Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/ly3-RvWoyO2awNy_xQ_moo1MfmA.roa
File: ly3-RvWoyO2awNy_xQ_moo1MfmA.roa (raw, json)
Hash identifier: KvsdnKHrTKm+yH6S2/VYfWnh06kQpxZWrhW28oh7E8A=
Subject key identifier: 97:2D:FE:46:F5:A8:C8:ED:9A:C0:DC:BF:C5:0F:E6:A2:8D:4C:7E:60
Certificate issuer: /CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Certificate serial: 018CC6B7DABEE6D6754A400F2385BE24575B
Authority key identifier: A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/ly3-RvWoyO2awNy_xQ_moo1MfmA.roa
Signing time: Mon 01 Jan 2024 20:29:47 +0000
ROA not before: Mon 01 Jan 2024 20:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197883
IP address blocks: 94.154.119.0/24 maxlen: 24
195.144.23.0/24 maxlen: 24
80.73.241.0/24 maxlen: 24
195.137.186.0/24 maxlen: 24
195.137.188.0/24 maxlen: 24
185.136.40.0/24 maxlen: 24
185.136.41.0/24 maxlen: 24
185.136.42.0/24 maxlen: 24
185.136.43.0/24 maxlen: 24
185.8.145.0/24 maxlen: 24
185.8.144.0/24 maxlen: 24
176.97.207.0/24 maxlen: 24
185.8.146.0/24 maxlen: 24
185.8.147.0/24 maxlen: 24
176.57.240.0/24 maxlen: 24
176.57.243.0/24 maxlen: 24
176.57.244.0/24 maxlen: 24
176.57.241.0/24 maxlen: 24
176.57.242.0/24 maxlen: 24
176.57.245.0/24 maxlen: 24
176.57.246.0/24 maxlen: 24
176.57.247.0/24 maxlen: 24
195.138.220.0/24 maxlen: 24
194.53.4.0/24 maxlen: 24
194.53.5.0/24 maxlen: 24
194.53.6.0/24 maxlen: 24
194.53.7.0/24 maxlen: 24
195.96.152.0/24 maxlen: 24
2a01:9d80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:da:be:e6:d6:75:4a:40:0f:23:85:be:24:57:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Validity
Not Before: Jan 1 20:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=972dfe46f5a8c8ed9ac0dcbfc50fe6a28d4c7e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:14:db:c2:59:95:ab:ec:8c:4e:70:55:ee:2e:
f2:d4:8f:58:6d:81:52:08:c6:15:de:fd:d5:bc:3f:
03:30:dc:52:12:d0:47:01:ac:f1:a1:57:af:be:72:
7d:df:b6:a5:24:7e:54:a1:6f:bb:91:30:44:3b:c1:
8c:dc:8c:cb:f8:9d:d5:1c:16:22:52:76:9c:42:bc:
ed:3f:e9:dc:d5:ee:d4:3c:a9:94:d8:ce:18:65:c8:
30:b4:a5:48:f5:85:8e:25:64:c1:08:06:49:34:72:
ad:ff:9c:9a:f9:be:43:d9:ef:b1:b8:69:89:80:99:
8e:bc:fa:32:be:86:39:77:9e:cb:c6:b0:a0:bd:14:
6c:77:fe:ee:c3:80:e1:54:9b:92:61:1b:20:71:ec:
9a:fd:f5:1f:38:5d:10:ed:5f:93:5b:fb:63:b3:f7:
1f:1e:b1:19:6d:13:4a:7a:92:7a:54:c0:ab:77:6f:
ef:91:31:7d:1b:19:f2:a2:22:a8:cd:d4:d8:ab:60:
7e:0b:b3:e3:b8:a1:20:e9:b7:18:60:59:8c:f7:19:
5c:44:5c:0f:69:8c:ed:8d:3c:64:8c:1b:54:a5:38:
55:43:f8:04:88:60:45:ea:34:4b:b0:83:10:fa:f4:
73:2d:bc:b5:57:40:ac:3b:fe:e3:8b:c2:4d:af:23:
ed:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2D:FE:46:F5:A8:C8:ED:9A:C0:DC:BF:C5:0F:E6:A2:8D:4C:7E:60
X509v3 Authority Key Identifier:
keyid:A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/ly3-RvWoyO2awNy_xQ_moo1MfmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.241.0/24
94.154.119.0/24
176.57.240.0/21
176.97.207.0/24
185.8.144.0/22
185.136.40.0/22
194.53.4.0/22
195.96.152.0/24
195.137.186.0/24
195.137.188.0/24
195.138.220.0/24
195.144.23.0/24
IPv6:
2a01:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
71:5a:75:ba:7e:fd:94:33:64:76:1a:e4:78:b2:6a:5f:16:44:
ad:b7:a4:0c:44:be:ba:74:e6:1e:ae:98:96:bc:8d:19:e7:3c:
19:6c:2e:9e:fd:24:69:64:10:d9:d2:24:20:78:d5:0f:f8:31:
63:d9:01:fe:78:cf:7a:df:e0:d4:6c:c9:20:ba:2f:ef:68:ea:
6a:47:f5:05:b6:b1:65:29:77:19:5f:36:53:e1:12:68:5a:29:
af:ce:53:dd:ba:22:df:41:69:b6:09:f3:77:d4:a2:4f:b6:ad:
db:cc:c0:8e:05:c1:66:93:b1:12:8c:10:11:f9:0f:4f:61:2b:
46:e4:da:23:97:b0:dd:ca:94:38:6f:56:a4:f8:7b:c1:4c:0d:
6d:cb:d6:c4:0d:43:72:a2:5d:4c:81:0e:5d:1a:6b:18:40:ec:
0b:05:5d:81:26:de:32:79:70:5f:11:dd:dd:d8:d8:c5:83:ee:
0c:14:bd:fa:0d:b9:d0:8f:0b:86:38:39:29:d1:e5:c3:35:c4:
d9:fe:2d:31:4b:79:ce:5b:6c:ea:94:33:cb:04:b7:0d:8d:2d:
87:61:7d:89:25:81:02:53:29:f9:7a:6b:48:2d:15:28:fa:42:
d2:2b:c1:6a:77:d5:10:1d:29:af:57:22:96:a7:6a:d8:a1:9b:
74:96:5b:76
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzGt9q+5tZ1SkAPI4W+JFdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMGNiNGI4ZDU2OTQ3NzUxMmNlNTc4ODViYTZhMjg5OGZi
YzJkOTUwHhcNMjQwMTAxMjAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJkZmU0NmY1YThjOGVkOWFjMGRjYmZjNTBmZTZhMjhkNGM3ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghTbwlmVq+yMTnBV7i7y1I9YbYFS
CMYV3v3VvD8DMNxSEtBHAazxoVevvnJ937alJH5UoW+7kTBEO8GM3IzL+J3VHBYi
UnacQrztP+nc1e7UPKmU2M4YZcgwtKVI9YWOJWTBCAZJNHKt/5ya+b5D2e+xuGmJ
gJmOvPoyvoY5d57LxrCgvRRsd/7uw4DhVJuSYRsgceya/fUfOF0Q7V+TW/tjs/cf
HrEZbRNKepJ6VMCrd2/vkTF9GxnyoiKozdTYq2B+C7PjuKEg6bcYYFmM9xlcRFwP
aYztjTxkjBtUpThVQ/gEiGBF6jRLsIMQ+vRzLby1V0CsO/7ji8JNryPtaQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJct/kb1qMjtmsDcv8UP5qKNTH5gMB8GA1UdIwQY
MBaAFKAMtLjVaUd1Es5XiFumoomPvC2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUt
MThjNzBlYmY2ODFhLzEvbHkzLVJ2V295TzJhd055X3hRX21vbzFNZm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUtMThjNzBlYmY2ODFh
LzEvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAUEnxAwQA
Xpp3AwQDsDnwAwQAsGHPAwQCuQiQAwQCuYgoAwQCwjUEAwQAw2CYAwQAw4m6AwQA
w4m8AwQAw4rcAwQAw5AXMA0EAgACMAcDBQAqAZ2AMA0GCSqGSIb3DQEBCwUAA4IB
AQBxWnW6fv2UM2R2GuR4smpfFkStt6QMRL66dOYerpiWvI0Z5zwZbC6e/SRpZBDZ
0iQgeNUP+DFj2QH+eM963+DUbMkgui/vaOpqR/UFtrFlKXcZXzZT4RJoWimvzlPd
uiLfQWm2CfN31KJPtq3bzMCOBcFmk7ESjBAR+Q9PYStG5Nojl7DdypQ4b1ak+HvB
TA1ty9bEDUNyol1MgQ5dGmsYQOwLBV2BJt4yeXBfEd3d2NjFg+4MFL36DbnQjwuG
ODkp0eXDNcTZ/i0xS3nOW2zqlDPLBLcNjS2HYX2JJYECUyn5emtILRUo+kLSK8Fq
d9UQHSmvVyKWp2rYoZt0llt2
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:57 2024 by rpki-client on console.sobornost.net