Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/yJhIC_8JjNW0W6ROa-IL4XOkSek.roa
File: yJhIC_8JjNW0W6ROa-IL4XOkSek.roa (raw, json)
Hash identifier: iFeNdkxy875ayHL7GIsn4nPYfS0obttarf5urh9pLUM=
Subject key identifier: C8:98:48:0B:FF:09:8C:D5:B4:5B:A4:4E:6B:E2:0B:E1:73:A4:49:E9
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 019423D6F15105C8CB8A67C9ECC7FDECA1AC
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/yJhIC_8JjNW0W6ROa-IL4XOkSek.roa
Signing time: Wed 01 Jan 2025 21:47:56 +0000
ROA not before: Wed 01 Jan 2025 21:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206120
IP address blocks: 185.195.248.0/22 maxlen: 22
185.195.249.0/24 maxlen: 24
194.147.172.0/24 maxlen: 24
194.147.227.0/24 maxlen: 24
194.147.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f1:51:05:c8:cb:8a:67:c9:ec:c7:fd:ec:a1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jan 1 21:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c898480bff098cd5b45ba44e6be20be173a449e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:51:e7:35:57:e4:19:16:da:4d:97:d3:ae:4e:
5f:7c:67:58:d8:10:eb:d1:f0:6d:e0:70:cc:dd:27:
72:3b:f2:8a:d0:b4:11:eb:3f:a3:18:5d:7f:e7:8b:
03:37:8d:f0:b6:cc:a9:07:6e:47:f1:ad:72:5e:9e:
e0:3f:a9:95:4b:9b:37:5c:32:c5:f2:05:9d:c1:c4:
3c:b9:8d:67:8b:96:a7:46:40:2f:17:fe:55:d7:b2:
94:c4:76:ca:5e:70:ab:95:6b:8b:df:33:24:45:08:
91:fc:6c:55:7f:26:35:9d:91:f3:4f:cf:76:6e:48:
22:b1:95:bc:ac:34:73:94:83:2c:f5:cf:22:c2:27:
3f:3b:f2:e4:e1:6f:06:36:0f:97:3f:02:a2:fd:8c:
9a:ec:60:3a:52:b5:48:e1:cb:42:f7:a7:37:27:45:
26:bd:4f:48:37:ea:3c:58:38:c2:1b:14:f5:25:8a:
55:6f:04:a0:28:77:4e:3b:15:2d:ec:e0:57:7e:01:
37:a6:bf:d3:9f:68:21:f4:cd:da:c4:e9:17:fe:3a:
05:60:73:82:25:cb:33:93:05:dd:bb:b4:f4:2e:09:
7a:49:7f:fd:10:71:e7:e0:b6:2e:2e:ae:9b:3d:cc:
1b:7d:2f:b5:1c:29:df:d8:36:d0:53:d9:55:79:4d:
26:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:98:48:0B:FF:09:8C:D5:B4:5B:A4:4E:6B:E2:0B:E1:73:A4:49:E9
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/yJhIC_8JjNW0W6ROa-IL4XOkSek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.248.0/22
194.147.172.0/24
194.147.227.0-194.147.228.255
Signature Algorithm: sha256WithRSAEncryption
30:95:fc:5b:1b:df:7a:6d:0d:55:94:6a:ef:c3:25:b4:9e:59:
fe:51:6b:9d:15:b5:3e:0e:4f:fe:c2:e5:c1:c9:07:c2:3c:e4:
6f:aa:8f:89:6d:2f:64:42:62:a9:30:f2:76:47:fb:76:a1:0a:
e7:ee:d4:86:39:c9:d9:7d:d3:a4:8d:8d:15:fe:e6:d1:7f:a6:
07:a6:54:bd:95:1c:08:e4:d3:01:e9:66:31:46:9a:d4:55:dc:
83:b5:0e:8a:47:c8:d4:af:17:71:ba:5c:9c:6d:fc:97:2c:76:
cd:c7:c4:aa:ba:3b:fc:8f:17:b4:08:11:44:ea:68:5d:b9:e1:
21:32:a4:8b:94:b0:86:67:36:52:50:7d:43:e4:5a:dd:bf:87:
66:fe:9c:c8:ac:a5:a5:cc:ca:76:95:90:d1:11:cd:68:12:7c:
d4:e4:30:a3:df:e7:da:bb:dd:4c:ed:a9:44:e5:c1:f4:a3:3f:
c1:03:d0:bb:78:db:a9:c9:a5:58:8f:ca:8c:16:c7:4d:73:90:
1a:e5:01:3e:10:93:4e:85:8b:62:85:6f:b2:79:b8:24:b1:8e:
60:00:e0:a8:f0:47:e6:ba:39:5d:06:7f:12:72:df:b6:40:50:
fc:a7:ab:68:ee:27:b9:7e:fd:be:2d:b8:1a:06:1e:59:d3:d9:
89:57:be:f2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQj1vFRBcjLimfJ7Mf97KGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjUwMTAxMjE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk4NDgwYmZmMDk4Y2Q1YjQ1YmE0NGU2YmUyMGJlMTczYTQ0OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1HnNVfkGRbaTZfTrk5ffGdY2BDr
0fBt4HDM3SdyO/KK0LQR6z+jGF1/54sDN43wtsypB25H8a1yXp7gP6mVS5s3XDLF
8gWdwcQ8uY1ni5anRkAvF/5V17KUxHbKXnCrlWuL3zMkRQiR/GxVfyY1nZHzT892
bkgisZW8rDRzlIMs9c8iwic/O/Lk4W8GNg+XPwKi/Yya7GA6UrVI4ctC96c3J0Um
vU9IN+o8WDjCGxT1JYpVbwSgKHdOOxUt7OBXfgE3pr/Tn2gh9M3axOkX/joFYHOC
JcszkwXdu7T0Lgl6SX/9EHHn4LYuLq6bPcwbfS+1HCnf2DbQU9lVeU0mSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMiYSAv/CYzVtFukTmviC+FzpEnpMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEveUpoSUNfOEpqTlcwVzZST2EtSUw0WE9rU2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCucP4AwQA
wpOsMAwDBADCk+MDBADCk+QwDQYJKoZIhvcNAQELBQADggEBADCV/Fsb33ptDVWU
au/DJbSeWf5Ra50VtT4OT/7C5cHJB8I85G+qj4ltL2RCYqkw8nZH+3ahCufu1IY5
ydl906SNjRX+5tF/pgemVL2VHAjk0wHpZjFGmtRV3IO1DopHyNSvF3G6XJxt/Jcs
ds3HxKq6O/yPF7QIEUTqaF254SEypIuUsIZnNlJQfUPkWt2/h2b+nMispaXMynaV
kNERzWgSfNTkMKPf59q73UztqUTlwfSjP8ED0Lt426nJpViPyowWx01zkBrlAT4Q
k06Fi2KFb7J5uCSxjmAA4KjwR+a6OV0GfxJy37ZAUPynq2juJ7l+/b4tuBoGHlnT
2YlXvvI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:27 2025 by rpki-client on console.sobornost.net