Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/GyhAtf15yZqMprvOSAG-mSzNZTU.roa
File: GyhAtf15yZqMprvOSAG-mSzNZTU.roa (raw, json)
Hash identifier: jfVjDUAXNOWRUx2duW7NqVNPhOHvwJFkEOJDlRjLf1c=
Subject key identifier: 1B:28:40:B5:FD:79:C9:9A:8C:A6:BB:CE:48:01:BE:99:2C:CD:65:35
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0194228D7B17693C759E5FBD4755445D724E
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/GyhAtf15yZqMprvOSAG-mSzNZTU.roa
Signing time: Wed 01 Jan 2025 15:48:04 +0000
ROA not before: Wed 01 Jan 2025 15:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202421
IP address blocks: 185.85.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7b:17:69:3c:75:9e:5f:bd:47:55:44:5d:72:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Jan 1 15:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b2840b5fd79c99a8ca6bbce4801be992ccd6535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b1:68:bd:1c:57:bf:59:5e:ff:ee:b0:25:b5:
9e:42:18:73:a5:c5:2a:e0:5c:83:b8:9c:fd:c8:ce:
6d:ef:eb:44:f2:c1:b0:1f:e1:bf:69:05:e1:2b:a3:
c9:ca:99:94:cd:52:a5:19:57:96:42:54:49:05:5e:
42:8d:e8:f0:af:ae:45:30:e8:84:3e:15:e6:bb:31:
36:28:91:a8:11:45:5d:d3:60:25:32:f4:84:f4:10:
43:f1:96:95:35:9e:f3:9b:bc:f5:2f:46:ca:28:1c:
91:24:a8:15:6e:d1:54:81:44:55:52:d1:74:47:13:
fb:51:49:e7:34:84:76:ca:f8:d5:e3:dc:fe:52:71:
f7:93:2a:8c:88:8a:76:88:7b:2d:c9:09:5f:89:9f:
ab:74:02:11:90:ad:04:b3:2c:30:31:73:90:ab:ec:
af:df:0b:f0:3f:91:d5:1f:1e:80:eb:99:3b:67:df:
04:e9:86:13:ce:ec:b8:21:82:14:34:e7:f0:8d:28:
73:e0:85:50:6e:f3:76:37:73:07:65:bb:3c:76:09:
57:c1:56:09:4b:59:48:e9:cd:51:45:64:f8:fd:11:
35:af:d0:a3:16:68:80:6a:d5:1b:1e:57:41:8d:7f:
01:4f:92:19:ce:8b:15:30:49:33:9e:35:23:2e:a8:
48:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:28:40:B5:FD:79:C9:9A:8C:A6:BB:CE:48:01:BE:99:2C:CD:65:35
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/GyhAtf15yZqMprvOSAG-mSzNZTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:3c:ff:4d:fb:50:0f:9e:f1:04:39:db:8e:2b:25:06:f9:d3:
93:19:f8:a4:34:49:f1:3f:a0:00:c0:39:c5:98:77:8c:9f:2d:
e6:14:d8:0b:f7:65:3e:4d:45:ae:33:8c:93:13:0f:d8:93:20:
ab:f7:dc:13:14:a9:52:d1:ec:40:e6:eb:e8:be:ec:bc:91:00:
0a:8b:9e:14:3a:42:5d:a3:3e:61:19:fa:fe:5b:cf:4a:4d:cb:
bb:48:57:bb:df:ed:b8:89:42:1b:73:4a:d0:36:88:d7:0a:12:
b3:5d:1e:20:e4:9d:6a:a1:77:7d:d3:76:a7:44:28:0b:37:b3:
71:3c:bb:95:63:58:9a:f3:be:c1:e0:5a:18:95:ff:07:67:3f:
d0:91:66:36:6b:7c:1f:43:0e:da:09:9a:4b:b7:2d:32:8a:43:
da:a0:49:33:62:e4:e0:89:bc:df:90:7b:b1:b5:8c:3a:49:e8:
da:10:92:1f:c4:24:6e:7f:65:60:fe:75:ba:05:97:46:5f:18:
f8:0d:10:7c:67:f4:75:84:3e:3e:ac:af:2b:2b:ae:4b:f4:dd:
51:1b:58:4d:28:39:a9:5d:46:4a:78:fc:04:de:fe:b4:1e:5d:
dc:79:7f:90:27:cf:2f:88:a1:0f:42:93:55:fb:65:1c:f6:34:
98:19:64:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijXsXaTx1nl+9R1VEXXJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjUwMTAxMTU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjI4NDBiNWZkNzljOTlhOGNhNmJiY2U0ODAxYmU5OTJjY2Q2NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LFovRxXv1le/+6wJbWeQhhzpcUq
4FyDuJz9yM5t7+tE8sGwH+G/aQXhK6PJypmUzVKlGVeWQlRJBV5Cjejwr65FMOiE
PhXmuzE2KJGoEUVd02AlMvSE9BBD8ZaVNZ7zm7z1L0bKKByRJKgVbtFUgURVUtF0
RxP7UUnnNIR2yvjV49z+UnH3kyqMiIp2iHstyQlfiZ+rdAIRkK0EsywwMXOQq+yv
3wvwP5HVHx6A65k7Z98E6YYTzuy4IYIUNOfwjShz4IVQbvN2N3MHZbs8dglXwVYJ
S1lI6c1RRWT4/RE1r9CjFmiAatUbHldBjX8BT5IZzosVMEkznjUjLqhItwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBsoQLX9ecmajKa7zkgBvpkszWU1MB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvR3loQXRmMTV5WnFNcHJ2T1NBRy1tU3pOWlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVX+MA0G
CSqGSIb3DQEBCwUAA4IBAQCKPP9N+1APnvEEOduOKyUG+dOTGfikNEnxP6AAwDnF
mHeMny3mFNgL92U+TUWuM4yTEw/YkyCr99wTFKlS0exA5uvovuy8kQAKi54UOkJd
oz5hGfr+W89KTcu7SFe73+24iUIbc0rQNojXChKzXR4g5J1qoXd903anRCgLN7Nx
PLuVY1ia877B4FoYlf8HZz/QkWY2a3wfQw7aCZpLty0yikPaoEkzYuTgibzfkHux
tYw6SejaEJIfxCRuf2Vg/nW6BZdGXxj4DRB8Z/R1hD4+rK8rK65L9N1RG1hNKDmp
XUZKePwE3v60Hl3ceX+QJ88viKEPQpNV+2Uc9jSYGWTa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:29 2025 by rpki-client on console.sobornost.net