Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/1SBGl6Dsc-NanmKmDFRCZHTHXUE.roa
File: 1SBGl6Dsc-NanmKmDFRCZHTHXUE.roa (raw, json)
Hash identifier: RQb0cT5Ld94CC4E9QaW/599ZeClVgEWvUpN7FpldNG0=
Subject key identifier: D5:20:46:97:A0:EC:73:E3:5A:9E:62:A6:0C:54:42:64:74:C7:5D:41
Certificate issuer: /CN=07ac64191435789995bc5a67f5b51d9685002815
Certificate serial: 019423D7FBC0DBA68C49725911A1DC555F8D
Authority key identifier: 07:AC:64:19:14:35:78:99:95:BC:5A:67:F5:B5:1D:96:85:00:28:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6xkGRQ1eJmVvFpn9bUdloUAKBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/1SBGl6Dsc-NanmKmDFRCZHTHXUE.roa
Signing time: Wed 01 Jan 2025 21:49:04 +0000
ROA not before: Wed 01 Jan 2025 21:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34049
IP address blocks: 185.137.124.0/22 maxlen: 22
2a07:3c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fb:c0:db:a6:8c:49:72:59:11:a1:dc:55:5f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07ac64191435789995bc5a67f5b51d9685002815
Validity
Not Before: Jan 1 21:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5204697a0ec73e35a9e62a60c54426474c75d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1a:5a:63:cd:84:88:7d:25:c9:88:7d:b8:1b:
d5:8c:66:c1:71:bf:6b:11:4c:43:fc:fc:d2:c3:0b:
75:a7:c5:14:c7:7a:7d:41:1a:72:3f:7a:6f:38:52:
a1:66:bf:55:63:3b:b4:ca:09:3b:3b:e6:6d:c1:91:
f5:ec:b0:46:82:02:71:d4:d6:ee:5a:84:23:1e:c7:
bb:2a:26:15:18:3e:34:ee:7e:1e:29:93:4a:4a:95:
7d:73:e7:64:c2:81:02:06:52:b7:20:ea:42:9e:36:
11:1e:57:9e:db:31:b2:c1:34:36:9a:88:d3:34:a1:
48:4f:33:e4:54:8f:4b:e6:93:9f:d8:d5:ce:4f:59:
51:b4:5f:83:02:2e:66:1b:60:b5:b3:f1:df:9a:b1:
47:b7:88:cd:2c:4e:29:52:cc:9f:e9:04:df:e1:c4:
23:84:0e:07:7c:bb:97:47:c4:71:8a:52:27:62:3d:
79:9f:e5:a3:50:06:97:bb:e2:7b:3e:c4:cb:83:28:
05:19:71:dc:f0:f0:b4:a4:48:7e:97:13:50:41:09:
19:b1:b8:3c:e3:3a:c1:82:24:3d:a7:9c:4a:f2:27:
95:df:d0:c5:a3:3c:e5:e2:21:2d:25:ac:28:e8:73:
df:53:57:87:80:d5:5f:2a:9e:ac:a2:b0:fe:a2:68:
b3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:20:46:97:A0:EC:73:E3:5A:9E:62:A6:0C:54:42:64:74:C7:5D:41
X509v3 Authority Key Identifier:
keyid:07:AC:64:19:14:35:78:99:95:BC:5A:67:F5:B5:1D:96:85:00:28:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6xkGRQ1eJmVvFpn9bUdloUAKBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/1SBGl6Dsc-NanmKmDFRCZHTHXUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/7c2e07-6cf2-4122-99f4-9c6bea4cd5b5/1/B6xkGRQ1eJmVvFpn9bUdloUAKBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.124.0/22
IPv6:
2a07:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:03:67:27:79:f3:f3:de:a2:3b:77:04:91:6a:17:4a:52:4e:
27:eb:80:25:75:e4:3c:4b:87:ea:26:19:9b:b2:20:f0:06:f3:
bc:68:b2:ed:7d:fd:dd:1e:60:0a:d8:59:89:83:4a:b6:b0:7a:
6d:61:07:00:22:00:ed:2b:d6:dd:13:15:de:fe:d6:c0:68:7e:
d9:00:ff:97:cd:6e:68:7e:09:28:85:ef:a4:a9:67:77:9c:62:
5c:1b:45:c7:07:d0:e7:ba:ca:26:bc:c3:3e:9e:64:da:97:60:
c4:9b:fd:6c:e6:d3:9c:c4:fa:6b:17:f2:ad:ab:dc:25:f5:4e:
e9:4a:d0:de:ee:b6:89:65:4c:72:71:29:83:6f:41:c2:dc:5d:
3f:aa:52:b8:d3:07:f5:bb:74:d8:8f:07:45:4a:51:be:0e:4b:
48:e0:2e:d9:3a:d4:50:75:f3:55:da:1a:99:9d:5f:43:30:00:
1b:a0:fb:d2:bf:e3:0e:51:cf:a7:79:6c:1c:bf:4d:68:2c:27:
c6:f0:76:d6:97:98:b6:4f:5d:17:61:cb:e3:21:f3:62:90:4c:
bd:2a:e6:90:cd:03:cc:90:45:7f:db:0b:e5:78:ad:67:47:68:
08:1d:3a:ba:fa:e4:bb:f7:c2:80:21:1c:d5:f6:77:06:e2:8c:
d2:db:f8:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1/vA26aMSXJZEaHcVV+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWM2NDE5MTQzNTc4OTk5NWJjNWE2N2Y1YjUxZDk2ODUw
MDI4MTUwHhcNMjUwMTAxMjE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTIwNDY5N2EwZWM3M2UzNWE5ZTYyYTYwYzU0NDI2NDc0Yzc1ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRpaY82EiH0lyYh9uBvVjGbBcb9r
EUxD/PzSwwt1p8UUx3p9QRpyP3pvOFKhZr9VYzu0ygk7O+ZtwZH17LBGggJx1Nbu
WoQjHse7KiYVGD407n4eKZNKSpV9c+dkwoECBlK3IOpCnjYRHlee2zGywTQ2mojT
NKFITzPkVI9L5pOf2NXOT1lRtF+DAi5mG2C1s/HfmrFHt4jNLE4pUsyf6QTf4cQj
hA4HfLuXR8RxilInYj15n+WjUAaXu+J7PsTLgygFGXHc8PC0pEh+lxNQQQkZsbg8
4zrBgiQ9p5xK8ieV39DFozzl4iEtJawo6HPfU1eHgNVfKp6sorD+omizEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNUgRpeg7HPjWp5ipgxUQmR0x11BMB8GA1UdIwQY
MBaAFAesZBkUNXiZlbxaZ/W1HZaFACgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZ4a0dSUTFlSm1WdkZwbjliVWRsb1VBS0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83YzJlMDctNmNmMi00MTIyLTk5ZjQt
OWM2YmVhNGNkNWI1LzEvMVNCR2w2RHNjLU5hbm1LbURGUkNaSFRIWFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS83YzJlMDctNmNmMi00MTIyLTk5ZjQtOWM2YmVhNGNkNWI1
LzEvQjZ4a0dSUTFlSm1WdkZwbjliVWRsb1VBS0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYl8MA0E
AgACMAcDBQMqBwPAMA0GCSqGSIb3DQEBCwUAA4IBAQCpA2cnefPz3qI7dwSRahdK
Uk4n64AldeQ8S4fqJhmbsiDwBvO8aLLtff3dHmAK2FmJg0q2sHptYQcAIgDtK9bd
ExXe/tbAaH7ZAP+XzW5ofgkohe+kqWd3nGJcG0XHB9DnusomvMM+nmTal2DEm/1s
5tOcxPprF/Ktq9wl9U7pStDe7raJZUxycSmDb0HC3F0/qlK40wf1u3TYjwdFSlG+
DktI4C7ZOtRQdfNV2hqZnV9DMAAboPvSv+MOUc+neWwcv01oLCfG8HbWl5i2T10X
YcvjIfNikEy9KuaQzQPMkEV/2wvleK1nR2gIHTq6+uS798KAIRzV9ncG4ozS2/iu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net