Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/ytXklMT7Qvg5G08MtY8lphgvXaw.roa
File: ytXklMT7Qvg5G08MtY8lphgvXaw.roa (raw, json)
Hash identifier: r4Q3NQ10FfDyt/oO/SAMKogjYuHKvOwUOktQVJptRLQ=
Subject key identifier: CA:D5:E4:94:C4:FB:42:F8:39:1B:4F:0C:B5:8F:25:A6:18:2F:5D:AC
Certificate issuer: /CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Certificate serial: 019424B308B02917B0FBB54FEE6458AAC48C
Authority key identifier: 6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/ytXklMT7Qvg5G08MtY8lphgvXaw.roa
Signing time: Thu 02 Jan 2025 01:48:20 +0000
ROA not before: Thu 02 Jan 2025 01:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47526
IP address blocks: 86.109.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:08:b0:29:17:b0:fb:b5:4f:ee:64:58:aa:c4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Validity
Not Before: Jan 2 01:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cad5e494c4fb42f8391b4f0cb58f25a6182f5dac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:43:6f:4c:9d:80:09:3f:88:de:6d:f5:00:68:
c4:d4:15:84:c8:06:a2:aa:ee:17:52:2b:c9:92:34:
8a:bc:a1:4d:2b:19:df:62:04:a3:bb:63:22:8c:10:
e6:e2:e1:71:58:09:48:30:c0:b9:49:cc:8d:a4:c7:
33:7b:03:e2:49:8c:70:0c:b7:e3:32:7e:d7:56:f0:
9a:e7:b1:90:85:ec:dc:b8:2f:2b:75:6b:58:00:2f:
8e:45:ed:78:47:0d:1b:33:9e:04:4e:55:d2:7e:38:
09:43:e2:b7:53:06:c9:59:c6:a3:fc:a0:20:18:f9:
8f:c2:a0:16:99:cf:1a:b2:0f:61:a4:e8:f2:2e:41:
05:ab:e5:63:60:31:a8:d8:f4:72:2c:f3:64:42:37:
20:58:30:89:c1:8f:a8:e1:f0:4b:9c:8f:3e:23:e4:
48:7d:0d:55:94:f2:15:a6:51:b4:0e:75:82:c3:9e:
a3:8f:8d:27:22:7a:1b:56:a4:5a:79:52:ff:21:53:
12:03:49:dd:a3:8e:5a:85:b3:d9:98:67:33:a0:02:
00:a6:b2:65:03:db:6f:d7:a0:86:9f:c1:1d:1d:3c:
92:b3:25:16:96:4c:99:70:6b:c5:d5:0d:8e:37:5d:
03:91:23:b5:b7:a5:d5:ec:64:f3:fa:b1:90:f8:af:
ff:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D5:E4:94:C4:FB:42:F8:39:1B:4F:0C:B5:8F:25:A6:18:2F:5D:AC
X509v3 Authority Key Identifier:
keyid:6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/ytXklMT7Qvg5G08MtY8lphgvXaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.231.0/24
Signature Algorithm: sha256WithRSAEncryption
16:aa:cb:5e:85:10:05:64:28:01:d6:ca:ad:18:c7:4a:4a:c7:
2f:c6:01:d1:9f:61:8c:74:22:56:a6:77:38:19:24:bf:12:c4:
34:61:39:bd:f8:49:b4:dc:4e:e4:df:9d:17:f8:0f:fc:d7:84:
b3:2c:9e:b1:2d:0e:db:1c:26:b4:78:6e:da:9f:4f:bd:f4:63:
a8:a6:42:61:db:97:02:35:be:87:d0:bd:d6:72:10:b7:a7:24:
92:b9:0a:2e:4c:a1:77:15:45:1d:bd:36:b3:63:31:0e:74:34:
14:ad:bf:30:aa:ff:3f:b8:f6:c0:ab:bd:94:f1:3a:54:00:b1:
49:86:2c:d1:e9:0c:b4:67:f2:9e:8c:46:8f:35:7e:91:b9:d7:
32:96:f2:ab:ad:02:f8:41:bc:9e:0a:36:79:12:4d:e5:38:98:
fa:05:65:71:03:c6:32:24:84:30:d4:56:61:4f:83:0a:b9:ab:
e0:4e:82:de:05:27:35:25:e1:78:fd:bf:a5:35:4e:4c:f3:c2:
12:bf:90:b2:82:7e:19:3e:14:27:ce:93:36:bd:00:a9:94:d7:
17:d7:a5:90:cd:07:5a:13:c6:05:4c:65:72:af:48:d5:7d:f8:
22:af:9b:01:54:5e:1e:14:87:9a:af:94:db:e9:5b:3d:7a:d7:
80:8d:60:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkswiwKRew+7VP7mRYqsSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzNlNmNiMmViMDJmY2M3NDJiYWY5MWFiODY1YzliMjBk
NjQ4NGIwHhcNMjUwMTAyMDE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQ1ZTQ5NGM0ZmI0MmY4MzkxYjRmMGNiNThmMjVhNjE4MmY1ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkNvTJ2ACT+I3m31AGjE1BWEyAai
qu4XUivJkjSKvKFNKxnfYgSju2MijBDm4uFxWAlIMMC5ScyNpMczewPiSYxwDLfj
Mn7XVvCa57GQhezcuC8rdWtYAC+ORe14Rw0bM54ETlXSfjgJQ+K3UwbJWcaj/KAg
GPmPwqAWmc8asg9hpOjyLkEFq+VjYDGo2PRyLPNkQjcgWDCJwY+o4fBLnI8+I+RI
fQ1VlPIVplG0DnWCw56jj40nInobVqRaeVL/IVMSA0ndo45ahbPZmGczoAIAprJl
A9tv16CGn8EdHTySsyUWlkyZcGvF1Q2ON10DkSO1t6XV7GTz+rGQ+K//hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrV5JTE+0L4ORtPDLWPJaYYL12sMB8GA1UdIwQY
MBaAFGvD5ssusC/MdCuvkauGXJsg1khLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYt
MTEwOThhYTJlYmMzLzEveXRYa2xNVDdRdmc1RzA4TXRZOGxwaGd2WGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYtMTEwOThhYTJlYmMz
LzEvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm3nMA0G
CSqGSIb3DQEBCwUAA4IBAQAWqstehRAFZCgB1sqtGMdKSscvxgHRn2GMdCJWpnc4
GSS/EsQ0YTm9+Em03E7k350X+A/814SzLJ6xLQ7bHCa0eG7an0+99GOopkJh25cC
Nb6H0L3WchC3pySSuQouTKF3FUUdvTazYzEOdDQUrb8wqv8/uPbAq72U8TpUALFJ
hizR6Qy0Z/KejEaPNX6RudcylvKrrQL4QbyeCjZ5Ek3lOJj6BWVxA8YyJIQw1FZh
T4MKuavgToLeBSc1JeF4/b+lNU5M88ISv5Cygn4ZPhQnzpM2vQCplNcX16WQzQda
E8YFTGVyr0jVffgir5sBVF4eFIear5Tb6Vs9eteAjWCe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:49 2025 by rpki-client on console.sobornost.net