Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/rygZTFCBNWEkh81f14PWqNNI1kI.roa
File: rygZTFCBNWEkh81f14PWqNNI1kI.roa (raw, json)
Hash identifier: Nw/ZIl2uHVeZMov8V5+Nv9xGTV5/WVlGxw5x2u+Et/o=
Subject key identifier: AF:28:19:4C:50:81:35:61:24:87:CD:5F:D7:83:D6:A8:D3:48:D6:42
Certificate issuer: /CN=01cf2a71b2c7bf541c6cc04151cd02078d369926
Certificate serial: 0194228D0C71E3A6AA086CFCE7144DC57ECD
Authority key identifier: 01:CF:2A:71:B2:C7:BF:54:1C:6C:C0:41:51:CD:02:07:8D:36:99:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ac8qcbLHv1QcbMBBUc0CB402mSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/rygZTFCBNWEkh81f14PWqNNI1kI.roa
Signing time: Wed 01 Jan 2025 15:47:36 +0000
ROA not before: Wed 01 Jan 2025 15:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42812
IP address blocks: 185.82.140.0/22 maxlen: 22
193.24.111.0/24 maxlen: 24
2a05:90c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0c:71:e3:a6:aa:08:6c:fc:e7:14:4d:c5:7e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01cf2a71b2c7bf541c6cc04151cd02078d369926
Validity
Not Before: Jan 1 15:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af28194c508135612487cd5fd783d6a8d348d642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:be:77:0e:b2:ca:bb:38:c2:00:1f:29:d8:cb:
6e:17:d3:23:80:91:87:7b:2d:1f:2e:40:52:07:24:
12:ed:f2:1f:06:46:29:69:6a:e4:3d:96:cc:33:77:
81:d1:27:17:06:54:ca:78:c4:61:e6:1f:4b:10:7f:
d6:a0:0c:20:70:ce:a6:8b:90:27:98:dc:f7:ba:41:
25:b8:a5:47:af:3d:39:df:b0:5c:d5:72:5e:9b:2c:
74:29:80:47:5f:ed:dd:c6:d0:6e:8f:0e:d2:4a:7e:
d5:1b:17:7b:1f:c1:07:58:7b:0f:06:55:2b:74:1c:
e9:34:a6:a6:72:bf:06:a7:0b:fd:c7:77:62:0d:ae:
61:31:53:f7:ce:ae:5a:b6:76:32:ba:65:67:ba:a9:
44:a3:eb:2b:6e:6b:e1:ed:99:fe:a2:5c:31:0d:02:
bf:22:cd:07:13:5d:66:b7:dd:28:45:0d:b9:f4:93:
4f:58:33:62:89:ce:be:ce:84:69:05:2b:48:d2:3e:
5b:59:9c:dd:19:62:9b:49:4c:b3:8a:93:5d:49:ed:
1b:76:89:38:48:c2:7e:fe:54:70:6e:df:79:c7:cf:
4b:db:0e:b7:65:bc:92:03:0b:c0:73:6d:9f:2f:d5:
ef:61:d2:fe:ab:2c:07:82:c2:3e:00:b5:f6:b0:0c:
f7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:28:19:4C:50:81:35:61:24:87:CD:5F:D7:83:D6:A8:D3:48:D6:42
X509v3 Authority Key Identifier:
keyid:01:CF:2A:71:B2:C7:BF:54:1C:6C:C0:41:51:CD:02:07:8D:36:99:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ac8qcbLHv1QcbMBBUc0CB402mSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/rygZTFCBNWEkh81f14PWqNNI1kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/Ac8qcbLHv1QcbMBBUc0CB402mSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.140.0/22
193.24.111.0/24
IPv6:
2a05:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:0b:44:f2:4d:ef:81:a8:c9:f6:17:da:50:59:93:98:8f:77:
4a:68:7f:25:2a:f5:67:8b:e0:77:47:c9:73:15:6b:d1:0b:90:
93:9f:dc:19:52:0d:34:a0:f4:88:5d:7b:a4:48:be:09:d3:39:
0b:83:95:1a:80:73:0a:42:6c:85:70:b1:b4:c2:7c:55:eb:39:
94:0d:44:9b:f6:ff:60:5e:f3:2b:4f:42:47:43:c2:96:60:b0:
bf:b5:28:4a:12:8f:e1:b0:ba:0d:88:52:40:ee:8f:07:de:47:
2c:2d:ee:90:9e:42:40:28:05:0c:6b:60:0a:23:f6:c6:00:99:
13:32:9c:f0:21:9a:49:76:8d:97:1c:fc:c0:cc:c4:4b:50:bb:
3b:07:68:86:9a:eb:3f:6b:41:2b:3b:11:ae:62:27:d4:16:65:
7f:88:04:9b:0d:a4:48:1b:fe:17:fa:20:d0:98:6d:7c:95:1c:
8f:0f:af:61:80:1e:a8:b0:21:94:d0:b6:ed:60:53:60:a4:08:
3e:16:4c:c9:02:c5:40:b0:91:28:30:39:4f:cb:ff:1c:31:38:
7b:53:09:7b:33:e4:68:e3:0f:90:fc:f5:1c:d3:38:7f:28:e8:
dc:71:8a:a6:19:c9:1a:41:4d:69:de:f1:29:92:0d:1a:f7:9f:
bc:82:6e:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijQxx46aqCGz85xRNxX7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxY2YyYTcxYjJjN2JmNTQxYzZjYzA0MTUxY2QwMjA3OGQz
Njk5MjYwHhcNMjUwMTAxMTU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI4MTk0YzUwODEzNTYxMjQ4N2NkNWZkNzgzZDZhOGQzNDhkNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1753DrLKuzjCAB8p2MtuF9MjgJGH
ey0fLkBSByQS7fIfBkYpaWrkPZbMM3eB0ScXBlTKeMRh5h9LEH/WoAwgcM6mi5An
mNz3ukEluKVHrz0537Bc1XJemyx0KYBHX+3dxtBujw7SSn7VGxd7H8EHWHsPBlUr
dBzpNKamcr8Gpwv9x3diDa5hMVP3zq5atnYyumVnuqlEo+srbmvh7Zn+olwxDQK/
Is0HE11mt90oRQ259JNPWDNiic6+zoRpBStI0j5bWZzdGWKbSUyzipNdSe0bdok4
SMJ+/lRwbt95x89L2w63ZbySAwvAc22fL9XvYdL+qywHgsI+ALX2sAz3vwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK8oGUxQgTVhJIfNX9eD1qjTSNZCMB8GA1UdIwQY
MBaAFAHPKnGyx79UHGzAQVHNAgeNNpkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWM4cWNiTEh2MVFjYk1CQlVjMENCNDAybVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jMjRlZTEtMmNiMi00OTA3LTgwNDgt
YjBmNGZiZTI2YjYxLzEvcnlnWlRGQ0JOV0VraDgxZjE0UFdxTk5JMWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jMjRlZTEtMmNiMi00OTA3LTgwNDgtYjBmNGZiZTI2YjYx
LzEvQWM4cWNiTEh2MVFjYk1CQlVjMENCNDAybVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVKMAwQA
wRhvMA0EAgACMAcDBQMqBZDAMA0GCSqGSIb3DQEBCwUAA4IBAQBdC0TyTe+BqMn2
F9pQWZOYj3dKaH8lKvVni+B3R8lzFWvRC5CTn9wZUg00oPSIXXukSL4J0zkLg5Ua
gHMKQmyFcLG0wnxV6zmUDUSb9v9gXvMrT0JHQ8KWYLC/tShKEo/hsLoNiFJA7o8H
3kcsLe6QnkJAKAUMa2AKI/bGAJkTMpzwIZpJdo2XHPzAzMRLULs7B2iGmus/a0Er
OxGuYifUFmV/iASbDaRIG/4X+iDQmG18lRyPD69hgB6osCGU0LbtYFNgpAg+FkzJ
AsVAsJEoMDlPy/8cMTh7Uwl7M+Ro4w+Q/PUc0zh/KOjccYqmGckaQU1p3vEpkg0a
95+8gm6M
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net