Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/YBdkBBvqzvVt17dnkExlGB1E7CU.roa
File: YBdkBBvqzvVt17dnkExlGB1E7CU.roa (raw, json)
Hash identifier: wrmMoIZStaGVP3Hx8fjpD9Y3hNRZ9vVxQGJ/qkdetdQ=
Subject key identifier: 60:17:64:04:1B:EA:CE:F5:6D:D7:B7:67:90:4C:65:18:1D:44:EC:25
Certificate issuer: /CN=b0fa0c7abc10796915e335ba19780e473e027969
Certificate serial: 019232DF504D34A3923C7CE428E31010EC6D
Authority key identifier: B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/YBdkBBvqzvVt17dnkExlGB1E7CU.roa
Signing time: Fri 27 Sep 2024 09:45:48 +0000
ROA not before: Fri 27 Sep 2024 09:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9211
IP address blocks: 194.49.7.0/24 maxlen: 24
212.12.32.0/20 maxlen: 20
212.12.56.0/21 maxlen: 21
213.238.32.0/20 maxlen: 20
213.238.35.0/24 maxlen: 24
213.238.50.0/23 maxlen: 23
213.238.52.0/22 maxlen: 22
2a00:ea8::/32 maxlen: 32
2a00:eab::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:32:df:50:4d:34:a3:92:3c:7c:e4:28:e3:10:10:ec:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0fa0c7abc10796915e335ba19780e473e027969
Validity
Not Before: Sep 27 09:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=601764041beacef56dd7b767904c65181d44ec25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:c2:e2:5a:64:7f:5d:17:6d:64:61:1c:01:
6a:0f:99:a5:a1:46:9c:57:71:3c:4a:e8:3e:a8:6a:
c0:09:c9:fa:f3:3c:af:89:7b:59:ee:15:ac:9a:b1:
56:e1:39:d6:f6:bc:c4:63:06:bb:37:2d:90:d3:55:
4e:d2:c1:87:cf:e0:3d:20:de:88:f2:09:c5:0a:98:
f3:67:14:7a:2a:32:ac:20:46:c3:34:19:22:62:de:
f1:87:b6:3a:49:92:e6:e9:70:33:da:b8:79:9d:8f:
e0:76:02:ba:22:40:df:c2:5b:b5:6c:35:58:1c:84:
ee:5d:ee:07:a3:d8:f5:5b:cd:23:3c:81:b1:f5:25:
73:88:cd:6c:58:02:b8:35:d7:5a:a7:01:ce:09:22:
fc:00:0b:cd:51:33:d8:fa:0d:2e:80:b3:8d:61:d7:
a7:70:3e:04:87:61:a3:e4:34:08:e1:64:60:2e:7a:
53:64:89:94:98:aa:b7:01:f7:ce:e4:49:82:5b:80:
b8:06:bb:7c:d8:1e:51:6d:a7:3b:32:4a:a0:df:e5:
7e:f7:6a:57:9e:83:dd:ec:1c:5e:48:71:a9:b6:a4:
ba:00:a3:a4:c3:2e:ab:c0:bb:5b:6e:64:f9:fc:b0:
e9:44:47:cb:53:7a:cd:5f:17:af:8d:04:28:af:73:
07:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:17:64:04:1B:EA:CE:F5:6D:D7:B7:67:90:4C:65:18:1D:44:EC:25
X509v3 Authority Key Identifier:
keyid:B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/YBdkBBvqzvVt17dnkExlGB1E7CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.7.0/24
212.12.32.0/20
212.12.56.0/21
213.238.32.0/20
213.238.50.0-213.238.55.255
IPv6:
2a00:ea8::/32
2a00:eab::/32
Signature Algorithm: sha256WithRSAEncryption
34:5b:5d:49:54:2f:1f:6f:9d:6c:63:d7:12:5c:64:a2:c5:7e:
4f:4f:91:b0:30:60:3c:c8:1e:7e:3c:82:25:15:fe:27:b6:df:
23:a0:42:9b:58:ed:6b:55:3e:e9:42:c6:49:45:73:8d:c4:30:
66:2d:e8:1b:14:cf:b6:b2:b7:46:c1:1a:31:bc:af:20:c3:65:
bf:71:0e:9b:a6:85:b3:22:e8:2e:d3:ba:e6:e7:4b:7a:05:a3:
dc:28:ef:c0:e8:33:8d:52:5d:14:7b:de:8c:a6:20:bf:53:c0:
f9:43:4c:70:71:fb:ae:80:7f:67:02:62:7f:a4:4d:a6:16:4a:
e6:7a:bc:75:31:62:96:c4:e2:b4:f8:30:c7:c1:fd:97:2f:d1:
6c:c7:9a:f8:b5:0d:91:9a:fb:50:d0:e8:de:06:11:22:c3:7d:
62:79:fc:24:47:a7:be:ac:18:49:7c:97:55:0c:e1:df:92:e0:
8c:79:7e:e9:93:a4:02:ea:dd:b0:0e:a6:e5:dc:81:4e:19:6b:
b4:c4:9e:2e:04:e9:05:85:33:23:53:fa:8e:9f:ae:fb:da:07:
5f:d4:a4:59:0b:30:75:01:88:be:17:83:a3:bb:34:56:b6:8e:
94:bf:6f:ca:60:df:e8:b1:8c:ee:14:93:ec:61:2e:52:21:4c:
b2:f9:ce:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZIy31BNNKOSPHzkKOMQEOxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZmEwYzdhYmMxMDc5NjkxNWUzMzViYTE5NzgwZTQ3M2Uw
Mjc5NjkwHhcNMjQwOTI3MDk0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDE3NjQwNDFiZWFjZWY1NmRkN2I3Njc5MDRjNjUxODFkNDRlYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA3C4lpkf10XbWRhHAFqD5mloUac
V3E8Sug+qGrACcn68zyviXtZ7hWsmrFW4TnW9rzEYwa7Ny2Q01VO0sGHz+A9IN6I
8gnFCpjzZxR6KjKsIEbDNBkiYt7xh7Y6SZLm6XAz2rh5nY/gdgK6IkDfwlu1bDVY
HITuXe4Ho9j1W80jPIGx9SVziM1sWAK4NddapwHOCSL8AAvNUTPY+g0ugLONYden
cD4Eh2Gj5DQI4WRgLnpTZImUmKq3AffO5EmCW4C4Brt82B5Rbac7Mkqg3+V+92pX
noPd7BxeSHGptqS6AKOkwy6rwLtbbmT5/LDpREfLU3rNXxevjQQor3MHTQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGAXZAQb6s71bde3Z5BMZRgdROwlMB8GA1UdIwQY
MBaAFLD6DHq8EHlpFeM1uhl4Dkc+AnlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMt
ZGY4NTRmNDdiYWY0LzEvWUJka0JCdnF6dlZ0MTdkbmtFeGxHQjFFN0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMtZGY4NTRmNDdiYWY0
LzEvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQAwjEHAwQE
1AwgAwQD1Aw4AwQE1e4gMAwDBAHV7jIDBAPV7jAwFAQCAAIwDgMFACoADqgDBQAq
AA6rMA0GCSqGSIb3DQEBCwUAA4IBAQA0W11JVC8fb51sY9cSXGSixX5PT5GwMGA8
yB5+PIIlFf4ntt8joEKbWO1rVT7pQsZJRXONxDBmLegbFM+2srdGwRoxvK8gw2W/
cQ6bpoWzIugu07rm50t6BaPcKO/A6DONUl0Ue96MpiC/U8D5Q0xwcfuugH9nAmJ/
pE2mFkrmerx1MWKWxOK0+DDHwf2XL9Fsx5r4tQ2RmvtQ0OjeBhEiw31iefwkR6e+
rBhJfJdVDOHfkuCMeX7pk6QC6t2wDqbl3IFOGWu0xJ4uBOkFhTMjU/qOn6772gdf
1KRZCzB1AYi+F4OjuzRWto6Uv2/KYN/osYzuFJPsYS5SIUyy+c7O
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:24 2024 by rpki-client on console.sobornost.net