Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/y1CXud9r4_KJCPJy5YSEoyYl1eg.roa
File: y1CXud9r4_KJCPJy5YSEoyYl1eg.roa (raw, json)
Hash identifier: kuTX8hxg4+tvv3VjP1J6iCQyHiFE3dinO8w9j6x97BA=
Subject key identifier: CB:50:97:B9:DF:6B:E3:F2:89:08:F2:72:E5:84:84:A3:26:25:D5:E8
Certificate issuer: /CN=6bec4e29c6849c5f808428e66858f4f0ecf4a654
Certificate serial: 019421B21E5F44F706D8DD19F5CE4434F8A8
Authority key identifier: 6B:EC:4E:29:C6:84:9C:5F:80:84:28:E6:68:58:F4:F0:EC:F4:A6:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-xOKcaEnF-AhCjmaFj08Oz0plQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/y1CXud9r4_KJCPJy5YSEoyYl1eg.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211733
IP address blocks: 185.204.199.0/24 maxlen: 24
2a10:9b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1e:5f:44:f7:06:d8:dd:19:f5:ce:44:34:f8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bec4e29c6849c5f808428e66858f4f0ecf4a654
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb5097b9df6be3f28908f272e58484a32625d5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:39:04:aa:7a:14:eb:bb:6d:ef:81:42:01:25:
64:31:6f:34:2d:72:42:e7:03:39:d3:45:e8:28:47:
97:89:83:26:ef:12:5c:bf:27:d0:a8:20:ed:6e:46:
75:c7:0f:ec:da:3b:70:62:d1:78:cd:bd:14:30:f9:
c7:80:65:44:06:22:52:47:8b:ec:8f:90:98:60:36:
d5:c8:84:29:ad:cc:af:a2:f9:0a:f7:63:8f:d1:73:
da:5b:89:81:dc:b2:c9:3b:ce:53:19:22:d1:b8:00:
18:a3:08:13:98:0c:bc:45:19:aa:c6:c5:01:5e:c0:
c8:77:59:61:22:b8:2f:7b:7f:34:1e:e0:19:5f:32:
e7:96:ed:71:8c:8b:a4:99:80:76:09:4c:22:93:e8:
b7:d7:66:a8:d7:5e:8e:7b:3c:f0:7c:80:e6:ad:00:
03:57:f4:68:72:53:15:2d:c5:75:37:25:0f:76:a2:
43:f2:f1:24:b3:52:3f:0c:f3:0e:f8:6b:1f:b9:f4:
53:09:b2:be:1d:be:74:e9:e5:da:ad:2d:49:d6:2a:
ce:47:59:54:31:55:af:40:2d:31:24:d7:5d:32:7d:
24:e6:57:2f:0b:b9:ad:2d:3a:94:f5:29:a2:c5:64:
01:6e:fb:f1:81:4f:96:ad:10:94:45:60:4e:8f:d1:
2c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:50:97:B9:DF:6B:E3:F2:89:08:F2:72:E5:84:84:A3:26:25:D5:E8
X509v3 Authority Key Identifier:
keyid:6B:EC:4E:29:C6:84:9C:5F:80:84:28:E6:68:58:F4:F0:EC:F4:A6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-xOKcaEnF-AhCjmaFj08Oz0plQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/y1CXud9r4_KJCPJy5YSEoyYl1eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f8ac99-0eaa-4f51-8d58-dbfaecdc7ea3/1/a-xOKcaEnF-AhCjmaFj08Oz0plQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.199.0/24
IPv6:
2a10:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
88:3e:bb:80:2d:97:2d:a7:ee:84:83:cd:81:10:a4:e3:11:71:
3e:a7:4c:db:9b:29:b4:44:e9:74:84:c1:76:78:5a:20:28:2a:
9d:0d:55:3e:aa:83:5a:70:b5:7c:05:c1:0d:c1:dc:d2:ef:fd:
77:8d:8b:77:93:28:69:71:bd:2e:b2:85:1f:fd:4f:5e:b3:81:
d4:aa:50:36:6c:20:24:da:46:22:e8:8a:90:3f:de:54:d9:0b:
4f:66:23:c8:53:ae:c4:53:4d:2c:21:6c:9c:14:73:f3:ce:5c:
dd:ca:1f:8c:e3:02:e1:68:d6:87:8f:51:97:67:6d:59:b7:09:
47:46:78:eb:53:98:86:0b:d0:22:00:9b:49:9b:61:40:ea:85:
5e:5f:83:1a:41:ad:41:56:93:ed:ca:7b:54:24:46:f1:6f:51:
9f:3e:24:34:ba:d7:ce:2d:f0:71:82:a6:87:9f:50:9f:4b:db:
21:5e:ad:73:15:90:62:32:07:27:0b:6b:17:15:e7:93:51:8c:
da:e1:95:82:74:89:37:40:2e:d2:3d:ab:cc:62:88:97:25:06:
84:68:5e:8a:dd:20:98:54:88:fc:fc:fa:2a:c2:15:91:92:0f:
40:38:a2:91:41:ba:ca:32:66:90:0e:15:b5:f0:b2:3e:7d:8d:
50:64:99:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsh5fRPcG2N0Z9c5ENPioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWM0ZTI5YzY4NDljNWY4MDg0MjhlNjY4NThmNGYwZWNm
NGE2NTQwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjUwOTdiOWRmNmJlM2YyODkwOGYyNzJlNTg0ODRhMzI2MjVkNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jkEqnoU67tt74FCASVkMW80LXJC
5wM500XoKEeXiYMm7xJcvyfQqCDtbkZ1xw/s2jtwYtF4zb0UMPnHgGVEBiJSR4vs
j5CYYDbVyIQprcyvovkK92OP0XPaW4mB3LLJO85TGSLRuAAYowgTmAy8RRmqxsUB
XsDId1lhIrgve380HuAZXzLnlu1xjIukmYB2CUwik+i312ao116OezzwfIDmrQAD
V/RoclMVLcV1NyUPdqJD8vEks1I/DPMO+GsfufRTCbK+Hb506eXarS1J1irOR1lU
MVWvQC0xJNddMn0k5lcvC7mtLTqU9SmixWQBbvvxgU+WrRCURWBOj9Es3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtQl7nfa+PyiQjycuWEhKMmJdXoMB8GA1UdIwQY
MBaAFGvsTinGhJxfgIQo5mhY9PDs9KZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS14T0tjYUVuRi1BaENqbWFGajA4T3owcGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mOGFjOTktMGVhYS00ZjUxLThkNTgt
ZGJmYWVjZGM3ZWEzLzEveTFDWHVkOXI0X0tKQ1BKeTVZU0VveVlsMWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mOGFjOTktMGVhYS00ZjUxLThkNTgtZGJmYWVjZGM3ZWEz
LzEvYS14T0tjYUVuRi1BaENqbWFGajA4T3owcGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuczHMA0E
AgACMAcDBQMqEJtAMA0GCSqGSIb3DQEBCwUAA4IBAQCIPruALZctp+6Eg82BEKTj
EXE+p0zbmym0ROl0hMF2eFogKCqdDVU+qoNacLV8BcENwdzS7/13jYt3kyhpcb0u
soUf/U9es4HUqlA2bCAk2kYi6IqQP95U2QtPZiPIU67EU00sIWycFHPzzlzdyh+M
4wLhaNaHj1GXZ21ZtwlHRnjrU5iGC9AiAJtJm2FA6oVeX4MaQa1BVpPtyntUJEbx
b1GfPiQ0utfOLfBxgqaHn1CfS9shXq1zFZBiMgcnC2sXFeeTUYza4ZWCdIk3QC7S
PavMYoiXJQaEaF6K3SCYVIj8/PoqwhWRkg9AOKKRQbrKMmaQDhW18LI+fY1QZJm7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:08 2025 by rpki-client on console.sobornost.net