Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/f_yh7-7v7LI3DnSdnUSk00iuL5g.roa
File: f_yh7-7v7LI3DnSdnUSk00iuL5g.roa (raw, json)
Hash identifier: WRI0Xz6/VCX9n+DPCS4hBmIPi2foRqOlNvNKjpUOgU4=
Subject key identifier: 7F:FC:A1:EF:EE:EF:EC:B2:37:0E:74:9D:9D:44:A4:D3:48:AE:2F:98
Certificate issuer: /CN=0b8e20c48e8973c331e33ce55195a321773f0ac3
Certificate serial: 0194228E17A464877B9A72BF9644D986A8B9
Authority key identifier: 0B:8E:20:C4:8E:89:73:C3:31:E3:3C:E5:51:95:A3:21:77:3F:0A:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/f_yh7-7v7LI3DnSdnUSk00iuL5g.roa
Signing time: Wed 01 Jan 2025 15:48:45 +0000
ROA not before: Wed 01 Jan 2025 15:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13259
IP address blocks: 91.206.16.0/23 maxlen: 24
193.107.92.0/22 maxlen: 24
2001:678:68c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:17:a4:64:87:7b:9a:72:bf:96:44:d9:86:a8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8e20c48e8973c331e33ce55195a321773f0ac3
Validity
Not Before: Jan 1 15:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ffca1efeeefecb2370e749d9d44a4d348ae2f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a1:35:be:b6:4b:7b:5a:77:4f:ce:f1:ff:a9:
72:a4:9b:34:3c:81:93:4b:85:09:89:d3:d7:c0:0c:
98:f2:61:71:08:5f:dc:4b:f4:bc:58:ec:c4:80:7c:
5a:79:a1:09:7e:39:2a:7b:96:df:d0:72:66:41:f6:
6b:79:9d:9d:15:9b:59:12:86:1b:d7:09:a9:c8:82:
d1:4d:16:68:af:ea:84:a5:8f:07:e5:65:5d:cc:8f:
03:60:2d:88:ce:cc:87:2b:3a:a6:c8:51:45:b1:9b:
35:5c:df:50:ce:b0:d1:89:df:d0:ee:2e:ba:ee:fc:
7b:4f:39:45:ea:3f:2b:11:0b:f2:19:21:0e:58:41:
91:1f:cc:d5:35:c3:99:c6:bd:3a:4c:2d:4a:6f:75:
c0:41:31:35:99:7c:70:46:7f:c7:a4:a8:29:c3:fb:
cf:2b:f7:dc:c5:8c:86:d6:94:ea:1e:1e:a0:60:9d:
ff:5b:ef:4f:cb:44:13:77:07:8a:4e:c8:02:08:09:
83:cc:09:55:c4:ca:0f:a0:fa:d4:9b:17:e3:44:94:
e2:46:02:dd:ee:1e:cd:a2:2d:25:b8:79:f8:42:09:
58:be:7c:e5:05:99:a5:05:6a:81:22:7d:c8:b7:32:
0f:19:29:01:f2:de:34:a1:a2:2c:ac:29:ae:eb:7d:
c7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FC:A1:EF:EE:EF:EC:B2:37:0E:74:9D:9D:44:A4:D3:48:AE:2F:98
X509v3 Authority Key Identifier:
keyid:0B:8E:20:C4:8E:89:73:C3:31:E3:3C:E5:51:95:A3:21:77:3F:0A:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/f_yh7-7v7LI3DnSdnUSk00iuL5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.16.0/23
193.107.92.0/22
IPv6:
2001:678:68c::/48
Signature Algorithm: sha256WithRSAEncryption
8e:55:6f:e4:ad:17:3b:0d:f3:fe:f7:04:bd:01:65:34:5b:64:
9e:c5:97:6d:8a:9f:bc:1d:2c:9a:da:c3:bd:f8:ef:c6:cd:9c:
57:cb:80:12:71:c1:9c:30:3e:cc:bf:1e:f8:c0:9e:e1:db:05:
62:0f:d1:26:d1:a1:27:1d:fe:4b:eb:52:91:0d:62:e3:f3:b9:
cb:be:44:83:d2:be:b8:68:82:79:53:bc:3b:79:d9:ef:a5:15:
ca:8b:22:60:c1:85:5e:e8:97:17:97:ac:d9:f7:24:14:ed:92:
67:e8:2e:3c:20:30:23:59:61:35:4d:11:ad:d1:0a:cc:7d:63:
4a:65:f4:98:dc:ec:86:2d:d3:b2:67:33:23:4e:ce:8c:15:3a:
18:b6:a1:c4:bb:c3:f1:1f:95:13:74:59:5b:ca:a5:ac:bc:02:
29:22:8e:b5:0b:a7:91:a2:f4:6e:a2:17:94:7a:c6:4b:71:b8:
37:f4:0c:c5:37:f8:a5:eb:55:33:3e:0c:76:54:52:e1:d6:9c:
eb:6a:0b:75:5f:a7:63:3e:4a:b3:d3:91:b3:da:51:99:03:48:
68:fd:d1:4c:45:fc:59:24:64:00:c6:9a:01:bc:1d:36:c0:ef:
cb:e8:b5:f2:4b:b7:bc:3b:ba:81:5e:36:f3:2a:1c:54:e2:ce:
38:71:e0:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijhekZId7mnK/lkTZhqi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGUyMGM0OGU4OTczYzMzMWUzM2NlNTUxOTVhMzIxNzcz
ZjBhYzMwHhcNMjUwMTAxMTU0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmZjYTFlZmVlZWZlY2IyMzcwZTc0OWQ5ZDQ0YTRkMzQ4YWUyZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6E1vrZLe1p3T87x/6lypJs0PIGT
S4UJidPXwAyY8mFxCF/cS/S8WOzEgHxaeaEJfjkqe5bf0HJmQfZreZ2dFZtZEoYb
1wmpyILRTRZor+qEpY8H5WVdzI8DYC2IzsyHKzqmyFFFsZs1XN9QzrDRid/Q7i66
7vx7TzlF6j8rEQvyGSEOWEGRH8zVNcOZxr06TC1Kb3XAQTE1mXxwRn/HpKgpw/vP
K/fcxYyG1pTqHh6gYJ3/W+9Py0QTdweKTsgCCAmDzAlVxMoPoPrUmxfjRJTiRgLd
7h7Noi0luHn4QglYvnzlBZmlBWqBIn3ItzIPGSkB8t40oaIsrCmu633HrQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFH/8oe/u7+yyNw50nZ1EpNNIri+YMB8GA1UdIwQY
MBaAFAuOIMSOiXPDMeM85VGVoyF3PwrDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQ0Z3hJNkpjOE14NHp6bFVaV2pJWGNfQ3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80YTYxM2EtMzFlZi00YTczLThkYTQt
YTVhZjkzN2ZiYzA1LzEvZl95aDctN3Y3TEkzRG5TZG5VU2swMGl1TDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80YTYxM2EtMzFlZi00YTczLThkYTQtYTVhZjkzN2ZiYzA1
LzEvQzQ0Z3hJNkpjOE14NHp6bFVaV2pJWGNfQ3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW84QAwQC
wWtcMA8EAgACMAkDBwAgAQZ4BowwDQYJKoZIhvcNAQELBQADggEBAI5Vb+StFzsN
8/73BL0BZTRbZJ7Fl22Kn7wdLJraw73478bNnFfLgBJxwZwwPsy/HvjAnuHbBWIP
0SbRoScd/kvrUpENYuPzucu+RIPSvrhognlTvDt52e+lFcqLImDBhV7olxeXrNn3
JBTtkmfoLjwgMCNZYTVNEa3RCsx9Y0pl9Jjc7IYt07JnMyNOzowVOhi2ocS7w/Ef
lRN0WVvKpay8AikijrULp5Gi9G6iF5R6xktxuDf0DMU3+KXrVTM+DHZUUuHWnOtq
C3Vfp2M+SrPTkbPaUZkDSGj90UxF/FkkZADGmgG8HTbA78votfJLt7w7uoFeNvMq
HFTizjhx4NQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:45 2025 by rpki-client on console.sobornost.net