KwD9g0MEXS9MB8GA1UdIwQY
MBaAFN+mnD2YOF1BVAX8b9MKgANjwBfBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZhY1BaZzRYVUZVQmZ4djB3cUFBMlBBRjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8wZDQ4MTAtOTAyYS00YjdkLTk4MTgt
M2NlZjU2MjVhZWQ2LzEvRzRXNjZESVMtdE9oVE9MNHJBUDJEUXdSZEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8wZDQ4MTAtOTAyYS00YjdkLTk4MTgtM2NlZjU2MjVhZWQ2
LzEvMzZhY1BaZzRYVUZVQmZ4djB3cUFBMlBBRjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaCgAwQC
vNdsMA0GCSqGSIb3DQEBCwUAA4IBAQBkaHq35SR20qabuMcrJ+4BGGNvbZtOdXiC
F4F+eGynG94+K0+ctTU0Wv24P2kljf/Ch4lLuC5X9xQEjsivzIKLz0Xr/xu8fg+b
a3OUirmp6d55wfdWu7KOemeFaZQOF3buzGe7oCWBwkdqtTmAlDObSQvBjzhjeGt1
TPpAVurASlpBzVAQQgoe7g8fblcWzeHAWEQVIKHceypHlF0/YsW5EAewn5LDt2hw
6dLqz+sr23ekTE1SJcnC3s4AVB5Fv0VPnrVrW8O1eTUSq2Usv4b+0l8TGOPq3e72
20CXhx/Zs/BwvdnGyi1CcHSZrgm63Pgrlox8mdtRLoHljk/4vsvI
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:42 2025 by rpki-client on console.sobornost.net