Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/EdTyc-f6MbzKNflZEVb0lTRcFng.roa
File: EdTyc-f6MbzKNflZEVb0lTRcFng.roa (raw, json)
Hash identifier: LosjQRA+dA0QESjdH00I3Sd8eYNzb4MjK8b7Xcsie8w=
Subject key identifier: 11:D4:F2:73:E7:FA:31:BC:CA:35:F9:59:11:56:F4:95:34:5C:16:78
Certificate issuer: /CN=282eadb8d8c29f2e70355043e26786229734f0b2
Certificate serial: 019423D6F6EBF49FDBCD25B111F97534A431
Authority key identifier: 28:2E:AD:B8:D8:C2:9F:2E:70:35:50:43:E2:67:86:22:97:34:F0:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KC6tuNjCny5wNVBD4meGIpc08LI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/EdTyc-f6MbzKNflZEVb0lTRcFng.roa
Signing time: Wed 01 Jan 2025 21:47:57 +0000
ROA not before: Wed 01 Jan 2025 21:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48344
IP address blocks: 91.207.16.0/23 maxlen: 24
91.207.16.0/24 maxlen: 24
91.207.17.0/24 maxlen: 24
91.228.170.0/23 maxlen: 24
91.228.171.0/24 maxlen: 24
195.210.26.0/23 maxlen: 23
195.210.26.0/24 maxlen: 24
195.210.27.0/24 maxlen: 24
2001:67c:140::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f6:eb:f4:9f:db:cd:25:b1:11:f9:75:34:a4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282eadb8d8c29f2e70355043e26786229734f0b2
Validity
Not Before: Jan 1 21:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11d4f273e7fa31bcca35f9591156f495345c1678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8a:a3:9d:b5:97:ec:8b:34:f3:93:24:65:7a:
a5:3e:76:cc:d0:1c:0d:be:04:fe:84:6c:7c:e6:40:
7b:80:1c:36:a2:3b:7d:c7:6f:2d:6e:25:74:51:3c:
83:04:88:19:fc:1d:55:57:70:f6:23:f2:e1:5c:3e:
fa:0c:75:89:90:00:12:a9:39:1f:72:90:58:28:20:
c2:4b:e7:bd:55:68:9c:4f:21:a8:6d:37:01:bb:23:
4c:c9:ff:23:0f:45:1d:d6:32:36:5a:64:a0:d9:84:
87:e3:b6:e5:e5:9a:e5:2d:18:e6:08:a7:e2:6c:63:
db:ba:d8:dd:70:16:c3:4d:3c:a0:c8:69:50:cb:a3:
3c:3a:02:57:58:26:3d:45:70:92:35:ed:36:d3:62:
e4:bc:72:ba:20:53:91:57:80:94:c8:39:24:70:2f:
7a:ff:b2:b4:ac:22:da:ac:9a:c9:66:b5:c5:17:15:
46:5a:31:4e:51:80:56:66:f5:84:4c:25:57:26:b0:
98:f0:f7:c1:47:0a:99:5a:e0:35:c7:52:ba:7d:4e:
5b:30:32:bd:3f:86:4c:3e:7d:a0:76:93:79:27:57:
31:10:93:9e:82:bc:40:f2:30:d8:35:10:d2:8e:40:
2a:80:48:46:3e:31:1a:be:a4:3c:49:cc:a0:27:32:
18:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D4:F2:73:E7:FA:31:BC:CA:35:F9:59:11:56:F4:95:34:5C:16:78
X509v3 Authority Key Identifier:
keyid:28:2E:AD:B8:D8:C2:9F:2E:70:35:50:43:E2:67:86:22:97:34:F0:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KC6tuNjCny5wNVBD4meGIpc08LI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/EdTyc-f6MbzKNflZEVb0lTRcFng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/KC6tuNjCny5wNVBD4meGIpc08LI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.16.0/23
91.228.170.0/23
195.210.26.0/23
IPv6:
2001:67c:140::/48
Signature Algorithm: sha256WithRSAEncryption
3b:c1:96:d1:29:98:21:c9:6c:f1:64:d4:41:61:61:89:94:c1:
ed:b7:1c:07:1f:a9:f6:c0:6e:94:23:2f:b3:09:b5:ba:7d:61:
f6:2b:25:ef:b4:77:7b:a8:3a:f5:64:06:01:cc:97:b3:fd:bd:
11:1e:96:f1:50:d0:ca:a9:59:18:c3:9b:0a:87:4f:7a:2b:f4:
76:c4:90:eb:d0:73:d7:e1:ca:cb:28:f8:6d:a1:71:72:b6:58:
5d:46:27:5e:6c:cb:de:d0:95:26:1d:56:d9:8b:4e:8e:30:cb:
1f:1b:0c:82:46:e0:40:74:b8:5e:8c:04:a3:57:5b:1c:c9:2d:
b8:f3:95:41:62:f1:54:37:2c:3b:dc:29:b8:50:19:84:eb:3b:
28:c0:fa:43:fb:79:45:da:5d:d0:c0:94:b7:ff:53:e8:0b:96:
f9:de:fd:91:ce:a7:d7:da:4e:80:a6:82:b7:c0:e1:6e:eb:e1:
d8:b7:50:62:dd:b0:f9:43:54:85:dc:f6:7d:29:f6:86:83:db:
95:1f:9b:42:37:b7:ca:32:70:f6:b2:8a:9a:70:46:37:bf:b1:
9e:85:f4:a3:5b:1a:5f:30:45:ad:f8:5e:4d:ee:6d:36:f0:db:
35:c7:ef:54:98:ca:1b:2e:20:99:54:13:2c:b9:6b:47:d8:d5:
8d:47:1d:06
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQj1vbr9J/bzSWxEfl1NKQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmVhZGI4ZDhjMjlmMmU3MDM1NTA0M2UyNjc4NjIyOTcz
NGYwYjIwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ0ZjI3M2U3ZmEzMWJjY2EzNWY5NTkxMTU2ZjQ5NTM0NWMxNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4qjnbWX7Is085MkZXqlPnbM0BwN
vgT+hGx85kB7gBw2ojt9x28tbiV0UTyDBIgZ/B1VV3D2I/LhXD76DHWJkAASqTkf
cpBYKCDCS+e9VWicTyGobTcBuyNMyf8jD0Ud1jI2WmSg2YSH47bl5ZrlLRjmCKfi
bGPbutjdcBbDTTygyGlQy6M8OgJXWCY9RXCSNe0202LkvHK6IFORV4CUyDkkcC96
/7K0rCLarJrJZrXFFxVGWjFOUYBWZvWETCVXJrCY8PfBRwqZWuA1x1K6fU5bMDK9
P4ZMPn2gdpN5J1cxEJOegrxA8jDYNRDSjkAqgEhGPjEavqQ8ScygJzIYOwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBHU8nPn+jG8yjX5WRFW9JU0XBZ4MB8GA1UdIwQY
MBaAFCgurbjYwp8ucDVQQ+JnhiKXNPCyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0M2dHVOakNueTV3TlZCRDRtZUdJcGMwOExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wZmFmNzAtNGMzOC00MDZmLThjY2Qt
YjY3ZjQwYjRlYzE0LzEvRWRUeWMtZjZNYnpLTmZsWkVWYjBsVFJjRm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wZmFmNzAtNGMzOC00MDZmLThjY2QtYjY3ZjQwYjRlYzE0
LzEvS0M2dHVOakNueTV3TlZCRDRtZUdJcGMwOExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW88QAwQB
W+SqAwQBw9IaMA8EAgACMAkDBwAgAQZ8AUAwDQYJKoZIhvcNAQELBQADggEBADvB
ltEpmCHJbPFk1EFhYYmUwe23HAcfqfbAbpQjL7MJtbp9YfYrJe+0d3uoOvVkBgHM
l7P9vREelvFQ0MqpWRjDmwqHT3or9HbEkOvQc9fhysso+G2hcXK2WF1GJ15sy97Q
lSYdVtmLTo4wyx8bDIJG4EB0uF6MBKNXWxzJLbjzlUFi8VQ3LDvcKbhQGYTrOyjA
+kP7eUXaXdDAlLf/U+gLlvne/ZHOp9faToCmgrfA4W7r4di3UGLdsPlDVIXc9n0p
9oaD25Ufm0I3t8oycPayippwRje/sZ6F9KNbGl8wRa34Xk3ubTbw2zXH71SYyhsu
IJlUEyy5a0fY1Y1HHQY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:11 2025 by rpki-client on console.sobornost.net