Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/0aA52a05uApLKY3CXNmnXhwKrks.roa
File: 0aA52a05uApLKY3CXNmnXhwKrks.roa (raw, json)
Hash identifier: MeSVjVqbWBXWuoo0WV7N+n6x9g24v2DXI6O3Ubp3bGI=
Subject key identifier: D1:A0:39:D9:AD:39:B8:0A:4B:29:8D:C2:5C:D9:A7:5E:1C:0A:AE:4B
Certificate issuer: /CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Certificate serial: 01942827E54A7457A0BBE8FD42426D026B0C
Authority key identifier: 9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/0aA52a05uApLKY3CXNmnXhwKrks.roa
Signing time: Thu 02 Jan 2025 17:54:50 +0000
ROA not before: Thu 02 Jan 2025 17:54:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204903
IP address blocks: 185.236.104.0/22 maxlen: 22
185.236.104.0/24 maxlen: 24
185.236.105.0/24 maxlen: 24
185.236.106.0/24 maxlen: 24
185.236.107.0/24 maxlen: 24
2a12:7bc0::/32 maxlen: 32
2a12:7bc0:102::/48 maxlen: 48
2a12:7bc0:103::/48 maxlen: 48
2a12:7bc0:104::/48 maxlen: 48
2a12:7bc0:105::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:e5:4a:74:57:a0:bb:e8:fd:42:42:6d:02:6b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Validity
Not Before: Jan 2 17:54:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1a039d9ad39b80a4b298dc25cd9a75e1c0aae4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:9d:4a:22:96:74:13:e6:40:a8:d6:90:32:
4a:e3:88:6a:01:7b:24:d3:80:6d:c4:ef:0b:c7:e8:
d9:21:fa:89:c8:62:8e:b7:01:f5:17:10:40:ee:c7:
8d:4e:1f:f0:13:89:35:be:dc:6e:ef:7d:d6:04:ec:
fc:b9:0e:3b:71:d8:e4:b0:78:44:a4:5c:81:86:e1:
d7:92:71:86:29:78:2e:ba:03:9f:c1:8b:00:b3:98:
54:7b:07:e1:c9:4b:6f:c9:d1:1c:50:00:54:9e:84:
15:b1:0f:e0:8f:a4:13:17:6a:e6:35:1d:99:d5:e9:
05:57:df:fb:d4:8c:31:72:a7:e6:80:9b:6c:d9:bf:
30:70:e5:f1:46:59:b7:d8:c6:52:fe:05:f0:e5:b3:
82:f7:80:ea:c3:98:d5:4a:7f:f0:1b:2c:4d:db:3c:
7c:8a:e1:d2:84:97:35:0c:cc:13:e0:bf:59:3a:7f:
ea:ac:e3:24:28:7c:cc:d8:1c:bc:e5:37:36:89:0b:
67:fa:82:a4:b3:35:2d:f9:65:37:12:94:26:f1:02:
df:0d:ac:eb:7b:51:00:e3:fa:77:6e:5a:63:9e:f0:
84:cf:e9:d9:7a:d2:18:95:6b:80:1b:e6:be:b7:93:
a1:11:8e:a4:f3:87:da:4a:e0:86:e1:0f:dc:b3:e8:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A0:39:D9:AD:39:B8:0A:4B:29:8D:C2:5C:D9:A7:5E:1C:0A:AE:4B
X509v3 Authority Key Identifier:
keyid:9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/0aA52a05uApLKY3CXNmnXhwKrks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.104.0/22
IPv6:
2a12:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:11:92:25:aa:4c:b8:13:59:9b:7b:62:f3:c1:26:18:b2:0c:
db:d7:b7:b4:c0:67:13:5d:64:36:4d:b6:00:5a:29:a7:dd:39:
18:65:61:7f:80:f7:8e:bf:a9:64:52:99:88:81:fa:47:50:ae:
9b:ad:2c:11:a9:36:25:91:85:22:ed:65:b5:4c:b9:af:b0:09:
ac:df:fc:9e:1f:79:d1:d4:75:d4:94:d8:9f:f8:54:4a:c4:18:
cb:bd:11:1f:a2:0d:16:29:f3:0b:5d:e7:ef:cd:8f:0d:32:51:
4e:dd:59:4c:5c:35:ca:a1:5d:e0:7a:46:85:c9:d5:21:d0:d3:
f1:83:61:7c:b9:38:ad:5b:89:a1:e7:a6:b7:b4:2f:8d:ba:8a:
18:e7:aa:47:64:ab:00:ce:08:74:2f:69:c3:78:0e:85:72:c4:
49:49:02:7e:03:02:f2:17:20:2c:9e:81:d8:1b:10:b4:cb:1b:
dd:8b:22:ae:8e:ce:22:1f:8c:f2:aa:15:30:a6:62:6e:00:dc:
88:9b:8d:15:86:11:1c:6e:3f:cd:99:0e:21:a6:fe:41:23:c4:
78:7e:a6:bb:55:78:2f:30:d9:99:ee:1b:05:7c:49:ef:b9:01:
76:27:74:78:42:18:f5:ac:0f:79:c0:55:05:bb:87:d3:80:a8:
a3:53:77:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJ+VKdFegu+j9QkJtAmsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWEwODY5MmYyMjhkYTBjNDFiMzE3YzZmYTdjYzVjM2Jl
YzUxZTEwHhcNMjUwMTAyMTc1NDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEwMzlkOWFkMzliODBhNGIyOThkYzI1Y2Q5YTc1ZTFjMGFhZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4ydSiKWdBPmQKjWkDJK44hqAXsk
04BtxO8Lx+jZIfqJyGKOtwH1FxBA7seNTh/wE4k1vtxu733WBOz8uQ47cdjksHhE
pFyBhuHXknGGKXguugOfwYsAs5hUewfhyUtvydEcUABUnoQVsQ/gj6QTF2rmNR2Z
1ekFV9/71IwxcqfmgJts2b8wcOXxRlm32MZS/gXw5bOC94Dqw5jVSn/wGyxN2zx8
iuHShJc1DMwT4L9ZOn/qrOMkKHzM2By85Tc2iQtn+oKkszUt+WU3EpQm8QLfDazr
e1EA4/p3blpjnvCEz+nZetIYlWuAG+a+t5OhEY6k84faSuCG4Q/cs+i/0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNGgOdmtObgKSymNwlzZp14cCq5LMB8GA1UdIwQY
MBaAFJoaCGkvIo2gxBsxfG+nzFw77FHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2Yt
MDJlZGYwOGY3Y2Y4LzEvMGFBNTJhMDV1QXBMS1kzQ1hObW5YaHdLcmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2YtMDJlZGYwOGY3Y2Y4
LzEvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuexoMA0E
AgACMAcDBQAqEnvAMA0GCSqGSIb3DQEBCwUAA4IBAQBeEZIlqky4E1mbe2LzwSYY
sgzb17e0wGcTXWQ2TbYAWimn3TkYZWF/gPeOv6lkUpmIgfpHUK6brSwRqTYlkYUi
7WW1TLmvsAms3/yeH3nR1HXUlNif+FRKxBjLvREfog0WKfMLXefvzY8NMlFO3VlM
XDXKoV3gekaFydUh0NPxg2F8uTitW4mh56a3tC+NuooY56pHZKsAzgh0L2nDeA6F
csRJSQJ+AwLyFyAsnoHYGxC0yxvdiyKujs4iH4zyqhUwpmJuANyIm40VhhEcbj/N
mQ4hpv5BI8R4fqa7VXgvMNmZ7hsFfEnvuQF2J3R4Qhj1rA95wFUFu4fTgKijU3eh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net