Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/2yAjk7p-dI9kSCjYCsJZz8pos8c.roa
File: 2yAjk7p-dI9kSCjYCsJZz8pos8c.roa (raw, json)
Hash identifier: fOiEsiSjcE44S/scd+A8XElk8QWI1IgEkT2nPRQh9k0=
Subject key identifier: DB:20:23:93:BA:7E:74:8F:64:48:28:D8:0A:C2:59:CF:CA:68:B3:C7
Certificate issuer: /CN=8d64e43c75bdc511d524f0c85d009cba76956144
Certificate serial: 0195B7D562BC7A548FFE951A0D60B8964B69
Authority key identifier: 8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/2yAjk7p-dI9kSCjYCsJZz8pos8c.roa
Signing time: Fri 21 Mar 2025 08:32:49 +0000
ROA not before: Fri 21 Mar 2025 08:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61349
IP address blocks: 45.153.0.0/22 maxlen: 22
91.199.236.0/24 maxlen: 24
91.205.212.0/22 maxlen: 24
185.29.200.0/22 maxlen: 24
185.173.12.0/22 maxlen: 22
193.178.196.0/24 maxlen: 24
2a04:4340::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:d5:62:bc:7a:54:8f:fe:95:1a:0d:60:b8:96:4b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d64e43c75bdc511d524f0c85d009cba76956144
Validity
Not Before: Mar 21 08:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db202393ba7e748f644828d80ac259cfca68b3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:14:ac:44:40:bf:2c:0e:2e:08:d9:6d:f5:dd:
45:8e:58:ce:07:5e:12:a4:10:5e:6f:a9:5e:c8:59:
d1:9b:ae:cd:e0:9a:97:60:fa:bf:01:d7:b0:a0:54:
4b:8f:e9:20:ba:79:6b:6d:7e:6b:2a:46:2b:79:e0:
5a:ae:49:01:5c:f5:5c:cc:37:ec:c6:39:0e:20:55:
0a:b6:16:9c:82:bc:48:9c:1d:f0:03:6b:00:fc:c6:
1d:5c:74:5e:18:c7:a8:07:7c:88:38:2f:9a:ad:98:
73:4f:57:f8:dd:75:2f:0e:7b:9d:32:6b:75:72:08:
de:b8:69:0f:ad:8f:c7:de:75:0b:68:85:6c:7f:64:
55:92:e6:46:68:c2:a8:61:d0:1f:97:e8:9e:8c:68:
f1:a1:c7:49:4a:c5:66:f7:e2:a3:b2:4d:9b:bd:e9:
1e:7f:41:b4:41:2d:a9:80:57:57:c4:91:29:07:ce:
77:a5:ae:41:42:72:d4:ae:39:c6:98:b6:6f:b1:a2:
94:f7:06:e6:ed:e7:91:ed:86:1f:ed:59:19:10:c3:
71:8b:f2:e9:fb:23:47:8b:4d:7f:c2:95:a4:91:2a:
0b:26:a8:62:5a:ab:78:2e:36:00:4a:d3:f6:b4:ee:
da:fe:0a:e4:86:95:fe:f6:e7:57:cb:4a:6b:d2:19:
a9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:20:23:93:BA:7E:74:8F:64:48:28:D8:0A:C2:59:CF:CA:68:B3:C7
X509v3 Authority Key Identifier:
keyid:8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/2yAjk7p-dI9kSCjYCsJZz8pos8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jWTkPHW9xRHVJPDIXQCcunaVYUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.0.0/22
91.199.236.0/24
91.205.212.0/22
185.29.200.0/22
185.173.12.0/22
193.178.196.0/24
IPv6:
2a04:4340::/29
Signature Algorithm: sha256WithRSAEncryption
06:2e:71:2d:8d:03:5d:23:47:2d:8a:73:0a:5b:73:c2:2b:01:
a0:ed:3c:2d:da:24:ea:12:8f:f4:3a:a0:4c:58:f4:b2:0a:d2:
bb:c8:6b:7e:e5:17:cb:2e:e4:a6:88:ff:da:8c:88:e3:7e:47:
b5:2f:a4:d2:c3:2b:47:99:f2:f0:91:08:8b:a3:ff:38:a8:cb:
a0:3a:9f:b9:50:96:5d:f2:6f:5c:dd:63:46:08:66:eb:3d:a5:
ab:60:11:55:9e:84:d1:b7:93:74:63:a7:e9:36:14:87:4f:b0:
75:79:24:07:af:ca:5e:91:7a:85:b1:a0:a0:1b:66:94:b4:79:
50:b6:18:68:68:b4:1e:03:ea:a3:67:98:16:7d:d7:75:87:71:
fa:a4:6f:ee:9a:c3:76:64:40:0e:d7:ff:46:08:35:ac:92:9e:
40:87:03:b9:91:e9:79:ca:47:d2:66:a0:de:00:c1:03:46:36:
e7:20:d4:d2:82:15:b9:1e:be:49:96:d3:67:41:c1:60:d4:52:
4a:ad:cf:a5:70:e4:e3:a5:1b:46:68:bb:4b:d1:8b:57:ae:a2:
01:ac:ca:82:02:9c:3e:40:fe:97:3f:51:99:6f:68:e4:1f:4b:
51:01:55:b4:c2:f7:18:3c:ce:c5:ea:8e:97:ae:c5:5a:fa:a2:
cc:1a:d4:97
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZW31WK8elSP/pUaDWC4lktpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjRlNDNjNzViZGM1MTFkNTI0ZjBjODVkMDA5Y2JhNzY5
NTYxNDQwHhcNMjUwMzIxMDgzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjIwMjM5M2JhN2U3NDhmNjQ0ODI4ZDgwYWMyNTljZmNhNjhiM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRSsREC/LA4uCNlt9d1FjljOB14S
pBBeb6leyFnRm67N4JqXYPq/AdewoFRLj+kgunlrbX5rKkYreeBarkkBXPVczDfs
xjkOIFUKthacgrxInB3wA2sA/MYdXHReGMeoB3yIOC+arZhzT1f43XUvDnudMmt1
cgjeuGkPrY/H3nULaIVsf2RVkuZGaMKoYdAfl+iejGjxocdJSsVm9+Kjsk2bveke
f0G0QS2pgFdXxJEpB853pa5BQnLUrjnGmLZvsaKU9wbm7eeR7YYf7VkZEMNxi/Lp
+yNHi01/wpWkkSoLJqhiWqt4LjYAStP2tO7a/grkhpX+9udXy0pr0hmpSQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNsgI5O6fnSPZEgo2ArCWc/KaLPHMB8GA1UdIwQY
MBaAFI1k5Dx1vcUR1STwyF0AnLp2lWFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3Yzct
NzI0NDgzNTJiODA3LzEvMnlBams3cC1kSTlrU0NqWUNzSlp6OHBvczhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3YzctNzI0NDgzNTJiODA3
LzEvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZkAAwQA
W8fsAwQCW83UAwQCuR3IAwQCua0MAwQAwbLEMA0EAgACMAcDBQMqBENAMA0GCSqG
SIb3DQEBCwUAA4IBAQAGLnEtjQNdI0ctinMKW3PCKwGg7Twt2iTqEo/0OqBMWPSy
CtK7yGt+5RfLLuSmiP/ajIjjfke1L6TSwytHmfLwkQiLo/84qMugOp+5UJZd8m9c
3WNGCGbrPaWrYBFVnoTRt5N0Y6fpNhSHT7B1eSQHr8pekXqFsaCgG2aUtHlQthho
aLQeA+qjZ5gWfdd1h3H6pG/umsN2ZEAO1/9GCDWskp5AhwO5kel5ykfSZqDeAMED
RjbnINTSghW5Hr5JltNnQcFg1FJKrc+lcOTjpRtGaLtL0YtXrqIBrMqCApw+QP6X
P1GZb2jkH0tRAVW0wvcYPM7F6o6XrsVa+qLMGtSX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:27 2025 by rpki-client on console.sobornost.net