Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/yCR309Dt0TwXyNVWmsfwNsNe7Os.roa
File: yCR309Dt0TwXyNVWmsfwNsNe7Os.roa (raw, json)
Hash identifier: IwvKObmf26TGzZOfLi3kzJh/z23tGzOx2kCPIPNBtoE=
Subject key identifier: C8:24:77:D3:D0:ED:D1:3C:17:C8:D5:56:9A:C7:F0:36:C3:5E:EC:EB
Certificate issuer: /CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Certificate serial: 0194221FFE468A751FAA081C045329A792C0
Authority key identifier: B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/yCR309Dt0TwXyNVWmsfwNsNe7Os.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50564
IP address blocks: 45.131.28.0/22 maxlen: 22
45.131.28.0/24 maxlen: 24
45.131.29.0/24 maxlen: 24
45.131.30.0/24 maxlen: 24
45.131.31.0/24 maxlen: 24
94.158.252.0/22 maxlen: 22
94.158.252.0/24 maxlen: 24
94.158.253.0/24 maxlen: 24
94.158.255.0/24 maxlen: 24
185.44.24.0/22 maxlen: 22
185.44.24.0/24 maxlen: 24
185.44.25.0/24 maxlen: 24
185.44.26.0/24 maxlen: 24
185.44.27.0/24 maxlen: 24
185.95.124.0/22 maxlen: 22
185.95.124.0/24 maxlen: 24
185.95.125.0/24 maxlen: 24
185.95.126.0/24 maxlen: 24
185.95.127.0/24 maxlen: 24
185.104.236.0/22 maxlen: 22
185.104.236.0/24 maxlen: 24
185.104.237.0/24 maxlen: 24
185.104.238.0/24 maxlen: 24
185.104.239.0/24 maxlen: 24
185.143.136.0/22 maxlen: 22
185.143.136.0/24 maxlen: 24
185.143.137.0/24 maxlen: 24
185.143.138.0/24 maxlen: 24
185.143.139.0/24 maxlen: 24
185.182.124.0/22 maxlen: 22
185.182.124.0/24 maxlen: 24
185.182.125.0/24 maxlen: 24
185.182.126.0/24 maxlen: 24
185.182.127.0/24 maxlen: 24
185.184.0.0/22 maxlen: 23
185.184.0.0/23 maxlen: 23
185.184.0.0/24 maxlen: 24
185.184.1.0/24 maxlen: 24
185.184.2.0/24 maxlen: 24
185.184.3.0/24 maxlen: 24
185.208.20.0/22 maxlen: 22
185.208.20.0/24 maxlen: 24
185.208.21.0/24 maxlen: 24
185.208.22.0/24 maxlen: 24
185.208.23.0/24 maxlen: 24
185.213.48.0/22 maxlen: 22
185.213.48.0/24 maxlen: 24
185.213.49.0/24 maxlen: 24
185.213.50.0/24 maxlen: 24
185.213.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fe:46:8a:75:1f:aa:08:1c:04:53:29:a7:92:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c82477d3d0edd13c17c8d5569ac7f036c35eeceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:21:98:3b:a4:c6:00:f5:36:14:69:d3:89:e4:
1b:e8:0d:59:8e:1e:55:de:1d:cb:d9:3a:6a:4f:a3:
7c:48:fa:b5:01:af:87:1a:60:43:be:77:f8:09:ff:
be:55:67:93:b3:a2:1a:46:6b:50:ce:42:18:97:c0:
ab:29:22:51:61:7c:cb:fd:9f:9f:02:41:24:ab:6e:
64:aa:f2:74:3d:66:a2:4d:30:1a:8f:8c:90:0e:18:
f1:46:45:01:4e:2a:80:a9:ec:f8:3e:2b:c2:75:43:
34:08:4f:b8:f6:61:08:88:af:b1:fd:a9:ac:61:9a:
36:17:d8:7f:ec:30:e9:aa:30:a7:0a:12:74:59:ed:
41:bf:8a:14:47:38:ef:89:51:ee:89:e5:31:73:74:
3e:0a:bc:2d:37:f0:7c:eb:73:e3:7e:47:67:2e:d1:
93:0e:68:24:29:35:92:7f:1c:1e:1f:03:65:66:1a:
5f:5e:17:e5:3e:f4:36:53:b7:08:31:25:29:f7:92:
a7:09:64:13:50:2d:bf:22:c0:c8:d6:d2:7b:1a:7b:
42:49:8f:82:0b:52:04:31:0c:b1:85:06:8b:19:27:
f7:07:02:51:1c:68:97:cb:01:b9:e8:32:1a:7d:6c:
41:86:bc:fd:95:85:ea:51:6b:37:dc:2d:c9:38:7b:
61:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:24:77:D3:D0:ED:D1:3C:17:C8:D5:56:9A:C7:F0:36:C3:5E:EC:EB
X509v3 Authority Key Identifier:
keyid:B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/yCR309Dt0TwXyNVWmsfwNsNe7Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/sgkwhUDE35ubt9Yyf6e11JAIBow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.28.0/22
94.158.252.0/22
185.44.24.0/22
185.95.124.0/22
185.104.236.0/22
185.143.136.0/22
185.182.124.0/22
185.184.0.0/22
185.208.20.0/22
185.213.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:74:ab:4e:20:c1:a9:16:45:1b:19:49:ad:34:a5:31:4c:36:
c6:28:00:fc:f4:f1:fe:b2:44:02:2a:8e:9b:ff:09:bd:43:a3:
29:1c:49:88:43:f0:8f:40:e4:c1:24:90:25:58:fe:b4:16:2a:
27:ec:10:dd:e5:ea:5a:74:0a:02:47:d9:13:da:c6:05:15:94:
99:aa:dc:44:6d:e1:a9:91:aa:6f:7b:49:1c:46:9e:43:f6:35:
49:f0:8a:e6:e9:4d:d7:f2:f0:29:d4:df:f6:19:5a:f7:18:cc:
74:fd:55:59:91:0b:d6:5f:ab:82:84:31:38:82:d0:94:54:bd:
27:87:0a:8a:3c:e4:39:31:7d:9b:c8:6b:22:b1:17:21:cb:6c:
92:46:62:6d:61:8f:06:f1:a3:c2:fa:fc:fb:3e:fb:6b:58:77:
af:9a:6b:86:ed:b0:ba:f8:ae:6c:44:62:6f:72:ae:57:05:da:
dd:4b:0a:98:98:e8:9f:ac:b3:1a:6a:e8:81:fc:d6:68:ab:54:
55:5c:0b:47:4b:9f:e7:a2:73:94:c9:22:be:78:ff:b3:56:49:
8b:00:23:df:2d:62:4e:8a:45:80:aa:39:f2:0c:5e:63:b5:bc:
dd:66:cf:93:44:26:76:48:e2:a4:2a:86:86:e8:1f:9b:d3:aa:
48:d6:ac:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQiH/5GinUfqggcBFMpp5LAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDkzMDg1NDBjNGRmOWI5YmI3ZDYzMjdmYTdiNWQ0OTAw
ODA2OGMwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI0NzdkM2QwZWRkMTNjMTdjOGQ1NTY5YWM3ZjAzNmMzNWVlY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyGYO6TGAPU2FGnTieQb6A1Zjh5V
3h3L2TpqT6N8SPq1Aa+HGmBDvnf4Cf++VWeTs6IaRmtQzkIYl8CrKSJRYXzL/Z+f
AkEkq25kqvJ0PWaiTTAaj4yQDhjxRkUBTiqAqez4PivCdUM0CE+49mEIiK+x/ams
YZo2F9h/7DDpqjCnChJ0We1Bv4oURzjviVHuieUxc3Q+CrwtN/B863PjfkdnLtGT
DmgkKTWSfxweHwNlZhpfXhflPvQ2U7cIMSUp95KnCWQTUC2/IsDI1tJ7GntCSY+C
C1IEMQyxhQaLGSf3BwJRHGiXywG56DIafWxBhrz9lYXqUWs33C3JOHthyQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMgkd9PQ7dE8F8jVVprH8DbDXuzrMB8GA1UdIwQY
MBaAFLIJMIVAxN+bm7fWMn+ntdSQCAaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAt
NjQ4MGMzZDFmNGU0LzEveUNSMzA5RHQwVHdYeU5WV21zZndOc05lN09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAtNjQ4MGMzZDFmNGU0
LzEvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYMcAwQC
Xp78AwQCuSwYAwQCuV98AwQCuWjsAwQCuY+IAwQCubZ8AwQCubgAAwQCudAUAwQC
udUwMA0GCSqGSIb3DQEBCwUAA4IBAQBcdKtOIMGpFkUbGUmtNKUxTDbGKAD89PH+
skQCKo6b/wm9Q6MpHEmIQ/CPQOTBJJAlWP60Fion7BDd5epadAoCR9kT2sYFFZSZ
qtxEbeGpkapve0kcRp5D9jVJ8Irm6U3X8vAp1N/2GVr3GMx0/VVZkQvWX6uChDE4
gtCUVL0nhwqKPOQ5MX2byGsisRchy2ySRmJtYY8G8aPC+vz7PvtrWHevmmuG7bC6
+K5sRGJvcq5XBdrdSwqYmOifrLMaauiB/NZoq1RVXAtHS5/nonOUySK+eP+zVkmL
ACPfLWJOikWAqjnyDF5jtbzdZs+TRCZ2SOKkKoaG6B+b06pI1qwS
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:27:18 2025 by rpki-client on console.sobornost.net