Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/b05e08-0762-4dc7-a4b0-5805d3f3dbb2/1/cy2HmfHiWKhw02gOVemX6Q-EyWI.roa
File: cy2HmfHiWKhw02gOVemX6Q-EyWI.roa (raw, json)
Hash identifier: pBMd9/Wwh5+LF0AKR7vEH1nnu5nJ/I7HblShTTNl9LE=
Subject key identifier: 73:2D:87:99:F1:E2:58:A8:70:D3:68:0E:55:E9:97:E9:0F:84:C9:62
Certificate issuer: /CN=153f24183d6c95185919349e6e92533736437b94
Certificate serial: 0194852B2BA4143389D0C39BA75888556C69
Authority key identifier: 15:3F:24:18:3D:6C:95:18:59:19:34:9E:6E:92:53:37:36:43:7B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FT8kGD1slRhZGTSebpJTNzZDe5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/b05e08-0762-4dc7-a4b0-5805d3f3dbb2/1/cy2HmfHiWKhw02gOVemX6Q-EyWI.roa
Signing time: Mon 20 Jan 2025 19:23:06 +0000
ROA not before: Mon 20 Jan 2025 19:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216146
IP address blocks: 194.187.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:85:2b:2b:a4:14:33:89:d0:c3:9b:a7:58:88:55:6c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=153f24183d6c95185919349e6e92533736437b94
Validity
Not Before: Jan 20 19:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=732d8799f1e258a870d3680e55e997e90f84c962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:98:53:b1:ec:4f:6b:7a:91:52:aa:e9:55:
65:c3:02:a5:9c:ec:06:7d:0b:6b:d0:56:a7:ed:d9:
c3:c6:70:0a:48:9a:ea:a5:d9:04:01:94:92:ea:db:
4f:5f:e1:84:2b:1b:fe:de:95:22:58:a8:97:b7:1e:
4a:7e:98:24:23:f5:94:d0:29:52:5d:7f:3b:4c:56:
bf:a4:b7:ae:ea:38:5e:5c:9c:98:b4:74:50:8a:d0:
1b:ec:d6:6a:13:c8:0b:c5:f4:23:a5:b6:6e:04:bc:
e0:b0:7d:41:a6:d6:27:06:69:2c:fd:cf:4f:bc:16:
39:f1:0f:7a:cc:20:30:23:12:26:e8:57:33:e6:97:
b7:15:c4:10:df:30:b3:85:45:13:ca:3a:47:bb:26:
bb:19:01:fd:62:85:71:40:c0:7a:8c:73:5d:b9:68:
f2:24:63:8c:9f:65:08:20:49:c1:7f:3a:fb:f9:8e:
97:3e:93:cb:ca:88:25:c4:c5:46:52:f4:5f:e5:27:
7a:49:13:a4:b8:df:5c:fd:83:94:67:1b:00:df:4a:
5d:93:59:a9:f0:d1:85:b5:36:88:ca:d6:5a:74:7e:
1b:f2:84:7b:da:7a:f4:aa:e6:89:2a:9f:2e:34:5e:
b2:66:f4:16:0f:49:cb:1a:37:c3:46:6e:52:26:aa:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:2D:87:99:F1:E2:58:A8:70:D3:68:0E:55:E9:97:E9:0F:84:C9:62
X509v3 Authority Key Identifier:
keyid:15:3F:24:18:3D:6C:95:18:59:19:34:9E:6E:92:53:37:36:43:7B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FT8kGD1slRhZGTSebpJTNzZDe5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b05e08-0762-4dc7-a4b0-5805d3f3dbb2/1/cy2HmfHiWKhw02gOVemX6Q-EyWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b05e08-0762-4dc7-a4b0-5805d3f3dbb2/1/FT8kGD1slRhZGTSebpJTNzZDe5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.253.0/24
Signature Algorithm: sha256WithRSAEncryption
64:6a:dc:2b:6d:fc:2c:65:33:dc:43:8f:b9:56:e3:80:e5:1f:
44:ce:3a:66:a6:86:6e:1d:21:25:69:1a:4c:da:16:46:c4:72:
33:c0:72:f8:e5:18:0e:04:87:96:32:24:65:cc:a0:b5:fe:4c:
7c:4c:bc:f1:67:0d:f1:c7:66:e3:c8:04:fc:a0:94:47:d6:21:
18:de:4d:c7:a2:6f:ec:7b:4b:eb:5d:26:db:61:45:70:66:f0:
67:5a:f1:d4:bf:8a:cc:85:64:0e:a8:d1:97:13:8f:73:d0:da:
ae:17:81:66:d7:58:b0:7d:04:fd:22:b8:38:08:77:69:84:9d:
4b:ff:00:00:6e:b8:a6:c1:c0:27:9c:fd:8b:9f:29:50:99:c5:
b0:15:69:3e:ae:3f:0e:87:34:30:7a:b2:95:a4:c2:6a:1b:e4:
14:26:ff:73:27:c9:05:dd:d8:10:eb:7e:b3:16:49:40:8c:14:
64:1e:c0:9d:18:ef:19:57:25:09:e4:d5:2f:14:7c:f2:4e:6a:
90:cd:1e:e7:63:97:31:c2:80:4e:77:e7:68:94:50:59:21:9a:
13:c5:d3:bf:e5:02:01:08:52:87:79:2e:e6:f8:9a:56:a0:d2:
0d:7d:2d:c5:9b:77:c4:a4:14:3d:fa:fb:19:e2:90:78:0d:34:
c6:82:89:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSFKyukFDOJ0MObp1iIVWxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2YyNDE4M2Q2Yzk1MTg1OTE5MzQ5ZTZlOTI1MzM3MzY0
MzdiOTQwHhcNMjUwMTIwMTkyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzJkODc5OWYxZTI1OGE4NzBkMzY4MGU1NWU5OTdlOTBmODRjOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty+YU7HsT2t6kVKq6VVlwwKlnOwG
fQtr0Fan7dnDxnAKSJrqpdkEAZSS6ttPX+GEKxv+3pUiWKiXtx5KfpgkI/WU0ClS
XX87TFa/pLeu6jheXJyYtHRQitAb7NZqE8gLxfQjpbZuBLzgsH1BptYnBmks/c9P
vBY58Q96zCAwIxIm6Fcz5pe3FcQQ3zCzhUUTyjpHuya7GQH9YoVxQMB6jHNduWjy
JGOMn2UIIEnBfzr7+Y6XPpPLyoglxMVGUvRf5Sd6SROkuN9c/YOUZxsA30pdk1mp
8NGFtTaIytZadH4b8oR72nr0quaJKp8uNF6yZvQWD0nLGjfDRm5SJqqWdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMth5nx4liocNNoDlXpl+kPhMliMB8GA1UdIwQY
MBaAFBU/JBg9bJUYWRk0nm6SUzc2Q3uUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlQ4a0dEMXNsUmhaR1RTZWJwSlROelpEZTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9iMDVlMDgtMDc2Mi00ZGM3LWE0YjAt
NTgwNWQzZjNkYmIyLzEvY3kySG1mSGlXS2h3MDJnT1ZlbVg2US1FeVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9iMDVlMDgtMDc2Mi00ZGM3LWE0YjAtNTgwNWQzZjNkYmIy
LzEvRlQ4a0dEMXNsUmhaR1RTZWJwSlROelpEZTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrv9MA0G
CSqGSIb3DQEBCwUAA4IBAQBkatwrbfwsZTPcQ4+5VuOA5R9EzjpmpoZuHSElaRpM
2hZGxHIzwHL45RgOBIeWMiRlzKC1/kx8TLzxZw3xx2bjyAT8oJRH1iEY3k3Hom/s
e0vrXSbbYUVwZvBnWvHUv4rMhWQOqNGXE49z0NquF4Fm11iwfQT9Irg4CHdphJ1L
/wAAbrimwcAnnP2LnylQmcWwFWk+rj8OhzQwerKVpMJqG+QUJv9zJ8kF3dgQ636z
FklAjBRkHsCdGO8ZVyUJ5NUvFHzyTmqQzR7nY5cxwoBOd+dolFBZIZoTxdO/5QIB
CFKHeS7m+JpWoNINfS3Fm3fEpBQ9+vsZ4pB4DTTGgomb
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:15:55 2025 by rpki-client on console.sobornost.net