Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/yIXjM-EwusSl40QvG8uv75qXTEQ.roa
File: yIXjM-EwusSl40QvG8uv75qXTEQ.roa (raw, json)
Hash identifier: kuub7MgY2skM/b5M0WvDXulsX/sh09ymNW0BpMEZbac=
Subject key identifier: C8:85:E3:33:E1:30:BA:C4:A5:E3:44:2F:1B:CB:AF:EF:9A:97:4C:44
Certificate issuer: /CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Certificate serial: 01941FFA3350BB37166A7C62DB8DCDF87E7D
Authority key identifier: BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/yIXjM-EwusSl40QvG8uv75qXTEQ.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200031
IP address blocks: 45.159.164.0/22 maxlen: 22
45.159.164.0/23 maxlen: 23
45.159.164.0/24 maxlen: 24
45.159.165.0/24 maxlen: 24
45.159.166.0/23 maxlen: 23
45.159.166.0/24 maxlen: 24
45.159.167.0/24 maxlen: 24
91.195.56.0/23 maxlen: 23
91.195.56.0/24 maxlen: 24
91.195.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:33:50:bb:37:16:6a:7c:62:db:8d:cd:f8:7e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c885e333e130bac4a5e3442f1bcbafef9a974c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:f5:97:af:c1:ba:a8:a2:86:d0:22:c4:18:
93:20:4c:30:46:84:2a:aa:db:ea:f8:67:f3:d6:3f:
3a:79:bc:0b:59:59:81:88:7c:34:d0:e0:18:ff:1c:
41:87:c3:8f:0c:fc:31:2e:50:34:f9:67:7a:db:eb:
41:c0:b2:3d:c7:aa:e9:34:4e:07:fc:93:84:26:10:
e2:d6:c0:0f:8d:1f:ab:fa:e7:69:62:12:40:5a:b8:
b6:49:2d:1b:ab:2d:e8:a2:74:8b:10:b3:1d:34:d4:
9a:18:74:2e:7f:e0:b3:6c:ae:a9:fc:28:c4:2a:8d:
aa:d4:a0:0b:2d:e2:d9:97:71:6e:13:ed:3a:e5:d3:
37:eb:2c:bb:a4:5f:d1:51:f0:13:17:a3:a4:8d:f0:
f2:c1:c7:67:20:bc:75:fc:54:17:3c:fe:c7:15:84:
75:98:72:e3:a6:a1:f7:0e:0d:8f:b2:ce:83:cc:a2:
91:86:86:53:0a:e0:a5:8f:27:3f:c0:30:43:df:d7:
62:5a:cf:f0:24:b7:e1:fd:bc:2b:30:b3:55:a6:26:
73:d8:d3:85:a5:b8:f5:4e:12:06:26:6f:c0:eb:23:
83:c4:db:5c:24:ce:6a:44:cd:b9:e8:62:c5:06:a6:
69:97:75:eb:42:8b:3f:cc:0a:ef:73:9a:a5:af:e9:
88:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:85:E3:33:E1:30:BA:C4:A5:E3:44:2F:1B:CB:AF:EF:9A:97:4C:44
X509v3 Authority Key Identifier:
keyid:BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/yIXjM-EwusSl40QvG8uv75qXTEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/v85V0V6xGeUtb6_NOXPi9tTyI_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.164.0/22
91.195.56.0/23
Signature Algorithm: sha256WithRSAEncryption
69:31:14:27:e5:d6:da:57:7b:55:f5:dd:db:fa:e6:1c:e2:92:
95:15:a7:1f:e3:e4:7a:2a:62:ec:83:52:0e:23:70:9a:df:a4:
bd:74:b2:42:7d:87:1d:f3:86:43:58:93:9e:a3:b7:78:2a:a2:
18:d5:ff:26:9a:84:47:38:55:8a:35:9e:ef:39:9a:a6:53:ad:
5f:eb:d4:25:b7:15:24:76:2a:75:b2:fe:50:cf:74:0b:58:c8:
01:07:cb:0b:b9:db:83:b3:b3:76:89:4f:fd:fe:bd:62:be:7a:
51:27:52:8b:4a:58:67:b1:9b:dd:2d:94:66:78:5d:2a:40:ed:
b3:23:d0:e3:d0:fd:48:55:77:86:31:55:90:09:5c:d9:b3:0a:
16:22:ff:06:c5:82:70:6e:96:e7:d9:9b:8a:d8:e3:e9:2e:cf:
2c:20:4a:20:9f:fe:c9:8b:89:4d:15:71:72:36:ee:7a:f1:94:
52:49:f0:b1:5e:03:34:78:a8:02:c2:eb:74:45:a7:5c:33:13:
05:05:a6:4f:3f:93:0f:4b:7e:3a:c5:c8:4d:4c:c6:39:7f:a5:
f9:cc:a3:2e:f2:b7:17:12:8e:06:1c:44:82:8b:99:ec:4a:4d:
04:1a:34:dc:b6:4f:89:70:9e:3e:d7:f1:9b:30:74:81:e7:da:
18:ea:23:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+jNQuzcWanxi243N+H59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmY2U1NWQxNWViMTE5ZTUyZDZmYWZjZDM5NzNlMmY2ZDRm
MjIzZjIwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODg1ZTMzM2UxMzBiYWM0YTVlMzQ0MmYxYmNiYWZlZjlhOTc0YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4b1l6/BuqiihtAixBiTIEwwRoQq
qtvq+Gfz1j86ebwLWVmBiHw00OAY/xxBh8OPDPwxLlA0+Wd62+tBwLI9x6rpNE4H
/JOEJhDi1sAPjR+r+udpYhJAWri2SS0bqy3oonSLELMdNNSaGHQuf+CzbK6p/CjE
Ko2q1KALLeLZl3FuE+065dM36yy7pF/RUfATF6OkjfDywcdnILx1/FQXPP7HFYR1
mHLjpqH3Dg2Pss6DzKKRhoZTCuCljyc/wDBD39diWs/wJLfh/bwrMLNVpiZz2NOF
pbj1ThIGJm/A6yODxNtcJM5qRM256GLFBqZpl3XrQos/zArvc5qlr+mIJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMiF4zPhMLrEpeNELxvLr++al0xEMB8GA1UdIwQY
MBaAFL/OVdFesRnlLW+vzTlz4vbU8iPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjg1VjBWNnhHZVV0YjZfTk9YUGk5dFR5SV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lY2U1YzctMjE0My00ZGI0LTk4NTct
MDUyY2YwMWQyMDQ4LzEveUlYak0tRXd1c1NsNDBRdkc4dXY3NXFYVEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lY2U1YzctMjE0My00ZGI0LTk4NTctMDUyY2YwMWQyMDQ4
LzEvdjg1VjBWNnhHZVV0YjZfTk9YUGk5dFR5SV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZ+kAwQB
W8M4MA0GCSqGSIb3DQEBCwUAA4IBAQBpMRQn5dbaV3tV9d3b+uYc4pKVFacf4+R6
KmLsg1IOI3Ca36S9dLJCfYcd84ZDWJOeo7d4KqIY1f8mmoRHOFWKNZ7vOZqmU61f
69QltxUkdip1sv5Qz3QLWMgBB8sLuduDs7N2iU/9/r1ivnpRJ1KLSlhnsZvdLZRm
eF0qQO2zI9Dj0P1IVXeGMVWQCVzZswoWIv8GxYJwbpbn2ZuK2OPpLs8sIEogn/7J
i4lNFXFyNu568ZRSSfCxXgM0eKgCwut0RadcMxMFBaZPP5MPS346xchNTMY5f6X5
zKMu8rcXEo4GHESCi5nsSk0EGjTctk+JcJ4+1/GbMHSB59oY6iNS
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:41:23 2025 by rpki-client on console.sobornost.net