Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/Y09DAS9bLh1xAHqahYhLrCah7Do.roa
File: Y09DAS9bLh1xAHqahYhLrCah7Do.roa (raw, json)
Hash identifier: KsGpd22HLjZmnPLG6DA0cJZZzK6h+S5QA/ADl1ffSag=
Subject key identifier: 63:4F:43:01:2F:5B:2E:1D:71:00:7A:9A:85:88:4B:AC:26:A1:EC:3A
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 01961FC8C0680A51CC264D45B295730148F3
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/Y09DAS9bLh1xAHqahYhLrCah7Do.roa
Signing time: Thu 10 Apr 2025 12:59:32 +0000
ROA not before: Thu 10 Apr 2025 12:59:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 85.234.106.0/24 maxlen: 24
85.234.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:c8:c0:68:0a:51:cc:26:4d:45:b2:95:73:01:48:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Apr 10 12:59:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=634f43012f5b2e1d71007a9a85884bac26a1ec3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:50:25:9c:e6:e6:7a:cf:38:dd:ac:68:2b:7c:
98:c4:9c:70:f9:66:79:57:00:e6:21:c6:33:69:39:
36:b7:7d:a4:04:55:bb:2a:c3:40:17:50:fc:fb:65:
61:bc:d5:67:e1:25:27:a0:40:35:56:e5:07:e1:22:
8a:46:c8:5f:3a:58:59:47:a1:d4:f5:b6:9f:b4:31:
16:6e:df:2c:9b:be:55:b2:11:f5:02:06:e4:d1:e7:
72:72:59:5c:5e:9e:c8:ce:34:3c:a0:8b:48:a9:bc:
87:39:bc:fa:da:67:d2:28:71:c2:6c:fd:41:5e:32:
bb:37:db:08:f9:ba:9c:c2:99:de:75:27:d5:7f:25:
5d:fb:70:f8:70:d0:5a:8e:a7:78:86:bf:99:b3:45:
9c:e7:02:02:94:25:9c:ce:8d:c3:58:78:c1:f7:f2:
3a:c3:0f:cc:77:c1:90:99:89:79:6f:a0:a7:48:e2:
56:a1:26:82:f8:b2:d9:02:62:5d:d7:65:cb:e8:85:
c5:92:e4:61:9b:ef:51:e3:fa:f1:ac:d2:51:7c:57:
b2:88:ef:b8:49:33:94:17:90:07:f8:0b:58:1c:2d:
f3:29:bd:15:8a:c1:99:69:89:a0:ff:4a:48:48:3e:
d8:bb:8e:a0:3b:14:d2:28:ac:4c:09:29:3b:20:67:
ac:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4F:43:01:2F:5B:2E:1D:71:00:7A:9A:85:88:4B:AC:26:A1:EC:3A
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/Y09DAS9bLh1xAHqahYhLrCah7Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.106.0/23
Signature Algorithm: sha256WithRSAEncryption
30:5a:0a:47:7d:ea:5a:ef:77:26:b0:e7:93:d5:2d:1f:ef:f0:
e0:26:6b:f0:df:c5:7f:9e:ae:af:eb:8c:1b:c7:b9:21:ab:a9:
c3:d2:6b:b5:96:18:e7:87:1f:cd:8d:6c:54:c3:8e:60:9c:ee:
ea:bc:de:4f:c9:34:6b:0b:6c:8c:db:c9:b9:0f:c7:70:c7:7e:
0c:fd:36:97:cd:8f:57:1d:1c:5f:f5:72:a8:0c:76:26:81:17:
17:7e:9b:46:a0:89:0d:1c:a3:2d:d7:45:06:ab:16:b9:7a:1b:
01:76:3e:5c:67:93:bc:d4:ac:5e:59:4c:00:ac:b1:33:49:72:
bd:b3:48:b8:95:86:56:25:32:50:ac:2f:6c:a0:b0:31:63:18:
75:35:0f:f0:64:df:ed:a6:e8:cd:ca:85:a7:50:a7:c2:53:0b:
1e:b5:43:1f:9b:90:04:3d:68:47:61:16:be:fd:a9:ca:a7:ce:
ef:73:5b:9c:8d:df:c7:67:c3:1a:2f:48:3c:d7:04:e3:25:c3:
cd:0b:ec:91:68:0a:c9:e9:2a:d8:37:57:09:8a:dc:bd:2c:19:
9e:cd:f0:65:89:f5:e8:84:15:c6:10:34:bd:b3:99:ff:2f:ab:
0e:72:77:eb:9c:ec:46:1f:60:6d:2d:0a:ea:90:e0:de:c4:d2:
97:2c:c4:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYfyMBoClHMJk1FspVzAUjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjUwNDEwMTI1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRmNDMwMTJmNWIyZTFkNzEwMDdhOWE4NTg4NGJhYzI2YTFlYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVAlnObmes843axoK3yYxJxw+WZ5
VwDmIcYzaTk2t32kBFW7KsNAF1D8+2VhvNVn4SUnoEA1VuUH4SKKRshfOlhZR6HU
9baftDEWbt8sm75VshH1Agbk0edycllcXp7IzjQ8oItIqbyHObz62mfSKHHCbP1B
XjK7N9sI+bqcwpnedSfVfyVd+3D4cNBajqd4hr+Zs0Wc5wIClCWczo3DWHjB9/I6
ww/Md8GQmYl5b6CnSOJWoSaC+LLZAmJd12XL6IXFkuRhm+9R4/rxrNJRfFeyiO+4
STOUF5AH+AtYHC3zKb0VisGZaYmg/0pISD7Yu46gOxTSKKxMCSk7IGesIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNPQwEvWy4dcQB6moWIS6wmoew6MB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvWTA5REFTOWJMaDF4QUhxYWhZaExyQ2FoN0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVepqMA0G
CSqGSIb3DQEBCwUAA4IBAQAwWgpHfepa73cmsOeT1S0f7/DgJmvw38V/nq6v64wb
x7khq6nD0mu1lhjnhx/NjWxUw45gnO7qvN5PyTRrC2yM28m5D8dwx34M/TaXzY9X
HRxf9XKoDHYmgRcXfptGoIkNHKMt10UGqxa5ehsBdj5cZ5O81KxeWUwArLEzSXK9
s0i4lYZWJTJQrC9soLAxYxh1NQ/wZN/tpujNyoWnUKfCUwsetUMfm5AEPWhHYRa+
/anKp87vc1ucjd/HZ8MaL0g81wTjJcPNC+yRaArJ6SrYN1cJity9LBmezfBlifXo
hBXGEDS9s5n/L6sOcnfrnOxGH2BtLQrqkODexNKXLMSV
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:13 2025 by rpki-client on console.sobornost.net