Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/vY7GkEweNUrSGtkEPpZxXCK4ESg.roa
File: vY7GkEweNUrSGtkEPpZxXCK4ESg.roa (raw, json)
Hash identifier: oOGzoz9OzrzW7p37D9Fx0u1JQ8df3cbEHrOUFVqpmQ4=
Subject key identifier: BD:8E:C6:90:4C:1E:35:4A:D2:1A:D9:04:3E:96:71:5C:22:B8:11:28
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0194228D83C4C919011DEFC341FC2AF88409
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/vY7GkEweNUrSGtkEPpZxXCK4ESg.roa
Signing time: Wed 01 Jan 2025 15:48:07 +0000
ROA not before: Wed 01 Jan 2025 15:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8778
IP address blocks: 195.28.64.0/19 maxlen: 19
195.80.160.0/19 maxlen: 19
2a02:dd8::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:83:c4:c9:19:01:1d:ef:c3:41:fc:2a:f8:84:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 15:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd8ec6904c1e354ad21ad9043e96715c22b81128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:8f:2b:62:fb:ba:00:52:33:01:c4:88:f7:
51:bd:58:0d:29:bb:61:9e:ca:a4:b1:78:af:1d:97:
ec:2c:eb:8e:c0:09:11:70:e0:3a:03:9f:41:e7:3a:
bc:ed:de:df:b1:d5:ea:ef:0e:3b:a0:41:e3:c7:9b:
00:74:df:09:11:8c:1e:3c:ad:ad:d7:3b:74:b1:19:
3d:f7:81:d0:70:51:0e:e4:c5:aa:a6:f2:ec:7d:00:
93:f0:7e:98:57:ee:71:a3:29:50:27:0a:16:3b:1e:
8e:8b:fe:59:d9:2d:3b:1f:65:0c:a4:ec:5c:94:19:
fa:c2:1c:2c:fd:5d:31:f1:b3:1d:e7:ce:83:13:95:
3c:91:e6:fb:f5:26:5a:ac:f1:bd:51:d3:44:c5:d5:
d6:6b:20:cb:a1:ba:aa:85:e9:95:dc:3b:10:f1:05:
a8:b3:57:22:cd:d1:96:ca:72:a1:9b:d2:01:20:59:
52:57:af:65:45:23:96:04:75:c2:fd:42:05:b8:40:
c6:53:25:a5:fc:00:d7:45:4d:3e:33:47:bc:33:ac:
f2:51:ce:7b:74:14:56:46:ac:79:03:93:ce:45:b5:
9a:fb:5e:86:c7:21:38:e5:6d:b6:71:ee:19:f7:54:
4a:6e:68:d2:de:ed:31:35:60:a2:f9:7a:66:ef:15:
ee:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8E:C6:90:4C:1E:35:4A:D2:1A:D9:04:3E:96:71:5C:22:B8:11:28
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/vY7GkEweNUrSGtkEPpZxXCK4ESg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.64.0/19
195.80.160.0/19
IPv6:
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
47:b6:ba:66:fd:83:24:7c:3a:2e:10:14:1f:0f:aa:84:fc:2f:
ea:d3:b0:74:87:6d:32:8d:4d:37:ea:e4:e2:1a:3e:93:9d:0f:
ba:a1:b0:1d:1b:91:bf:cc:37:cb:a8:9d:a5:99:99:ef:35:fb:
bb:7d:68:46:a0:67:e7:97:35:37:aa:b2:0d:51:00:82:cf:de:
0e:f6:74:ee:c0:3f:43:28:41:2c:e7:06:dc:ec:f5:0d:e8:fc:
e8:df:b1:4e:f6:e5:e8:05:98:c9:87:ae:7e:ae:c4:cc:3f:00:
5f:f8:57:08:7f:77:97:78:36:16:80:a5:be:66:50:68:ca:78:
29:ec:0a:1d:b5:d3:23:28:db:48:00:25:89:2e:75:10:4a:9d:
38:be:4a:ef:cf:62:ef:4a:96:67:3e:da:18:9f:3f:fc:1a:f0:
3f:0f:54:2a:45:3e:be:c5:9c:d5:a0:c9:5d:3f:74:52:d7:cc:
ed:d2:6c:66:ba:ae:9f:3d:27:a0:32:fd:04:57:18:b6:dd:48:
7b:90:dc:b5:1e:02:1a:43:a6:f1:9a:50:cc:db:09:38:38:ec:
28:e8:2c:eb:4a:2d:7a:51:2d:91:5e:2e:68:4e:46:6e:8b:ee:
6f:2c:1a:66:19:a2:e2:25:51:b4:8a:cb:72:d4:d4:3f:72:f1:
a1:2a:0d:d8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijYPEyRkBHe/DQfwq+IQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjUwMTAxMTU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhlYzY5MDRjMWUzNTRhZDIxYWQ5MDQzZTk2NzE1YzIyYjgxMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2yPK2L7ugBSMwHEiPdRvVgNKbth
nsqksXivHZfsLOuOwAkRcOA6A59B5zq87d7fsdXq7w47oEHjx5sAdN8JEYwePK2t
1zt0sRk994HQcFEO5MWqpvLsfQCT8H6YV+5xoylQJwoWOx6Oi/5Z2S07H2UMpOxc
lBn6whws/V0x8bMd586DE5U8keb79SZarPG9UdNExdXWayDLobqqhemV3DsQ8QWo
s1cizdGWynKhm9IBIFlSV69lRSOWBHXC/UIFuEDGUyWl/ADXRU0+M0e8M6zyUc57
dBRWRqx5A5PORbWa+16GxyE45W22ce4Z91RKbmjS3u0xNWCi+Xpm7xXurwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL2OxpBMHjVK0hrZBD6WcVwiuBEoMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvdlk3R2tFd2VOVXJTR3RrRVBwWnhYQ0s0RVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFwxxAAwQF
w1CgMA0EAgACMAcDBQMqAg3YMA0GCSqGSIb3DQEBCwUAA4IBAQBHtrpm/YMkfDou
EBQfD6qE/C/q07B0h20yjU036uTiGj6TnQ+6obAdG5G/zDfLqJ2lmZnvNfu7fWhG
oGfnlzU3qrINUQCCz94O9nTuwD9DKEEs5wbc7PUN6Pzo37FO9uXoBZjJh65+rsTM
PwBf+FcIf3eXeDYWgKW+ZlBoyngp7AodtdMjKNtIACWJLnUQSp04vkrvz2LvSpZn
PtoYnz/8GvA/D1QqRT6+xZzVoMldP3RS18zt0mxmuq6fPSegMv0EVxi23Uh7kNy1
HgIaQ6bxmlDM2wk4OOwo6CzrSi16US2RXi5oTkZui+5vLBpmGaLiJVG0isty1NQ/
cvGhKg3Y
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:15 2025 by rpki-client on console.sobornost.net