Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/TofwY-R4zO7hCFwhNRcFqFccDIA.roa
File: TofwY-R4zO7hCFwhNRcFqFccDIA.roa (raw, json)
Hash identifier: CO89XYgmv4EUpm6JNaIOn/T7FUsKcLGJGFWRoloHQXo=
Subject key identifier: 4E:87:F0:63:E4:78:CC:EE:E1:08:5C:21:35:17:05:A8:57:1C:0C:80
Certificate issuer: /CN=d9ad18f4c36067220f4d833cbc78a10f94eb0888
Certificate serial: 019424B3A4202A664F55AF55E7281F4BBAF6
Authority key identifier: D9:AD:18:F4:C3:60:67:22:0F:4D:83:3C:BC:78:A1:0F:94:EB:08:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2a0Y9MNgZyIPTYM8vHihD5TrCIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/TofwY-R4zO7hCFwhNRcFqFccDIA.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59781
IP address blocks: 185.72.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a4:20:2a:66:4f:55:af:55:e7:28:1f:4b:ba:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ad18f4c36067220f4d833cbc78a10f94eb0888
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e87f063e478cceee1085c21351705a8571c0c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:3f:dd:81:04:5c:11:23:ae:34:3c:f6:3c:
a9:b0:b2:3e:b9:60:99:1f:18:ee:e8:3d:30:64:a6:
c0:42:92:f1:6e:fd:8c:35:6b:71:58:af:52:65:94:
d0:00:23:53:ab:d3:40:15:e0:32:83:73:d5:b3:16:
1a:2b:e5:03:14:e4:58:42:a5:51:54:9b:39:87:74:
f2:76:bd:41:35:39:8f:ee:cd:f2:6a:27:59:65:1e:
ba:82:3a:93:a0:0a:44:6d:7a:7b:4e:2f:09:67:74:
9b:a3:3e:79:9d:ca:9d:fd:da:e4:0c:2f:f9:6c:17:
08:ff:e7:8a:8a:46:a3:43:1a:8e:d7:d1:25:f5:1b:
05:5e:7f:c0:f3:79:3c:90:29:20:f2:07:2d:38:b3:
ee:f4:8c:93:da:61:63:d4:f7:cc:4e:cf:5e:19:26:
30:a2:9c:48:83:ce:14:e5:fb:aa:a2:f8:3d:f4:57:
b2:bc:bf:f8:26:8f:ba:42:2a:32:06:87:d4:83:3b:
3d:df:de:76:6e:3e:6d:5b:ce:19:03:ec:9a:22:40:
65:91:80:34:47:cc:9e:f1:8d:f6:e8:29:24:57:1a:
06:6d:df:1a:37:a5:29:e8:a2:a7:1b:7b:0e:84:f3:
65:74:09:49:5f:7d:0d:52:bc:8b:2f:32:76:cc:7e:
be:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:87:F0:63:E4:78:CC:EE:E1:08:5C:21:35:17:05:A8:57:1C:0C:80
X509v3 Authority Key Identifier:
keyid:D9:AD:18:F4:C3:60:67:22:0F:4D:83:3C:BC:78:A1:0F:94:EB:08:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a0Y9MNgZyIPTYM8vHihD5TrCIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/TofwY-R4zO7hCFwhNRcFqFccDIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d351bf-71ce-4857-9e50-c2647385e727/1/2a0Y9MNgZyIPTYM8vHihD5TrCIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.48.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:c6:ce:7b:a7:e0:ce:10:e5:56:5e:4e:40:83:81:8e:ce:c5:
6e:f6:1b:d6:1b:0d:f1:d9:98:cf:a2:4a:c3:9a:eb:a2:ac:8c:
25:0b:1f:9f:b1:96:eb:50:22:bc:5e:c0:46:f8:be:ca:c0:78:
98:5a:88:28:c4:64:d8:ff:ef:6d:5d:17:aa:16:e6:48:32:ce:
15:7d:c5:a6:b0:10:f5:bc:6f:85:b3:8d:37:fd:81:38:f7:32:
cc:08:fa:f8:ca:18:f7:17:92:7b:e2:df:c4:de:c7:12:96:3f:
e0:4a:d0:91:18:86:06:23:67:c7:92:47:18:91:8c:d5:7f:11:
26:38:29:05:f8:ab:6e:3f:95:e8:ec:88:b4:c5:ac:be:19:1c:
f1:04:6e:bf:13:86:8c:30:a8:3a:97:14:dc:3e:f5:75:55:7f:
db:ca:e0:d2:72:09:0e:b2:39:9a:c0:f6:34:f8:89:21:5c:92:
5c:2d:b7:80:80:a4:fc:7e:cc:c6:e8:51:86:d6:6a:4e:96:d6:
62:e5:53:4b:ec:90:c6:b6:1e:5b:bc:a7:56:b9:ad:c4:b6:99:
14:ff:67:92:be:1d:61:69:50:59:e9:c1:96:de:2c:c4:e2:36:
af:ab:9f:f9:1b:cf:08:25:6a:6a:ec:0e:dd:5d:e3:9d:b5:22:
3a:e3:c4:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks6QgKmZPVa9V5ygfS7r2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWQxOGY0YzM2MDY3MjIwZjRkODMzY2JjNzhhMTBmOTRl
YjA4ODgwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTg3ZjA2M2U0NzhjY2VlZTEwODVjMjEzNTE3MDVhODU3MWMwYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS8/3YEEXBEjrjQ89jypsLI+uWCZ
Hxju6D0wZKbAQpLxbv2MNWtxWK9SZZTQACNTq9NAFeAyg3PVsxYaK+UDFORYQqVR
VJs5h3Tydr1BNTmP7s3yaidZZR66gjqToApEbXp7Ti8JZ3Sboz55ncqd/drkDC/5
bBcI/+eKikajQxqO19El9RsFXn/A83k8kCkg8gctOLPu9IyT2mFj1PfMTs9eGSYw
opxIg84U5fuqovg99FeyvL/4Jo+6QioyBofUgzs93952bj5tW84ZA+yaIkBlkYA0
R8ye8Y326CkkVxoGbd8aN6Up6KKnG3sOhPNldAlJX30NUryLLzJ2zH6+0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6H8GPkeMzu4QhcITUXBahXHAyAMB8GA1UdIwQY
MBaAFNmtGPTDYGciD02DPLx4oQ+U6wiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmEwWTlNTmdaeUlQVFlNOHZIaWhENVRyQ0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMzUxYmYtNzFjZS00ODU3LTllNTAt
YzI2NDczODVlNzI3LzEvVG9md1ktUjR6TzdoQ0Z3aE5SY0ZxRmNjRElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMzUxYmYtNzFjZS00ODU3LTllNTAtYzI2NDczODVlNzI3
LzEvMmEwWTlNTmdaeUlQVFlNOHZIaWhENVRyQ0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUgwMA0G
CSqGSIb3DQEBCwUAA4IBAQDHxs57p+DOEOVWXk5Ag4GOzsVu9hvWGw3x2ZjPokrD
muuirIwlCx+fsZbrUCK8XsBG+L7KwHiYWogoxGTY/+9tXReqFuZIMs4VfcWmsBD1
vG+Fs403/YE49zLMCPr4yhj3F5J74t/E3scSlj/gStCRGIYGI2fHkkcYkYzVfxEm
OCkF+KtuP5Xo7Ii0xay+GRzxBG6/E4aMMKg6lxTcPvV1VX/byuDScgkOsjmawPY0
+IkhXJJcLbeAgKT8fszG6FGG1mpOltZi5VNL7JDGth5bvKdWua3EtpkU/2eSvh1h
aVBZ6cGW3izE4javq5/5G88IJWpq7A7dXeOdtSI648Q1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:14 2025 by rpki-client on console.sobornost.net