Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/ymSnyZ91fxVC39LRAlSHciRZ46Y.roa
File: ymSnyZ91fxVC39LRAlSHciRZ46Y.roa (raw, json)
Hash identifier: 9upse4LtnCnU7pMyWCgkPTtYXe3IQqerCyozn8qome0=
Subject key identifier: CA:64:A7:C9:9F:75:7F:15:42:DF:D2:D1:02:54:87:72:24:59:E3:A6
Certificate issuer: /CN=43e0a364131841056d48b2d788ea00ca4b91db56
Certificate serial: 01962013D2143DEBF1A8D03391E43EA14070
Authority key identifier: 43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/ymSnyZ91fxVC39LRAlSHciRZ46Y.roa
Signing time: Thu 10 Apr 2025 14:21:31 +0000
ROA not before: Thu 10 Apr 2025 14:21:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48254
IP address blocks: 45.8.224.0/24 maxlen: 24
45.8.225.0/24 maxlen: 24
45.8.226.0/24 maxlen: 24
45.8.227.0/24 maxlen: 24
185.146.164.0/24 maxlen: 24
185.146.165.0/24 maxlen: 24
185.146.166.0/24 maxlen: 24
185.146.167.0/24 maxlen: 24
185.151.28.0/24 maxlen: 24
185.151.29.0/24 maxlen: 24
185.151.30.0/24 maxlen: 24
185.151.31.0/24 maxlen: 24
193.176.16.0/24 maxlen: 24
194.38.52.0/24 maxlen: 24
194.38.53.0/24 maxlen: 24
194.38.54.0/24 maxlen: 24
2a07:7800::/29 maxlen: 48
2a07:7800::/48 maxlen: 48
2a07:7800:1::/48 maxlen: 48
2a07:7800:2::/48 maxlen: 48
2a07:7800:3::/48 maxlen: 48
2a07:7800:4::/48 maxlen: 48
2a07:7800:5::/48 maxlen: 48
2a07:7800:6::/48 maxlen: 48
2a07:7800:7::/48 maxlen: 48
2a07:7800:8::/48 maxlen: 48
2a07:7800:9::/48 maxlen: 48
2a07:7800:10::/48 maxlen: 48
2a07:7800:11::/48 maxlen: 48
2a07:7800:12::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:13:d2:14:3d:eb:f1:a8:d0:33:91:e4:3e:a1:40:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e0a364131841056d48b2d788ea00ca4b91db56
Validity
Not Before: Apr 10 14:21:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca64a7c99f757f1542dfd2d1025487722459e3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:dd:84:dd:fe:6c:f0:19:a9:11:f7:a5:cb:a1:
a8:c5:4a:7d:72:16:88:a8:af:92:fc:d2:06:9b:84:
74:fd:fc:93:69:c2:70:14:b8:57:d6:63:36:49:dd:
24:b4:74:1b:4b:18:a4:ab:dd:f8:c1:10:03:0a:1e:
4f:6a:5b:b1:3c:a2:e9:19:cb:71:a0:0d:6b:a9:96:
af:c0:a8:69:28:81:bf:36:c6:f4:88:d2:e0:2b:cc:
36:96:91:2b:2b:2c:17:98:f2:54:8b:76:79:ae:ee:
4d:d0:47:5d:2a:11:df:fa:b9:cb:4c:51:d1:39:a5:
29:24:8d:7d:70:47:19:c1:2a:ea:24:8a:83:66:ac:
9e:88:34:2f:a3:52:f2:6c:f0:a7:92:38:78:96:f0:
28:74:db:dd:d5:1a:9f:1d:3f:d6:4c:2d:55:e7:3e:
db:e3:bc:31:74:a0:f0:e3:af:5f:13:dc:ae:43:ae:
ac:13:fd:a9:f9:ab:64:bc:50:fa:f6:41:da:f3:28:
d2:5c:ea:42:83:31:ef:27:cb:25:0a:8c:6f:04:b2:
a6:42:a2:e9:b1:22:32:6f:63:e7:70:6c:dd:00:b5:
7b:6d:bf:d0:4d:88:6c:2a:e6:cb:9c:dd:d0:71:9c:
d5:40:a0:fc:1f:c8:50:85:39:24:af:56:9f:d4:0d:
3c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:64:A7:C9:9F:75:7F:15:42:DF:D2:D1:02:54:87:72:24:59:E3:A6
X509v3 Authority Key Identifier:
keyid:43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/ymSnyZ91fxVC39LRAlSHciRZ46Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.224.0/22
185.146.164.0/22
185.151.28.0/22
193.176.16.0/24
194.38.52.0-194.38.54.255
IPv6:
2a07:7800::/29
Signature Algorithm: sha256WithRSAEncryption
13:21:ae:ce:07:f5:38:e4:c9:d2:57:fb:73:88:68:a9:2a:ab:
25:b8:4d:a9:79:1d:9f:2f:63:ec:e1:cd:0b:22:cb:43:f9:d5:
14:d1:42:b6:13:a8:9c:03:df:ea:86:eb:e2:78:1b:f6:8d:22:
8a:bd:66:64:a4:e3:d9:db:2d:fc:82:09:d1:69:ec:c9:6c:a3:
ca:7d:f5:ba:79:50:f9:08:37:34:c6:56:ae:43:0c:df:6c:3e:
f8:2d:44:4a:e2:99:64:c3:14:d0:40:71:58:6e:7a:09:f0:97:
44:40:93:db:41:a3:b8:24:bc:70:b8:2c:63:14:68:31:87:26:
a0:78:45:57:99:df:24:84:70:8e:b1:aa:bd:2e:41:8a:38:0d:
4d:89:a6:b9:d3:27:8e:54:2a:d3:b1:92:02:a7:4d:b7:a3:fd:
69:ff:14:64:51:6f:96:57:c7:0e:fa:af:49:5c:26:68:aa:36:
b3:62:a5:76:4f:bd:88:a5:38:56:0d:7d:e3:b9:31:59:4c:e2:
85:0a:2a:10:09:62:15:f6:4e:a0:4f:ca:66:cb:c7:58:8a:0b:
ac:3c:ce:05:b0:b7:b1:c1:0b:92:db:05:37:6e:1e:7c:fe:49:
e3:8e:42:e2:f2:5b:7a:27:75:46:c0:c5:50:ee:48:78:57:cb:
ce:20:ef:80
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZYgE9IUPevxqNAzkeQ+oUBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTBhMzY0MTMxODQxMDU2ZDQ4YjJkNzg4ZWEwMGNhNGI5
MWRiNTYwHhcNMjUwNDEwMTQyMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY0YTdjOTlmNzU3ZjE1NDJkZmQyZDEwMjU0ODc3MjI0NTllM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt2E3f5s8BmpEfely6GoxUp9chaI
qK+S/NIGm4R0/fyTacJwFLhX1mM2Sd0ktHQbSxikq934wRADCh5PaluxPKLpGctx
oA1rqZavwKhpKIG/Nsb0iNLgK8w2lpErKywXmPJUi3Z5ru5N0EddKhHf+rnLTFHR
OaUpJI19cEcZwSrqJIqDZqyeiDQvo1LybPCnkjh4lvAodNvd1RqfHT/WTC1V5z7b
47wxdKDw469fE9yuQ66sE/2p+atkvFD69kHa8yjSXOpCgzHvJ8slCoxvBLKmQqLp
sSIyb2PncGzdALV7bb/QTYhsKubLnN3QcZzVQKD8H8hQhTkkr1af1A08aQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMpkp8mfdX8VQt/S0QJUh3IkWeOmMB8GA1UdIwQY
MBaAFEPgo2QTGEEFbUiy14jqAMpLkdtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgt
NGIwODFjYzJiMzlhLzEveW1TbnlaOTFmeFZDMzlMUkFsU0hjaVJaNDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgtNGIwODFjYzJiMzlh
LzEvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCLQjgAwQC
uZKkAwQCuZccAwQAwbAQMAwDBALCJjQDBADCJjYwDQQCAAIwBwMFAyoHeAAwDQYJ
KoZIhvcNAQELBQADggEBABMhrs4H9TjkydJX+3OIaKkqqyW4Tal5HZ8vY+zhzQsi
y0P51RTRQrYTqJwD3+qG6+J4G/aNIoq9ZmSk49nbLfyCCdFp7Mlso8p99bp5UPkI
NzTGVq5DDN9sPvgtRErimWTDFNBAcVhuegnwl0RAk9tBo7gkvHC4LGMUaDGHJqB4
RVeZ3ySEcI6xqr0uQYo4DU2JprnTJ45UKtOxkgKnTbej/Wn/FGRRb5ZXxw76r0lc
JmiqNrNipXZPvYilOFYNfeO5MVlM4oUKKhAJYhX2TqBPymbLx1iKC6w8zgWwt7HB
C5LbBTduHnz+SeOOQuLyW3ondUbAxVDuSHhXy84g74A=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:04 2025 by rpki-client on console.sobornost.net