Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/yErW5kNKHDcTg-fzTjTLkaeTdfs.roa
File: yErW5kNKHDcTg-fzTjTLkaeTdfs.roa (raw, json)
Hash identifier: kizhklattplgXfiOmItfgbUnFHeiT1NCHm8Wv3r0lL0=
Subject key identifier: C8:4A:D6:E6:43:4A:1C:37:13:83:E7:F3:4E:34:CB:91:A7:93:75:FB
Certificate issuer: /CN=0f925691603903ef24485cb4bf35e28307867b83
Certificate serial: 0194266B3EC076FBAE9D23C7353EAB95DC96
Authority key identifier: 0F:92:56:91:60:39:03:EF:24:48:5C:B4:BF:35:E2:83:07:86:7B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5JWkWA5A-8kSFy0vzXigweGe4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/yErW5kNKHDcTg-fzTjTLkaeTdfs.roa
Signing time: Thu 02 Jan 2025 09:49:10 +0000
ROA not before: Thu 02 Jan 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29596
IP address blocks: 91.232.183.0/24 maxlen: 24
93.175.96.0/19 maxlen: 19
93.175.100.0/23 maxlen: 23
93.175.102.0/23 maxlen: 23
93.175.104.0/23 maxlen: 23
93.175.106.0/24 maxlen: 24
93.175.107.0/24 maxlen: 24
93.175.108.0/22 maxlen: 22
93.175.108.0/24 maxlen: 24
93.175.109.0/24 maxlen: 24
93.175.110.0/24 maxlen: 24
93.175.111.0/24 maxlen: 24
93.175.112.0/24 maxlen: 24
93.175.113.0/24 maxlen: 24
93.175.114.0/24 maxlen: 24
93.175.115.0/24 maxlen: 24
93.175.116.0/23 maxlen: 23
93.175.118.0/23 maxlen: 23
93.175.120.0/24 maxlen: 24
93.175.121.0/24 maxlen: 24
93.175.123.0/24 maxlen: 24
128.127.12.0/23 maxlen: 23
128.127.14.0/24 maxlen: 24
128.127.15.0/24 maxlen: 24
193.19.212.0/24 maxlen: 24
193.19.213.0/24 maxlen: 24
193.19.214.0/24 maxlen: 24
193.19.215.0/24 maxlen: 24
194.54.20.0/22 maxlen: 22
194.54.21.0/24 maxlen: 24
194.54.22.0/24 maxlen: 24
194.54.23.0/24 maxlen: 24
194.146.216.0/22 maxlen: 22
194.146.216.0/24 maxlen: 24
194.146.217.0/24 maxlen: 24
194.146.218.0/24 maxlen: 24
194.146.219.0/24 maxlen: 24
2a06:f4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:3e:c0:76:fb:ae:9d:23:c7:35:3e:ab:95:dc:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f925691603903ef24485cb4bf35e28307867b83
Validity
Not Before: Jan 2 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c84ad6e6434a1c371383e7f34e34cb91a79375fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:66:c0:6c:9d:63:c4:c4:2a:91:95:d3:07:
4d:c2:2a:cf:99:f7:51:3d:d6:82:16:f8:00:29:ec:
df:c4:66:48:61:63:e2:d1:20:da:64:f0:cc:db:c9:
05:d0:fb:92:37:dc:ea:fa:b2:b8:93:f8:83:1e:fe:
63:f7:ca:40:68:ab:a1:2a:94:72:18:8f:32:bd:c6:
12:60:80:92:02:3d:6d:b7:2a:8c:e2:68:b7:03:95:
8e:40:73:84:c8:87:a8:26:0c:65:b5:66:68:8d:66:
04:76:97:dc:47:2d:bb:f8:d1:c3:60:74:e8:bb:6a:
07:82:b8:32:ef:7b:09:bc:ae:e8:59:1f:63:35:7a:
5b:6c:45:7c:b6:a5:9f:f1:82:5c:c6:6c:16:11:6e:
39:a7:7c:60:28:71:db:a3:24:2e:4f:3a:0b:60:bf:
29:57:e7:81:b3:11:12:3a:e3:c3:cd:08:0f:ee:87:
a3:c7:5a:72:79:09:26:de:f3:63:b8:71:77:fa:93:
45:76:1b:88:5d:cc:4a:ab:9d:a6:30:62:d9:ab:cd:
17:0f:fd:21:6b:2c:40:b1:80:3c:ab:a1:90:91:42:
5e:c3:e3:f8:4d:88:1e:aa:a9:20:00:ea:c9:85:17:
7d:dc:31:0b:b8:6f:ab:a0:7d:97:d3:ed:bd:a8:93:
62:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4A:D6:E6:43:4A:1C:37:13:83:E7:F3:4E:34:CB:91:A7:93:75:FB
X509v3 Authority Key Identifier:
keyid:0F:92:56:91:60:39:03:EF:24:48:5C:B4:BF:35:E2:83:07:86:7B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5JWkWA5A-8kSFy0vzXigweGe4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/yErW5kNKHDcTg-fzTjTLkaeTdfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/D5JWkWA5A-8kSFy0vzXigweGe4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.183.0/24
93.175.96.0/19
128.127.12.0/22
193.19.212.0/22
194.54.20.0/22
194.146.216.0/22
IPv6:
2a06:f4c0::/29
Signature Algorithm: sha256WithRSAEncryption
24:20:19:ca:a1:da:14:23:14:13:05:03:6e:0f:6d:c0:28:41:
11:5f:06:d7:a0:21:2e:60:15:a4:36:d5:48:ff:6a:9e:a9:66:
4d:a6:75:76:f0:52:5e:ad:17:3a:ff:7a:06:f4:df:4f:dd:ea:
c3:e6:c6:c4:8a:41:2d:32:7e:15:fa:3e:3d:0d:ae:e4:d4:68:
a5:62:41:16:ed:60:d1:40:4c:fe:e5:65:9a:ab:f9:62:54:47:
b6:8e:0d:b3:77:e9:30:de:bb:1a:53:93:5b:dc:8a:19:64:0f:
dc:aa:4c:58:ea:bd:b1:ec:3f:c0:64:12:fa:12:8e:ec:1e:1c:
5e:a1:73:c8:b6:81:69:93:b6:ba:12:00:12:34:33:6d:18:5d:
ef:99:e0:df:39:5c:78:5b:26:8d:ac:71:c1:dd:d8:e6:64:87:
f2:24:d7:43:8e:2e:43:8a:c1:7e:7e:70:3d:56:33:7b:b2:62:
aa:e3:e0:3e:ff:54:a3:59:6e:ec:a2:90:ba:ff:34:a7:b9:aa:
95:e2:8c:b4:58:b1:15:5c:c2:64:8c:00:ad:05:61:ac:12:71:
82:f3:71:38:c4:ba:1a:f1:47:be:03:82:60:be:62:a0:7c:a0:
c6:a3:10:28:0a:40:09:c8:6b:f5:78:0e:14:79:6b:39:78:bd:
9b:28:f6:df
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQmaz7AdvuunSPHNT6rldyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTI1NjkxNjAzOTAzZWYyNDQ4NWNiNGJmMzVlMjgzMDc4
NjdiODMwHhcNMjUwMTAyMDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRhZDZlNjQzNGExYzM3MTM4M2U3ZjM0ZTM0Y2I5MWE3OTM3NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRFmwGydY8TEKpGV0wdNwirPmfdR
PdaCFvgAKezfxGZIYWPi0SDaZPDM28kF0PuSN9zq+rK4k/iDHv5j98pAaKuhKpRy
GI8yvcYSYICSAj1ttyqM4mi3A5WOQHOEyIeoJgxltWZojWYEdpfcRy27+NHDYHTo
u2oHgrgy73sJvK7oWR9jNXpbbEV8tqWf8YJcxmwWEW45p3xgKHHboyQuTzoLYL8p
V+eBsxESOuPDzQgP7oejx1pyeQkm3vNjuHF3+pNFdhuIXcxKq52mMGLZq80XD/0h
ayxAsYA8q6GQkUJew+P4TYgeqqkgAOrJhRd93DELuG+roH2X0+29qJNiCwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMhK1uZDShw3E4Pn8040y5Gnk3X7MB8GA1UdIwQY
MBaAFA+SVpFgOQPvJEhctL814oMHhnuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVKV2tXQTVBLThrU0Z5MHZ6WGlnd2VHZTRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mZjkyNTItM2RiNC00NTVmLWIyMGYt
ZTNlMzAyMDA1ZDhmLzEveUVyVzVrTktIRGNUZy1melRqVExrYWVUZGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mZjkyNTItM2RiNC00NTVmLWIyMGYtZTNlMzAyMDA1ZDhm
LzEvRDVKV2tXQTVBLThrU0Z5MHZ6WGlnd2VHZTRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW+i3AwQF
Xa9gAwQCgH8MAwQCwRPUAwQCwjYUAwQCwpLYMA0EAgACMAcDBQMqBvTAMA0GCSqG
SIb3DQEBCwUAA4IBAQAkIBnKodoUIxQTBQNuD23AKEERXwbXoCEuYBWkNtVI/2qe
qWZNpnV28FJerRc6/3oG9N9P3erD5sbEikEtMn4V+j49Da7k1GilYkEW7WDRQEz+
5WWaq/liVEe2jg2zd+kw3rsaU5Nb3IoZZA/cqkxY6r2x7D/AZBL6Eo7sHhxeoXPI
toFpk7a6EgASNDNtGF3vmeDfOVx4WyaNrHHB3djmZIfyJNdDji5DisF+fnA9VjN7
smKq4+A+/1SjWW7sopC6/zSnuaqV4oy0WLEVXMJkjACtBWGsEnGC83E4xLoa8Ue+
A4JgvmKgfKDGoxAoCkAJyGv1eA4UeWs5eL2bKPbf
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net