Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/y0ys8oH_BAjKhZB73VQ8OdRVKQQ.roa
File: y0ys8oH_BAjKhZB73VQ8OdRVKQQ.roa (raw, json)
Hash identifier: EX1QPljWIilhaU7+2aQcyOJZqBoQmUdpiFzyhGZQrYM=
Subject key identifier: CB:4C:AC:F2:81:FF:04:08:CA:85:90:7B:DD:54:3C:39:D4:55:29:04
Certificate issuer: /CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Certificate serial: 01942D96186A081A9EF39EE1B70D7B9A06FA
Authority key identifier: DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/y0ys8oH_BAjKhZB73VQ8OdRVKQQ.roa
Signing time: Fri 03 Jan 2025 19:13:18 +0000
ROA not before: Fri 03 Jan 2025 19:13:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50823
IP address blocks: 178.170.130.0/24 maxlen: 24
185.83.64.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2d:96:18:6a:08:1a:9e:f3:9e:e1:b7:0d:7b:9a:06:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Validity
Not Before: Jan 3 19:13:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb4cacf281ff0408ca85907bdd543c39d4552904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:17:d4:cd:98:95:53:50:7b:13:f2:56:6d:
26:5b:80:08:9d:3b:0f:91:b1:c5:59:3b:9b:da:63:
0b:aa:d0:5d:cd:28:b1:80:b9:03:35:20:8c:0c:46:
f5:2f:a8:2f:6d:82:55:7b:33:2d:a8:aa:7d:0d:03:
f9:b4:b1:85:7f:b2:d4:43:49:83:08:9d:8a:82:63:
2e:24:3c:a0:59:b5:8e:b0:ac:52:00:ca:b9:74:87:
3e:05:eb:3a:16:0e:92:30:2f:4e:43:ac:77:8e:6f:
e4:ce:cb:d4:b4:53:35:37:27:4a:1a:c7:2d:30:7e:
b4:53:a4:8c:41:56:47:89:85:e3:50:67:1d:0d:43:
4a:bc:8a:6c:35:a6:25:1b:e4:93:85:ee:e1:7b:db:
29:a9:57:20:f7:1d:68:59:c2:58:10:ea:36:8a:9b:
8d:16:19:36:3b:8d:ae:75:24:b7:75:9d:32:cd:a5:
37:f3:18:e1:e4:37:e6:86:eb:8a:05:56:7c:72:cf:
1e:75:6a:9c:d5:39:c1:41:08:de:7a:fe:79:c2:4b:
bf:07:dd:46:93:a1:25:86:4f:9f:a6:45:e7:5e:95:
db:08:35:d9:13:f3:9b:7f:4f:da:ce:77:60:25:16:
c7:9c:ff:19:e7:e3:0b:64:be:c2:c9:1b:8b:24:e5:
1f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4C:AC:F2:81:FF:04:08:CA:85:90:7B:DD:54:3C:39:D4:55:29:04
X509v3 Authority Key Identifier:
keyid:DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/y0ys8oH_BAjKhZB73VQ8OdRVKQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/333WWWZzfOj2XkDvL-oc_6-xYrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.130.0/24
185.83.64.0/22
Signature Algorithm: sha256WithRSAEncryption
81:f7:21:47:0b:be:98:57:07:b6:7d:b2:b9:c1:fd:4f:09:bf:
6d:aa:97:95:dc:b6:70:4a:98:65:88:7a:fe:51:f9:45:e4:65:
8b:7c:40:53:03:91:70:97:30:6a:78:07:83:ba:15:d5:46:0c:
84:d3:31:c8:c6:75:2e:e5:56:0c:b0:02:95:aa:09:be:be:ea:
e6:48:79:9c:ea:39:e7:de:3e:b1:13:b7:1c:c3:2d:17:0a:a7:
53:3b:e6:d2:78:02:85:4d:50:4b:96:8c:cc:5b:f3:7e:08:c3:
0d:af:cc:f5:85:70:4e:b9:f3:62:26:8e:50:b3:ec:9f:3a:ab:
ed:34:4d:b9:70:59:a1:d7:b9:8b:33:21:f2:e8:a5:25:ae:15:
18:38:7c:3e:08:48:b8:06:19:d2:17:6d:05:e4:92:b0:2a:95:
c9:08:1b:3a:9d:3a:fe:6b:20:f1:85:c3:3e:09:e9:c5:27:58:
d9:b0:72:05:c8:da:43:f1:2f:7a:37:44:f1:ba:7a:1a:74:34:
d1:f5:10:8d:b4:0f:ec:a0:e4:1f:d5:bf:dc:ec:4d:ce:f9:d8:
ed:a3:4d:b7:38:00:46:46:ba:a3:dc:2f:8e:7b:b7:08:49:7c:
84:c8:36:d9:f3:80:50:ab:61:72:68:e8:cd:e8:b4:b5:ff:88:
76:67:e4:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQtlhhqCBqe857htw17mgb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmN2RkNjU5NjY3MzdjZThmNjVlNDBlZjJmZWExY2ZmYWZi
MTYyYjAwHhcNMjUwMTAzMTkxMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRjYWNmMjgxZmYwNDA4Y2E4NTkwN2JkZDU0M2MzOWQ0NTUyOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkIX1M2YlVNQexPyVm0mW4AInTsP
kbHFWTub2mMLqtBdzSixgLkDNSCMDEb1L6gvbYJVezMtqKp9DQP5tLGFf7LUQ0mD
CJ2KgmMuJDygWbWOsKxSAMq5dIc+Bes6Fg6SMC9OQ6x3jm/kzsvUtFM1NydKGsct
MH60U6SMQVZHiYXjUGcdDUNKvIpsNaYlG+SThe7he9spqVcg9x1oWcJYEOo2ipuN
Fhk2O42udSS3dZ0yzaU38xjh5DfmhuuKBVZ8cs8edWqc1TnBQQjeev55wku/B91G
k6Elhk+fpkXnXpXbCDXZE/Obf0/azndgJRbHnP8Z5+MLZL7CyRuLJOUfXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMtMrPKB/wQIyoWQe91UPDnUVSkEMB8GA1UdIwQY
MBaAFN991llmc3zo9l5A7y/qHP+vsWKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMt
OGFjODk2NTcwOGJjLzEveTB5czhvSF9CQWpLaFpCNzNWUThPZFJWS1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMtOGFjODk2NTcwOGJj
LzEvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsqqCAwQC
uVNAMA0GCSqGSIb3DQEBCwUAA4IBAQCB9yFHC76YVwe2fbK5wf1PCb9tqpeV3LZw
SphliHr+UflF5GWLfEBTA5FwlzBqeAeDuhXVRgyE0zHIxnUu5VYMsAKVqgm+vurm
SHmc6jnn3j6xE7ccwy0XCqdTO+bSeAKFTVBLlozMW/N+CMMNr8z1hXBOufNiJo5Q
s+yfOqvtNE25cFmh17mLMyHy6KUlrhUYOHw+CEi4BhnSF20F5JKwKpXJCBs6nTr+
ayDxhcM+CenFJ1jZsHIFyNpD8S96N0TxunoadDTR9RCNtA/soOQf1b/c7E3O+djt
o023OABGRrqj3C+Oe7cISXyEyDbZ84BQq2FyaOjN6LS1/4h2Z+Q7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net