Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/TBiZ_CyXMsOJcf6YES-qeNnA7K4.roa
File: TBiZ_CyXMsOJcf6YES-qeNnA7K4.roa (raw, json)
Hash identifier: QMLp06BguaI0fqG8Q739POQiUPSQCHhnkaMoIvb33Vg=
Subject key identifier: 4C:18:99:FC:2C:97:32:C3:89:71:FE:98:11:2F:AA:78:D9:C0:EC:AE
Certificate issuer: /CN=614f5665059abc7be3475ef9e77a9797b716fc87
Certificate serial: 019555F032DD969FA902E7EB4E253EF69FB1
Authority key identifier: 61:4F:56:65:05:9A:BC:7B:E3:47:5E:F9:E7:7A:97:97:B7:16:FC:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/TBiZ_CyXMsOJcf6YES-qeNnA7K4.roa
Signing time: Sun 02 Mar 2025 08:19:19 +0000
ROA not before: Sun 02 Mar 2025 08:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42493
IP address blocks: 2.59.124.0/22 maxlen: 24
5.35.216.0/21 maxlen: 24
77.73.40.0/21 maxlen: 24
185.40.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:55:f0:32:dd:96:9f:a9:02:e7:eb:4e:25:3e:f6:9f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614f5665059abc7be3475ef9e77a9797b716fc87
Validity
Not Before: Mar 2 08:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c1899fc2c9732c38971fe98112faa78d9c0ecae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:28:37:3e:ab:35:bb:89:18:d2:36:d7:5b:39:
eb:64:bf:92:bd:9b:ac:8c:7a:6f:35:19:1c:88:e8:
bd:49:c1:12:4b:83:84:50:fe:d4:07:fc:94:da:a2:
7b:e5:62:cd:fb:27:91:fe:91:d6:d9:20:42:4e:8c:
9e:24:76:49:c4:a8:40:c3:b1:bd:29:e6:85:71:07:
d5:37:15:94:2e:30:82:66:53:f8:94:6b:8f:66:af:
2e:0f:66:33:49:80:6a:23:2a:f9:4d:35:e9:fb:42:
80:19:27:51:cf:7a:30:bc:39:79:16:81:9b:73:03:
84:03:55:85:33:4a:70:f4:47:5a:34:db:23:24:85:
a0:4e:ed:16:fa:1c:3c:19:f9:a2:44:7a:0e:b5:99:
54:c9:89:84:e1:67:7f:06:b8:19:58:8d:63:e2:1b:
c6:6b:6b:7e:e0:8c:38:af:4f:91:e5:65:78:d3:65:
53:f6:74:34:be:0e:65:c2:b3:30:07:33:d2:f9:c5:
e8:79:88:fa:a7:f9:c9:74:59:00:44:fe:c8:3d:ba:
a2:57:93:a7:78:75:51:6f:7f:b1:68:5f:7a:a8:25:
5d:68:3f:f3:46:cc:4a:44:43:27:98:0b:d7:e4:9f:
11:94:dd:8f:d4:f9:e2:d5:d9:8a:04:73:de:09:7c:
c3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:18:99:FC:2C:97:32:C3:89:71:FE:98:11:2F:AA:78:D9:C0:EC:AE
X509v3 Authority Key Identifier:
keyid:61:4F:56:65:05:9A:BC:7B:E3:47:5E:F9:E7:7A:97:97:B7:16:FC:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/TBiZ_CyXMsOJcf6YES-qeNnA7K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/YU9WZQWavHvjR17553qXl7cW_Ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.124.0/22
5.35.216.0/21
77.73.40.0/21
185.40.148.0/22
Signature Algorithm: sha256WithRSAEncryption
20:9f:f5:bc:de:7b:b6:ec:0d:2f:89:ed:23:8a:9c:8c:ea:65:
95:a5:3b:4e:a2:ed:13:b2:61:b7:82:55:89:d2:b9:f8:d1:f6:
c4:e3:bf:c2:c6:92:3d:8e:0d:4e:24:64:bc:56:5e:40:52:88:
12:0b:39:5a:56:74:6e:f4:4d:61:54:55:46:30:69:d1:46:01:
b6:9b:b0:2a:48:7b:44:30:af:0c:6f:25:c2:b9:8b:7a:95:3c:
a5:96:92:6f:99:84:df:90:0e:5e:8a:59:1f:1f:cb:13:cd:02:
5c:61:7f:ee:b7:69:27:c5:33:51:19:52:52:d7:f6:22:41:54:
f5:f0:f8:c6:29:82:9b:cc:c9:b1:81:f6:ad:d7:99:bf:c6:18:
c6:75:3c:dc:b9:ba:c5:9d:b3:2a:aa:b3:c8:c7:d2:b2:1e:29:
81:8d:26:4d:9e:33:cb:f0:a2:cf:f2:70:ea:49:7e:b2:02:39:
4c:62:a5:d5:9a:2c:03:be:3a:3a:5a:ea:41:e1:bd:be:84:69:
03:54:5d:8a:49:e1:aa:1e:46:36:88:46:45:79:64:61:85:bf:
50:45:66:94:c8:24:cd:a1:b9:d6:bc:9a:c0:ed:9e:aa:7d:5d:
90:d3:f6:a1:9e:3a:38:10:51:72:a9:41:bb:43:72:9e:18:2a:
67:8f:9e:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVV8DLdlp+pAufrTiU+9p+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGY1NjY1MDU5YWJjN2JlMzQ3NWVmOWU3N2E5Nzk3Yjcx
NmZjODcwHhcNMjUwMzAyMDgxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE4OTlmYzJjOTczMmMzODk3MWZlOTgxMTJmYWE3OGQ5YzBlY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCg3Pqs1u4kY0jbXWznrZL+SvZus
jHpvNRkciOi9ScESS4OEUP7UB/yU2qJ75WLN+yeR/pHW2SBCToyeJHZJxKhAw7G9
KeaFcQfVNxWULjCCZlP4lGuPZq8uD2YzSYBqIyr5TTXp+0KAGSdRz3owvDl5FoGb
cwOEA1WFM0pw9EdaNNsjJIWgTu0W+hw8GfmiRHoOtZlUyYmE4Wd/BrgZWI1j4hvG
a2t+4Iw4r0+R5WV402VT9nQ0vg5lwrMwBzPS+cXoeYj6p/nJdFkARP7IPbqiV5On
eHVRb3+xaF96qCVdaD/zRsxKREMnmAvX5J8RlN2P1Pni1dmKBHPeCXzDnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEwYmfwslzLDiXH+mBEvqnjZwOyuMB8GA1UdIwQY
MBaAFGFPVmUFmrx740de+ed6l5e3FvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVU5V1pRV2F2SHZqUjE3NTUzcVhsN2NXX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS84ODhhMDQtNzdmNC00MTU5LTk4NmMt
M2NlZjU5M2QxNmI0LzEvVEJpWl9DeVhNc09KY2Y2WUVTLXFlTm5BN0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS84ODhhMDQtNzdmNC00MTU5LTk4NmMtM2NlZjU5M2QxNmI0
LzEvWVU5V1pRV2F2SHZqUjE3NTUzcVhsN2NXX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjt8AwQD
BSPYAwQDTUkoAwQCuSiUMA0GCSqGSIb3DQEBCwUAA4IBAQAgn/W83nu27A0vie0j
ipyM6mWVpTtOou0TsmG3glWJ0rn40fbE47/CxpI9jg1OJGS8Vl5AUogSCzlaVnRu
9E1hVFVGMGnRRgG2m7AqSHtEMK8MbyXCuYt6lTyllpJvmYTfkA5eilkfH8sTzQJc
YX/ut2knxTNRGVJS1/YiQVT18PjGKYKbzMmxgfat15m/xhjGdTzcubrFnbMqqrPI
x9KyHimBjSZNnjPL8KLP8nDqSX6yAjlMYqXVmiwDvjo6WupB4b2+hGkDVF2KSeGq
HkY2iEZFeWRhhb9QRWaUyCTNobnWvJrA7Z6qfV2Q0/ahnjo4EFFyqUG7Q3KeGCpn
j55j
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net