Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/foyzsBDobCryzwfqJmjfAXqhvZg.roa
File: foyzsBDobCryzwfqJmjfAXqhvZg.roa (raw, json)
Hash identifier: yMga4yJuOXFZSgflSenD/oMERNzDdgiHitUr/b2zpuE=
Subject key identifier: 7E:8C:B3:B0:10:E8:6C:2A:F2:CF:07:EA:26:68:DF:01:7A:A1:BD:98
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01961A3A08A6E99B770BAEC2A9832A85D6D4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/foyzsBDobCryzwfqJmjfAXqhvZg.roa
Signing time: Wed 09 Apr 2025 11:05:33 +0000
ROA not before: Wed 09 Apr 2025 11:05:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139057
IP address blocks: 151.242.210.0/24 maxlen: 24
151.242.211.0/24 maxlen: 24
151.242.212.0/24 maxlen: 24
151.242.213.0/24 maxlen: 24
151.242.214.0/24 maxlen: 24
151.242.215.0/24 maxlen: 24
151.242.216.0/24 maxlen: 24
151.242.217.0/24 maxlen: 24
151.242.218.0/24 maxlen: 24
151.242.219.0/24 maxlen: 24
151.242.220.0/24 maxlen: 24
151.242.221.0/24 maxlen: 24
151.242.222.0/24 maxlen: 24
151.242.223.0/24 maxlen: 24
151.242.228.0/24 maxlen: 24
151.242.229.0/24 maxlen: 24
151.242.230.0/24 maxlen: 24
151.242.231.0/24 maxlen: 24
151.242.232.0/24 maxlen: 24
151.242.233.0/24 maxlen: 24
151.242.234.0/24 maxlen: 24
151.242.235.0/24 maxlen: 24
151.242.240.0/24 maxlen: 24
151.242.241.0/24 maxlen: 24
151.242.243.0/24 maxlen: 24
151.242.244.0/24 maxlen: 24
151.242.245.0/24 maxlen: 24
151.242.246.0/24 maxlen: 24
151.242.247.0/24 maxlen: 24
151.242.248.0/24 maxlen: 24
151.242.249.0/24 maxlen: 24
151.242.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:3a:08:a6:e9:9b:77:0b:ae:c2:a9:83:2a:85:d6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 9 11:05:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e8cb3b010e86c2af2cf07ea2668df017aa1bd98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5b:5c:07:88:b7:da:65:9f:77:46:fa:f1:e2:
00:94:fb:4f:7e:b0:0e:0f:fd:c2:3f:c9:ce:31:3a:
84:26:a4:ec:4d:46:e4:e7:1f:30:13:25:f3:32:22:
45:b5:6f:fc:50:37:a2:4f:52:81:40:77:06:10:df:
c9:5a:ae:c4:10:19:26:e3:68:b2:3c:b4:7f:dd:c3:
c2:be:45:5f:b6:a4:46:14:51:8a:bd:40:a4:50:8d:
a9:88:7f:2c:b9:77:ab:1f:78:33:11:0c:f4:f3:80:
4c:1b:31:cf:a4:86:78:f4:e6:e6:a4:67:85:98:e1:
b1:96:c1:2b:23:a9:f3:32:43:b2:51:d4:f0:7a:3f:
55:dd:de:ba:e0:a6:92:39:7a:d8:76:b2:ff:6a:1a:
f5:1d:69:20:b1:88:b4:8f:c9:80:63:52:5c:80:74:
5b:45:3a:e9:e1:09:b3:cb:e2:9a:17:34:cc:e3:8d:
76:b6:a7:9e:0b:27:51:c3:a4:a1:a0:1c:91:9a:42:
33:0b:77:fd:7a:bf:7c:ef:c3:3a:70:06:74:ed:d9:
48:27:b7:7e:b0:97:90:f3:47:68:1d:b5:95:dd:32:
b3:a3:43:19:fb:95:c3:4d:cf:89:9c:b1:1e:a5:09:
aa:f9:d6:24:70:d4:4a:88:ca:60:c1:f6:66:fc:ea:
43:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8C:B3:B0:10:E8:6C:2A:F2:CF:07:EA:26:68:DF:01:7A:A1:BD:98
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/foyzsBDobCryzwfqJmjfAXqhvZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.210.0-151.242.223.255
151.242.228.0-151.242.235.255
151.242.240.0/23
151.242.243.0-151.242.250.255
Signature Algorithm: sha256WithRSAEncryption
a3:21:13:73:a1:49:3a:88:01:eb:c4:9a:ce:c7:83:4f:27:4d:
f9:c9:1c:bd:7f:91:f8:69:1d:20:e8:84:9d:96:9a:c6:75:72:
60:4d:52:c5:e8:e2:c4:5b:d0:59:6f:70:b7:c9:1a:4b:e9:c2:
3c:91:b7:4d:d0:3c:84:22:fe:24:29:2b:84:b4:dd:f5:51:0c:
67:77:d4:66:50:aa:a4:f7:71:ca:73:44:80:68:e2:02:97:f7:
8c:70:37:79:93:d0:41:75:e7:0a:69:99:4f:51:99:29:4a:e7:
bb:40:c0:4c:ca:fb:16:c6:d2:90:9f:ad:98:5d:71:2e:dc:29:
dc:69:4c:f4:74:63:45:f6:8d:7b:3a:68:6f:c3:3e:eb:98:ca:
8f:5c:ef:61:3d:f4:8f:9f:e7:6c:09:3e:9b:1f:2c:b0:2a:4d:
5c:6e:11:1c:40:45:0c:1d:a6:51:f5:03:87:42:42:0b:57:f1:
fa:54:89:6a:a1:6a:40:26:a9:01:88:27:01:15:d6:bb:c0:ab:
d6:6a:e7:89:56:f2:d1:e7:3e:4e:ef:31:46:e3:31:72:12:86:
55:ab:1b:c3:56:04:15:40:72:ed:ad:e1:4d:9f:d0:f7:e3:a7:
7a:f0:fb:1b:9a:7c:2f:29:71:76:c0:11:c6:58:f1:82:99:e9:
c7:28:49:3e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZYaOgim6Zt3C67CqYMqhdbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDA5MTEwNTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZThjYjNiMDEwZTg2YzJhZjJjZjA3ZWEyNjY4ZGYwMTdhYTFiZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VtcB4i32mWfd0b68eIAlPtPfrAO
D/3CP8nOMTqEJqTsTUbk5x8wEyXzMiJFtW/8UDeiT1KBQHcGEN/JWq7EEBkm42iy
PLR/3cPCvkVftqRGFFGKvUCkUI2piH8suXerH3gzEQz084BMGzHPpIZ49ObmpGeF
mOGxlsErI6nzMkOyUdTwej9V3d664KaSOXrYdrL/ahr1HWkgsYi0j8mAY1JcgHRb
RTrp4Qmzy+KaFzTM4412tqeeCydRw6ShoByRmkIzC3f9er9878M6cAZ07dlIJ7d+
sJeQ80doHbWV3TKzo0MZ+5XDTc+JnLEepQmq+dYkcNRKiMpgwfZm/OpDJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFH6Ms7AQ6Gwq8s8H6iZo3wF6ob2YMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZm95enNCRG9iQ3J5endmcUptamZBWHFodlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAGX8tID
BAWX8sAwDAMEApfy5AMEApfy6AMEAZfy8DAMAwQAl/LzAwQAl/L6MA0GCSqGSIb3
DQEBCwUAA4IBAQCjIRNzoUk6iAHrxJrOx4NPJ035yRy9f5H4aR0g6ISdlprGdXJg
TVLF6OLEW9BZb3C3yRpL6cI8kbdN0DyEIv4kKSuEtN31UQxnd9RmUKqk93HKc0SA
aOICl/eMcDd5k9BBdecKaZlPUZkpSue7QMBMyvsWxtKQn62YXXEu3CncaUz0dGNF
9o17Omhvwz7rmMqPXO9hPfSPn+dsCT6bHyywKk1cbhEcQEUMHaZR9QOHQkILV/H6
VIlqoWpAJqkBiCcBFda7wKvWaueJVvLR5z5O7zFG4zFyEoZVqxvDVgQVQHLtreFN
n9D346d68PsbmnwvKXF2wBHGWPGCmenHKEk+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net