Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/H1ODV9W4buqhl3EqdtbJBcTx8bE.roa
File: H1ODV9W4buqhl3EqdtbJBcTx8bE.roa (raw, json)
Hash identifier: ACjxboSyCSfEn+fJ3xsL41v0ySwcobd1/VO5RHv6Sbs=
Subject key identifier: 1F:53:83:57:D5:B8:6E:EA:A1:97:71:2A:76:D6:C9:05:C4:F1:F1:B1
Certificate issuer: /CN=27b8dbd97de4cd4059b52e513dcf35cd381a32b3
Certificate serial: 019423D78D327548DC3E5AC8A71268CFFB03
Authority key identifier: 27:B8:DB:D9:7D:E4:CD:40:59:B5:2E:51:3D:CF:35:CD:38:1A:32:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7jb2X3kzUBZtS5RPc81zTgaMrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/H1ODV9W4buqhl3EqdtbJBcTx8bE.roa
Signing time: Wed 01 Jan 2025 21:48:36 +0000
ROA not before: Wed 01 Jan 2025 21:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205862
IP address blocks: 185.204.40.0/24 maxlen: 24
185.204.41.0/24 maxlen: 24
185.204.42.0/24 maxlen: 24
185.204.43.0/24 maxlen: 24
2a0d:b00:2901::/48 maxlen: 48
2a0d:b00:3501::/48 maxlen: 48
2a0d:b00:3502::/48 maxlen: 48
2a0d:b00:9201::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:8d:32:75:48:dc:3e:5a:c8:a7:12:68:cf:fb:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27b8dbd97de4cd4059b52e513dcf35cd381a32b3
Validity
Not Before: Jan 1 21:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f538357d5b86eeaa197712a76d6c905c4f1f1b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:27:62:5d:ad:e1:9d:34:16:4f:a9:ee:cc:3c:
b1:d7:71:56:b6:0b:8b:17:24:fa:a6:27:63:55:7f:
ed:1e:9a:09:bc:63:31:32:3d:02:ce:05:56:f1:b8:
f6:33:0d:e7:7f:54:6d:00:d0:e2:34:40:4b:78:1b:
02:26:5a:9c:d8:cf:0d:58:24:a2:d9:d5:2d:f3:6d:
33:61:8e:da:e2:d9:16:3c:ac:d7:c9:1e:90:ce:79:
db:b5:a8:e7:85:71:fd:f0:74:ad:63:17:3c:ca:34:
4a:97:b3:20:39:ec:40:3d:62:17:bd:65:ad:98:54:
af:61:d8:33:a9:e4:4e:bf:0f:f5:49:85:64:00:95:
6a:3b:fe:0b:ea:11:8b:6e:db:be:59:e5:d1:fd:59:
3b:b5:42:e8:50:50:41:5c:fe:9c:ec:1b:f7:04:9c:
95:b8:20:99:20:7b:92:50:e9:e3:53:8b:29:c2:cb:
59:47:ba:6d:1e:06:16:44:fe:f1:19:86:68:8e:09:
db:be:76:77:4e:fc:d6:2a:10:20:d3:53:ee:09:15:
8e:57:43:c0:3a:1b:40:b1:29:c2:91:2e:65:c4:9a:
8e:2d:52:57:d1:15:30:86:82:62:b9:dc:0e:c3:8d:
1a:7a:22:58:58:6a:f4:c5:aa:5e:70:c7:42:09:ff:
fb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:53:83:57:D5:B8:6E:EA:A1:97:71:2A:76:D6:C9:05:C4:F1:F1:B1
X509v3 Authority Key Identifier:
keyid:27:B8:DB:D9:7D:E4:CD:40:59:B5:2E:51:3D:CF:35:CD:38:1A:32:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7jb2X3kzUBZtS5RPc81zTgaMrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/H1ODV9W4buqhl3EqdtbJBcTx8bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/J7jb2X3kzUBZtS5RPc81zTgaMrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.40.0/22
IPv6:
2a0d:b00:2901::/48
2a0d:b00:3501::-2a0d:b00:3502:ffff:ffff:ffff:ffff:ffff
2a0d:b00:9201::/48
Signature Algorithm: sha256WithRSAEncryption
10:7d:57:59:6c:d9:90:e7:7c:be:92:6b:e8:06:2d:36:3c:3e:
b1:e7:4f:f2:cf:c5:12:35:2f:6f:84:b9:4a:b1:e6:40:d6:19:
5c:82:2d:44:70:1c:c6:b8:99:e3:da:1d:a2:d0:4e:fc:fe:30:
e6:16:b4:1f:e4:eb:e5:ed:7a:53:ca:f7:d1:d8:07:f8:54:0c:
6f:f0:82:71:47:92:3d:31:ed:ef:50:89:b0:0a:e2:70:7f:38:
52:2e:da:2d:36:55:aa:ad:d2:2e:eb:b3:ce:29:0b:b4:68:26:
b7:4f:6a:70:23:6c:e7:97:82:0a:1e:74:87:6c:3a:db:2c:98:
12:95:74:ad:15:86:92:86:0a:13:1d:f2:2e:42:5b:5b:9a:65:
b2:66:04:2c:85:14:4b:cf:05:dd:50:20:0c:35:28:f1:fb:d9:
2a:df:eb:38:50:f8:42:35:a8:b9:03:56:20:f5:fb:7f:c6:1a:
7a:66:5b:eb:32:ef:10:d9:54:aa:f8:77:f4:99:3c:28:6b:12:
69:83:f1:d2:43:ba:e7:fb:fc:0f:96:ee:1b:e8:34:b6:06:6d:
6e:c7:b5:4e:72:76:36:e0:47:1f:b0:e1:47:9f:6c:71:79:6d:
e0:84:69:ff:a2:a9:4e:eb:16:b0:3f:a6:94:01:d4:c2:a7:26:
fb:cd:1e:e7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQj140ydUjcPlrIpxJoz/sDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YjhkYmQ5N2RlNGNkNDA1OWI1MmU1MTNkY2YzNWNkMzgx
YTMyYjMwHhcNMjUwMTAxMjE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjUzODM1N2Q1Yjg2ZWVhYTE5NzcxMmE3NmQ2YzkwNWM0ZjFmMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ydiXa3hnTQWT6nuzDyx13FWtguL
FyT6pidjVX/tHpoJvGMxMj0CzgVW8bj2Mw3nf1RtANDiNEBLeBsCJlqc2M8NWCSi
2dUt820zYY7a4tkWPKzXyR6QznnbtajnhXH98HStYxc8yjRKl7MgOexAPWIXvWWt
mFSvYdgzqeROvw/1SYVkAJVqO/4L6hGLbtu+WeXR/Vk7tULoUFBBXP6c7Bv3BJyV
uCCZIHuSUOnjU4spwstZR7ptHgYWRP7xGYZojgnbvnZ3TvzWKhAg01PuCRWOV0PA
OhtAsSnCkS5lxJqOLVJX0RUwhoJiudwOw40aeiJYWGr0xapecMdCCf/71wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFB9Tg1fVuG7qoZdxKnbWyQXE8fGxMB8GA1UdIwQY
MBaAFCe429l95M1AWbUuUT3PNc04GjKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdqYjJYM2t6VUJadFM1UlBjODF6VGdhTXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy84NTkyOGYtNWYxOS00MWQ5LTgyMzgt
NWM1NGNkYWQxOWYxLzEvSDFPRFY5VzRidXFobDNFcWR0YkpCY1R4OGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy84NTkyOGYtNWYxOS00MWQ5LTgyMzgtNWM1NGNkYWQxOWYx
LzEvSjdqYjJYM2t6VUJadFM1UlBjODF6VGdhTXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQCucwoMCwE
AgACMCYDBwAqDQsAKQEwEgMHACoNCwA1AQMHACoNCwA1AgMHACoNCwCSATANBgkq
hkiG9w0BAQsFAAOCAQEAEH1XWWzZkOd8vpJr6AYtNjw+sedP8s/FEjUvb4S5SrHm
QNYZXIItRHAcxriZ49odotBO/P4w5ha0H+Tr5e16U8r30dgH+FQMb/CCcUeSPTHt
71CJsAricH84Ui7aLTZVqq3SLuuzzikLtGgmt09qcCNs55eCCh50h2w62yyYEpV0
rRWGkoYKEx3yLkJbW5plsmYELIUUS88F3VAgDDUo8fvZKt/rOFD4QjWouQNWIPX7
f8YaemZb6zLvENlUqvh39Jk8KGsSaYPx0kO65/v8D5buG+g0tgZtbse1TnJ2NuBH
H7DhR59scXlt4IRp/6KpTusWsD+mlAHUwqcm+80e5w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:42 2025 by rpki-client on console.sobornost.net