Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6871a0-afb2-45ab-adde-62be1f02ab0c/1/CyralhGuX94DIISxgcLaFGkuwEE.roa
File: CyralhGuX94DIISxgcLaFGkuwEE.roa (raw, json)
Hash identifier: jbaQiBUIOwYyUUxeUd5k0D2sxSHilcS8Ozj2S6lNjj0=
Subject key identifier: 0B:2A:DA:96:11:AE:5F:DE:03:20:84:B1:81:C2:DA:14:69:2E:C0:41
Certificate issuer: /CN=ff3ef7bb6a46baf4db1baeb7df24a40c1d4c154f
Certificate serial: 019421441FBF0D73E1E2E7B4D3C6F778157A
Authority key identifier: FF:3E:F7:BB:6A:46:BA:F4:DB:1B:AE:B7:DF:24:A4:0C:1D:4C:15:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_z73u2pGuvTbG6633ySkDB1MFU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6871a0-afb2-45ab-adde-62be1f02ab0c/1/CyralhGuX94DIISxgcLaFGkuwEE.roa
Signing time: Wed 01 Jan 2025 09:48:20 +0000
ROA not before: Wed 01 Jan 2025 09:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2631
IP address blocks: 185.150.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1f:bf:0d:73:e1:e2:e7:b4:d3:c6:f7:78:15:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff3ef7bb6a46baf4db1baeb7df24a40c1d4c154f
Validity
Not Before: Jan 1 09:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b2ada9611ae5fde032084b181c2da14692ec041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:e3:98:00:b3:82:c3:b8:eb:d7:57:38:45:
db:0f:a6:55:1e:ca:0c:1e:60:4d:68:5e:95:d9:14:
2a:12:0d:2b:cf:32:4b:e0:73:95:1d:e0:76:8a:cc:
25:83:41:30:b3:40:94:d0:29:7c:d8:78:dd:e0:66:
3d:dc:45:31:b2:4a:63:ad:8f:be:2d:ed:34:c1:7f:
71:3a:67:3c:9e:47:d4:73:82:25:ff:3f:d6:5d:1b:
9b:ac:74:d8:31:30:f2:08:fb:e0:3c:06:64:6d:b7:
0c:99:38:59:6c:6c:72:02:10:a7:98:8a:9c:18:5a:
c2:0d:c5:ce:fe:5f:54:1f:dd:0f:03:e0:06:11:47:
55:fa:bc:76:db:84:aa:14:66:5e:60:2f:16:65:3b:
61:a3:3a:d7:0b:96:a6:71:60:7a:ab:ab:11:d9:97:
9e:f9:67:e2:ad:7f:e3:d1:10:2e:df:37:f8:0c:40:
ba:2a:26:94:e2:18:fe:47:6e:af:75:04:a3:1d:c7:
67:c5:4d:01:3f:81:a3:c3:f1:4e:0d:78:11:c8:92:
c7:6e:24:50:85:7b:bc:c1:f4:ac:00:ae:62:09:18:
0e:12:0f:d2:44:4f:9b:6f:2b:30:26:13:8f:f4:36:
82:2a:24:95:4a:ea:9d:74:62:f1:c5:af:1b:be:e5:
c0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2A:DA:96:11:AE:5F:DE:03:20:84:B1:81:C2:DA:14:69:2E:C0:41
X509v3 Authority Key Identifier:
keyid:FF:3E:F7:BB:6A:46:BA:F4:DB:1B:AE:B7:DF:24:A4:0C:1D:4C:15:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_z73u2pGuvTbG6633ySkDB1MFU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6871a0-afb2-45ab-adde-62be1f02ab0c/1/CyralhGuX94DIISxgcLaFGkuwEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6871a0-afb2-45ab-adde-62be1f02ab0c/1/_z73u2pGuvTbG6633ySkDB1MFU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.20.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:a4:28:90:6b:dd:86:a6:56:f9:e0:db:2b:87:e8:a1:29:1d:
d0:b3:c6:00:a9:97:6d:6a:5b:38:25:6a:81:b4:1c:b6:7d:ed:
ad:45:d5:c6:4e:4d:3d:c8:3a:43:35:72:60:f3:a6:54:31:89:
01:b6:d5:b4:0f:49:68:1a:7d:4a:af:c1:53:16:89:27:69:28:
24:46:84:25:75:94:fe:90:b8:59:ee:5f:6e:16:1b:0e:62:bb:
1b:6f:43:b1:e4:6a:83:41:07:95:7d:60:ab:19:ca:fd:58:5e:
73:ca:be:dc:2c:b5:bc:d3:07:05:b7:74:73:bc:53:7c:13:f2:
d2:30:9a:a4:8e:47:ab:ff:de:b8:5e:51:ca:ee:72:f2:77:b6:
8f:4e:23:e2:27:93:e3:90:f3:fd:b5:15:3d:6c:64:6b:e5:85:
73:1e:c7:28:4c:7b:ca:f8:b9:ba:99:37:10:b1:92:db:8f:44:
e5:f8:53:fa:ec:29:0c:5d:0d:e9:69:b8:af:35:ca:19:6b:eb:
38:de:c3:41:32:c1:61:b7:eb:bc:06:3e:79:31:70:e5:e1:44:
6f:66:e5:63:f8:f8:62:b2:a6:aa:13:19:00:9f:fb:3f:b4:70:
1a:95:fb:a8:a9:34:2e:94:2f:92:48:e4:e4:b0:9b:56:a0:c1:
db:e8:3f:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRB+/DXPh4ue008b3eBV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmM2VmN2JiNmE0NmJhZjRkYjFiYWViN2RmMjRhNDBjMWQ0
YzE1NGYwHhcNMjUwMTAxMDk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjJhZGE5NjExYWU1ZmRlMDMyMDg0YjE4MWMyZGExNDY5MmVjMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTHjmACzgsO469dXOEXbD6ZVHsoM
HmBNaF6V2RQqEg0rzzJL4HOVHeB2iswlg0Ews0CU0Cl82Hjd4GY93EUxskpjrY++
Le00wX9xOmc8nkfUc4Il/z/WXRubrHTYMTDyCPvgPAZkbbcMmThZbGxyAhCnmIqc
GFrCDcXO/l9UH90PA+AGEUdV+rx224SqFGZeYC8WZTthozrXC5amcWB6q6sR2Zee
+WfirX/j0RAu3zf4DEC6KiaU4hj+R26vdQSjHcdnxU0BP4Gjw/FODXgRyJLHbiRQ
hXu8wfSsAK5iCRgOEg/SRE+bbyswJhOP9DaCKiSVSuqddGLxxa8bvuXArQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsq2pYRrl/eAyCEsYHC2hRpLsBBMB8GA1UdIwQY
MBaAFP8+97tqRrr02xuut98kpAwdTBVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3o3M3UycEd1dlRiRzY2MzN5U2tEQjFNRlU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82ODcxYTAtYWZiMi00NWFiLWFkZGUt
NjJiZTFmMDJhYjBjLzEvQ3lyYWxoR3VYOTRESUlTeGdjTGFGR2t1d0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82ODcxYTAtYWZiMi00NWFiLWFkZGUtNjJiZTFmMDJhYjBj
LzEvX3o3M3UycEd1dlRiRzY2MzN5U2tEQjFNRlU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZYUMA0G
CSqGSIb3DQEBCwUAA4IBAQC0pCiQa92Gplb54Nsrh+ihKR3Qs8YAqZdtals4JWqB
tBy2fe2tRdXGTk09yDpDNXJg86ZUMYkBttW0D0loGn1Kr8FTFoknaSgkRoQldZT+
kLhZ7l9uFhsOYrsbb0Ox5GqDQQeVfWCrGcr9WF5zyr7cLLW80wcFt3RzvFN8E/LS
MJqkjker/964XlHK7nLyd7aPTiPiJ5PjkPP9tRU9bGRr5YVzHscoTHvK+Lm6mTcQ
sZLbj0Tl+FP67CkMXQ3pabivNcoZa+s43sNBMsFht+u8Bj55MXDl4URvZuVj+Phi
sqaqExkAn/s/tHAalfuoqTQulC+SSOTksJtWoMHb6D/E
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net