Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/bOyfi-z2wqC5OBTk4v100ve7CxI.roa
File: bOyfi-z2wqC5OBTk4v100ve7CxI.roa (raw, json)
Hash identifier: WiyMw0UdlKQAlB0ieoJy4RAqYir7UCqclb4nu/UNQCk=
Subject key identifier: 6C:EC:9F:8B:EC:F6:C2:A0:B9:38:14:E4:E2:FD:74:D2:F7:BB:0B:12
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 0194274792841C09B091DA9B6E1C572CE23C
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/bOyfi-z2wqC5OBTk4v100ve7CxI.roa
Signing time: Thu 02 Jan 2025 13:49:49 +0000
ROA not before: Thu 02 Jan 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202029
IP address blocks: 91.213.151.0/24 maxlen: 24
185.212.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
2a04:acc0:10::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:92:84:1c:09:b0:91:da:9b:6e:1c:57:2c:e2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Jan 2 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cec9f8becf6c2a0b93814e4e2fd74d2f7bb0b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f1:15:c0:6b:61:82:d9:76:98:ea:97:f6:1c:
36:01:03:c4:46:ee:ea:a0:8c:b8:6d:bd:15:1b:61:
aa:aa:b4:c7:b8:51:a7:97:a7:12:98:09:2e:32:88:
f2:51:93:7a:2b:43:03:71:63:2f:1f:a7:f0:91:fa:
68:70:8a:f8:39:c8:95:d9:48:8b:fb:da:96:7a:84:
f3:f0:87:9f:e2:a3:c4:d3:06:2c:ae:13:31:b0:e8:
9a:87:76:ef:0e:2d:9b:7c:9d:96:47:fb:20:c0:e5:
01:71:32:30:63:8a:ea:ec:ef:2e:b1:bb:b6:4d:43:
4b:cd:f8:f9:70:6e:d2:30:12:76:75:c1:60:4a:ec:
e8:5a:21:cd:77:6d:79:f0:eb:d8:b3:25:19:06:04:
b6:2f:f5:c8:a5:e7:51:af:1e:67:00:00:34:7f:77:
34:f1:99:8e:c1:7c:80:76:b0:ff:2e:00:21:eb:b5:
f7:97:8d:ae:37:71:88:ff:f5:24:f4:66:89:91:0a:
89:b4:40:55:21:48:9a:26:68:e9:18:20:b4:38:5f:
0d:f0:46:0b:9e:86:cc:44:d7:ef:e3:ac:7c:8f:05:
57:48:0a:43:72:42:bf:77:0c:b5:30:7f:d6:83:e8:
fc:4e:f0:5b:c0:45:8e:99:b0:13:09:ee:0d:f6:5c:
82:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EC:9F:8B:EC:F6:C2:A0:B9:38:14:E4:E2:FD:74:D2:F7:BB:0B:12
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/bOyfi-z2wqC5OBTk4v100ve7CxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.151.0/24
185.212.194.0/24
185.221.193.0/24
195.8.102.0/24
195.230.107.0/24
IPv6:
2a04:acc0:10::/44
Signature Algorithm: sha256WithRSAEncryption
47:79:1f:3c:f9:fa:ee:98:96:3c:81:42:76:88:42:a4:b4:5f:
65:82:6d:d4:56:c7:50:d9:22:7b:77:cc:a9:e6:22:32:b6:39:
c5:1b:df:d8:ea:79:fd:93:c3:8e:8e:cf:b5:33:b5:97:fa:60:
5d:0c:1b:1a:b4:f6:6e:7e:75:9e:80:d1:0a:d0:dd:50:2d:a1:
27:92:b7:34:38:2e:fe:19:6c:29:3e:49:69:41:0f:90:c8:0d:
96:f6:11:e5:d4:51:5b:20:b2:19:d4:1c:4f:5e:1d:6c:46:e5:
d9:03:e9:6a:bc:31:37:1d:e4:f8:5d:b2:30:4c:01:52:dd:8c:
df:f8:5a:a2:9f:45:10:5e:e6:0a:f9:e6:df:ed:d9:29:76:5c:
dc:f5:2b:d8:cb:de:4c:06:70:6b:fb:83:e9:68:3a:f7:fe:12:
b6:ec:e3:01:db:1d:90:b4:6d:de:b6:a9:a0:82:d6:42:83:7d:
81:f7:ab:1c:b6:cf:d8:ad:98:5d:61:e0:63:0a:59:a2:0e:7a:
d0:8a:63:43:df:07:7a:3f:bc:62:df:90:7f:a7:16:04:2d:ea:
2a:40:e7:2d:e7:22:d7:1f:90:c4:e5:af:e0:74:b2:69:6a:ac:
7b:83:19:3c:7a:34:87:09:38:c7:f7:7b:3e:d6:85:d7:81:63:
a9:78:10:8a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQnR5KEHAmwkdqbbhxXLOI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VjOWY4YmVjZjZjMmEwYjkzODE0ZTRlMmZkNzRkMmY3YmIwYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/EVwGthgtl2mOqX9hw2AQPERu7q
oIy4bb0VG2GqqrTHuFGnl6cSmAkuMojyUZN6K0MDcWMvH6fwkfpocIr4OciV2UiL
+9qWeoTz8Ief4qPE0wYsrhMxsOiah3bvDi2bfJ2WR/sgwOUBcTIwY4rq7O8usbu2
TUNLzfj5cG7SMBJ2dcFgSuzoWiHNd2158OvYsyUZBgS2L/XIpedRrx5nAAA0f3c0
8ZmOwXyAdrD/LgAh67X3l42uN3GI//Uk9GaJkQqJtEBVIUiaJmjpGCC0OF8N8EYL
nobMRNfv46x8jwVXSApDckK/dwy1MH/Wg+j8TvBbwEWOmbATCe4N9lyCkQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGzsn4vs9sKguTgU5OL9dNL3uwsSMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvYk95ZmktejJ3cUM1T0JUazR2MTAwdmU3Q3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW9WXAwQA
udTCAwQAud3BAwQAwwhmAwQAw+ZrMA8EAgACMAkDBwQqBKzAABAwDQYJKoZIhvcN
AQELBQADggEBAEd5Hzz5+u6YljyBQnaIQqS0X2WCbdRWx1DZInt3zKnmIjK2OcUb
39jqef2Tw46Oz7UztZf6YF0MGxq09m5+dZ6A0QrQ3VAtoSeStzQ4Lv4ZbCk+SWlB
D5DIDZb2EeXUUVsgshnUHE9eHWxG5dkD6Wq8MTcd5PhdsjBMAVLdjN/4WqKfRRBe
5gr55t/t2Sl2XNz1K9jL3kwGcGv7g+loOvf+Erbs4wHbHZC0bd62qaCC1kKDfYH3
qxy2z9itmF1h4GMKWaIOetCKY0PfB3o/vGLfkH+nFgQt6ipA5y3nItcfkMTlr+B0
smlqrHuDGTx6NIcJOMf3ez7WhdeBY6l4EIo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net