Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/by9kfZ4EbEKUVkVK0jeGqBsmfmk.roa
File: by9kfZ4EbEKUVkVK0jeGqBsmfmk.roa (raw, json)
Hash identifier: LEv0S+P2XEMPTW4EvLdn5P/pRRYNUEDyCa7a7Tp2BTY=
Subject key identifier: 6F:2F:64:7D:9E:04:6C:42:94:56:45:4A:D2:37:86:A8:1B:26:7E:69
Certificate issuer: /CN=cb324555940ae51af5d1f42bd5ac715864fa1829
Certificate serial: 01942068158A1BA02F200DE4EFB646133B97
Authority key identifier: CB:32:45:55:94:0A:E5:1A:F5:D1:F4:2B:D5:AC:71:58:64:FA:18:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzJFVZQK5Rr10fQr1axxWGT6GCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/by9kfZ4EbEKUVkVK0jeGqBsmfmk.roa
Signing time: Wed 01 Jan 2025 05:47:59 +0000
ROA not before: Wed 01 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34953
IP address blocks: 194.55.232.0/23 maxlen: 24
2001:67c:bfc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:15:8a:1b:a0:2f:20:0d:e4:ef:b6:46:13:3b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb324555940ae51af5d1f42bd5ac715864fa1829
Validity
Not Before: Jan 1 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f2f647d9e046c429456454ad23786a81b267e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:94:ca:14:73:cd:6b:2d:0b:26:ba:ce:02:50:
b1:98:81:5e:af:56:83:bd:c2:2b:b8:b2:3a:70:c0:
e3:c9:14:34:66:83:ca:8a:7a:51:8c:29:2a:38:e2:
ed:24:74:63:27:ae:ab:1c:ec:66:4f:1d:27:50:27:
1f:08:e6:d7:75:0d:9d:bb:f7:2a:2e:84:dc:06:b2:
29:44:0d:1e:49:45:a5:3a:cb:dc:b2:89:26:32:f5:
ea:04:2c:e9:be:fc:70:4c:f0:a3:3e:47:93:c4:a3:
c1:ac:8b:b4:62:7b:51:26:4e:4b:42:9d:54:ef:a0:
ab:88:de:9a:b2:59:97:ab:ea:d0:d6:e8:05:7b:f3:
93:75:b8:64:f8:ff:14:52:f3:78:40:c6:5e:28:35:
17:dc:4d:b3:89:96:61:00:fe:92:92:bd:f1:40:60:
c0:75:1c:2d:05:b5:de:b4:43:ba:16:52:90:18:37:
a3:0d:1b:30:9a:dd:28:04:1c:8a:8c:ca:50:04:e3:
e1:aa:2e:cf:9d:84:cc:25:d7:5f:eb:23:95:aa:5e:
e0:a8:0c:18:11:91:ef:54:94:cf:80:9d:5c:9d:30:
0c:61:20:c6:af:b4:46:0c:56:bf:9c:fa:17:97:7f:
80:e5:64:fd:4c:9d:a5:98:f9:f1:be:1f:41:9d:f6:
bd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2F:64:7D:9E:04:6C:42:94:56:45:4A:D2:37:86:A8:1B:26:7E:69
X509v3 Authority Key Identifier:
keyid:CB:32:45:55:94:0A:E5:1A:F5:D1:F4:2B:D5:AC:71:58:64:FA:18:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzJFVZQK5Rr10fQr1axxWGT6GCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/by9kfZ4EbEKUVkVK0jeGqBsmfmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/yzJFVZQK5Rr10fQr1axxWGT6GCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.232.0/23
IPv6:
2001:67c:bfc::/48
Signature Algorithm: sha256WithRSAEncryption
3d:14:11:87:a7:d2:e4:ea:16:a7:fe:06:cc:87:ba:ea:64:27:
95:d4:db:70:e7:b2:0c:95:d7:f3:c3:c8:41:a3:e2:c9:c3:38:
73:c0:5f:46:7b:02:2c:f3:07:1d:fc:c2:db:34:17:4b:ac:0b:
ab:9b:73:66:d0:8e:3c:e2:26:5e:e0:f2:5f:82:b5:00:3f:63:
b0:23:d4:e2:28:7a:db:bc:4f:d0:e2:3a:f5:7c:c4:4a:f6:f0:
bd:26:b6:7d:e6:17:c0:4f:96:ff:a6:79:e5:a5:21:e7:55:50:
33:d8:d7:04:8f:6c:54:b6:97:ad:3f:83:f9:c4:71:d0:fa:d1:
e2:42:1e:d2:9a:aa:1c:3f:d2:33:3a:4e:ae:9b:93:b7:38:e8:
6c:3d:74:c5:a7:4c:4c:3d:0e:0a:8b:9b:e8:10:1f:ea:ed:4c:
10:9a:68:e8:8f:61:24:fc:d4:f4:15:04:f7:46:07:85:80:40:
b9:9d:da:c5:99:07:61:84:73:0e:9a:09:ca:f1:41:aa:96:9b:
1e:86:56:48:91:f8:aa:8e:96:1e:84:28:19:eb:56:41:d1:a2:
88:74:dc:8e:f2:82:2d:8a:ca:2b:fa:26:19:01:ff:52:4b:e9:
fe:87:ea:1f:01:ca:de:18:a2:6c:c9:62:fd:1a:fa:64:da:aa:
dd:8d:ae:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaBWKG6AvIA3k77ZGEzuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzI0NTU1OTQwYWU1MWFmNWQxZjQyYmQ1YWM3MTU4NjRm
YTE4MjkwHhcNMjUwMTAxMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJmNjQ3ZDllMDQ2YzQyOTQ1NjQ1NGFkMjM3ODZhODFiMjY3ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pTKFHPNay0LJrrOAlCxmIFer1aD
vcIruLI6cMDjyRQ0ZoPKinpRjCkqOOLtJHRjJ66rHOxmTx0nUCcfCObXdQ2du/cq
LoTcBrIpRA0eSUWlOsvcsokmMvXqBCzpvvxwTPCjPkeTxKPBrIu0YntRJk5LQp1U
76CriN6aslmXq+rQ1ugFe/OTdbhk+P8UUvN4QMZeKDUX3E2ziZZhAP6Skr3xQGDA
dRwtBbXetEO6FlKQGDejDRswmt0oBByKjMpQBOPhqi7PnYTMJddf6yOVql7gqAwY
EZHvVJTPgJ1cnTAMYSDGr7RGDFa/nPoXl3+A5WT9TJ2lmPnxvh9Bnfa90QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG8vZH2eBGxClFZFStI3hqgbJn5pMB8GA1UdIwQY
MBaAFMsyRVWUCuUa9dH0K9WscVhk+hgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpKRlZaUUs1UnIxMGZRcjFheHhXR1Q2R0NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zMDA5ODMtNGRmZC00MTljLWJjMjAt
MjAyYzI2ODlkZmEwLzEvYnk5a2ZaNEViRUtVVmtWSzBqZUdxQnNtZm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zMDA5ODMtNGRmZC00MTljLWJjMjAtMjAyYzI2ODlkZmEw
LzEveXpKRlZaUUs1UnIxMGZRcjFheHhXR1Q2R0NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwjfoMA8E
AgACMAkDBwAgAQZ8C/wwDQYJKoZIhvcNAQELBQADggEBAD0UEYen0uTqFqf+BsyH
uupkJ5XU23DnsgyV1/PDyEGj4snDOHPAX0Z7AizzBx38wts0F0usC6ubc2bQjjzi
Jl7g8l+CtQA/Y7Aj1OIoetu8T9DiOvV8xEr28L0mtn3mF8BPlv+meeWlIedVUDPY
1wSPbFS2l60/g/nEcdD60eJCHtKaqhw/0jM6Tq6bk7c46Gw9dMWnTEw9DgqLm+gQ
H+rtTBCaaOiPYST81PQVBPdGB4WAQLmd2sWZB2GEcw6aCcrxQaqWmx6GVkiR+KqO
lh6EKBnrVkHRooh03I7ygi2Kyiv6JhkB/1JL6f6H6h8Byt4YomzJYv0a+mTaqt2N
rh8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:20 2025 by rpki-client on console.sobornost.net