Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/1YmAF7f_m5KPGo_OwiMLBR1JW5M.roa
File: 1YmAF7f_m5KPGo_OwiMLBR1JW5M.roa (raw, json)
Hash identifier: UAkDP6iNOKZ++HkTLAbL+chM5gUSSrJ7CaImjH0oho8=
Subject key identifier: D5:89:80:17:B7:FF:9B:92:8F:1A:8F:CE:C2:23:0B:05:1D:49:5B:93
Certificate issuer: /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial: 0194228DD4A507F33C80CE9382D5AD715120
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/1YmAF7f_m5KPGo_OwiMLBR1JW5M.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12551
IP address blocks: 146.133.0.0/16 maxlen: 24
146.133.124.0/24 maxlen: 24
146.133.127.0/24 maxlen: 24
158.47.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d4:a5:07:f3:3c:80:ce:93:82:d5:ad:71:51:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5898017b7ff9b928f1a8fcec2230b051d495b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:eb:23:f2:75:4a:f3:df:54:43:2a:dc:6f:3c:
7e:b1:e9:ac:f7:6b:b3:d0:fd:13:e1:22:1d:8b:a3:
3f:63:8d:7b:f1:ff:fd:cf:a9:c1:94:d5:91:14:29:
78:f9:db:36:f0:da:d9:be:e1:3f:32:35:48:54:2b:
d9:96:9e:55:e8:8a:49:77:ee:44:ae:e6:8c:7a:ac:
fa:43:f6:03:fc:08:c9:48:28:95:b7:fa:f6:65:bc:
59:3b:48:3d:3d:e6:81:4a:26:41:26:dd:80:79:ec:
fe:54:27:f3:51:28:7a:9c:a4:d3:4e:0e:f1:3b:de:
30:64:92:ea:ed:c0:1d:d0:e0:b6:11:d5:f0:e5:81:
31:90:67:2a:ae:69:b4:c5:79:2a:6c:90:8d:70:06:
20:07:82:f8:39:57:f2:a9:0d:18:90:3b:f6:d4:97:
0e:e9:68:b4:de:45:99:8c:0f:73:bf:f2:de:6f:5d:
5e:97:ba:a9:d1:23:ae:e6:0d:40:19:89:51:57:57:
34:a0:0e:60:08:fb:4f:7b:04:e5:e3:d5:90:ec:30:
7d:6b:06:0b:67:e0:67:a3:6e:d0:6e:2d:11:91:a6:
5b:94:14:c8:c1:d7:07:3d:f4:91:cc:10:d1:c9:78:
cb:5b:6c:4b:09:f1:d3:12:a0:3a:75:59:33:fc:f9:
2d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:89:80:17:B7:FF:9B:92:8F:1A:8F:CE:C2:23:0B:05:1D:49:5B:93
X509v3 Authority Key Identifier:
keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/1YmAF7f_m5KPGo_OwiMLBR1JW5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.133.0.0/16
158.47.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:75:34:63:b6:b4:c9:4e:5a:fb:bb:5e:a5:22:01:35:56:33:
8c:42:8b:29:8f:d1:a4:8d:b4:38:46:40:63:d7:8b:bb:09:0b:
c3:a4:15:78:1b:4e:e7:92:8d:90:2f:76:f3:20:f6:9c:9a:30:
0e:5e:18:de:fd:1e:86:4f:12:d5:f6:76:79:27:67:38:be:5b:
1d:ce:cb:2e:61:92:be:cb:e4:a5:9b:09:76:18:ea:ae:fb:88:
97:53:6e:8c:6e:f7:80:74:ce:bb:aa:b0:12:0d:fe:af:0e:10:
76:0f:30:74:16:e4:6a:91:be:b6:50:05:bd:5c:bc:1a:5a:27:
44:2e:5c:a5:90:59:85:36:a8:22:92:40:07:a9:9d:5a:26:7b:
0d:df:5f:9f:c7:24:3f:82:f8:df:5a:32:03:e4:f6:d4:8e:ee:
1a:ea:b1:59:d8:7c:67:81:68:cd:e1:dc:f5:54:5a:30:d9:b2:
b7:b5:cd:2f:4b:b6:f7:e2:d5:b1:6b:5c:c5:dc:15:48:db:69:
1e:e0:2e:14:aa:cb:01:ee:b5:6a:f3:2c:3d:c4:71:d7:85:91:
d1:1e:2f:66:f5:24:2b:8d:b0:cf:88:ae:ec:98:36:1d:94:d3:
2e:18:98:d5:0d:d7:7c:3a:27:ee:b8:41:2b:d8:c6:02:fb:70:
69:de:b4:35
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQijdSlB/M8gM6TgtWtcVEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODIyZDQ1OTdlNTQ5M2QxNTE3OGJmYjEwZTY4NDFkZDE3
ZTU4OTcwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg5ODAxN2I3ZmY5YjkyOGYxYThmY2VjMjIzMGIwNTFkNDk1YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOsj8nVK899UQyrcbzx+sems92uz
0P0T4SIdi6M/Y4178f/9z6nBlNWRFCl4+ds28NrZvuE/MjVIVCvZlp5V6IpJd+5E
ruaMeqz6Q/YD/AjJSCiVt/r2ZbxZO0g9PeaBSiZBJt2Aeez+VCfzUSh6nKTTTg7x
O94wZJLq7cAd0OC2EdXw5YExkGcqrmm0xXkqbJCNcAYgB4L4OVfyqQ0YkDv21JcO
6Wi03kWZjA9zv/Leb11el7qp0SOu5g1AGYlRV1c0oA5gCPtPewTl49WQ7DB9awYL
Z+Bno27Qbi0RkaZblBTIwdcHPfSRzBDRyXjLW2xLCfHTEqA6dVkz/PktSwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFNWJgBe3/5uSjxqPzsIjCwUdSVuTMB8GA1UdIwQY
MBaAFPeCLUWX5Uk9FReL+xDmhB3RfliXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYt
ODYyZTk5OTczZmMzLzEvMVltQUY3Zl9tNUtQR29fT3dpTUxCUjFKVzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYtODYyZTk5OTczZmMz
LzEvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAkoUDAwCe
LzANBgkqhkiG9w0BAQsFAAOCAQEAfXU0Y7a0yU5a+7tepSIBNVYzjEKLKY/RpI20
OEZAY9eLuwkLw6QVeBtO55KNkC928yD2nJowDl4Y3v0ehk8S1fZ2eSdnOL5bHc7L
LmGSvsvkpZsJdhjqrvuIl1NujG73gHTOu6qwEg3+rw4Qdg8wdBbkapG+tlAFvVy8
GlonRC5cpZBZhTaoIpJAB6mdWiZ7Dd9fn8ckP4L431oyA+T21I7uGuqxWdh8Z4Fo
zeHc9VRaMNmyt7XNL0u29+LVsWtcxdwVSNtpHuAuFKrLAe61avMsPcRx14WR0R4v
ZvUkK42wz4iu7Jg2HZTTLhiY1Q3XfDon7rhBK9jGAvtwad60NQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net