Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/yE0AwLBzhrC3USxmIPbSNA6JiN0.roa
File: yE0AwLBzhrC3USxmIPbSNA6JiN0.roa (raw, json)
Hash identifier: iP655Z0vSJV+iwH+Vd2nT6rPYgBPSGVwVe0RcmkGPWU=
Subject key identifier: C8:4D:00:C0:B0:73:86:B0:B7:51:2C:66:20:F6:D2:34:0E:89:88:DD
Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Certificate serial: 019427464B18AC62956BEC6A0F3195CD418F
Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/yE0AwLBzhrC3USxmIPbSNA6JiN0.roa
Signing time: Thu 02 Jan 2025 13:48:25 +0000
ROA not before: Thu 02 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206801
IP address blocks: 5.180.168.0/22 maxlen: 22
5.180.168.0/23 maxlen: 23
5.180.168.0/24 maxlen: 24
5.180.169.0/24 maxlen: 24
5.180.170.0/23 maxlen: 23
5.180.170.0/24 maxlen: 24
5.180.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:4b:18:ac:62:95:6b:ec:6a:0f:31:95:cd:41:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290
Validity
Not Before: Jan 2 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c84d00c0b07386b0b7512c6620f6d2340e8988dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:52:06:d7:93:4d:9e:95:5d:5e:30:14:e4:14:
76:33:98:2a:a7:9c:d7:27:c2:62:82:b1:03:19:da:
5f:80:16:12:fd:b1:e5:9e:4a:a1:db:79:8c:96:a6:
05:82:1b:1c:b7:25:5d:ea:1e:df:fc:ba:41:d0:5b:
4a:3b:de:09:69:78:5a:d9:90:49:94:7e:a7:fb:44:
9b:af:04:e1:ba:18:ad:a8:c6:99:e7:ab:ae:f6:8c:
00:95:dc:80:fb:4f:3c:77:24:bc:1b:d2:7b:38:d1:
28:a0:b0:fa:42:8a:64:9b:95:f9:b7:67:76:6a:5d:
0f:77:dd:56:00:4e:46:e9:2f:19:a3:93:8e:51:ea:
47:5d:68:9f:b2:bd:a2:d7:97:7d:ba:f3:0f:aa:06:
67:83:01:a0:1b:8f:e9:5e:90:da:12:17:ff:c7:5f:
a6:11:01:75:f6:f9:92:58:20:23:81:6f:e0:88:68:
40:55:b7:9c:c8:ef:a4:2f:e0:ff:00:7f:6e:b2:06:
fa:32:4d:b0:6e:53:59:0c:66:28:c0:6f:2f:82:48:
a5:95:dd:08:fb:3c:ac:2a:f7:28:c4:f3:11:29:f8:
80:f0:fb:21:70:2a:e4:cc:ef:f0:04:17:ca:1a:a5:
56:d1:c1:8e:39:08:4d:bc:29:95:ee:9a:79:15:95:
80:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4D:00:C0:B0:73:86:B0:B7:51:2C:66:20:F6:D2:34:0E:89:88:DD
X509v3 Authority Key Identifier:
keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/yE0AwLBzhrC3USxmIPbSNA6JiN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.168.0/22
Signature Algorithm: sha256WithRSAEncryption
90:0e:fb:27:00:6a:e5:eb:69:32:32:92:4a:d4:8f:bd:50:6e:
54:d2:96:71:a6:40:43:6b:0d:aa:49:0f:95:0a:6f:83:0d:de:
6f:b2:32:71:23:aa:c1:6a:c9:ba:57:b2:a6:96:96:2c:1b:09:
a6:c7:07:54:4f:3a:e6:1a:48:a3:e6:03:04:ef:9b:96:53:2a:
69:46:d7:c9:41:7e:98:15:a7:26:07:90:52:6a:2d:ca:97:9f:
37:c9:35:0a:cd:4d:0f:29:c9:8e:cc:e9:ae:d8:94:5a:ee:9b:
89:6a:2f:81:59:73:6c:11:8b:1a:42:66:0d:a2:a6:06:3f:75:
bf:e4:7f:22:6e:2e:34:a2:2c:7b:7d:c1:29:c1:f1:0a:ec:89:
c9:65:cd:18:82:d6:4b:7b:98:94:8c:6a:df:81:22:17:ee:e5:
f0:54:8c:2b:fb:7f:58:10:43:70:c8:92:95:7d:cb:54:07:cb:
07:99:57:05:25:82:49:20:2b:36:71:d8:7d:9a:e1:66:92:58:
8d:22:31:52:19:91:c6:3f:89:1f:30:87:73:54:8b:9e:1c:b2:
05:66:0a:a0:f9:4e:e9:a2:a6:e0:52:14:b2:cb:f1:a0:e0:0b:
d4:00:93:c7:fe:8b:31:2a:ca:db:b0:1f:c6:c1:96:42:11:ac:
d9:5b:3e:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRksYrGKVa+xqDzGVzUGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi
ZmUyOTAwHhcNMjUwMTAyMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRkMDBjMGIwNzM4NmIwYjc1MTJjNjYyMGY2ZDIzNDBlODk4OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VIG15NNnpVdXjAU5BR2M5gqp5zX
J8JigrEDGdpfgBYS/bHlnkqh23mMlqYFghsctyVd6h7f/LpB0FtKO94JaXha2ZBJ
lH6n+0SbrwThuhitqMaZ56uu9owAldyA+088dyS8G9J7ONEooLD6Qopkm5X5t2d2
al0Pd91WAE5G6S8Zo5OOUepHXWifsr2i15d9uvMPqgZngwGgG4/pXpDaEhf/x1+m
EQF19vmSWCAjgW/giGhAVbecyO+kL+D/AH9usgb6Mk2wblNZDGYowG8vgkilld0I
+zysKvcoxPMRKfiA8PshcCrkzO/wBBfKGqVW0cGOOQhNvCmV7pp5FZWA5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhNAMCwc4awt1EsZiD20jQOiYjdMB8GA1UdIwQY
MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt
NzdmODRjNTYyYTVmLzEveUUwQXdMQnpockMzVVN4bUlQYlNOQTZKaU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm
LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbSoMA0G
CSqGSIb3DQEBCwUAA4IBAQCQDvsnAGrl62kyMpJK1I+9UG5U0pZxpkBDaw2qSQ+V
Cm+DDd5vsjJxI6rBasm6V7KmlpYsGwmmxwdUTzrmGkij5gME75uWUyppRtfJQX6Y
FacmB5BSai3Kl583yTUKzU0PKcmOzOmu2JRa7puJai+BWXNsEYsaQmYNoqYGP3W/
5H8ibi40oix7fcEpwfEK7InJZc0YgtZLe5iUjGrfgSIX7uXwVIwr+39YEENwyJKV
fctUB8sHmVcFJYJJICs2cdh9muFmkliNIjFSGZHGP4kfMIdzVIueHLIFZgqg+U7p
oqbgUhSyy/Gg4AvUAJPH/osxKsrbsB/GwZZCEazZWz6Z
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net