Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DyA1tFdYex1CDIuoIphpHH3D-NA.roa
File: DyA1tFdYex1CDIuoIphpHH3D-NA.roa (raw, json)
Hash identifier: /CBkdq6Cl/6kWa0GXz6XPerkjcFWEwnxwHHFN4+nkf0=
Subject key identifier: 0F:20:35:B4:57:58:7B:1D:42:0C:8B:A8:22:98:69:1C:7D:C3:F8:D0
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01961B723678F233FA58283C610EA85487CF
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DyA1tFdYex1CDIuoIphpHH3D-NA.roa
Signing time: Wed 09 Apr 2025 16:46:31 +0000
ROA not before: Wed 09 Apr 2025 16:46:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 14.102.53.0/24 maxlen: 24
14.102.60.0/24 maxlen: 24
81.95.48.0/24 maxlen: 24
81.95.49.0/24 maxlen: 24
92.51.236.0/24 maxlen: 24
92.51.237.0/24 maxlen: 24
103.125.76.0/24 maxlen: 24
192.140.222.0/24 maxlen: 24
192.140.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:72:36:78:f2:33:fa:58:28:3c:61:0e:a8:54:87:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 9 16:46:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f2035b457587b1d420c8ba82298691c7dc3f8d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f1:25:32:5b:c2:d8:2b:7f:1e:27:92:3d:57:
1a:c7:ec:3e:c9:37:63:11:7d:33:dc:67:72:e1:46:
fc:69:d7:d3:f0:7c:a8:de:0e:97:04:0c:1d:86:7a:
0a:51:e3:2c:17:ab:0a:18:07:80:86:38:33:4d:00:
98:48:05:b0:f1:6a:6a:f8:01:fb:01:4b:c8:bd:0c:
d8:ab:30:c5:66:4c:60:29:3a:06:c9:33:f3:25:84:
df:7e:fb:4a:18:f7:8c:9d:52:88:fb:94:0e:cd:7e:
64:df:fc:06:f9:07:c8:c5:3b:b9:2a:ea:48:23:e2:
3a:c7:e5:64:13:62:00:5d:20:e5:38:4a:36:ef:e9:
08:93:b6:ca:66:98:cb:aa:51:3b:35:60:b7:ec:69:
f1:49:cc:ee:b7:99:82:91:f2:58:d9:b0:ca:15:c6:
68:26:93:6a:bc:8d:e5:d2:89:9b:aa:51:0f:c6:e7:
2c:b2:2d:29:6e:b1:ee:df:09:cb:dc:48:90:db:8f:
6a:a3:81:60:58:ef:81:13:88:92:2d:68:51:35:c7:
8c:5e:b3:73:09:bb:85:82:c2:14:d9:69:b8:16:38:
fd:19:e3:aa:64:1a:70:ab:a8:43:c2:eb:a9:d8:29:
72:26:7b:d6:ef:c7:14:d9:40:69:f9:a5:b0:49:5f:
de:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:20:35:B4:57:58:7B:1D:42:0C:8B:A8:22:98:69:1C:7D:C3:F8:D0
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DyA1tFdYex1CDIuoIphpHH3D-NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.53.0/24
14.102.60.0/24
81.95.48.0/23
92.51.236.0/23
103.125.76.0/24
192.140.222.0/23
Signature Algorithm: sha256WithRSAEncryption
be:09:b6:f1:d7:f8:97:53:a9:0d:9c:08:4a:35:4b:70:85:d1:
44:25:37:93:a8:bf:6b:ee:cd:43:e1:db:1e:f3:19:3f:1c:92:
cb:94:28:44:d2:64:82:d5:ef:6a:f0:df:fb:48:bd:5a:c3:cb:
52:d6:13:35:0d:4c:6b:70:69:6b:5c:28:d7:bf:e1:93:61:74:
c4:88:c0:c3:c3:b5:d9:12:0b:80:e7:47:a8:6d:0e:18:1e:b5:
f5:80:c9:f2:b8:b7:84:ba:c5:43:d9:d8:44:bf:5f:ae:92:9c:
e1:06:00:69:91:75:12:be:af:71:d5:8e:d5:f7:32:a0:ee:4e:
0b:e1:6e:35:14:30:6e:f9:67:53:8d:4d:9d:4b:27:56:4e:12:
1f:a9:38:bb:66:1c:02:fd:93:83:a2:4b:8f:a4:14:52:7c:23:
26:72:9e:58:72:39:49:b7:88:23:5c:5a:3c:90:27:1e:80:29:
54:a9:22:bf:3f:5b:60:55:0a:07:a7:59:bd:c8:16:13:4e:b1:
1b:c7:e0:58:59:e5:98:05:f4:d5:0f:94:68:5b:68:35:8d:b4:
90:28:dd:13:b5:8f:00:fc:2a:0e:c9:2a:8d:d8:31:6f:7d:42:
b1:10:15:d7:d9:ed:4e:2a:7d:8d:f7:7e:a4:1d:75:f7:09:62:
c8:2b:26:19
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZYbcjZ48jP6WCg8YQ6oVIfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNDA5MTY0NjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIwMzViNDU3NTg3YjFkNDIwYzhiYTgyMjk4NjkxYzdkYzNmOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvElMlvC2Ct/HieSPVcax+w+yTdj
EX0z3Gdy4Ub8adfT8Hyo3g6XBAwdhnoKUeMsF6sKGAeAhjgzTQCYSAWw8Wpq+AH7
AUvIvQzYqzDFZkxgKToGyTPzJYTffvtKGPeMnVKI+5QOzX5k3/wG+QfIxTu5KupI
I+I6x+VkE2IAXSDlOEo27+kIk7bKZpjLqlE7NWC37GnxSczut5mCkfJY2bDKFcZo
JpNqvI3l0ombqlEPxucssi0pbrHu3wnL3EiQ249qo4FgWO+BE4iSLWhRNceMXrNz
CbuFgsIU2Wm4Fjj9GeOqZBpwq6hDwuup2ClyJnvW78cU2UBp+aWwSV/eQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA8gNbRXWHsdQgyLqCKYaRx9w/jQMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvRHlBMXRGZFlleDFDREl1b0lwaHBISDNELU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQADmY1AwQA
DmY8AwQBUV8wAwQBXDPsAwQAZ31MAwQBwIzeMA0GCSqGSIb3DQEBCwUAA4IBAQC+
Cbbx1/iXU6kNnAhKNUtwhdFEJTeTqL9r7s1D4dse8xk/HJLLlChE0mSC1e9q8N/7
SL1aw8tS1hM1DUxrcGlrXCjXv+GTYXTEiMDDw7XZEguA50eobQ4YHrX1gMnyuLeE
usVD2dhEv1+ukpzhBgBpkXUSvq9x1Y7V9zKg7k4L4W41FDBu+WdTjU2dSydWThIf
qTi7ZhwC/ZODokuPpBRSfCMmcp5YcjlJt4gjXFo8kCcegClUqSK/P1tgVQoHp1m9
yBYTTrEbx+BYWeWYBfTVD5RoW2g1jbSQKN0TtY8A/CoOySqN2DFvfUKxEBXX2e1O
Kn2N936kHXX3CWLIKyYZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:41 2025 by rpki-client on console.sobornost.net