Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/GTyCHYuEY23ip9og5AkQRrDtBIY.roa
File: GTyCHYuEY23ip9og5AkQRrDtBIY.roa (raw, json)
Hash identifier: y+5WURpYH+e3fj9t+HlhF+CJDjJsdB5IFBo7XE9GPdw=
Subject key identifier: 19:3C:82:1D:8B:84:63:6D:E2:A7:DA:20:E4:09:10:46:B0:ED:04:86
Certificate issuer: /CN=ef8455d40c2e3dbcb24446fcc97a09ed4badedc3
Certificate serial: 0194221FFAB52D89726A4283F723706CD7DE
Authority key identifier: EF:84:55:D4:0C:2E:3D:BC:B2:44:46:FC:C9:7A:09:ED:4B:AD:ED:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/GTyCHYuEY23ip9og5AkQRrDtBIY.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198050
IP address blocks: 64.190.43.0/24 maxlen: 24
91.231.70.0/23 maxlen: 23
91.231.80.0/22 maxlen: 22
176.97.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fa:b5:2d:89:72:6a:42:83:f7:23:70:6c:d7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8455d40c2e3dbcb24446fcc97a09ed4badedc3
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=193c821d8b84636de2a7da20e4091046b0ed0486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c7:a7:2d:0f:bb:9d:76:df:85:7f:22:bd:cd:
6e:e7:f0:3b:81:31:d7:e9:8f:9b:fc:db:ad:6f:91:
af:43:04:ca:05:4b:81:75:b1:7c:0e:b4:67:ed:39:
76:df:40:c4:7d:ed:1e:9f:76:9d:fa:85:a7:27:48:
0c:1a:ca:9e:99:33:e0:f1:8b:81:5b:ea:79:4c:48:
c8:84:c3:46:12:cb:b0:60:16:72:af:63:ee:d1:6a:
5c:ef:b9:57:11:32:0b:b3:e0:07:ea:53:67:39:28:
d2:1e:16:ca:49:3b:82:8f:fe:44:83:fb:f4:2f:70:
f7:fe:5a:15:2b:05:a8:ca:50:f7:08:ad:89:d9:00:
9f:a2:b7:a6:6c:49:89:7e:f6:f5:a2:41:d6:68:32:
99:a5:c8:be:eb:a7:72:32:ab:37:fe:6d:a2:8f:89:
e5:82:04:fa:09:c2:fc:4b:6f:29:04:58:81:af:fe:
1a:41:e5:23:0d:c4:13:a7:ba:47:46:7b:0a:3d:c6:
c9:e1:04:90:03:18:5e:93:23:45:4d:22:c8:e8:79:
91:80:fc:1d:a9:c3:28:02:c1:34:80:2a:20:bb:22:
f9:39:0d:7c:50:40:9c:e9:12:e3:cd:7e:57:14:7a:
cf:ed:89:0a:ec:e7:f9:96:44:12:c7:c5:d9:7f:28:
ac:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3C:82:1D:8B:84:63:6D:E2:A7:DA:20:E4:09:10:46:B0:ED:04:86
X509v3 Authority Key Identifier:
keyid:EF:84:55:D4:0C:2E:3D:BC:B2:44:46:FC:C9:7A:09:ED:4B:AD:ED:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/GTyCHYuEY23ip9og5AkQRrDtBIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/74RV1AwuPbyyREb8yXoJ7Uut7cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.43.0/24
91.231.70.0/23
91.231.80.0/22
176.97.24.0/21
Signature Algorithm: sha256WithRSAEncryption
81:0e:36:9f:33:14:ff:a1:cb:d6:84:7e:d6:21:ad:1c:95:8f:
4c:33:66:49:73:41:fc:24:28:d3:be:34:0f:9b:4c:47:1b:29:
6f:80:65:2f:64:fa:49:d4:b1:23:24:c2:ac:0a:86:4b:87:ee:
e2:f0:53:5c:5f:49:54:ae:30:ba:25:c3:62:2d:cf:3a:27:77:
d2:ff:7d:2b:e9:5e:06:74:fd:f6:8f:f2:9e:75:16:36:83:ed:
28:21:2c:9d:a2:74:21:83:51:e9:c4:05:f1:18:2a:a1:75:c0:
f7:1c:de:47:dc:87:50:11:e8:6b:58:33:4d:76:51:62:bd:cb:
d8:bf:20:b4:b5:58:5b:8c:8d:9a:eb:4a:4e:51:2e:a1:45:95:
78:04:2c:a4:a2:6e:37:7f:1c:50:6c:c5:1e:ba:6b:00:ba:80:
d7:a2:e7:2e:15:54:df:91:fe:2a:c0:2b:96:29:32:5b:69:75:
0b:de:19:7d:62:b0:8e:3d:f9:e4:60:43:01:b3:23:1e:67:b2:
e5:dc:da:9b:3f:26:96:8a:78:6f:1a:5b:81:4b:19:11:f8:79:
46:7c:44:75:1c:5d:07:02:83:1e:e7:47:f0:8b:d4:4b:80:cd:
a2:84:11:5e:86:3a:ca:15:7b:35:26:3d:61:b9:e8:e0:83:28:
f2:df:1e:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH/q1LYlyakKD9yNwbNfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODQ1NWQ0MGMyZTNkYmNiMjQ0NDZmY2M5N2EwOWVkNGJh
ZGVkYzMwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTNjODIxZDhiODQ2MzZkZTJhN2RhMjBlNDA5MTA0NmIwZWQwNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsenLQ+7nXbfhX8ivc1u5/A7gTHX
6Y+b/Nutb5GvQwTKBUuBdbF8DrRn7Tl230DEfe0en3ad+oWnJ0gMGsqemTPg8YuB
W+p5TEjIhMNGEsuwYBZyr2Pu0Wpc77lXETILs+AH6lNnOSjSHhbKSTuCj/5Eg/v0
L3D3/loVKwWoylD3CK2J2QCforembEmJfvb1okHWaDKZpci+66dyMqs3/m2ij4nl
ggT6CcL8S28pBFiBr/4aQeUjDcQTp7pHRnsKPcbJ4QSQAxhekyNFTSLI6HmRgPwd
qcMoAsE0gCoguyL5OQ18UECc6RLjzX5XFHrP7YkK7Of5lkQSx8XZfyisBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBk8gh2LhGNt4qfaIOQJEEaw7QSGMB8GA1UdIwQY
MBaAFO+EVdQMLj28skRG/Ml6Ce1Lre3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRSVjFBd3VQYnl5UkViOHlYb0o3VXV0N2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZTQ4OGYtMTgwZC00YzhhLWE0NTIt
NGM3NGJiNTljNTk0LzEvR1R5Q0hZdUVZMjNpcDlvZzVBa1FSckR0QklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZTQ4OGYtMTgwZC00YzhhLWE0NTItNGM3NGJiNTljNTk0
LzEvNzRSVjFBd3VQYnl5UkViOHlYb0o3VXV0N2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQL4rAwQB
W+dGAwQCW+dQAwQDsGEYMA0GCSqGSIb3DQEBCwUAA4IBAQCBDjafMxT/ocvWhH7W
Ia0clY9MM2ZJc0H8JCjTvjQPm0xHGylvgGUvZPpJ1LEjJMKsCoZLh+7i8FNcX0lU
rjC6JcNiLc86J3fS/30r6V4GdP32j/KedRY2g+0oISydonQhg1HpxAXxGCqhdcD3
HN5H3IdQEehrWDNNdlFivcvYvyC0tVhbjI2a60pOUS6hRZV4BCykom43fxxQbMUe
umsAuoDXoucuFVTfkf4qwCuWKTJbaXUL3hl9YrCOPfnkYEMBsyMeZ7Ll3NqbPyaW
inhvGluBSxkR+HlGfER1HF0HAoMe50fwi9RLgM2ihBFehjrKFXs1Jj1huejggyjy
3x5l
-----END CERTIFICATE-----
Generated at Tue Jan 21 17:37:08 2025 by rpki-client on console.sobornost.net