Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/lyeOPA3Hi3kUGDVfoF3VE8weizo.roa
File: lyeOPA3Hi3kUGDVfoF3VE8weizo.roa (raw, json)
Hash identifier: SK0Hu8MdGQh3m28Nprb3+ZaMXzQS8vnNx8UerT7YIyM=
Subject key identifier: 97:27:8E:3C:0D:C7:8B:79:14:18:35:5F:A0:5D:D5:13:CC:1E:8B:3A
Certificate issuer: /CN=1c242f2e945c6a72ee28f8c80e80d488433e37a3
Certificate serial: 019424B3F097C549AE5D0B56B331F9BA5E43
Authority key identifier: 1C:24:2F:2E:94:5C:6A:72:EE:28:F8:C8:0E:80:D4:88:43:3E:37:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCQvLpRcanLuKPjIDoDUiEM-N6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/lyeOPA3Hi3kUGDVfoF3VE8weizo.roa
Signing time: Thu 02 Jan 2025 01:49:19 +0000
ROA not before: Thu 02 Jan 2025 01:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207024
IP address blocks: 195.14.104.0/24 maxlen: 24
2a12:b1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f0:97:c5:49:ae:5d:0b:56:b3:31:f9:ba:5e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c242f2e945c6a72ee28f8c80e80d488433e37a3
Validity
Not Before: Jan 2 01:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97278e3c0dc78b791418355fa05dd513cc1e8b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:67:8e:d8:e3:38:1a:66:5e:e0:82:14:7f:83:
aa:3f:5e:51:22:b6:18:89:39:a0:ce:d5:e6:b3:55:
88:56:2d:96:64:6e:d2:c8:7e:2b:97:ce:e8:d3:c7:
c1:ec:19:18:f3:d4:29:5b:d3:82:80:4f:5e:a2:57:
f7:00:87:79:be:32:8a:4b:01:c5:91:ad:7c:2e:6d:
94:ff:d8:4f:f7:55:98:a0:8b:dd:77:55:59:5d:32:
bf:4c:1e:1d:34:8c:92:43:fb:71:3a:ff:6d:b6:67:
57:58:d5:1b:f2:3b:74:f9:18:75:db:10:8f:b8:fb:
ff:16:ec:5f:24:21:b7:34:15:c1:86:72:c1:45:b9:
ad:ec:89:c9:5e:26:5f:bc:57:1e:94:72:13:9e:3b:
9f:a8:60:c5:b9:db:bc:c0:45:98:3d:59:a8:da:05:
44:2d:dd:34:95:c8:1a:fb:44:09:c4:58:95:30:21:
bb:52:48:c8:25:8b:40:f2:f6:30:54:f7:d7:01:d3:
67:67:b8:02:f1:c2:3c:ee:a6:cb:7d:0b:26:bd:0e:
2f:56:7a:61:f4:fe:ae:a4:5b:0c:79:b6:85:9e:50:
05:d3:ad:19:09:90:43:b2:24:c9:6c:56:0f:08:a3:
4f:95:1a:ed:4d:41:b9:b6:36:a2:88:48:c1:88:50:
0d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:27:8E:3C:0D:C7:8B:79:14:18:35:5F:A0:5D:D5:13:CC:1E:8B:3A
X509v3 Authority Key Identifier:
keyid:1C:24:2F:2E:94:5C:6A:72:EE:28:F8:C8:0E:80:D4:88:43:3E:37:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCQvLpRcanLuKPjIDoDUiEM-N6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/lyeOPA3Hi3kUGDVfoF3VE8weizo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3449b-27cb-40d1-b7aa-ca78ef5826ca/1/HCQvLpRcanLuKPjIDoDUiEM-N6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.14.104.0/24
IPv6:
2a12:b1c0::/29
Signature Algorithm: sha256WithRSAEncryption
d1:26:e4:53:4e:ca:8a:d9:28:27:85:fc:10:21:59:4c:12:ef:
0a:9d:ec:1c:12:cf:a5:7e:2e:a6:a8:52:85:52:a8:02:90:2d:
a5:b2:9c:a2:3e:7a:19:b5:a4:93:3c:da:4a:15:00:14:32:c6:
9c:82:07:c8:ef:50:50:b9:71:aa:c7:cc:6c:29:3c:1c:16:52:
73:54:be:9e:44:25:8d:8d:31:e3:45:47:a3:94:31:ad:5f:84:
cf:a4:1a:3a:b7:72:5d:89:f4:21:f2:b0:18:37:07:41:e7:02:
68:25:8d:f3:d9:c0:b7:a7:34:94:7a:2c:1c:47:01:33:95:97:
5e:68:dc:1e:5a:a4:f8:27:34:c3:1b:a7:e8:6e:78:93:d3:2d:
66:3d:35:90:64:64:6d:63:94:aa:53:54:d2:30:87:90:7f:53:
c6:6a:e0:5b:b2:b3:e4:73:05:5f:33:51:52:58:5c:bf:cf:5a:
12:27:d5:59:1e:59:cd:0d:72:96:f1:72:f9:94:f5:8c:0f:99:
67:c4:49:56:43:5a:a4:ae:b1:f9:1e:6c:bf:f7:f1:d1:21:da:
eb:8b:45:39:5c:11:2a:95:ff:37:06:6d:c9:55:23:b1:ff:8d:
ce:f7:37:2e:51:97:6c:15:3b:c3:70:12:8d:9b:10:4b:24:4c:
96:c5:a4:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks/CXxUmuXQtWszH5ul5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjQyZjJlOTQ1YzZhNzJlZTI4ZjhjODBlODBkNDg4NDMz
ZTM3YTMwHhcNMjUwMTAyMDE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI3OGUzYzBkYzc4Yjc5MTQxODM1NWZhMDVkZDUxM2NjMWU4YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WeO2OM4GmZe4IIUf4OqP15RIrYY
iTmgztXms1WIVi2WZG7SyH4rl87o08fB7BkY89QpW9OCgE9eolf3AId5vjKKSwHF
ka18Lm2U/9hP91WYoIvdd1VZXTK/TB4dNIySQ/txOv9ttmdXWNUb8jt0+Rh12xCP
uPv/FuxfJCG3NBXBhnLBRbmt7InJXiZfvFcelHITnjufqGDFudu8wEWYPVmo2gVE
Ld00lcga+0QJxFiVMCG7UkjIJYtA8vYwVPfXAdNnZ7gC8cI87qbLfQsmvQ4vVnph
9P6upFsMebaFnlAF060ZCZBDsiTJbFYPCKNPlRrtTUG5tjaiiEjBiFAN8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJcnjjwNx4t5FBg1X6Bd1RPMHos6MB8GA1UdIwQY
MBaAFBwkLy6UXGpy7ij4yA6A1IhDPjejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENRdkxwUmNhbkx1S1BqSURvRFVpRU0tTjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMzQ0OWItMjdjYi00MGQxLWI3YWEt
Y2E3OGVmNTgyNmNhLzEvbHllT1BBM0hpM2tVR0RWZm9GM1ZFOHdlaXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iMzQ0OWItMjdjYi00MGQxLWI3YWEtY2E3OGVmNTgyNmNh
LzEvSENRdkxwUmNhbkx1S1BqSURvRFVpRU0tTjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAww5oMA0E
AgACMAcDBQMqErHAMA0GCSqGSIb3DQEBCwUAA4IBAQDRJuRTTsqK2SgnhfwQIVlM
Eu8KnewcEs+lfi6mqFKFUqgCkC2lspyiPnoZtaSTPNpKFQAUMsacggfI71BQuXGq
x8xsKTwcFlJzVL6eRCWNjTHjRUejlDGtX4TPpBo6t3JdifQh8rAYNwdB5wJoJY3z
2cC3pzSUeiwcRwEzlZdeaNweWqT4JzTDG6fobniT0y1mPTWQZGRtY5SqU1TSMIeQ
f1PGauBbsrPkcwVfM1FSWFy/z1oSJ9VZHlnNDXKW8XL5lPWMD5lnxElWQ1qkrrH5
Hmy/9/HRIdrri0U5XBEqlf83Bm3JVSOx/43O9zcuUZdsFTvDcBKNmxBLJEyWxaTe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net