Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/aOtm6U59mShACrUP4z50hrZCIxk.roa
File: aOtm6U59mShACrUP4z50hrZCIxk.roa (raw, json)
Hash identifier: 8fQIVCesiryqBUIZoQ97a4j4i55DYNAa5i2DNRlMQ5M=
Subject key identifier: 68:EB:66:E9:4E:7D:99:28:40:0A:B5:0F:E3:3E:74:86:B6:42:23:19
Certificate issuer: /CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Certificate serial: 0195274C8B19CC3BA874D4E69278AE663DC9
Authority key identifier: 6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/aOtm6U59mShACrUP4z50hrZCIxk.roa
Signing time: Fri 21 Feb 2025 06:58:02 +0000
ROA not before: Fri 21 Feb 2025 06:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29488
IP address blocks: 185.208.36.0/22 maxlen: 22
217.74.176.0/20 maxlen: 22
2001:1a30::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:4c:8b:19:cc:3b:a8:74:d4:e6:92:78:ae:66:3d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Validity
Not Before: Feb 21 06:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68eb66e94e7d9928400ab50fe33e7486b6422319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e8:97:9c:ef:10:5c:79:9b:4b:7c:55:e4:fc:
69:b6:d6:04:2d:4a:bd:cc:61:4a:8f:e2:9e:64:ec:
73:07:49:42:e7:8d:89:ba:2d:55:78:e3:5e:85:c6:
8f:c6:2e:77:8d:fa:72:db:9b:42:0c:5d:b0:c4:6b:
81:84:95:5e:7a:0b:28:aa:30:1f:b7:f8:2f:ea:ba:
35:34:f5:82:59:ca:4a:3f:85:82:aa:1a:b0:37:e2:
2f:5b:44:b6:54:1e:00:de:95:9f:c4:c3:cb:39:d2:
69:58:51:c7:7c:16:7a:7d:12:0e:b8:d9:5e:68:e8:
63:e3:46:41:af:40:13:48:fa:a2:95:bc:4b:3f:6e:
21:81:82:ac:f6:db:bb:e5:ff:08:a1:65:4b:41:06:
a6:c3:c0:10:68:43:56:27:eb:be:fd:63:4a:54:5e:
eb:d4:9a:4d:c4:7d:91:7a:6e:46:d7:85:9b:91:75:
86:7f:6d:42:d0:74:0d:e9:d6:d3:27:45:7b:8e:37:
8a:5a:6f:59:44:b7:d9:fb:75:1d:58:28:a1:d8:7c:
7e:6e:76:04:0f:89:40:df:e5:7c:a4:bd:79:1e:16:
d5:25:9c:91:3d:6d:32:6e:a1:fe:d6:40:bb:6c:b5:
cb:ec:66:46:d2:13:37:c5:9b:8f:34:b8:f5:0f:38:
54:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:66:E9:4E:7D:99:28:40:0A:B5:0F:E3:3E:74:86:B6:42:23:19
X509v3 Authority Key Identifier:
keyid:6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/aOtm6U59mShACrUP4z50hrZCIxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.36.0/22
217.74.176.0/20
IPv6:
2001:1a30::/32
Signature Algorithm: sha256WithRSAEncryption
3c:19:4d:65:cb:ec:09:38:83:f6:9c:b1:48:a9:c4:60:60:2d:
2e:35:59:70:b3:14:69:77:68:53:a8:85:4c:78:72:8e:98:b3:
ad:07:61:ce:b8:81:53:7a:70:39:cf:50:04:5c:0b:08:1d:37:
62:d5:8c:4b:1a:29:3f:5e:76:74:d9:15:65:7d:79:0b:23:67:
e8:17:e2:58:18:57:b3:d9:b3:fb:07:c4:37:53:3b:c4:c7:41:
08:67:2a:a4:2d:26:f9:a7:fc:df:19:6d:bf:76:42:c4:e2:bf:
3e:48:51:02:3a:c3:f8:60:0b:1e:5c:2e:f5:21:e1:8e:3c:12:
c4:20:96:b6:bc:32:2b:8b:03:70:e9:43:86:13:6a:20:69:13:
f0:13:24:c0:57:88:74:7a:02:50:52:63:a0:90:bd:2b:be:80:
cc:e6:67:06:82:55:53:07:7c:7e:ad:fb:e0:6f:20:d4:62:67:
68:7c:56:21:f4:99:f3:26:82:d7:7c:25:48:3d:b8:8d:c9:70:
e1:1a:a9:c7:82:37:7e:7c:b4:68:91:bc:05:1b:b8:ea:42:d7:
06:bd:0e:11:50:d6:42:d8:26:ea:7d:b2:37:c4:9e:e2:e8:ad:
38:a9:10:4e:b2:11:53:29:99:6a:d8:5d:16:7d:09:9f:f2:d8:
b6:6d:80:ee
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZUnTIsZzDuodNTmkniuZj3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYWFlNTU2MTNmYzg5NTg2ZjdiZDZkZTBlZGNhMDk3Yjg2
MTVhNmEwHhcNMjUwMjIxMDY1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGViNjZlOTRlN2Q5OTI4NDAwYWI1MGZlMzNlNzQ4NmI2NDIyMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eiXnO8QXHmbS3xV5PxpttYELUq9
zGFKj+KeZOxzB0lC542Jui1VeONehcaPxi53jfpy25tCDF2wxGuBhJVeegsoqjAf
t/gv6ro1NPWCWcpKP4WCqhqwN+IvW0S2VB4A3pWfxMPLOdJpWFHHfBZ6fRIOuNle
aOhj40ZBr0ATSPqilbxLP24hgYKs9tu75f8IoWVLQQamw8AQaENWJ+u+/WNKVF7r
1JpNxH2Rem5G14WbkXWGf21C0HQN6dbTJ0V7jjeKWm9ZRLfZ+3UdWCih2Hx+bnYE
D4lA3+V8pL15HhbVJZyRPW0ybqH+1kC7bLXL7GZG0hM3xZuPNLj1DzhU4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGjrZulOfZkoQAq1D+M+dIa2QiMZMB8GA1UdIwQY
MBaAFG+q5VYT/IlYb3vW3g7coJe4YVpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUt
MWIxMjY0MWY0OTNiLzEvYU90bTZVNTltU2hBQ3JVUDR6NTBoclpDSXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUtMWIxMjY0MWY0OTNi
LzEvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudAkAwQE
2UqwMA0EAgACMAcDBQAgARowMA0GCSqGSIb3DQEBCwUAA4IBAQA8GU1ly+wJOIP2
nLFIqcRgYC0uNVlwsxRpd2hTqIVMeHKOmLOtB2HOuIFTenA5z1AEXAsIHTdi1YxL
Gik/XnZ02RVlfXkLI2foF+JYGFez2bP7B8Q3UzvEx0EIZyqkLSb5p/zfGW2/dkLE
4r8+SFECOsP4YAseXC71IeGOPBLEIJa2vDIriwNw6UOGE2ogaRPwEyTAV4h0egJQ
UmOgkL0rvoDM5mcGglVTB3x+rfvgbyDUYmdofFYh9JnzJoLXfCVIPbiNyXDhGqnH
gjd+fLRokbwFG7jqQtcGvQ4RUNZC2CbqfbI3xJ7i6K04qRBOshFTKZlq2F0WfQmf
8ti2bYDu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net