Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/RysabfgSrooxUAVkb0Cu2rOa1B8.roa
File: RysabfgSrooxUAVkb0Cu2rOa1B8.roa (raw, json)
Hash identifier: kDFtRPNIEsF7OH+wALA7E+fu8R+E9Lu/M1W1e9aWGpo=
Subject key identifier: 47:2B:1A:6D:F8:12:AE:8A:31:50:05:64:6F:40:AE:DA:B3:9A:D4:1F
Certificate issuer: /CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Certificate serial: 0195B5A5FFEE60E89219585AD1A7D8DDB36F
Authority key identifier: 2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/RysabfgSrooxUAVkb0Cu2rOa1B8.roa
Signing time: Thu 20 Mar 2025 22:21:49 +0000
ROA not before: Thu 20 Mar 2025 22:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44002
IP address blocks: 79.98.72.0/21 maxlen: 21
79.98.72.0/24 maxlen: 24
79.98.73.0/24 maxlen: 24
79.98.74.0/24 maxlen: 24
79.98.75.0/24 maxlen: 24
79.98.76.0/24 maxlen: 24
79.98.77.0/24 maxlen: 24
79.98.78.0/24 maxlen: 24
79.98.79.0/24 maxlen: 24
185.4.200.0/22 maxlen: 22
185.4.200.0/24 maxlen: 24
185.4.201.0/24 maxlen: 24
185.4.202.0/24 maxlen: 24
185.4.203.0/24 maxlen: 24
2a02:970::/32 maxlen: 48
2a02:970:1::/48 maxlen: 48
2a02:970:1006::/48 maxlen: 48
2a02:970:1017::/48 maxlen: 48
2a02:970:1019::/48 maxlen: 48
2a02:970:1028::/48 maxlen: 48
2a02:970:1052::/48 maxlen: 48
2a02:970:1061::/48 maxlen: 48
2a02:970:1176::/48 maxlen: 48
2a02:970:1185::/48 maxlen: 48
2a02:970:1192::/48 maxlen: 48
2a02:970:1206::/48 maxlen: 48
2a02:970:1208::/48 maxlen: 48
2a02:970:1245::/48 maxlen: 48
2a02:970:1366::/48 maxlen: 48
2a02:970:1446::/48 maxlen: 48
2a02:970:1c01::/48 maxlen: 48
2a02:970:2006::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b5:a5:ff:ee:60:e8:92:19:58:5a:d1:a7:d8:dd:b3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Validity
Not Before: Mar 20 22:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=472b1a6df812ae8a315005646f40aedab39ad41f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0d:7b:8d:cc:9e:d2:05:e7:cf:b2:90:f2:58:
e3:01:7f:ab:47:ec:22:6b:87:06:f0:aa:46:2e:2b:
03:fb:b9:46:78:67:68:18:0d:0b:b9:b7:1a:5f:64:
38:59:31:c5:72:5e:7d:00:b1:d1:5a:91:d7:f3:d9:
13:c0:3e:e6:73:fb:f4:57:e5:69:c8:09:79:c5:e5:
f6:78:85:64:ea:02:4a:70:a9:47:d4:b1:bd:e6:4c:
00:46:01:39:bd:e0:84:1d:a0:a4:d9:74:03:b2:6b:
cf:78:1c:73:ce:a7:d0:c4:ce:69:7c:b5:6e:85:a1:
a4:95:5f:63:4d:28:51:7e:e1:f4:26:c4:7f:0c:8d:
71:b0:9a:04:4e:76:8d:96:0d:cb:5c:b3:a7:ec:8b:
92:ac:e4:bb:c7:07:60:2a:30:df:31:8b:42:ba:04:
44:8a:e2:0a:9b:65:db:8b:9a:83:9d:85:ea:92:fe:
0b:ac:13:9f:88:12:4a:d2:37:f7:cc:03:11:69:0c:
95:e7:d2:44:33:c9:32:51:ea:f1:7a:49:83:4a:4a:
99:0c:a1:3d:6d:51:e3:1d:e5:5d:3d:8f:d5:ad:82:
14:e0:4d:33:54:1e:21:4f:6d:70:e0:e8:48:b7:b7:
33:9f:50:ad:c5:74:dc:6b:35:80:44:a2:cd:1b:3c:
22:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2B:1A:6D:F8:12:AE:8A:31:50:05:64:6F:40:AE:DA:B3:9A:D4:1F
X509v3 Authority Key Identifier:
keyid:2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/RysabfgSrooxUAVkb0Cu2rOa1B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/LwNC4NI-9-BrHf9cxu5PoXr4vZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.72.0/21
185.4.200.0/22
IPv6:
2a02:970::/32
Signature Algorithm: sha256WithRSAEncryption
6d:25:13:2a:50:3c:f0:9f:52:19:3e:a4:81:c8:06:60:fb:8b:
4c:2a:9e:18:8d:43:dd:23:b2:b3:af:c1:ab:7c:ea:ee:b4:38:
2f:cb:9f:7c:32:08:45:21:4e:08:d3:3a:e0:33:2f:43:14:1c:
bb:33:de:55:4c:08:a6:3d:92:72:51:82:67:d4:ee:50:11:ab:
7a:c2:39:14:92:dc:2b:08:a6:13:05:10:94:96:16:08:ec:f0:
33:19:93:a5:30:9f:7d:90:c0:02:82:3d:b5:62:ed:22:8f:44:
a5:ac:66:8f:8b:83:70:ed:2b:aa:2b:38:10:a1:43:ba:d0:7b:
fc:16:b5:04:7e:a7:51:a1:57:50:02:da:b7:90:55:ce:ac:05:
9a:6b:e2:75:c5:6e:23:17:2b:17:3c:83:28:3d:c4:60:dd:c3:
32:e1:6d:f5:b4:f1:0e:8c:c8:7b:c6:75:3f:37:cc:ab:ce:06:
fa:a3:54:a3:67:af:f1:78:dc:c6:c2:44:e0:49:3d:fa:e4:84:
9a:7d:71:a4:ca:30:c9:a1:56:96:72:c5:d3:91:cc:a4:90:e3:
30:19:a7:b8:52:59:6d:01:97:4f:83:f0:4f:09:12:ef:66:07:
ce:a2:cd:61:cd:33:da:2a:f6:60:d7:52:22:59:1d:28:8a:46:
34:e7:5b:65
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZW1pf/uYOiSGVha0afY3bNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMDM0MmUwZDIzZWY3ZTA2YjFkZmY1Y2M2ZWU0ZmExN2Fm
OGJkOTgwHhcNMjUwMzIwMjIyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJiMWE2ZGY4MTJhZThhMzE1MDA1NjQ2ZjQwYWVkYWIzOWFkNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw17jcye0gXnz7KQ8ljjAX+rR+wi
a4cG8KpGLisD+7lGeGdoGA0LubcaX2Q4WTHFcl59ALHRWpHX89kTwD7mc/v0V+Vp
yAl5xeX2eIVk6gJKcKlH1LG95kwARgE5veCEHaCk2XQDsmvPeBxzzqfQxM5pfLVu
haGklV9jTShRfuH0JsR/DI1xsJoETnaNlg3LXLOn7IuSrOS7xwdgKjDfMYtCugRE
iuIKm2Xbi5qDnYXqkv4LrBOfiBJK0jf3zAMRaQyV59JEM8kyUerxekmDSkqZDKE9
bVHjHeVdPY/VrYIU4E0zVB4hT21w4OhIt7czn1CtxXTcazWARKLNGzwiwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEcrGm34Eq6KMVAFZG9ArtqzmtQfMB8GA1UdIwQY
MBaAFC8DQuDSPvfgax3/XMbuT6F6+L2YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2Mt
YzkxMGFmOTNlNDI2LzEvUnlzYWJmZ1Nyb294VUFWa2IwQ3Uyck9hMUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2MtYzkxMGFmOTNlNDI2
LzEvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2JIAwQC
uQTIMA0EAgACMAcDBQAqAglwMA0GCSqGSIb3DQEBCwUAA4IBAQBtJRMqUDzwn1IZ
PqSByAZg+4tMKp4YjUPdI7Kzr8GrfOrutDgvy598MghFIU4I0zrgMy9DFBy7M95V
TAimPZJyUYJn1O5QEat6wjkUktwrCKYTBRCUlhYI7PAzGZOlMJ99kMACgj21Yu0i
j0SlrGaPi4Nw7SuqKzgQoUO60Hv8FrUEfqdRoVdQAtq3kFXOrAWaa+J1xW4jFysX
PIMoPcRg3cMy4W31tPEOjMh7xnU/N8yrzgb6o1SjZ6/xeNzGwkTgST365ISafXGk
yjDJoVaWcsXTkcykkOMwGae4UlltAZdPg/BPCRLvZgfOos1hzTPaKvZg11IiWR0o
ikY051tl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:19 2025 by rpki-client on console.sobornost.net