Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/ytBPPn31Mvouzht94_-1MzPeRlc.roa
File: ytBPPn31Mvouzht94_-1MzPeRlc.roa (raw, json)
Hash identifier: g/RoKeMhShlj3ifkf1JZfkpGbYRq1G/ecz/JNNRxoKs=
Subject key identifier: CA:D0:4F:3E:7D:F5:32:FA:2E:CE:1B:7D:E3:FF:B5:33:33:DE:46:57
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 0194228D35149E6CC243C4657B197CEFA748
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/ytBPPn31Mvouzht94_-1MzPeRlc.roa
Signing time: Wed 01 Jan 2025 15:47:47 +0000
ROA not before: Wed 01 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208257
IP address blocks: 185.185.92.0/23 maxlen: 24
185.251.70.0/24 maxlen: 24
2a0f:6a00::/29 maxlen: 29
2a0f:f200::/29 maxlen: 29
2a10:aec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:35:14:9e:6c:c2:43:c4:65:7b:19:7c:ef:a7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jan 1 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cad04f3e7df532fa2ece1b7de3ffb53333de4657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:9b:43:26:ea:94:e0:7b:8c:f8:be:df:06:
67:6b:9d:26:38:df:a6:3e:7d:54:24:0b:7e:86:c3:
28:b2:c2:49:a2:b3:b0:c7:0c:ee:5e:36:14:95:a6:
fb:75:5d:6a:62:f3:f8:18:d3:4b:c1:21:6d:46:ed:
bb:c0:01:7d:34:72:06:8d:2e:17:9d:7d:be:55:6d:
d2:f8:ff:4c:fe:db:77:2b:8f:62:41:7e:1d:19:7f:
b3:31:86:7b:2a:96:b2:72:8f:77:4d:0d:af:2c:80:
99:3e:c1:ca:4b:ba:25:a0:9f:e0:c3:27:6e:fe:b2:
ad:8d:40:c2:fd:c4:16:fa:cb:d8:cd:f9:43:32:e0:
fd:26:79:72:cc:ca:43:4e:5c:47:8c:ee:f1:16:8f:
a3:87:6a:e0:35:d7:ea:35:40:a7:6b:0b:70:f8:41:
49:84:75:f4:08:08:5c:8d:96:ac:0b:79:1d:cd:78:
b2:68:20:16:e6:8d:b9:ca:d0:3e:d3:98:9d:c4:53:
b8:51:a2:7d:79:29:c2:35:41:04:ef:ea:ee:4a:ee:
72:77:cb:b5:b3:49:e2:a1:e0:07:8c:89:c8:9b:29:
1a:05:f0:0e:e6:5f:0a:11:d5:1e:52:11:34:49:f8:
88:48:06:5a:12:0e:eb:56:8e:b7:b2:44:00:42:73:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D0:4F:3E:7D:F5:32:FA:2E:CE:1B:7D:E3:FF:B5:33:33:DE:46:57
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/ytBPPn31Mvouzht94_-1MzPeRlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.92.0/23
185.251.70.0/24
IPv6:
2a0f:6a00::/29
2a0f:f200::/29
2a10:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:f1:1a:e8:36:8f:60:98:41:2e:fb:ab:f0:34:93:8e:e2:97:
f0:4c:0d:81:48:8c:7a:ca:1a:b2:2c:94:14:9e:5a:24:15:f3:
05:0b:2a:a5:1a:30:3d:30:42:51:7c:b3:4b:5c:05:4d:fd:52:
9a:4f:23:ce:9b:31:45:22:15:fd:72:af:b4:a3:a7:a5:b9:92:
08:08:b5:4e:fa:ea:ae:92:7f:62:3c:47:ec:40:e3:3d:30:e2:
56:f2:50:cc:5a:89:4d:c9:10:77:d6:9a:24:e5:ec:09:d9:d7:
13:df:9e:db:04:39:6a:da:58:45:c4:10:90:10:3b:12:63:22:
5b:b6:b4:2d:ee:3d:84:92:10:28:eb:39:10:b9:47:af:76:dd:
52:15:36:aa:36:97:bc:ab:13:ab:24:4f:be:d8:9a:07:8c:23:
f1:83:46:fc:7b:86:7c:83:c7:dc:6a:d2:b2:8f:0d:47:e0:6f:
54:8f:dc:bf:09:66:69:6c:cb:32:21:70:a6:3c:cf:8b:5b:20:
dd:cc:96:17:86:59:6f:1a:1a:c3:ae:3e:13:52:d3:ae:5e:a2:
ac:59:93:d6:d1:26:2c:c2:29:6e:24:da:57:f8:44:13:60:e6:
10:c3:f4:85:c9:de:56:de:8d:9a:80:99:e0:aa:c0:97:47:15:
4e:4a:34:a5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQijTUUnmzCQ8Rlexl876dIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjUwMTAxMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQwNGYzZTdkZjUzMmZhMmVjZTFiN2RlM2ZmYjUzMzMzZGU0NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfebQybqlOB7jPi+3wZna50mON+m
Pn1UJAt+hsMossJJorOwxwzuXjYUlab7dV1qYvP4GNNLwSFtRu27wAF9NHIGjS4X
nX2+VW3S+P9M/tt3K49iQX4dGX+zMYZ7Kpayco93TQ2vLICZPsHKS7oloJ/gwydu
/rKtjUDC/cQW+svYzflDMuD9JnlyzMpDTlxHjO7xFo+jh2rgNdfqNUCnawtw+EFJ
hHX0CAhcjZasC3kdzXiyaCAW5o25ytA+05idxFO4UaJ9eSnCNUEE7+ruSu5yd8u1
s0nioeAHjInImykaBfAO5l8KEdUeUhE0SfiISAZaEg7rVo63skQAQnMMIQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMrQTz599TL6Ls4bfeP/tTMz3kZXMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEveXRCUFBuMzFNdm91emh0OTRfLTFNelBlUmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQBublcAwQA
uftGMBsEAgACMBUDBQMqD2oAAwUDKg/yAAMFAyoQrsAwDQYJKoZIhvcNAQELBQAD
ggEBALHxGug2j2CYQS77q/A0k47il/BMDYFIjHrKGrIslBSeWiQV8wULKqUaMD0w
QlF8s0tcBU39UppPI86bMUUiFf1yr7Sjp6W5kggItU766q6Sf2I8R+xA4z0w4lby
UMxaiU3JEHfWmiTl7AnZ1xPfntsEOWraWEXEEJAQOxJjIlu2tC3uPYSSECjrORC5
R6923VIVNqo2l7yrE6skT77YmgeMI/GDRvx7hnyDx9xq0rKPDUfgb1SP3L8JZmls
yzIhcKY8z4tbIN3MlheGWW8aGsOuPhNS065eoqxZk9bRJizCKW4k2lf4RBNg5hDD
9IXJ3lbejZqAmeCqwJdHFU5KNKU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:32 2025 by rpki-client on console.sobornost.net