Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/yFSjMkcgtQ4jugHf3jpWTH9Nbv0.roa
File: yFSjMkcgtQ4jugHf3jpWTH9Nbv0.roa (raw, json)
Hash identifier: hqHHntvNx6acptoTgy50EVxfDKrmw52pRvx+yFRJ3nc=
Subject key identifier: C8:54:A3:32:47:20:B5:0E:23:BA:01:DF:DE:3A:56:4C:7F:4D:6E:FD
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 01942747F979FFC0139E628501DE1DFD19FC
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/yFSjMkcgtQ4jugHf3jpWTH9Nbv0.roa
Signing time: Thu 02 Jan 2025 13:50:15 +0000
ROA not before: Thu 02 Jan 2025 13:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16191
IP address blocks: 81.30.0.0/20 maxlen: 24
185.127.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f9:79:ff:c0:13:9e:62:85:01:de:1d:fd:19:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 2 13:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c854a3324720b50e23ba01dfde3a564c7f4d6efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:c8:90:ec:a8:f6:c1:ae:f9:ca:52:d8:4a:
ff:c8:d4:51:aa:b8:0d:d3:1a:0a:32:e3:a1:b6:10:
f2:e2:8b:a1:2f:37:1e:bc:e8:b4:aa:17:c7:07:a3:
be:99:e4:18:cf:a9:d6:ad:74:41:db:df:c1:63:1a:
56:b9:08:3d:ab:19:b1:4d:e9:7a:0d:2d:94:ca:1d:
34:65:d8:40:bd:35:fb:53:94:6b:10:d7:53:54:d0:
c7:91:20:de:a4:ae:30:71:3e:82:a8:0d:d4:22:56:
76:78:ee:6f:ae:4e:3b:e9:e9:63:14:58:a9:96:6f:
be:83:d6:fa:18:49:25:e3:28:d2:06:e6:df:81:6a:
87:fa:79:a9:96:87:dc:af:48:19:ec:7e:0d:87:55:
70:02:4c:a5:0f:78:2f:ec:d1:f1:bb:5a:06:84:fc:
01:c7:90:ae:01:a4:7e:91:41:a7:5f:dc:4f:58:56:
c6:bd:d6:ce:ed:fc:ea:17:80:20:98:7b:79:0b:25:
64:18:45:f8:80:27:19:0f:8e:a5:26:24:33:c3:9d:
4d:35:d2:a7:36:7e:30:7a:0e:cc:c1:53:3b:86:ff:
d0:09:af:ac:9a:f8:fc:0e:87:ee:e9:01:cc:66:8e:
88:d9:6a:3c:96:80:7b:69:b7:8e:c7:57:da:44:13:
f8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:54:A3:32:47:20:B5:0E:23:BA:01:DF:DE:3A:56:4C:7F:4D:6E:FD
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/yFSjMkcgtQ4jugHf3jpWTH9Nbv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.0.0/20
185.127.32.0/22
Signature Algorithm: sha256WithRSAEncryption
77:b3:9a:c6:03:d0:58:78:1d:03:17:da:73:af:02:96:b4:f6:
39:c8:a4:71:3f:30:71:aa:00:74:11:4e:ce:fe:9e:00:7b:49:
d9:e1:34:96:12:31:4f:5b:df:de:69:7d:c6:73:da:8c:4f:63:
10:e3:0e:25:6f:61:ba:24:e0:63:f2:36:e9:b5:bb:b6:41:1f:
bf:8f:1f:66:d0:1e:87:77:3e:28:ec:8f:c9:5c:ac:68:03:5f:
1c:ba:ff:d2:65:1f:77:8c:0c:6f:d5:a8:7a:4d:73:af:b1:2a:
83:6b:9b:2d:f8:1e:7a:87:25:1d:18:e8:02:82:6f:c3:5f:35:
4c:1a:94:55:16:42:3e:11:31:05:71:d6:58:98:8a:44:7f:15:
1f:92:30:16:47:19:93:f9:b3:92:b8:ee:33:b2:29:c6:1b:83:
56:8b:75:b6:46:16:21:13:07:80:b9:be:58:bf:7b:c4:d8:90:
fd:c4:3b:e2:de:51:18:bf:6c:ec:c4:0e:7e:e1:f1:5f:e7:26:
12:be:d5:d8:b2:23:58:5c:cd:8e:e2:be:47:d0:81:0c:92:59:
2e:b9:74:cf:9c:25:70:f1:d7:6d:de:e9:dd:fa:42:1a:92:1a:
02:58:23:a6:79:b2:4e:3f:13:1a:ec:8d:98:80:2c:9e:1e:a5:
6d:52:b9:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR/l5/8ATnmKFAd4d/Rn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjUwMTAyMTM1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODU0YTMzMjQ3MjBiNTBlMjNiYTAxZGZkZTNhNTY0YzdmNGQ2ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZDIkOyo9sGu+cpS2Er/yNRRqrgN
0xoKMuOhthDy4ouhLzcevOi0qhfHB6O+meQYz6nWrXRB29/BYxpWuQg9qxmxTel6
DS2Uyh00ZdhAvTX7U5RrENdTVNDHkSDepK4wcT6CqA3UIlZ2eO5vrk476eljFFip
lm++g9b6GEkl4yjSBubfgWqH+nmplofcr0gZ7H4Nh1VwAkylD3gv7NHxu1oGhPwB
x5CuAaR+kUGnX9xPWFbGvdbO7fzqF4AgmHt5CyVkGEX4gCcZD46lJiQzw51NNdKn
Nn4weg7MwVM7hv/QCa+smvj8Dofu6QHMZo6I2Wo8loB7abeOx1faRBP4/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMhUozJHILUOI7oB3946Vkx/TW79MB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEveUZTak1rY2d0UTRqdWdIZjNqcFdUSDlOYnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUR4AAwQC
uX8gMA0GCSqGSIb3DQEBCwUAA4IBAQB3s5rGA9BYeB0DF9pzrwKWtPY5yKRxPzBx
qgB0EU7O/p4Ae0nZ4TSWEjFPW9/eaX3Gc9qMT2MQ4w4lb2G6JOBj8jbptbu2QR+/
jx9m0B6Hdz4o7I/JXKxoA18cuv/SZR93jAxv1ah6TXOvsSqDa5st+B56hyUdGOgC
gm/DXzVMGpRVFkI+ETEFcdZYmIpEfxUfkjAWRxmT+bOSuO4zsinGG4NWi3W2RhYh
EweAub5Yv3vE2JD9xDvi3lEYv2zsxA5+4fFf5yYSvtXYsiNYXM2O4r5H0IEMklku
uXTPnCVw8ddt3und+kIakhoCWCOmebJOPxMa7I2YgCyeHqVtUrlL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:56 2025 by rpki-client on console.sobornost.net