Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/Y5hh8AgGKAUf_2S15Xwk_892p60.roa
File: Y5hh8AgGKAUf_2S15Xwk_892p60.roa (raw, json)
Hash identifier: baZuJeVmztFazA/spLlePhpdINyXpI1DJgHdXLAL5/E=
Subject key identifier: 63:98:61:F0:08:06:28:05:1F:FF:64:B5:E5:7C:24:FF:CF:76:A7:AD
Certificate issuer: /CN=d908722a7555dd1621dd6a62209fa8da52942999
Certificate serial: 019425FDAF6EDE4BB06C6C005219C933E95F
Authority key identifier: D9:08:72:2A:75:55:DD:16:21:DD:6A:62:20:9F:A8:DA:52:94:29:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/Y5hh8AgGKAUf_2S15Xwk_892p60.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201299
IP address blocks: 185.109.161.0/24 maxlen: 24
2a10:5c0::/29 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:af:6e:de:4b:b0:6c:6c:00:52:19:c9:33:e9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d908722a7555dd1621dd6a62209fa8da52942999
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=639861f0080628051fff64b5e57c24ffcf76a7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c2:c6:7c:1d:43:22:41:46:78:52:24:30:60:
9f:d4:8c:a1:26:fb:27:ff:91:18:10:a5:44:41:d3:
e6:e6:a4:13:e3:e8:76:ea:21:fc:48:8d:a2:fc:d7:
06:33:6a:9f:c6:d3:80:45:d8:a7:55:6d:32:8a:3b:
de:2f:f9:c7:8c:de:bc:f5:c3:25:98:6d:fb:a3:39:
04:ee:e0:8c:1a:5f:fe:1c:31:bc:bd:37:7c:ed:46:
c2:d3:f0:df:06:2f:cf:b1:ec:e3:e4:36:7c:78:24:
38:a0:9e:13:39:83:a1:9f:8c:65:ff:af:08:2d:21:
8d:51:b1:3f:cc:ce:a0:ca:1a:7d:c8:80:4c:3a:06:
df:49:09:1f:9d:37:0f:90:32:22:4a:8a:70:14:b9:
f9:d4:e3:e8:51:e6:39:a5:f7:1d:a4:7e:92:d1:6a:
e6:a9:9a:5a:00:e6:ea:22:86:f0:35:b9:c9:14:bd:
30:f0:1b:12:19:75:47:bd:df:65:f8:c5:3c:8f:8d:
97:a5:39:fe:14:52:60:b4:9c:bf:10:23:c3:eb:21:
ef:04:c3:13:ce:71:2d:78:05:fc:3e:b6:4b:99:52:
3d:3e:81:2f:6a:11:7f:51:53:c8:a6:61:39:a1:10:
b3:9e:6d:8c:66:c5:db:cb:d2:fd:85:ae:ca:6d:e2:
f6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:98:61:F0:08:06:28:05:1F:FF:64:B5:E5:7C:24:FF:CF:76:A7:AD
X509v3 Authority Key Identifier:
keyid:D9:08:72:2A:75:55:DD:16:21:DD:6A:62:20:9F:A8:DA:52:94:29:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/Y5hh8AgGKAUf_2S15Xwk_892p60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.161.0/24
IPv6:
2a10:5c0::/29
Signature Algorithm: sha256WithRSAEncryption
94:c3:6a:4b:34:f4:0f:41:f2:f6:06:e3:47:34:8d:a4:db:19:
c6:ca:67:f5:d4:f6:47:37:b4:9c:a3:a2:61:8c:3e:26:dc:62:
a2:4a:b9:6b:95:f0:8d:07:9f:ef:43:be:e7:fe:3a:78:08:68:
e7:1d:49:81:81:69:22:5e:18:ae:81:2d:f5:3c:c8:53:2d:eb:
a1:41:e5:98:af:8d:b9:3c:e6:16:4d:6d:5d:26:ed:80:12:de:
86:3e:52:46:40:51:03:50:7e:20:f7:23:58:fb:5e:07:6f:84:
df:06:90:c6:3a:93:5d:b7:30:a8:13:4a:7c:5b:8c:ab:12:53:
51:81:83:30:de:b6:88:3f:d6:37:53:d0:e6:6b:d0:d1:ba:98:
5d:af:20:59:5a:cd:f0:34:d8:d0:e4:7a:de:88:8c:1e:3c:4b:
fa:cc:4c:8c:3d:5a:1a:5c:b0:9f:54:b6:de:99:fc:f0:3f:20:
35:d5:b4:a0:5a:b6:af:67:a1:ac:38:e5:3f:3d:12:72:ac:3b:
d9:a9:af:dd:5e:b9:ff:6e:cf:cb:04:95:bc:09:e0:13:71:c1:
c2:2c:67:72:47:7c:8a:62:48:38:b8:ab:d5:4f:b3:ea:99:19:
ed:93:b3:1c:06:e9:05:5c:37:b0:09:ba:3d:ae:e6:7e:fe:b6:
85:3c:7e:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/a9u3kuwbGwAUhnJM+lfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MDg3MjJhNzU1NWRkMTYyMWRkNmE2MjIwOWZhOGRhNTI5
NDI5OTkwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzk4NjFmMDA4MDYyODA1MWZmZjY0YjVlNTdjMjRmZmNmNzZhN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsLGfB1DIkFGeFIkMGCf1IyhJvsn
/5EYEKVEQdPm5qQT4+h26iH8SI2i/NcGM2qfxtOARdinVW0yijveL/nHjN689cMl
mG37ozkE7uCMGl/+HDG8vTd87UbC0/DfBi/Psezj5DZ8eCQ4oJ4TOYOhn4xl/68I
LSGNUbE/zM6gyhp9yIBMOgbfSQkfnTcPkDIiSopwFLn51OPoUeY5pfcdpH6S0Wrm
qZpaAObqIobwNbnJFL0w8BsSGXVHvd9l+MU8j42XpTn+FFJgtJy/ECPD6yHvBMMT
znEteAX8PrZLmVI9PoEvahF/UVPIpmE5oRCznm2MZsXby9L9ha7KbeL27QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGOYYfAIBigFH/9kteV8JP/PdqetMB8GA1UdIwQY
MBaAFNkIcip1Vd0WId1qYiCfqNpSlCmZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFoeUtuVlYzUlloM1dwaUlKLW8ybEtVS1prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wODY2YjAtZmU2Yi00NjZmLWJiODYt
MmQ5ZmNhNjYyZTUyLzEvWTVoaDhBZ0dLQVVmXzJTMTVYd2tfODkycDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wODY2YjAtZmU2Yi00NjZmLWJiODYtMmQ5ZmNhNjYyZTUy
LzEvMlFoeUtuVlYzUlloM1dwaUlKLW8ybEtVS1prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuW2hMA0E
AgACMAcDBQMqEAXAMA0GCSqGSIb3DQEBCwUAA4IBAQCUw2pLNPQPQfL2BuNHNI2k
2xnGymf11PZHN7Sco6JhjD4m3GKiSrlrlfCNB5/vQ77n/jp4CGjnHUmBgWkiXhiu
gS31PMhTLeuhQeWYr425POYWTW1dJu2AEt6GPlJGQFEDUH4g9yNY+14Hb4TfBpDG
OpNdtzCoE0p8W4yrElNRgYMw3raIP9Y3U9Dma9DRuphdryBZWs3wNNjQ5HreiIwe
PEv6zEyMPVoaXLCfVLbemfzwPyA11bSgWravZ6GsOOU/PRJyrDvZqa/dXrn/bs/L
BJW8CeATccHCLGdyR3yKYkg4uKvVT7PqmRntk7McBukFXDewCbo9ruZ+/raFPH6B
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:45 2025 by rpki-client on console.sobornost.net