Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/YfS0xxF77ZhQV3QSBSD327w9vqQ.roa
File: YfS0xxF77ZhQV3QSBSD327w9vqQ.roa (raw, json)
Hash identifier: 0e3mn6GbJASLxqxrx2/syEPt1SE/dgVSOpIPyQ5DipQ=
Subject key identifier: 61:F4:B4:C7:11:7B:ED:98:50:57:74:12:05:20:F7:DB:BC:3D:BE:A4
Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Certificate serial: 019420681C186A2FBEE2EE70B4A7643DCA7A
Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/YfS0xxF77ZhQV3QSBSD327w9vqQ.roa
Signing time: Wed 01 Jan 2025 05:48:01 +0000
ROA not before: Wed 01 Jan 2025 05:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200736
IP address blocks: 45.66.40.0/22 maxlen: 24
195.20.114.0/24 maxlen: 24
195.214.208.0/22 maxlen: 24
2a10:9300::/29 maxlen: 36
2a10:9300::/36 maxlen: 42
2a10:9301::/36 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1c:18:6a:2f:be:e2:ee:70:b4:a7:64:3d:ca:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Validity
Not Before: Jan 1 05:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61f4b4c7117bed98505774120520f7dbbc3dbea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5f:09:70:cf:a7:80:20:58:4b:43:af:db:4e:
d9:5c:ef:8d:53:9e:df:6f:58:27:85:43:49:6e:d7:
d9:a7:df:80:39:8f:cf:01:ae:1b:46:fb:93:e9:2d:
9f:2b:08:23:ef:e7:c2:cb:b6:4f:17:24:01:7f:11:
e9:af:76:28:d8:39:75:0d:a9:7e:98:14:09:91:20:
be:7b:d4:9c:d4:d8:21:6f:a5:a1:4d:61:29:7f:f1:
71:0b:8a:52:03:cb:2b:e3:97:84:c6:e2:18:e8:b6:
c4:f0:a2:16:c3:33:a2:13:8f:0a:07:c9:09:58:4b:
d6:31:7c:54:a6:39:7e:84:97:d0:5c:a7:69:21:09:
1a:fc:7d:69:e3:a2:ec:02:9f:52:dd:d2:77:1d:8e:
71:64:1a:c2:bc:32:ea:be:fa:97:02:fb:63:01:9e:
68:22:bd:fa:ac:4b:4f:c1:e0:fb:b4:0c:7e:8c:8c:
fc:2a:af:b0:b7:16:c3:24:fc:27:d7:d9:bc:87:32:
d1:08:65:f8:bf:64:16:79:9d:ae:92:ed:22:6c:15:
56:dc:ee:af:28:b9:01:45:64:cd:dc:b8:9c:73:52:
7d:30:59:83:95:84:4d:a2:f2:94:ff:80:c7:51:0e:
45:cd:74:32:3d:6c:ab:fb:ec:8f:ca:6c:32:32:7d:
1e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F4:B4:C7:11:7B:ED:98:50:57:74:12:05:20:F7:DB:BC:3D:BE:A4
X509v3 Authority Key Identifier:
keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/YfS0xxF77ZhQV3QSBSD327w9vqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.40.0/22
195.20.114.0/24
195.214.208.0/22
IPv6:
2a10:9300::/29
Signature Algorithm: sha256WithRSAEncryption
87:80:9b:82:85:fd:b4:d9:d4:c5:5d:55:2a:12:a9:3a:36:2b:
53:84:8e:54:8c:93:0e:11:2a:4b:eb:64:bb:e5:a7:41:6b:0c:
64:c3:49:22:76:d3:e1:b2:e1:d4:45:96:4d:8c:02:f6:bd:07:
7f:d1:9b:a5:9e:20:fc:35:9a:51:6c:fd:6d:49:fc:53:a7:77:
41:1d:96:4d:84:17:cb:77:7a:42:2a:c6:93:d9:1b:5e:f9:4f:
f9:99:05:31:7d:cf:69:d7:c2:e7:4a:9a:7e:6f:c6:64:d7:86:
55:14:5b:f7:cf:fe:74:61:30:7a:39:1b:5f:02:e8:d8:b9:c0:
5b:64:13:46:02:f0:57:d2:2f:cd:e4:5c:26:b0:5f:28:3e:65:
26:df:d1:36:09:29:79:46:b6:a9:5a:f8:03:32:22:b8:d1:70:
f7:8f:a0:e8:f9:b4:eb:fb:f1:ca:57:44:c9:70:16:52:5f:70:
57:75:81:2a:85:15:42:a2:23:5f:dd:99:a9:1b:a8:b0:d0:b7:
29:f7:09:c9:f0:93:18:7b:89:86:ee:46:79:00:31:fe:fc:71:
51:76:a0:cd:eb:e9:51:8b:5f:ca:c3:b9:39:2b:8f:51:22:fb:
a4:2b:2a:9a:d3:61:3d:46:ba:b8:ff:fb:1f:c6:0a:14:fe:13:
29:11:8e:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQgaBwYai++4u5wtKdkPcp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm
YTg3NGUwHhcNMjUwMTAxMDU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY0YjRjNzExN2JlZDk4NTA1Nzc0MTIwNTIwZjdkYmJjM2RiZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt18JcM+ngCBYS0Ov207ZXO+NU57f
b1gnhUNJbtfZp9+AOY/PAa4bRvuT6S2fKwgj7+fCy7ZPFyQBfxHpr3Yo2Dl1Dal+
mBQJkSC+e9Sc1Nghb6WhTWEpf/FxC4pSA8sr45eExuIY6LbE8KIWwzOiE48KB8kJ
WEvWMXxUpjl+hJfQXKdpIQka/H1p46LsAp9S3dJ3HY5xZBrCvDLqvvqXAvtjAZ5o
Ir36rEtPweD7tAx+jIz8Kq+wtxbDJPwn19m8hzLRCGX4v2QWeZ2uku0ibBVW3O6v
KLkBRWTN3Licc1J9MFmDlYRNovKU/4DHUQ5FzXQyPWyr++yPymwyMn0esQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGH0tMcRe+2YUFd0EgUg99u8Pb6kMB8GA1UdIwQY
MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt
ZThhZGE1MWVlOGZmLzEvWWZTMHh4Rjc3WmhRVjNRU0JTRDMyN3c5dnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm
LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLUIoAwQA
wxRyAwQCw9bQMA0EAgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IBAQCHgJuC
hf202dTFXVUqEqk6NitThI5UjJMOESpL62S75adBawxkw0kidtPhsuHURZZNjAL2
vQd/0ZulniD8NZpRbP1tSfxTp3dBHZZNhBfLd3pCKsaT2Rte+U/5mQUxfc9p18Ln
Spp+b8Zk14ZVFFv3z/50YTB6ORtfAujYucBbZBNGAvBX0i/N5FwmsF8oPmUm39E2
CSl5RrapWvgDMiK40XD3j6Do+bTr+/HKV0TJcBZSX3BXdYEqhRVCoiNf3ZmpG6iw
0Lcp9wnJ8JMYe4mG7kZ5ADH+/HFRdqDN6+lRi1/Kw7k5K49RIvukKyqa02E9Rrq4
//sfxgoU/hMpEY74
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:08:58 2025 by rpki-client on console.sobornost.net