Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/yzTNOCEQUyiIncYM071wY64qAlg.roa
File: yzTNOCEQUyiIncYM071wY64qAlg.roa (raw, json)
Hash identifier: hLDsFeTn5OhhHpxN9Rt6KZxw/jMGMbLdQEqz1BHAxCk=
Subject key identifier: CB:34:CD:38:21:10:53:28:88:9D:C6:0C:D3:BD:70:63:AE:2A:02:58
Certificate issuer: /CN=499f03e48ed62a96840eb2f2d79c3ec21a27f1ce
Certificate serial: 0194221FC6025B968FB252D7F96AC2DE52CA
Authority key identifier: 49:9F:03:E4:8E:D6:2A:96:84:0E:B2:F2:D7:9C:3E:C2:1A:27:F1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/yzTNOCEQUyiIncYM071wY64qAlg.roa
Signing time: Wed 01 Jan 2025 13:48:15 +0000
ROA not before: Wed 01 Jan 2025 13:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15930
IP address blocks: 89.18.128.0/19 maxlen: 19
89.18.128.0/21 maxlen: 21
89.18.136.0/21 maxlen: 21
89.18.143.0/24 maxlen: 24
89.18.144.0/21 maxlen: 21
89.18.152.0/21 maxlen: 21
89.18.156.0/24 maxlen: 24
89.18.159.0/24 maxlen: 24
185.24.180.0/22 maxlen: 22
185.24.180.0/24 maxlen: 24
2a00:65a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c6:02:5b:96:8f:b2:52:d7:f9:6a:c2:de:52:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=499f03e48ed62a96840eb2f2d79c3ec21a27f1ce
Validity
Not Before: Jan 1 13:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb34cd3821105328889dc60cd3bd7063ae2a0258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5e:73:12:7e:98:6d:d7:b4:d8:42:c4:ed:ef:
1e:71:12:62:4c:4d:b7:f0:65:62:4b:62:8d:90:8f:
4c:8e:07:ff:1a:45:15:7f:87:27:3d:c2:ed:3d:c2:
1e:99:70:76:10:df:99:e4:37:99:7c:d7:34:b9:ae:
5b:99:3f:7f:d3:84:7d:88:05:bf:47:5b:20:50:d3:
5d:0b:54:d6:87:5c:a1:b2:95:b2:98:92:56:f2:21:
39:a3:f3:61:97:4b:6a:bc:b3:4f:7d:e5:af:a2:80:
bb:3c:b7:66:86:e3:12:be:e1:80:ed:04:e4:66:6f:
46:31:54:bf:41:7f:20:cc:fa:26:11:4b:63:e4:af:
d0:2d:81:36:19:7b:0e:40:f5:6e:11:7a:2b:0b:39:
a9:6b:65:16:49:2e:72:99:49:04:62:a8:19:40:56:
0a:93:88:54:4a:48:dd:af:b6:e0:53:1b:13:06:1c:
94:57:37:09:1f:c4:1e:6a:5e:a4:a0:37:20:cd:00:
1d:c4:18:90:27:41:04:52:08:31:17:2d:91:41:2d:
94:a7:2e:8b:38:c8:6c:52:81:5c:82:3b:d4:9d:93:
2c:0a:08:13:0d:54:11:15:63:d6:ed:1d:22:77:88:
c8:da:c5:87:13:69:f8:f7:f5:e5:9a:25:fb:a3:49:
e2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:34:CD:38:21:10:53:28:88:9D:C6:0C:D3:BD:70:63:AE:2A:02:58
X509v3 Authority Key Identifier:
keyid:49:9F:03:E4:8E:D6:2A:96:84:0E:B2:F2:D7:9C:3E:C2:1A:27:F1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/yzTNOCEQUyiIncYM071wY64qAlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/SZ8D5I7WKpaEDrLy15w-whon8c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.128.0/19
185.24.180.0/22
IPv6:
2a00:65a0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:3e:e3:e4:0c:8a:d8:1a:cf:fc:f6:13:ce:07:e5:02:21:8e:
15:ba:d5:01:b0:e2:bd:4d:18:4a:07:d7:df:52:d2:0f:e9:12:
46:a3:16:73:e6:2f:48:67:ae:78:8e:0c:05:00:69:ec:d3:85:
d6:d2:52:7a:d9:62:d9:be:58:c9:7b:f6:80:5a:c4:ce:d9:fe:
aa:a1:6c:1a:b6:6c:1b:c5:45:02:4c:1f:41:31:20:2a:49:06:
c8:a3:8c:ba:a6:2c:4e:a5:a9:7a:1e:0d:83:cf:55:c9:61:24:
c4:51:5e:e1:32:33:9f:99:e3:12:fa:58:56:f1:bc:70:d9:67:
85:70:1e:47:5d:38:67:68:77:70:97:25:3a:af:9b:c1:4e:ab:
b4:ce:bf:f8:e5:a5:d0:b9:63:2f:cb:72:3c:f1:ca:98:c5:05:
42:03:27:f3:f7:9f:9a:07:f6:00:47:df:ec:fb:38:10:81:68:
c6:ab:43:74:be:bc:9e:fe:e8:1d:cb:ae:dd:07:fb:97:e3:af:
ec:77:ad:23:87:66:3f:55:0c:2e:88:a8:7c:77:35:99:40:26:
61:0a:f1:54:95:d7:71:6e:9a:6b:4e:8e:81:0a:cf:f8:17:a4:
e1:f5:15:89:37:6d:f1:85:1e:48:e0:81:5f:81:88:7a:92:d8:
fe:5a:a6:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH8YCW5aPslLX+WrC3lLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OWYwM2U0OGVkNjJhOTY4NDBlYjJmMmQ3OWMzZWMyMWEy
N2YxY2UwHhcNMjUwMTAxMTM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM0Y2QzODIxMTA1MzI4ODg5ZGM2MGNkM2JkNzA2M2FlMmEwMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F5zEn6Ybde02ELE7e8ecRJiTE23
8GViS2KNkI9Mjgf/GkUVf4cnPcLtPcIemXB2EN+Z5DeZfNc0ua5bmT9/04R9iAW/
R1sgUNNdC1TWh1yhspWymJJW8iE5o/Nhl0tqvLNPfeWvooC7PLdmhuMSvuGA7QTk
Zm9GMVS/QX8gzPomEUtj5K/QLYE2GXsOQPVuEXorCzmpa2UWSS5ymUkEYqgZQFYK
k4hUSkjdr7bgUxsTBhyUVzcJH8Qeal6koDcgzQAdxBiQJ0EEUggxFy2RQS2Upy6L
OMhsUoFcgjvUnZMsCggTDVQRFWPW7R0id4jI2sWHE2n49/XlmiX7o0niFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMs0zTghEFMoiJ3GDNO9cGOuKgJYMB8GA1UdIwQY
MBaAFEmfA+SO1iqWhA6y8tecPsIaJ/HOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1o4RDVJN1dLcGFFRHJMeTE1dy13aG9uOGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9hYzA5NTAtMjI3My00ZWUxLWE4MzAt
NDIyZTZkM2ZlOTNlLzEveXpUTk9DRVFVeWlJbmNZTTA3MXdZNjRxQWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9hYzA5NTAtMjI3My00ZWUxLWE4MzAtNDIyZTZkM2ZlOTNl
LzEvU1o4RDVJN1dLcGFFRHJMeTE1dy13aG9uOGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWRKAAwQC
uRi0MA0EAgACMAcDBQAqAGWgMA0GCSqGSIb3DQEBCwUAA4IBAQA/PuPkDIrYGs/8
9hPOB+UCIY4VutUBsOK9TRhKB9ffUtIP6RJGoxZz5i9IZ654jgwFAGns04XW0lJ6
2WLZvljJe/aAWsTO2f6qoWwatmwbxUUCTB9BMSAqSQbIo4y6pixOpal6Hg2Dz1XJ
YSTEUV7hMjOfmeMS+lhW8bxw2WeFcB5HXThnaHdwlyU6r5vBTqu0zr/45aXQuWMv
y3I88cqYxQVCAyfz95+aB/YAR9/s+zgQgWjGq0N0vrye/ugdy67dB/uX46/sd60j
h2Y/VQwuiKh8dzWZQCZhCvFUlddxbpprTo6BCs/4F6Th9RWJN23xhR5I4IFfgYh6
ktj+WqZF
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net