Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/Rz_g2oWyKG-Vw1QEp2fRKBiV6zs.roa
File: Rz_g2oWyKG-Vw1QEp2fRKBiV6zs.roa (raw, json)
Hash identifier: F5azyHcNhL5q+y/WKX+C217rx2nLkYCoYjrcB90ZhMg=
Subject key identifier: 47:3F:E0:DA:85:B2:28:6F:95:C3:54:04:A7:67:D1:28:18:95:EB:3B
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 0194B41E365E78AD40DCEBC2B3ECA0179C9D
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/Rz_g2oWyKG-Vw1QEp2fRKBiV6zs.roa
Signing time: Wed 29 Jan 2025 22:11:06 +0000
ROA not before: Wed 29 Jan 2025 22:11:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12779
IP address blocks: 86.105.14.0/24 maxlen: 24
91.245.234.0/24 maxlen: 24
195.189.244.0/24 maxlen: 24
2a0c:79c0:2::/48 maxlen: 48
2a0c:79c0:4::/48 maxlen: 48
2a0c:79c0:7::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b4:1e:36:5e:78:ad:40:dc:eb:c2:b3:ec:a0:17:9c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Jan 29 22:11:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=473fe0da85b2286f95c35404a767d1281895eb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:df:e3:df:55:5c:84:05:77:b0:a2:4f:2f:e6:
1d:34:18:f4:03:a3:5e:7c:0a:3c:e7:05:a0:82:f4:
e5:a7:0f:70:36:db:52:73:30:32:69:6c:e4:de:27:
07:99:54:07:c1:91:4f:e3:c7:73:bb:8e:4a:65:e4:
8f:72:4d:73:f3:17:d0:e4:90:d3:df:37:d1:30:67:
52:cf:e4:07:f3:89:44:86:e8:a0:7a:2a:c6:65:ab:
5f:76:0f:12:69:98:b2:60:83:98:a9:b0:49:ad:77:
e0:34:a0:a1:df:97:8c:1e:b5:96:a2:6e:8e:6e:43:
c1:8c:70:2d:80:9a:4f:6a:57:8d:15:2f:ea:d8:f3:
16:27:12:4c:5e:6f:62:b6:59:a6:9c:d5:1b:b1:64:
ed:e3:b8:a1:50:1c:05:e1:87:1e:fe:ec:ce:bc:24:
b9:03:a1:9e:0e:50:08:47:0a:e8:39:80:78:a0:63:
21:4b:0e:a3:81:0a:d0:28:5b:05:72:c4:53:20:df:
6c:d5:c8:b1:2d:3e:e4:5a:7f:c6:ba:be:ed:55:91:
4b:5e:81:09:da:a2:f2:82:1b:aa:b5:c2:94:5a:e5:
5f:88:0d:d3:7b:23:f7:ba:89:26:43:0f:e0:78:9b:
63:e1:69:ee:5b:4c:f7:31:06:1c:e7:04:06:a8:46:
15:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:3F:E0:DA:85:B2:28:6F:95:C3:54:04:A7:67:D1:28:18:95:EB:3B
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/Rz_g2oWyKG-Vw1QEp2fRKBiV6zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.14.0/24
91.245.234.0/24
195.189.244.0/24
IPv6:
2a0c:79c0:2::/48
2a0c:79c0:4::/48
2a0c:79c0:7::/48
Signature Algorithm: sha256WithRSAEncryption
65:c0:bd:93:e3:d9:6e:d1:77:df:33:66:f7:ed:1c:10:2b:00:
a1:73:12:a7:d0:67:32:f9:2f:82:da:b4:07:ce:83:68:71:4f:
d8:0b:a9:6d:b6:53:66:27:a0:c0:58:33:a5:b3:7e:59:a5:fb:
a9:9e:e8:e1:08:cd:ee:1b:5e:47:63:0f:70:11:f0:67:45:f0:
5e:fd:c1:bd:a6:3d:4e:26:4e:3c:db:1b:36:d8:90:c5:54:0b:
f8:5b:15:66:db:8f:f1:dc:db:ba:a8:d5:4e:56:a9:8f:d9:85:
16:e8:02:2b:b1:e7:7f:05:de:58:23:bd:4b:44:5d:6f:94:74:
03:d5:3b:12:6e:34:3f:04:b6:13:16:55:57:a6:71:a0:80:ee:
23:89:b5:48:c4:08:19:89:db:93:de:f9:93:88:b4:a2:f3:98:
5b:1b:82:0e:6b:70:95:0b:ce:74:d5:db:0c:42:4e:41:a8:a2:
68:67:70:33:de:b3:f6:43:83:2e:d9:1c:50:33:a7:12:e8:0c:
39:f3:a5:9f:73:99:fa:1a:16:58:a1:1a:07:c5:04:3c:30:8a:
8e:69:2f:5f:05:2b:1f:91:bd:af:ae:a9:e5:61:4f:76:51:4d:
11:f7:7e:e1:a5:01:67:94:35:70:f6:18:d1:28:cf:f5:ed:20:
72:7d:e4:6a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZS0HjZeeK1A3OvCs+ygF5ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjUwMTI5MjIxMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzNmZTBkYTg1YjIyODZmOTVjMzU0MDRhNzY3ZDEyODE4OTVlYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd/j31VchAV3sKJPL+YdNBj0A6Ne
fAo85wWggvTlpw9wNttSczAyaWzk3icHmVQHwZFP48dzu45KZeSPck1z8xfQ5JDT
3zfRMGdSz+QH84lEhuigeirGZatfdg8SaZiyYIOYqbBJrXfgNKCh35eMHrWWom6O
bkPBjHAtgJpPaleNFS/q2PMWJxJMXm9itlmmnNUbsWTt47ihUBwF4Yce/uzOvCS5
A6GeDlAIRwroOYB4oGMhSw6jgQrQKFsFcsRTIN9s1cixLT7kWn/Gur7tVZFLXoEJ
2qLyghuqtcKUWuVfiA3TeyP3uokmQw/geJtj4WnuW0z3MQYc5wQGqEYVGQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEc/4NqFsihvlcNUBKdn0SgYles7MB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvUnpfZzJvV3lLRy1WdzFRRXAyZlJLQmlWNnpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAVmkOAwQA
W/XqAwQAw730MCEEAgACMBsDBwAqDHnAAAIDBwAqDHnAAAQDBwAqDHnAAAcwDQYJ
KoZIhvcNAQELBQADggEBAGXAvZPj2W7Rd98zZvftHBArAKFzEqfQZzL5L4LatAfO
g2hxT9gLqW22U2YnoMBYM6Wzflml+6me6OEIze4bXkdjD3AR8GdF8F79wb2mPU4m
TjzbGzbYkMVUC/hbFWbbj/Hc27qo1U5WqY/ZhRboAiux538F3lgjvUtEXW+UdAPV
OxJuND8EthMWVVemcaCA7iOJtUjECBmJ25Pe+ZOItKLzmFsbgg5rcJULznTV2wxC
TkGoomhncDPes/ZDgy7ZHFAzpxLoDDnzpZ9zmfoaFlihGgfFBDwwio5pL18FKx+R
va+uqeVhT3ZRTRH3fuGlAWeUNXD2GNEoz/XtIHJ95Go=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net