Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/yZi5kswzr7A4DzlGCWa5weE8ZXs.roa
File: yZi5kswzr7A4DzlGCWa5weE8ZXs.roa (raw, json)
Hash identifier: Anf6GmhoZMZWxPMhTL0WiBitC7uHDJE3iNPWcCU2CB0=
Subject key identifier: C9:98:B9:92:CC:33:AF:B0:38:0F:39:46:09:66:B9:C1:E1:3C:65:7B
Certificate issuer: /CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Certificate serial: 019421445FE25814FE5B83B0470B78D0D5C2
Authority key identifier: 4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/yZi5kswzr7A4DzlGCWa5weE8ZXs.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47678
IP address blocks: 94.45.64.0/19 maxlen: 22
213.110.160.0/19 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5f:e2:58:14:fe:5b:83:b0:47:0b:78:d0:d5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c998b992cc33afb0380f39460966b9c1e13c657b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:32:a0:ac:d0:06:d2:6b:23:31:25:3c:fd:
56:a0:74:55:8e:d8:02:3d:46:6a:93:9f:f7:d4:b3:
d7:fb:f9:03:66:2f:d4:2a:7d:6d:74:d9:9e:77:46:
8a:c7:ed:73:2e:cb:8a:87:4c:35:6e:6e:c8:f4:1d:
de:68:e4:92:f0:93:ae:3b:f4:be:47:0a:87:72:64:
72:44:e1:96:28:36:f7:5f:cc:75:f9:ac:aa:0f:46:
7d:eb:3e:29:77:ef:a0:4b:55:fe:e1:14:52:14:90:
1a:1b:73:fb:01:b7:7d:6a:5d:ae:a2:ba:8d:2e:68:
b0:2c:1f:fe:17:79:ce:e8:d5:d6:87:b5:e5:1d:1d:
2f:77:d6:f3:03:2f:3b:90:9f:b5:07:9f:2f:38:72:
8d:71:e6:35:d4:86:cd:d7:f2:53:6b:3d:23:38:f7:
19:e9:bb:30:ba:80:62:83:0b:04:f1:12:a5:01:38:
42:5e:8f:74:39:72:40:32:04:6c:a3:4b:49:35:d1:
c5:92:95:3a:1d:fd:45:af:f8:13:09:c8:e9:4e:62:
f4:b9:aa:36:64:5d:28:85:dd:73:89:49:66:cf:b8:
69:bf:9e:d6:2e:7f:11:40:cc:9a:47:66:45:45:40:
74:8e:10:7b:c5:54:2a:12:04:e9:e9:3a:32:64:8d:
9b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:98:B9:92:CC:33:AF:B0:38:0F:39:46:09:66:B9:C1:E1:3C:65:7B
X509v3 Authority Key Identifier:
keyid:4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/yZi5kswzr7A4DzlGCWa5weE8ZXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.45.64.0/19
213.110.160.0/19
Signature Algorithm: sha256WithRSAEncryption
72:02:55:a8:3e:c3:f4:c6:de:3d:44:dc:bc:e6:4f:dc:a5:b3:
72:6a:22:e6:77:15:2c:0d:cf:31:dc:0a:10:27:4a:a7:bf:f7:
b0:2c:c6:d6:49:4a:bc:b4:cd:8f:6f:7d:17:1d:50:be:8e:7b:
e8:94:f5:06:f5:be:6e:ce:61:f0:8e:8a:c2:12:be:27:07:4c:
71:82:ba:cc:4e:d1:76:f5:92:d4:85:7d:7b:d7:08:b2:58:f7:
be:80:2e:14:d0:e6:57:7b:d1:7d:e4:df:c0:55:ea:a4:44:61:
a9:13:49:66:ec:a7:03:df:8b:98:5b:0a:c4:f9:d8:9d:45:f9:
ca:91:5b:b2:28:17:d2:a1:c6:12:27:f2:ea:cd:53:70:be:59:
7a:0d:71:f9:06:d8:ef:85:84:7b:50:5b:87:5a:46:40:78:7c:
96:f9:4b:d1:3d:5d:8e:06:8c:18:9d:b9:84:d1:c1:ee:bb:79:
7c:4f:79:b2:bc:92:cf:97:e5:08:a9:ee:49:d1:6e:6e:86:8d:
99:bd:84:ed:59:61:fa:2c:97:b0:9d:ec:47:83:32:98:b7:05:
b6:b5:71:e6:dd:a5:15:0e:50:54:c3:56:09:a2:97:2b:e6:c8:
06:3c:29:06:7f:d9:de:67:56:7b:e8:5b:b3:5d:8a:38:d0:91:
08:35:29:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhRF/iWBT+W4OwRwt40NXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzc4OWVjZjY3ZTA0Mjk4YzVlZTQ0YzY3ZDhmYjdmNWQ2
ZDk1YTEwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk4Yjk5MmNjMzNhZmIwMzgwZjM5NDYwOTY2YjljMWUxM2M2NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusoyoKzQBtJrIzElPP1WoHRVjtgC
PUZqk5/31LPX+/kDZi/UKn1tdNmed0aKx+1zLsuKh0w1bm7I9B3eaOSS8JOuO/S+
RwqHcmRyROGWKDb3X8x1+ayqD0Z96z4pd++gS1X+4RRSFJAaG3P7Abd9al2uorqN
LmiwLB/+F3nO6NXWh7XlHR0vd9bzAy87kJ+1B58vOHKNceY11IbN1/JTaz0jOPcZ
6bswuoBigwsE8RKlAThCXo90OXJAMgRso0tJNdHFkpU6Hf1Fr/gTCcjpTmL0uao2
ZF0ohd1ziUlmz7hpv57WLn8RQMyaR2ZFRUB0jhB7xVQqEgTp6ToyZI2bXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmYuZLMM6+wOA85RglmucHhPGV7MB8GA1UdIwQY
MBaAFEw3iez2fgQpjF7kTGfY+39dbZWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMt
MWRjNTRkMWMwM2EzLzEveVppNWtzd3pyN0E0RHpsR0NXYTV3ZUU4WlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMtMWRjNTRkMWMwM2Ez
LzEvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFXi1AAwQF
1W6gMA0GCSqGSIb3DQEBCwUAA4IBAQByAlWoPsP0xt49RNy85k/cpbNyaiLmdxUs
Dc8x3AoQJ0qnv/ewLMbWSUq8tM2Pb30XHVC+jnvolPUG9b5uzmHwjorCEr4nB0xx
grrMTtF29ZLUhX171wiyWPe+gC4U0OZXe9F95N/AVeqkRGGpE0lm7KcD34uYWwrE
+didRfnKkVuyKBfSocYSJ/LqzVNwvll6DXH5BtjvhYR7UFuHWkZAeHyW+UvRPV2O
BowYnbmE0cHuu3l8T3myvJLPl+UIqe5J0W5uho2ZvYTtWWH6LJewnexHgzKYtwW2
tXHm3aUVDlBUw1YJopcr5sgGPCkGf9neZ1Z76FuzXYo40JEINSnp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:49 2025 by rpki-client on console.sobornost.net