Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/41c111-6505-41a4-9e67-3b91ff9a1acd/1/sf1KX3-278D909_VQvgz_1jkfVI.roa
File: sf1KX3-278D909_VQvgz_1jkfVI.roa (raw, json)
Hash identifier: zN2i6GvyNGlDViFzbVFFZ6ISLkchZMIvYNFAKpwZnH0=
Subject key identifier: B1:FD:4A:5F:7F:B6:EF:C0:FD:D3:DF:D5:42:F8:33:FF:58:E4:7D:52
Certificate issuer: /CN=bea7b67777b9a6832933576497b46a9b16304cd9
Certificate serial: 019422FAE772784C702F6598A4A7249A7B70
Authority key identifier: BE:A7:B6:77:77:B9:A6:83:29:33:57:64:97:B4:6A:9B:16:30:4C:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqe2d3e5poMpM1dkl7RqmxYwTNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/41c111-6505-41a4-9e67-3b91ff9a1acd/1/sf1KX3-278D909_VQvgz_1jkfVI.roa
Signing time: Wed 01 Jan 2025 17:47:36 +0000
ROA not before: Wed 01 Jan 2025 17:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197008
IP address blocks: 178.251.116.0/23 maxlen: 23
178.251.118.0/23 maxlen: 23
185.207.16.0/22 maxlen: 22
2a00:ee40:2::/48 maxlen: 48
2a00:ee40:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:e7:72:78:4c:70:2f:65:98:a4:a7:24:9a:7b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea7b67777b9a6832933576497b46a9b16304cd9
Validity
Not Before: Jan 1 17:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1fd4a5f7fb6efc0fdd3dfd542f833ff58e47d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4d:b6:2f:0c:72:f3:96:01:3e:db:73:44:1c:
23:60:a2:0b:3c:55:81:9f:a4:87:66:a0:b1:f7:c4:
19:70:5a:d6:2a:13:94:d1:c7:ad:be:ff:22:73:c9:
cc:d4:09:3b:1e:b9:95:28:d4:8a:66:e6:01:22:f7:
39:9e:9f:41:8a:e1:76:99:69:de:6d:53:99:d3:65:
e3:fb:54:aa:c9:f7:4f:0b:e7:ca:75:48:22:6e:67:
48:bb:1c:fa:df:38:90:e1:69:7e:0a:df:cb:b2:fe:
8c:d7:b2:d5:93:70:19:34:46:74:ba:93:d0:c6:e2:
3a:9b:f7:f7:88:49:38:b3:40:e4:d1:11:4a:2c:d7:
e6:5b:15:19:c0:86:02:1c:d2:c0:3c:a4:73:23:52:
f3:bc:7f:1a:1d:3e:d0:ca:01:3a:9a:69:d4:40:25:
82:d5:24:c8:0d:7d:e2:03:44:1c:2a:0b:c9:2f:db:
ce:05:62:de:eb:b6:b0:31:8c:1f:e6:3a:a1:84:f1:
07:8f:cd:e0:68:fb:8b:67:cf:f9:17:cf:7b:75:21:
b0:95:10:5c:32:2e:5d:40:a3:24:a6:8c:77:d0:56:
69:80:b3:84:c7:9f:c6:66:96:b1:ce:87:64:e0:4b:
23:31:ab:c2:d9:c5:fb:86:99:c4:b7:a4:f2:60:f9:
67:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:FD:4A:5F:7F:B6:EF:C0:FD:D3:DF:D5:42:F8:33:FF:58:E4:7D:52
X509v3 Authority Key Identifier:
keyid:BE:A7:B6:77:77:B9:A6:83:29:33:57:64:97:B4:6A:9B:16:30:4C:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqe2d3e5poMpM1dkl7RqmxYwTNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/41c111-6505-41a4-9e67-3b91ff9a1acd/1/sf1KX3-278D909_VQvgz_1jkfVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/41c111-6505-41a4-9e67-3b91ff9a1acd/1/vqe2d3e5poMpM1dkl7RqmxYwTNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.116.0/22
185.207.16.0/22
IPv6:
2a00:ee40:2::/48
2a00:ee40:4::/48
Signature Algorithm: sha256WithRSAEncryption
ac:78:35:a6:c4:4f:63:37:f4:96:35:da:fd:47:d1:45:38:5f:
d2:28:c3:24:c7:4c:fc:8f:73:da:90:e2:1f:76:c4:89:3d:98:
65:3c:a3:41:7d:ee:30:02:81:5e:93:28:4b:70:7f:56:5b:cb:
f5:7f:40:6d:0b:be:9a:ce:a2:b0:c3:56:05:58:d6:6b:55:11:
04:22:0f:0f:76:8f:9e:aa:e3:ed:b3:2d:a2:43:4f:7b:fa:b9:
7e:eb:f8:ca:74:18:89:0b:90:38:fa:f2:7d:1b:f9:cb:98:d8:
42:12:30:3a:93:d3:87:3a:e1:86:53:12:a8:6a:bb:61:21:10:
46:f0:15:ec:7f:51:32:f4:31:6b:42:73:a6:0f:14:83:55:19:
ff:e4:d2:58:07:b7:1e:bd:3a:4d:43:5d:47:ed:32:5e:ff:19:
6d:66:5e:44:9a:82:45:a6:80:0a:8d:62:02:2f:de:be:a7:1d:
6e:74:83:0d:8f:67:df:9f:00:46:fa:e4:20:1c:b2:c3:f3:b2:
58:d2:81:4c:70:8a:0d:6c:f9:75:f2:05:36:91:c3:19:4d:4b:
09:5c:eb:a7:4f:4e:5f:e6:22:d1:a0:8c:7b:54:bf:ef:ee:75:
d9:80:23:dc:ed:33:15:29:50:fd:97:d9:70:b1:41:70:13:09:
be:3a:59:1b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQi+udyeExwL2WYpKckmntwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTdiNjc3NzdiOWE2ODMyOTMzNTc2NDk3YjQ2YTliMTYz
MDRjZDkwHhcNMjUwMTAxMTc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWZkNGE1ZjdmYjZlZmMwZmRkM2RmZDU0MmY4MzNmZjU4ZTQ3ZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk22Lwxy85YBPttzRBwjYKILPFWB
n6SHZqCx98QZcFrWKhOU0cetvv8ic8nM1Ak7HrmVKNSKZuYBIvc5np9BiuF2mWne
bVOZ02Xj+1SqyfdPC+fKdUgibmdIuxz63ziQ4Wl+Ct/Lsv6M17LVk3AZNEZ0upPQ
xuI6m/f3iEk4s0Dk0RFKLNfmWxUZwIYCHNLAPKRzI1LzvH8aHT7QygE6mmnUQCWC
1STIDX3iA0QcKgvJL9vOBWLe67awMYwf5jqhhPEHj83gaPuLZ8/5F897dSGwlRBc
Mi5dQKMkpox30FZpgLOEx5/GZpaxzodk4EsjMavC2cX7hpnEt6TyYPlnrwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLH9Sl9/tu/A/dPf1UL4M/9Y5H1SMB8GA1UdIwQY
MBaAFL6ntnd3uaaDKTNXZJe0apsWMEzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFlMmQzZTVwb01wTTFka2w3UnFteFl3VE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy80MWMxMTEtNjUwNS00MWE0LTllNjct
M2I5MWZmOWExYWNkLzEvc2YxS1gzLTI3OEQ5MDlfVlF2Z3pfMWprZlZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy80MWMxMTEtNjUwNS00MWE0LTllNjctM2I5MWZmOWExYWNk
LzEvdnFlMmQzZTVwb01wTTFka2w3UnFteFl3VE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCsvt0AwQC
uc8QMBgEAgACMBIDBwAqAO5AAAIDBwAqAO5AAAQwDQYJKoZIhvcNAQELBQADggEB
AKx4NabET2M39JY12v1H0UU4X9IowyTHTPyPc9qQ4h92xIk9mGU8o0F97jACgV6T
KEtwf1Zby/V/QG0LvprOorDDVgVY1mtVEQQiDw92j56q4+2zLaJDT3v6uX7r+Mp0
GIkLkDj68n0b+cuY2EISMDqT04c64YZTEqhqu2EhEEbwFex/UTL0MWtCc6YPFINV
Gf/k0lgHtx69Ok1DXUftMl7/GW1mXkSagkWmgAqNYgIv3r6nHW50gw2PZ9+fAEb6
5CAcssPzsljSgUxwig1s+XXyBTaRwxlNSwlc66dPTl/mItGgjHtUv+/uddmAI9zt
MxUpUP2X2XCxQXATCb46WRs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net