Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/yXKulFLipTbjSUmowLRqtzSALEA.roa
File: yXKulFLipTbjSUmowLRqtzSALEA.roa (raw, json)
Hash identifier: LNf43mdJtw9mAKFqBqZr/MgvJNf0ToK4qGWZ05MJPz4=
Subject key identifier: C9:72:AE:94:52:E2:A5:36:E3:49:49:A8:C0:B4:6A:B7:34:80:2C:40
Certificate issuer: /CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Certificate serial: 019424B3BC28B85D41DB635A75EB376A55C8
Authority key identifier: 4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/yXKulFLipTbjSUmowLRqtzSALEA.roa
Signing time: Thu 02 Jan 2025 01:49:06 +0000
ROA not before: Thu 02 Jan 2025 01:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58321
IP address blocks: 5.104.248.0/21 maxlen: 24
81.161.192.0/20 maxlen: 20
81.161.192.0/21 maxlen: 21
81.161.192.0/24 maxlen: 24
81.161.193.0/24 maxlen: 24
81.161.194.0/24 maxlen: 24
81.161.195.0/24 maxlen: 24
81.161.196.0/24 maxlen: 24
81.161.197.0/24 maxlen: 24
81.161.198.0/24 maxlen: 24
81.161.199.0/24 maxlen: 24
81.161.200.0/21 maxlen: 21
81.161.200.0/24 maxlen: 24
81.161.201.0/24 maxlen: 24
81.161.202.0/24 maxlen: 24
81.161.203.0/24 maxlen: 24
81.161.204.0/24 maxlen: 24
81.161.205.0/24 maxlen: 24
81.161.206.0/24 maxlen: 24
91.232.44.0/23 maxlen: 24
109.199.0.0/19 maxlen: 24
109.207.48.0/20 maxlen: 24
176.227.160.0/21 maxlen: 24
178.249.88.0/21 maxlen: 24
185.34.76.0/22 maxlen: 24
185.73.88.0/22 maxlen: 22
185.80.212.0/22 maxlen: 22
193.242.168.0/23 maxlen: 23
193.242.168.0/24 maxlen: 24
193.242.169.0/24 maxlen: 24
195.3.232.0/22 maxlen: 22
2a04:4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:bc:28:b8:5d:41:db:63:5a:75:eb:37:6a:55:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Validity
Not Before: Jan 2 01:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c972ae9452e2a536e34949a8c0b46ab734802c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:89:96:06:ac:6c:d2:1d:39:ed:78:51:ea:
1f:65:f4:b4:a2:10:db:54:7a:60:93:34:1c:67:cb:
84:56:bb:2e:60:16:0d:64:3b:26:02:12:74:ec:66:
23:05:9f:15:7c:52:80:13:22:c6:56:cf:19:74:88:
4d:f9:e1:62:5b:b2:09:05:fe:b5:80:7c:02:12:ea:
e6:e6:b9:69:bd:f0:9e:df:60:d2:05:ca:da:dd:81:
4d:6a:36:4b:0b:49:1c:49:db:d7:a0:c7:0a:4c:94:
07:83:58:68:31:7b:8b:7c:62:fc:93:89:e7:47:3e:
ad:39:55:bc:34:af:c0:d7:f4:a4:90:a7:5f:ca:64:
9d:ac:f7:09:0d:1b:76:d6:f6:b2:10:cd:2b:96:28:
f7:84:53:d2:a5:01:0e:16:71:13:20:cf:25:fc:99:
da:87:f8:8b:7e:01:43:18:0c:2a:5c:72:ed:26:b2:
ba:4c:ba:c8:14:83:be:e9:37:df:82:a1:de:ff:ba:
de:b6:75:9d:ca:c1:1a:ac:06:fe:af:32:4b:b2:bb:
df:9f:fe:d3:4f:c5:5e:e7:14:38:09:1d:b7:ff:1a:
a2:5f:32:91:96:ad:d5:19:fc:75:21:82:4d:f9:f6:
ef:71:2f:ce:00:cd:a7:f7:13:fb:5f:e1:3f:20:03:
c2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:72:AE:94:52:E2:A5:36:E3:49:49:A8:C0:B4:6A:B7:34:80:2C:40
X509v3 Authority Key Identifier:
keyid:4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/yXKulFLipTbjSUmowLRqtzSALEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.248.0/21
81.161.192.0/20
91.232.44.0/23
109.199.0.0/19
109.207.48.0/20
176.227.160.0/21
178.249.88.0/21
185.34.76.0/22
185.73.88.0/22
185.80.212.0/22
193.242.168.0/23
195.3.232.0/22
IPv6:
2a04:4c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:c0:79:67:76:fd:c1:58:a9:be:bf:5a:ca:7f:66:65:9e:7e:
65:a7:fe:a5:c7:52:92:1d:d9:1c:22:12:d9:b1:c7:b1:42:82:
49:a8:2b:14:94:fa:09:33:17:7b:45:d6:54:8c:3b:c2:57:61:
ef:58:3c:12:f8:fa:01:ce:06:a7:5f:b0:f9:f5:d1:a3:5c:f1:
c6:a4:53:cb:31:bf:7a:52:c0:93:c0:4e:fb:48:ac:e7:83:11:
d1:36:3d:7c:cb:61:81:71:40:19:1e:9d:48:fb:fd:ea:80:7d:
d0:ad:33:a0:dd:8f:8a:09:21:69:db:74:5c:a7:65:eb:a9:bc:
53:82:de:01:1f:7f:7b:77:2b:a0:4f:47:b1:63:b4:0d:30:e9:
a0:5a:98:80:08:28:52:4c:c7:2e:2d:d4:ef:92:35:83:aa:18:
38:99:61:1d:99:80:36:a5:eb:5c:41:a3:d5:79:98:b0:51:c7:
3e:d1:41:a1:e9:8b:ea:42:02:0b:ae:57:da:f0:8d:30:67:0b:
e9:86:56:97:3f:74:25:67:c6:56:f5:b3:ba:82:28:06:4a:2c:
9d:26:f4:9c:e7:f1:aa:0d:fc:b8:c8:3d:f7:13:db:e1:54:ae:
e4:ac:90:36:f9:9d:fe:33:89:d3:21:c9:1c:d2:30:54:1e:ae:
96:3c:b6:e1
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQks7wouF1B22Nades3alXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTE3MTNlMTZiNGZkOGYzMzAxODg3ZGU2YTExMTk4MDQ0
OWIyOWUwHhcNMjUwMTAyMDE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTcyYWU5NDUyZTJhNTM2ZTM0OTQ5YThjMGI0NmFiNzM0ODAyYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0mJlgasbNIdOe14UeofZfS0ohDb
VHpgkzQcZ8uEVrsuYBYNZDsmAhJ07GYjBZ8VfFKAEyLGVs8ZdIhN+eFiW7IJBf61
gHwCEurm5rlpvfCe32DSBcra3YFNajZLC0kcSdvXoMcKTJQHg1hoMXuLfGL8k4nn
Rz6tOVW8NK/A1/SkkKdfymSdrPcJDRt21vayEM0rlij3hFPSpQEOFnETIM8l/Jna
h/iLfgFDGAwqXHLtJrK6TLrIFIO+6TffgqHe/7retnWdysEarAb+rzJLsrvfn/7T
T8Ve5xQ4CR23/xqiXzKRlq3VGfx1IYJN+fbvcS/OAM2n9xP7X+E/IAPCdwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFMlyrpRS4qU240lJqMC0arc0gCxAMB8GA1UdIwQY
MBaAFE7hcT4WtP2PMwGIfeahEZgESbKeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYt
MDhlNGI3OTM4N2MwLzEveVhLdWxGTGlwVGJqU1Vtb3dMUnF0elNBTEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYtMDhlNGI3OTM4N2Mw
LzEvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBWj4AwQE
UaHAAwQBW+gsAwQFbccAAwQEbc8wAwQDsOOgAwQDsvlYAwQCuSJMAwQCuUlYAwQC
uVDUAwQBwfKoAwQCwwPoMA0EAgACMAcDBQMqBATAMA0GCSqGSIb3DQEBCwUAA4IB
AQAUwHlndv3BWKm+v1rKf2Zlnn5lp/6lx1KSHdkcIhLZscexQoJJqCsUlPoJMxd7
RdZUjDvCV2HvWDwS+PoBzganX7D59dGjXPHGpFPLMb96UsCTwE77SKzngxHRNj18
y2GBcUAZHp1I+/3qgH3QrTOg3Y+KCSFp23Rcp2XrqbxTgt4BH397dyugT0exY7QN
MOmgWpiACChSTMcuLdTvkjWDqhg4mWEdmYA2petcQaPVeZiwUcc+0UGh6YvqQgIL
rlfa8I0wZwvphlaXP3QlZ8ZW9bO6gigGSiydJvSc5/GqDfy4yD33E9vhVK7krJA2
+Z3+M4nTIckc0jBUHq6WPLbh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net