Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/yrgNwHM8YKp_C4hPnwLBFQUp2-c.roa
File: yrgNwHM8YKp_C4hPnwLBFQUp2-c.roa (raw, json)
Hash identifier: liYmsR8A3yNk2PrpXmG9vExjiOiJQgVmdGoVzRSMrms=
Subject key identifier: CA:B8:0D:C0:73:3C:60:AA:7F:0B:88:4F:9F:02:C1:15:05:29:DB:E7
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 019427484897AD1CD208FBB0DDAC306259A1
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/yrgNwHM8YKp_C4hPnwLBFQUp2-c.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25697
IP address blocks: 95.111.212.0/22 maxlen: 22
194.113.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:48:97:ad:1c:d2:08:fb:b0:dd:ac:30:62:59:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cab80dc0733c60aa7f0b884f9f02c1150529dbe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ba:8b:19:76:bd:42:c9:87:8d:aa:d6:16:68:
ff:19:de:0c:75:45:a4:52:32:d0:2e:c5:99:4e:a6:
2c:91:fe:0f:8c:e0:db:13:65:ab:1e:ed:6b:84:bb:
bf:eb:50:9d:4f:5c:7d:ec:51:4a:25:39:5f:68:39:
b9:c9:21:af:cb:c5:3b:6c:09:05:18:8b:88:23:3d:
ca:a1:7d:fa:da:9c:2a:a9:f9:95:e3:73:4a:d0:07:
78:d4:c9:9e:1e:99:44:66:aa:5f:4f:4c:9e:8d:9f:
17:ee:d7:ae:81:1a:2b:07:e6:e5:2b:5c:d3:bd:0b:
7a:36:5f:9e:d9:3f:34:e5:64:89:9b:93:82:e0:10:
10:73:71:1e:9f:f1:85:58:d2:51:10:36:3d:4b:b4:
ea:72:35:6b:23:8b:6f:0e:da:ee:e0:d4:d3:5e:1d:
f5:7e:22:fb:1a:13:2f:f3:8f:5d:34:4b:35:0b:1a:
33:96:99:90:c0:c8:28:10:4d:76:8e:29:83:a4:92:
d5:c9:33:f0:d6:42:1d:df:33:9f:d5:4a:31:a7:b1:
91:cf:4a:7c:9b:03:4f:7c:e2:60:a0:8e:96:b9:d5:
94:15:ae:c9:3a:fe:be:e4:60:e3:cb:3d:a2:31:01:
8b:78:0a:42:6c:c3:dd:21:f7:d8:fd:b6:81:3a:8d:
c0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B8:0D:C0:73:3C:60:AA:7F:0B:88:4F:9F:02:C1:15:05:29:DB:E7
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/yrgNwHM8YKp_C4hPnwLBFQUp2-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.212.0/22
194.113.72.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:f2:13:5f:d0:65:74:be:ce:05:8a:ea:0c:28:94:37:67:18:
86:d3:36:e5:a8:da:f5:6c:29:cb:1e:bc:4f:18:e4:f0:23:26:
80:d0:ae:98:2f:b7:dc:91:02:be:3c:2d:d6:c1:64:e8:b4:2c:
58:31:52:99:08:e0:d2:75:23:34:7d:ad:7e:fb:b9:be:22:10:
c3:d4:2e:e8:d5:38:b2:4d:3e:35:b2:bb:c9:e7:57:5b:81:72:
47:41:9f:19:0b:4a:8c:1b:ac:4b:02:2f:6c:4c:0c:19:c4:ef:
c7:97:50:23:11:1d:44:87:dd:a1:af:cc:98:cb:23:56:c1:fe:
d9:a5:ec:5c:06:24:19:a5:ee:23:13:01:ed:83:85:9f:9b:a8:
c2:ed:d9:7b:92:7c:30:bf:cb:cc:b9:2f:f8:db:16:52:5a:fc:
8e:04:7d:a0:50:e4:05:94:1d:0d:b8:4e:c2:0b:f6:92:3b:8d:
8a:26:68:bd:79:c5:4a:f3:e3:85:e7:87:f3:f2:ec:59:2c:85:
f4:39:3a:a0:c0:a1:36:79:c1:a3:e3:f6:16:31:81:23:24:1c:
63:7f:66:37:a5:e6:3c:c8:96:39:aa:08:1c:2f:02:c0:63:2d:
4b:ee:20:f1:29:2b:e5:2b:ce:6d:ee:e3:b3:e6:be:40:b2:82:
2c:7b:8e:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSEiXrRzSCPuw3awwYlmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI4MGRjMDczM2M2MGFhN2YwYjg4NGY5ZjAyYzExNTA1MjlkYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrqLGXa9QsmHjarWFmj/Gd4MdUWk
UjLQLsWZTqYskf4PjODbE2WrHu1rhLu/61CdT1x97FFKJTlfaDm5ySGvy8U7bAkF
GIuIIz3KoX362pwqqfmV43NK0Ad41MmeHplEZqpfT0yejZ8X7teugRorB+blK1zT
vQt6Nl+e2T805WSJm5OC4BAQc3Een/GFWNJREDY9S7TqcjVrI4tvDtru4NTTXh31
fiL7GhMv849dNEs1CxozlpmQwMgoEE12jimDpJLVyTPw1kId3zOf1Uoxp7GRz0p8
mwNPfOJgoI6WudWUFa7JOv6+5GDjyz2iMQGLeApCbMPdIffY/baBOo3ACQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMq4DcBzPGCqfwuIT58CwRUFKdvnMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEveXJnTndITThZS3BfQzRoUG53TEJGUVVwMi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCX2/UAwQC
wnFIMA0GCSqGSIb3DQEBCwUAA4IBAQB68hNf0GV0vs4FiuoMKJQ3ZxiG0zblqNr1
bCnLHrxPGOTwIyaA0K6YL7fckQK+PC3WwWTotCxYMVKZCODSdSM0fa1++7m+IhDD
1C7o1TiyTT41srvJ51dbgXJHQZ8ZC0qMG6xLAi9sTAwZxO/Hl1AjER1Eh92hr8yY
yyNWwf7ZpexcBiQZpe4jEwHtg4Wfm6jC7dl7knwwv8vMuS/42xZSWvyOBH2gUOQF
lB0NuE7CC/aSO42KJmi9ecVK8+OF54fz8uxZLIX0OTqgwKE2ecGj4/YWMYEjJBxj
f2Y3peY8yJY5qggcLwLAYy1L7iDxKSvlK85t7uOz5r5AsoIse449
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:26 2025 by rpki-client on console.sobornost.net