Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/jY-lMu423nupxU54xaqHA9Fq5gs.roa
File: jY-lMu423nupxU54xaqHA9Fq5gs.roa (raw, json)
Hash identifier: vIKwvI+CSLTeyCI/hqgS0hx1+3s/05aczJf19X5bsPo=
Subject key identifier: 8D:8F:A5:32:EE:36:DE:7B:A9:C5:4E:78:C5:AA:87:03:D1:6A:E6:0B
Certificate issuer: /CN=02cc691476a6e7895b0e456116444f91937bf01e
Certificate serial: 019420D65A116A68BA875508BFAAF4BA372D
Authority key identifier: 02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/jY-lMu423nupxU54xaqHA9Fq5gs.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8319
IP address blocks: 194.153.151.0/24 maxlen: 24
195.158.32.0/19 maxlen: 24
195.250.48.0/24 maxlen: 24
212.218.0.0/16 maxlen: 24
2001:4cd8::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5a:11:6a:68:ba:87:55:08:bf:aa:f4:ba:37:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02cc691476a6e7895b0e456116444f91937bf01e
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d8fa532ee36de7ba9c54e78c5aa8703d16ae60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:22:69:e8:d9:6b:08:0a:14:ec:fb:4e:92:22:
c3:44:ba:9e:a4:02:ab:6a:63:7c:98:43:e2:aa:15:
f6:fd:eb:6a:44:9f:92:ed:a2:40:43:fc:57:fc:80:
ba:59:f0:0b:55:f2:bb:9d:88:09:c6:39:cd:7d:d5:
68:5e:bb:6d:a7:dd:7f:3b:9e:45:d4:04:48:ed:65:
92:24:b2:33:d3:8e:67:81:72:af:73:8d:36:69:b1:
f7:06:d8:fa:f7:75:d5:48:58:8e:0b:07:1a:00:8e:
3e:eb:57:f4:48:e9:ca:e7:e6:cd:e2:b1:8e:45:81:
55:9e:00:56:70:92:da:4b:66:81:bb:43:1e:fa:b8:
e1:f8:45:ce:a3:37:a0:03:be:ca:6a:87:13:10:ee:
dc:86:25:87:31:c0:77:e9:e2:82:8e:b3:7d:a4:f8:
8a:d8:e3:ac:2a:d9:ed:c6:39:1d:1b:45:fa:43:0e:
ce:6b:3f:bf:38:72:29:de:cc:85:3e:18:74:23:6a:
ee:1e:7f:f7:ab:fb:2f:1c:a9:f3:15:eb:15:05:ff:
36:56:a9:e2:51:38:5b:2f:73:37:10:40:bc:2c:7f:
a2:84:60:96:ff:68:a0:f8:2c:0c:7b:be:86:b7:30:
c2:b6:5b:58:22:7a:18:cf:14:b3:5f:ff:44:4e:b1:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8F:A5:32:EE:36:DE:7B:A9:C5:4E:78:C5:AA:87:03:D1:6A:E6:0B
X509v3 Authority Key Identifier:
keyid:02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/jY-lMu423nupxU54xaqHA9Fq5gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/AsxpFHam54lbDkVhFkRPkZN78B4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.151.0/24
195.158.32.0/19
195.250.48.0/24
212.218.0.0/16
IPv6:
2001:4cd8::/32
Signature Algorithm: sha256WithRSAEncryption
65:19:5f:3c:19:03:ff:08:40:2a:70:bc:40:2f:1c:6c:45:ea:
16:1c:dc:1a:04:a5:99:23:03:cf:3b:9b:93:b8:0e:7b:46:71:
da:1e:6a:47:2a:63:8f:34:a8:99:32:cb:b3:4b:38:ae:f6:de:
ad:6e:5e:83:76:94:19:3a:19:10:0c:fd:fd:f5:84:fe:92:f1:
7b:42:77:6a:a7:d7:92:fb:ed:bf:94:7f:79:92:dc:e2:63:ef:
6b:cc:2b:7c:cf:6b:ec:21:c2:7f:1d:d6:14:59:9f:97:13:2d:
27:df:c5:b4:e8:59:cc:89:64:11:ae:05:54:d7:f4:3d:48:45:
b2:85:56:28:66:64:63:a7:bf:78:14:06:f8:fb:5f:5c:1f:8b:
f5:46:2d:ba:10:00:38:36:48:d8:1f:8e:4d:67:6f:e4:e2:56:
43:c9:d2:99:0f:3f:4d:d0:39:fa:51:a2:ac:11:fa:66:8e:f5:
67:9b:6d:dc:5d:3b:93:bc:3e:ad:bf:10:e7:23:43:4b:e8:e4:
20:6c:0f:d6:04:4e:19:af:36:72:55:b8:0c:8c:3a:77:66:3e:
fd:3d:5d:6c:8e:9d:14:f5:87:44:ec:4c:5e:35:6e:75:53:bc:
d8:b5:67:d8:53:77:a9:9f:1d:0c:f6:37:11:8c:d5:a0:b8:71:
e1:82:90:72
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQg1loRami6h1UIv6r0ujctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyY2M2OTE0NzZhNmU3ODk1YjBlNDU2MTE2NDQ0ZjkxOTM3
YmYwMWUwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhmYTUzMmVlMzZkZTdiYTljNTRlNzhjNWFhODcwM2QxNmFlNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCJp6NlrCAoU7PtOkiLDRLqepAKr
amN8mEPiqhX2/etqRJ+S7aJAQ/xX/IC6WfALVfK7nYgJxjnNfdVoXrttp91/O55F
1ARI7WWSJLIz045ngXKvc402abH3Btj693XVSFiOCwcaAI4+61f0SOnK5+bN4rGO
RYFVngBWcJLaS2aBu0Me+rjh+EXOozegA77KaocTEO7chiWHMcB36eKCjrN9pPiK
2OOsKtntxjkdG0X6Qw7Oaz+/OHIp3syFPhh0I2ruHn/3q/svHKnzFesVBf82Vqni
UThbL3M3EEC8LH+ihGCW/2ig+CwMe76GtzDCtltYInoYzxSzX/9ETrE3EQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI2PpTLuNt57qcVOeMWqhwPRauYLMB8GA1UdIwQY
MBaAFALMaRR2pueJWw5FYRZET5GTe/AeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXN4cEZIYW01NGxiRGtWaEZrUlBrWk43OEI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YTY4NjAtMjI0Zi00YjM0LWE5YjYt
YmMxOTJiYjczMDI1LzEvalktbE11NDIzbnVweFU1NHhhcUhBOUZxNWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YTY4NjAtMjI0Zi00YjM0LWE5YjYtYmMxOTJiYjczMDI1
LzEvQXN4cEZIYW01NGxiRGtWaEZrUlBrWk43OEI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQAwpmXAwQF
w54gAwQAw/owAwMA1NowDQQCAAIwBwMFACABTNgwDQYJKoZIhvcNAQELBQADggEB
AGUZXzwZA/8IQCpwvEAvHGxF6hYc3BoEpZkjA887m5O4DntGcdoeakcqY480qJky
y7NLOK723q1uXoN2lBk6GRAM/f31hP6S8XtCd2qn15L77b+Uf3mS3OJj72vMK3zP
a+whwn8d1hRZn5cTLSffxbToWcyJZBGuBVTX9D1IRbKFVihmZGOnv3gUBvj7X1wf
i/VGLboQADg2SNgfjk1nb+TiVkPJ0pkPP03QOfpRoqwR+maO9WebbdxdO5O8Pq2/
EOcjQ0vo5CBsD9YEThmvNnJVuAyMOndmPv09XWyOnRT1h0TsTF41bnVTvNi1Z9hT
d6mfHQz2NxGM1aC4ceGCkHI=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:05 2025 by rpki-client on console.sobornost.net