Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/kYfhtSfEKW3P-62E9GiF_Ua9EUo.roa
File: kYfhtSfEKW3P-62E9GiF_Ua9EUo.roa (raw, json)
Hash identifier: p1no5bz1+uk9Sv3KCtgs/QuEn0taiRhnvBxPn7m9ACY=
Subject key identifier: 91:87:E1:B5:27:C4:29:6D:CF:FB:AD:84:F4:68:85:FD:46:BD:11:4A
Certificate issuer: /CN=b67f1b87e6752f45439b8528cc968b4770a5a0fb
Certificate serial: 019427B53CE231ACD94C503E9972CE77B881
Authority key identifier: B6:7F:1B:87:E6:75:2F:45:43:9B:85:28:CC:96:8B:47:70:A5:A0:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tn8bh-Z1L0VDm4UozJaLR3CloPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/kYfhtSfEKW3P-62E9GiF_Ua9EUo.roa
Signing time: Thu 02 Jan 2025 15:49:36 +0000
ROA not before: Thu 02 Jan 2025 15:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61232
IP address blocks: 185.152.16.0/24 maxlen: 24
185.152.17.0/24 maxlen: 24
185.152.18.0/24 maxlen: 24
185.152.19.0/24 maxlen: 24
195.242.163.0/24 maxlen: 24
195.242.164.0/23 maxlen: 23
2a07:7cc0::/32 maxlen: 32
2a07:7cc1::/32 maxlen: 32
2a07:7cc2::/32 maxlen: 32
2a07:7cc3::/32 maxlen: 32
2a07:7cc4::/32 maxlen: 32
2a07:7cc5::/32 maxlen: 32
2a07:7cc6::/32 maxlen: 32
2a07:7cc7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3c:e2:31:ac:d9:4c:50:3e:99:72:ce:77:b8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b67f1b87e6752f45439b8528cc968b4770a5a0fb
Validity
Not Before: Jan 2 15:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9187e1b527c4296dcffbad84f46885fd46bd114a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:6b:af:91:03:de:52:09:6d:5d:33:eb:e7:
86:37:b1:74:fb:ae:ca:93:5b:66:f4:9e:c9:7e:bf:
2c:52:43:08:cc:1e:4e:51:b0:5a:31:ca:0c:13:1f:
c9:07:14:da:b7:e7:fd:03:45:83:be:8c:72:8a:24:
a1:20:b9:52:53:91:d3:fd:8d:e8:9b:bd:51:81:1e:
d3:5e:85:b3:a8:16:b0:94:cf:32:03:a1:e0:3d:9e:
31:af:e6:8d:42:22:ce:01:e2:f0:9d:cb:47:cb:6d:
31:0e:1f:63:eb:d8:49:f9:bb:5c:e3:89:00:ef:1f:
7d:e0:1b:11:a0:e6:46:bc:2d:2d:9d:a4:a5:d4:fc:
3f:30:a5:81:2f:e9:d4:3d:41:cb:fd:69:d2:40:2c:
75:11:50:c6:d9:e5:c0:0e:71:5f:31:3c:10:98:8e:
23:5d:bf:8a:ef:88:a0:c3:cb:da:c1:f0:91:a0:dc:
b3:1e:75:f0:37:22:26:40:ff:fb:61:76:54:4a:b2:
c6:b4:ed:65:2b:e7:8f:d7:af:6e:24:25:3f:9d:77:
ce:12:76:06:b8:f5:bc:7b:cf:41:bf:94:b6:15:75:
0e:94:23:ca:fb:95:a1:d3:6a:86:7a:0b:65:e3:43:
6e:18:47:e8:3e:ea:a6:14:36:21:33:61:c2:8f:9d:
e1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:87:E1:B5:27:C4:29:6D:CF:FB:AD:84:F4:68:85:FD:46:BD:11:4A
X509v3 Authority Key Identifier:
keyid:B6:7F:1B:87:E6:75:2F:45:43:9B:85:28:CC:96:8B:47:70:A5:A0:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tn8bh-Z1L0VDm4UozJaLR3CloPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/kYfhtSfEKW3P-62E9GiF_Ua9EUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/tn8bh-Z1L0VDm4UozJaLR3CloPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.16.0/22
195.242.163.0-195.242.165.255
IPv6:
2a07:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:12:66:a0:b3:aa:ed:44:23:a4:6b:05:f0:c9:d5:88:d0:2b:
7f:27:0a:68:e1:ec:57:26:b0:2e:24:f4:ca:a4:c5:21:0b:09:
7e:1a:8b:70:54:2a:35:6f:61:bb:a2:c5:e6:4c:c3:04:01:39:
ba:60:b2:96:c6:0f:6d:4f:da:b3:40:27:dd:0a:50:f6:ee:29:
98:8c:41:6a:c5:a7:bc:3a:0d:2c:68:6b:1a:a4:12:a4:16:17:
bb:e6:74:8e:9a:f4:cb:e7:4d:12:09:eb:99:48:c4:40:de:01:
8d:b8:91:2c:bd:93:ae:d3:5e:7c:2f:87:1e:47:ba:d2:9c:a2:
14:e3:5c:18:a4:44:ab:e5:38:ef:01:84:8e:cf:fd:dd:7e:de:
ff:62:3b:4e:27:37:06:03:33:9b:f0:be:58:f8:78:f3:c5:1f:
25:99:a4:50:22:47:6d:8b:0e:e8:29:45:ff:f8:ed:2f:1b:54:
c5:be:c4:38:dd:12:a8:1b:81:3e:ca:39:44:0e:9e:16:bf:fe:
f0:bb:83:4f:4f:d9:61:fd:5b:99:07:71:5e:f1:66:ad:7e:6c:
b6:6f:6a:00:80:18:b5:c2:3f:26:76:b2:0f:53:66:bc:05:44:
69:17:0a:7f:f1:a9:c2:2c:a7:61:77:67:39:36:9f:9c:8f:06:
99:9b:d1:97
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQntTziMazZTFA+mXLOd7iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2N2YxYjg3ZTY3NTJmNDU0MzliODUyOGNjOTY4YjQ3NzBh
NWEwZmIwHhcNMjUwMTAyMTU0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTg3ZTFiNTI3YzQyOTZkY2ZmYmFkODRmNDY4ODVmZDQ2YmQxMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyINrr5ED3lIJbV0z6+eGN7F0+67K
k1tm9J7Jfr8sUkMIzB5OUbBaMcoMEx/JBxTat+f9A0WDvoxyiiShILlSU5HT/Y3o
m71RgR7TXoWzqBawlM8yA6HgPZ4xr+aNQiLOAeLwnctHy20xDh9j69hJ+btc44kA
7x994BsRoOZGvC0tnaSl1Pw/MKWBL+nUPUHL/WnSQCx1EVDG2eXADnFfMTwQmI4j
Xb+K74igw8vawfCRoNyzHnXwNyImQP/7YXZUSrLGtO1lK+eP169uJCU/nXfOEnYG
uPW8e89Bv5S2FXUOlCPK+5Wh02qGegtl40NuGEfoPuqmFDYhM2HCj53hLQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJGH4bUnxCltz/uthPRohf1GvRFKMB8GA1UdIwQY
MBaAFLZ/G4fmdS9FQ5uFKMyWi0dwpaD7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG44YmgtWjFMMFZEbTRVb3pKYUxSM0Nsb1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85ZmY0M2UtZjgxNy00ZWJlLWEwZDkt
N2ExODkzMWQ5ODViLzEva1lmaHRTZkVLVzNQLTYyRTlHaUZfVWE5RVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85ZmY0M2UtZjgxNy00ZWJlLWEwZDktN2ExODkzMWQ5ODVi
LzEvdG44YmgtWjFMMFZEbTRVb3pKYUxSM0Nsb1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuZgQMAwD
BADD8qMDBAHD8qQwDQQCAAIwBwMFAyoHfMAwDQYJKoZIhvcNAQELBQADggEBADkS
ZqCzqu1EI6RrBfDJ1YjQK38nCmjh7FcmsC4k9MqkxSELCX4ai3BUKjVvYbuixeZM
wwQBObpgspbGD21P2rNAJ90KUPbuKZiMQWrFp7w6DSxoaxqkEqQWF7vmdI6a9Mvn
TRIJ65lIxEDeAY24kSy9k67TXnwvhx5HutKcohTjXBikRKvlOO8BhI7P/d1+3v9i
O04nNwYDM5vwvlj4ePPFHyWZpFAiR22LDugpRf/47S8bVMW+xDjdEqgbgT7KOUQO
nha//vC7g09P2WH9W5kHcV7xZq1+bLZvagCAGLXCPyZ2sg9TZrwFRGkXCn/xqcIs
p2F3Zzk2n5yPBpmb0Zc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:07 2025 by rpki-client on console.sobornost.net