Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/2yuHeP9Kzi2-iDsOvnhCDYlo6Uw.roa
File: 2yuHeP9Kzi2-iDsOvnhCDYlo6Uw.roa (raw, json)
Hash identifier: IHxChvWb85sgNgotrA/BnsV06YpBeOkmN/tTfoFuUvc=
Subject key identifier: DB:2B:87:78:FF:4A:CE:2D:BE:88:3B:0E:BE:78:42:0D:89:68:E9:4C
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 019427B3F06857FD8B925EF72BDAE7E68811
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/2yuHeP9Kzi2-iDsOvnhCDYlo6Uw.roa
Signing time: Thu 02 Jan 2025 15:48:11 +0000
ROA not before: Thu 02 Jan 2025 15:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39251
IP address blocks: 77.76.16.0/20 maxlen: 20
77.76.16.0/24 maxlen: 24
85.217.252.0/22 maxlen: 24
91.92.72.0/21 maxlen: 24
91.92.80.0/20 maxlen: 24
91.92.96.0/21 maxlen: 24
91.207.190.0/23 maxlen: 23
91.207.190.0/24 maxlen: 24
91.207.191.0/24 maxlen: 24
91.223.66.0/24 maxlen: 24
91.245.192.0/24 maxlen: 24
185.163.140.0/22 maxlen: 24
185.225.84.0/22 maxlen: 24
185.229.252.0/22 maxlen: 24
193.37.238.0/24 maxlen: 24
194.169.223.0/24 maxlen: 24
194.169.230.0/24 maxlen: 24
194.169.237.0/24 maxlen: 24
194.169.242.0/24 maxlen: 24
195.238.84.0/23 maxlen: 23
195.238.84.0/24 maxlen: 24
195.238.85.0/24 maxlen: 24
212.70.140.0/24 maxlen: 24
212.70.141.0/24 maxlen: 24
213.232.88.0/22 maxlen: 24
2a0b:f800::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:f0:68:57:fd:8b:92:5e:f7:2b:da:e7:e6:88:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 2 15:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db2b8778ff4ace2dbe883b0ebe78420d8968e94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bd:4a:f3:c7:e0:99:3c:6b:ac:5e:43:81:b8:
15:67:71:0e:20:79:72:de:3f:48:1f:af:14:02:c2:
78:fd:2e:a2:97:c2:fd:fe:14:1e:21:62:0d:60:8d:
4a:90:56:5d:2d:ba:04:7b:24:ec:28:ee:bb:d1:7a:
6e:43:b5:ff:19:31:1f:19:f2:bb:6b:52:60:2e:03:
8d:fd:46:2e:ae:7b:16:72:cb:72:49:22:5e:53:87:
f4:4a:35:e3:67:3c:d4:ec:43:bf:77:4a:89:0d:59:
45:36:b2:03:1d:3d:45:84:20:48:7c:78:ea:42:27:
69:ad:2c:22:3a:4e:79:25:61:03:f1:43:d8:68:e0:
53:0d:da:03:33:ac:13:72:dc:65:63:6e:71:73:d2:
97:ac:6b:4b:b5:5b:11:51:cd:c2:1d:87:9f:9d:21:
88:93:0b:69:8f:1c:4e:93:e6:eb:3b:56:6c:00:e7:
52:e5:91:c2:25:64:c1:41:78:ee:93:f2:f9:50:02:
39:6f:a0:a4:b8:4a:ec:44:97:b4:34:44:ac:df:4c:
da:51:dc:d5:60:ca:bb:9c:76:d6:97:a6:74:1f:88:
68:a3:7d:47:a0:65:17:f0:31:01:be:79:cd:98:ac:
e8:a0:00:86:6c:12:bb:73:95:01:17:bd:ac:a3:4e:
f3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2B:87:78:FF:4A:CE:2D:BE:88:3B:0E:BE:78:42:0D:89:68:E9:4C
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/2yuHeP9Kzi2-iDsOvnhCDYlo6Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.16.0/20
85.217.252.0/22
91.92.72.0-91.92.103.255
91.207.190.0/23
91.223.66.0/24
91.245.192.0/24
185.163.140.0/22
185.225.84.0/22
185.229.252.0/22
193.37.238.0/24
194.169.223.0/24
194.169.230.0/24
194.169.237.0/24
194.169.242.0/24
195.238.84.0/23
212.70.140.0/23
213.232.88.0/22
IPv6:
2a0b:f800::/32
Signature Algorithm: sha256WithRSAEncryption
13:77:53:52:91:b9:29:2a:ca:21:7b:85:e9:de:aa:5e:eb:81:
8e:f0:d3:2d:7b:36:90:38:b8:63:d9:58:f4:e9:38:eb:5d:46:
f2:a8:bf:c0:87:eb:0a:27:37:b0:40:ce:8e:79:a6:0e:8b:63:
82:45:26:e2:f3:45:c0:8f:51:95:7c:2d:67:0b:36:01:ba:ba:
ec:43:2b:72:5d:23:b6:af:d7:40:60:1c:96:94:59:de:a1:f4:
b5:6a:a0:cd:c1:66:5c:6b:e2:4b:d2:cd:de:12:cc:5e:e8:e8:
98:87:0b:16:e2:17:bc:e6:73:bf:3e:92:ba:08:12:91:c8:09:
27:a5:58:f6:08:8f:61:c9:1a:0f:a5:dc:e0:57:50:20:c6:cd:
db:80:c4:8f:02:f3:2d:f4:42:4e:9c:e8:7c:e8:ed:02:87:ff:
11:14:62:9b:ef:7e:89:eb:80:62:ef:ec:7f:f7:25:2e:cd:e8:
32:6b:4a:c7:c9:17:d4:d2:bc:f4:73:98:a7:cb:95:df:55:b1:
23:76:cb:06:03:53:24:ed:44:3c:df:4e:43:b0:38:1b:65:7f:
70:2d:c3:4c:19:11:e4:af:42:0c:ec:15:15:be:a9:ca:67:55:
e7:dd:d8:4b:65:5a:e3:b2:1d:e5:1a:ca:ad:4d:26:d5:22:68:
89:58:51:37
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZQns/BoV/2Lkl73K9rn5ogRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjUwMTAyMTU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjJiODc3OGZmNGFjZTJkYmU4ODNiMGViZTc4NDIwZDg5NjhlOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL1K88fgmTxrrF5DgbgVZ3EOIHly
3j9IH68UAsJ4/S6il8L9/hQeIWINYI1KkFZdLboEeyTsKO670XpuQ7X/GTEfGfK7
a1JgLgON/UYurnsWcstySSJeU4f0SjXjZzzU7EO/d0qJDVlFNrIDHT1FhCBIfHjq
QidprSwiOk55JWED8UPYaOBTDdoDM6wTctxlY25xc9KXrGtLtVsRUc3CHYefnSGI
kwtpjxxOk+brO1ZsAOdS5ZHCJWTBQXjuk/L5UAI5b6CkuErsRJe0NESs30zaUdzV
YMq7nHbWl6Z0H4hoo31HoGUX8DEBvnnNmKzooACGbBK7c5UBF72so07z+QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNsrh3j/Ss4tvog7Dr54Qg2JaOlMMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvMnl1SGVQOUt6aTItaURzT3ZuaENEWWxvNlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQETUwQ
AwQCVdn8MAwDBANbXEgDBANbXGADBAFbz74DBABb30IDBABb9cADBAK5o4wDBAK5
4VQDBAK55fwDBADBJe4DBADCqd8DBADCqeYDBADCqe0DBADCqfIDBAHD7lQDBAHU
RowDBALV6FgwDQQCAAIwBwMFACoL+AAwDQYJKoZIhvcNAQELBQADggEBABN3U1KR
uSkqyiF7heneql7rgY7w0y17NpA4uGPZWPTpOOtdRvKov8CH6wonN7BAzo55pg6L
Y4JFJuLzRcCPUZV8LWcLNgG6uuxDK3JdI7av10BgHJaUWd6h9LVqoM3BZlxr4kvS
zd4SzF7o6JiHCxbiF7zmc78+kroIEpHICSelWPYIj2HJGg+l3OBXUCDGzduAxI8C
8y30Qk6c6Hzo7QKH/xEUYpvvfonrgGLv7H/3JS7N6DJrSsfJF9TSvPRzmKfLld9V
sSN2ywYDUyTtRDzfTkOwOBtlf3Atw0wZEeSvQgzsFRW+qcpnVefd2EtlWuOyHeUa
yq1NJtUiaIlYUTc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:46 2025 by rpki-client on console.sobornost.net