Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/sxyzy4Vz_XENv0a6WGSRJ_XLHxo.roa
File: sxyzy4Vz_XENv0a6WGSRJ_XLHxo.roa (raw, json)
Hash identifier: QzYUdxGcSG2YnpIYOD6tW3Y6lGlHMjVHtUdbfg1GtCw=
Subject key identifier: B3:1C:B3:CB:85:73:FD:71:0D:BF:46:BA:58:64:91:27:F5:CB:1F:1A
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019480087981EC25ADBE293850B56385EE96
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/sxyzy4Vz_XENv0a6WGSRJ_XLHxo.roa
Signing time: Sun 19 Jan 2025 19:27:06 +0000
ROA not before: Sun 19 Jan 2025 19:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.232.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.96.0/24 maxlen: 24
94.229.210.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
103.47.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:80:08:79:81:ec:25:ad:be:29:38:50:b5:63:85:ee:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 19 19:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b31cb3cb8573fd710dbf46ba58649127f5cb1f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:91:63:36:5b:01:02:96:f9:a3:07:5b:ac:
2c:fc:bb:10:7b:da:34:bf:41:fb:77:f1:c1:ad:5b:
e1:f6:9e:3d:e2:fd:97:ce:c3:be:f2:a2:c6:ca:04:
f6:8f:ef:9e:00:0d:9b:36:58:eb:c8:7f:94:c9:51:
3f:6b:95:45:db:26:fd:93:6e:4b:f2:6e:95:32:fa:
5f:44:f7:d2:17:2c:0c:f2:2c:07:03:31:18:c2:d3:
fc:34:2b:3c:3c:e5:4e:d6:59:5b:b9:4f:ad:91:ba:
ae:ea:f7:ed:38:41:9b:81:a4:bc:7c:09:28:56:5c:
e1:46:69:e3:f7:01:c4:06:ac:73:88:37:f5:b1:b1:
41:07:0a:64:4b:ce:6f:4c:d3:c8:e9:4f:0c:b1:4f:
b2:e5:20:23:de:63:21:1b:f6:e8:37:a7:28:10:93:
0a:ee:2e:d6:19:64:cb:bb:94:f4:24:3e:c9:fe:94:
94:9f:e9:b4:e5:33:8c:67:a6:a7:f5:0c:ac:bb:cd:
4d:c8:ce:0a:5d:69:fa:54:40:7f:d6:03:19:30:f0:
4d:a6:96:24:59:67:0f:a3:03:fe:9d:d0:c5:0b:5e:
54:2d:9b:53:c9:9b:8c:68:8b:0f:ac:b0:38:a2:3c:
5b:72:f8:97:55:1c:cf:d9:4b:17:01:93:71:2f:11:
95:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1C:B3:CB:85:73:FD:71:0D:BF:46:BA:58:64:91:27:F5:CB:1F:1A
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/sxyzy4Vz_XENv0a6WGSRJ_XLHxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
14.102.232.0/24
77.111.96.0/22
94.229.210.0/24
94.229.212.0/24
103.47.56.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a4:2a:f3:c4:0e:f3:3e:71:c5:56:0b:d4:50:e1:3f:47:79:
ce:74:a8:62:33:19:7f:d5:83:2e:96:9a:a5:be:b7:aa:17:52:
2f:8e:8d:fb:52:1b:1b:6c:c8:06:e7:2e:9f:c3:d8:f7:85:48:
84:0d:59:3d:32:c2:13:20:54:d0:35:50:48:68:cf:25:1c:9b:
9e:30:40:6b:89:78:53:72:4e:09:04:80:48:0a:bf:1f:2a:0f:
42:29:d1:1f:18:86:96:df:c2:5a:30:4d:98:e4:f6:42:21:e9:
32:b3:d8:17:5d:bb:a9:71:1e:85:a1:be:13:b4:45:3c:0b:c4:
8f:f9:f8:56:00:9f:da:30:55:68:68:2c:6a:e5:80:31:e0:91:
87:70:75:cc:99:64:2f:7d:f1:08:e6:3a:7e:29:81:68:45:75:
f1:96:75:03:5b:2c:33:84:01:63:a6:b1:d6:c7:5e:41:f9:91:
79:0d:f1:d6:28:b6:5d:d9:30:1a:db:52:e3:16:dd:e7:db:35:
e8:6c:71:d0:61:f4:c0:f2:fb:39:6e:36:71:c2:b4:a3:1f:19:
d2:3c:42:b6:d5:e2:79:54:1e:be:84:e1:45:3d:67:de:40:28:
b4:df:64:45:30:a3:e9:5c:aa:d5:5b:b1:fe:0d:b0:7a:00:e2:
ca:8d:1e:f6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSACHmB7CWtvik4ULVjhe6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTE5MTkyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFjYjNjYjg1NzNmZDcxMGRiZjQ2YmE1ODY0OTEyN2Y1Y2IxZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLyRYzZbAQKW+aMHW6ws/LsQe9o0
v0H7d/HBrVvh9p494v2XzsO+8qLGygT2j++eAA2bNljryH+UyVE/a5VF2yb9k25L
8m6VMvpfRPfSFywM8iwHAzEYwtP8NCs8POVO1llbuU+tkbqu6vftOEGbgaS8fAko
VlzhRmnj9wHEBqxziDf1sbFBBwpkS85vTNPI6U8MsU+y5SAj3mMhG/boN6coEJMK
7i7WGWTLu5T0JD7J/pSUn+m05TOMZ6an9Qysu81NyM4KXWn6VEB/1gMZMPBNppYk
WWcPowP+ndDFC15ULZtTyZuMaIsPrLA4ojxbcviXVRzP2UsXAZNxLxGVlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLMcs8uFc/1xDb9GulhkkSf1yx8aMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvc3h5enk0VnpfWEVOdjBhNldHU1JKX1hMSHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBDmbiAwQA
DmboAwQCTW9gAwQAXuXSAwQAXuXUAwQAZy84MA0GCSqGSIb3DQEBCwUAA4IBAQAi
pCrzxA7zPnHFVgvUUOE/R3nOdKhiMxl/1YMulpqlvreqF1Ivjo37UhsbbMgG5y6f
w9j3hUiEDVk9MsITIFTQNVBIaM8lHJueMEBriXhTck4JBIBICr8fKg9CKdEfGIaW
38JaME2Y5PZCIekys9gXXbupcR6Fob4TtEU8C8SP+fhWAJ/aMFVoaCxq5YAx4JGH
cHXMmWQvffEI5jp+KYFoRXXxlnUDWywzhAFjprHWx15B+ZF5DfHWKLZd2TAa21Lj
Ft3n2zXobHHQYfTA8vs5bjZxwrSjHxnSPEK21eJ5VB6+hOFFPWfeQCi032RFMKPp
XKrVW7H+DbB6AOLKjR72
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:17:02 2025 by rpki-client on console.sobornost.net