Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/YfS3cjK4Vpac_CBiKfsBfFWJL_Q.roa
File: YfS3cjK4Vpac_CBiKfsBfFWJL_Q.roa (raw, json)
Hash identifier: 1RR7WrqnR0gABe4dg0llPNB+qZTi0BLxUoe4buUhhgY=
Subject key identifier: 61:F4:B7:72:32:B8:56:96:9C:FC:20:62:29:FB:01:7C:55:89:2F:F4
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 019482E13B7EF71568454F35B18356FE708E
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/YfS3cjK4Vpac_CBiKfsBfFWJL_Q.roa
Signing time: Mon 20 Jan 2025 08:43:06 +0000
ROA not before: Mon 20 Jan 2025 08:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38917
IP address blocks: 87.255.224.0/19 maxlen: 24
87.255.224.0/20 maxlen: 24
87.255.240.0/20 maxlen: 24
87.255.248.0/22 maxlen: 24
87.255.252.0/24 maxlen: 24
109.111.64.0/19 maxlen: 24
109.111.64.0/24 maxlen: 24
109.111.70.0/24 maxlen: 24
149.255.16.0/22 maxlen: 22
176.110.192.0/21 maxlen: 21
176.110.200.0/22 maxlen: 22
176.110.206.0/23 maxlen: 23
176.110.208.0/21 maxlen: 24
185.24.112.0/22 maxlen: 24
185.86.112.0/20 maxlen: 24
194.32.156.0/22 maxlen: 22
217.175.32.0/20 maxlen: 24
2a04:2cc0::/32 maxlen: 32
2a04:2cc1::/32 maxlen: 32
2a04:2cc2::/32 maxlen: 32
2a04:2cc3::/32 maxlen: 32
2a04:2cc4::/32 maxlen: 32
2a04:2cc5::/32 maxlen: 32
2a04:2cc6::/32 maxlen: 32
2a04:2cc7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:e1:3b:7e:f7:15:68:45:4f:35:b1:83:56:fe:70:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Jan 20 08:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61f4b77232b856969cfc206229fb017c55892ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:04:44:e4:ee:35:6d:42:9c:6b:d3:10:3f:6d:
4e:dc:04:fa:38:1d:84:22:e7:1f:ed:01:95:9e:0c:
15:b8:45:d8:b6:18:e6:1b:46:f5:18:03:af:9b:dc:
4c:48:59:50:bd:cd:7b:4e:59:44:0b:d7:57:ed:b7:
00:db:0b:a1:e6:f4:79:ac:38:96:85:c5:ae:9f:3a:
9d:d9:d3:19:db:13:1f:99:32:0d:d2:87:06:04:a6:
dc:79:75:57:35:29:b1:eb:fc:9c:9f:0d:56:ce:b9:
bf:92:23:b3:1f:e8:14:36:47:dd:61:fd:9f:24:23:
d0:cf:d1:5f:55:20:50:57:d5:74:27:1c:ab:7f:40:
83:99:39:4c:42:27:15:d5:a3:81:6d:65:c2:11:f6:
cb:98:2f:70:4e:0b:ef:f5:35:5e:82:62:65:33:28:
79:c1:15:99:38:32:01:48:f3:ba:d2:4d:47:0e:29:
c7:bc:82:13:66:8e:7e:a7:99:44:f3:56:9a:e0:46:
cf:19:d6:d7:91:0c:82:e1:e3:f3:10:cf:8a:6d:72:
3b:3c:56:22:49:75:68:67:4e:82:b0:38:24:6f:9f:
f5:5d:a3:d9:58:e6:88:33:ac:91:a9:b3:dd:fd:48:
55:b4:dd:95:25:c6:b8:0c:82:18:51:09:94:ae:9a:
81:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F4:B7:72:32:B8:56:96:9C:FC:20:62:29:FB:01:7C:55:89:2F:F4
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/YfS3cjK4Vpac_CBiKfsBfFWJL_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.255.224.0/19
109.111.64.0/19
149.255.16.0/22
176.110.192.0-176.110.203.255
176.110.206.0-176.110.215.255
185.24.112.0/22
185.86.112.0/20
194.32.156.0/22
217.175.32.0/20
IPv6:
2a04:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
75:3b:d5:f2:b2:9a:f1:fc:f8:2e:f8:bc:86:00:b9:d6:69:64:
be:78:6a:3a:65:32:f2:a7:94:b0:fc:01:7c:67:52:73:b8:fe:
b3:cd:c5:63:4e:06:e3:05:9a:fd:4b:2f:78:a9:87:94:58:1f:
ce:24:94:5f:4a:f3:6c:aa:aa:c9:a7:a8:4b:3d:29:54:ad:42:
1f:18:58:4e:14:b9:70:ea:4a:42:94:b0:7a:31:43:32:dc:46:
e6:e5:2c:5c:9b:fd:ec:88:0d:93:63:e8:51:52:76:fc:e7:bb:
47:42:04:2f:a0:9a:52:f6:60:c1:ee:de:58:63:a7:53:06:56:
38:6c:28:37:ef:81:21:69:b5:0f:fd:42:8a:04:5b:96:da:b1:
ab:d3:85:7d:41:4a:e4:25:e8:09:08:09:e3:04:fb:d4:a2:70:
d3:4d:a4:7d:4d:62:62:85:b8:4c:61:12:a1:9b:f8:08:d8:a1:
d0:d2:de:db:cc:d6:92:1d:2b:ab:c8:1f:71:5a:51:bb:83:1d:
cc:b0:1f:f1:6a:a3:11:f6:f2:24:57:d5:9e:87:96:0f:93:3a:
2e:8a:05:aa:ab:11:56:65:c4:d7:60:64:bc:0b:d3:10:eb:b6:
e9:99:a5:8e:e0:69:d9:9f:88:45:10:de:d5:b9:05:5e:f8:26:
c4:f7:f7:4b
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZSC4Tt+9xVoRU81sYNW/nCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWM1NzEyZmJiY2Q4MzI0MTlkNGM1ODg0YWUzYmMzYzRh
MTZlN2IwHhcNMjUwMTIwMDg0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY0Yjc3MjMyYjg1Njk2OWNmYzIwNjIyOWZiMDE3YzU1ODkyZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQRE5O41bUKca9MQP21O3AT6OB2E
Iucf7QGVngwVuEXYthjmG0b1GAOvm9xMSFlQvc17TllEC9dX7bcA2wuh5vR5rDiW
hcWunzqd2dMZ2xMfmTIN0ocGBKbceXVXNSmx6/ycnw1Wzrm/kiOzH+gUNkfdYf2f
JCPQz9FfVSBQV9V0Jxyrf0CDmTlMQicV1aOBbWXCEfbLmC9wTgvv9TVegmJlMyh5
wRWZODIBSPO60k1HDinHvIITZo5+p5lE81aa4EbPGdbXkQyC4ePzEM+KbXI7PFYi
SXVoZ06CsDgkb5/1XaPZWOaIM6yRqbPd/UhVtN2VJca4DIIYUQmUrpqBmQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFGH0t3IyuFaWnPwgYin7AXxViS/0MB8GA1UdIwQY
MBaAFG9cVxL7vNgyQZ1MWISuO8PEoW57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEt
NzU1MDUyOWQ4NDdhLzEvWWZTM2NqSzRWcGFjX0NCaUtmc0JmRldKTF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEtNzU1MDUyOWQ4NDdh
LzEvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQFV//gAwQF
bW9AAwQClf8QMAwDBAawbsADBAKwbsgwDAMEAbBuzgMEA7Bu0AMEArkYcAMEBLlW
cAMEAsIgnAMEBNmvIDANBAIAAjAHAwUDKgQswDANBgkqhkiG9w0BAQsFAAOCAQEA
dTvV8rKa8fz4Lvi8hgC51mlkvnhqOmUy8qeUsPwBfGdSc7j+s83FY04G4wWa/Usv
eKmHlFgfziSUX0rzbKqqyaeoSz0pVK1CHxhYThS5cOpKQpSwejFDMtxG5uUsXJv9
7IgNk2PoUVJ2/Oe7R0IEL6CaUvZgwe7eWGOnUwZWOGwoN++BIWm1D/1CigRbltqx
q9OFfUFK5CXoCQgJ4wT71KJw002kfU1iYoW4TGESoZv4CNih0NLe28zWkh0rq8gf
cVpRu4MdzLAf8WqjEfbyJFfVnoeWD5M6LooFqqsRVmXE12BkvAvTEOu26ZmljuBp
2Z+IRRDe1bkFXvgmxPf3Sw==
-----END CERTIFICATE-----
Generated at Tue Jan 21 15:03:01 2025 by rpki-client on console.sobornost.net