Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/YyOogR6T7jG6zD-5lx-V8y_JBFA.roa
File: YyOogR6T7jG6zD-5lx-V8y_JBFA.roa (raw, json)
Hash identifier: jTd/5MNcv4fqMfKWtnfVXAAWAN6UzlPvaAV2hpZQQJw=
Subject key identifier: 63:23:A8:81:1E:93:EE:31:BA:CC:3F:B9:97:1F:95:F3:2F:C9:04:50
Certificate issuer: /CN=cb55656c69d553da92b783850e15b1704e876d93
Certificate serial: 01941F8C3030EF1707EA92D0458CA141FA56
Authority key identifier: CB:55:65:6C:69:D5:53:DA:92:B7:83:85:0E:15:B1:70:4E:87:6D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1VlbGnVU9qSt4OFDhWxcE6HbZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/YyOogR6T7jG6zD-5lx-V8y_JBFA.roa
Signing time: Wed 01 Jan 2025 01:47:48 +0000
ROA not before: Wed 01 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197303
IP address blocks: 91.220.11.0/24 maxlen: 24
94.158.18.0/24 maxlen: 24
94.158.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:30:30:ef:17:07:ea:92:d0:45:8c:a1:41:fa:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb55656c69d553da92b783850e15b1704e876d93
Validity
Not Before: Jan 1 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6323a8811e93ee31bacc3fb9971f95f32fc90450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:d3:c9:a0:59:6a:b5:18:66:37:22:78:c2:
7d:57:7f:94:87:84:70:fe:4e:cb:c2:4c:0e:d2:00:
2c:35:55:8a:a1:49:59:4a:a2:6b:2d:89:b5:07:a5:
e2:51:f2:7e:85:60:40:a7:ab:85:e7:e1:22:86:d0:
56:fa:16:72:38:a8:4f:da:27:04:83:62:97:89:b6:
68:45:6a:7f:23:e8:a3:39:34:53:bb:22:60:ae:18:
b9:71:7a:43:f4:6d:ba:bb:13:4c:cd:b8:ce:3b:42:
95:1b:87:35:12:b0:20:1d:18:bf:11:9d:0c:1e:98:
52:ca:8f:1e:f5:44:49:89:a8:cb:a6:9f:26:78:a7:
87:0e:3a:02:f5:b7:85:18:fa:42:6c:7e:4a:09:df:
12:40:8a:9a:53:43:74:2d:92:ac:c5:8f:2e:c6:27:
93:09:d7:57:3a:af:83:e1:a4:e9:dd:7b:81:b4:f6:
5e:66:5b:ff:6c:0b:62:05:59:70:15:53:b6:e3:ff:
29:78:97:dc:0c:61:80:07:54:fe:33:cb:57:08:eb:
76:82:ed:2d:f0:22:c7:2a:bc:79:c2:24:13:ab:02:
aa:9f:d6:93:22:06:cc:7d:ce:c0:8a:2b:60:ae:99:
c4:b6:1c:f7:d5:03:9c:f3:3e:bd:6b:e6:9e:9a:77:
ea:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:23:A8:81:1E:93:EE:31:BA:CC:3F:B9:97:1F:95:F3:2F:C9:04:50
X509v3 Authority Key Identifier:
keyid:CB:55:65:6C:69:D5:53:DA:92:B7:83:85:0E:15:B1:70:4E:87:6D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1VlbGnVU9qSt4OFDhWxcE6HbZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/YyOogR6T7jG6zD-5lx-V8y_JBFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/y1VlbGnVU9qSt4OFDhWxcE6HbZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.11.0/24
94.158.18.0/23
Signature Algorithm: sha256WithRSAEncryption
13:9d:5f:64:da:1d:2b:d6:24:6a:63:44:4b:07:b7:98:a9:31:
bb:25:b2:88:ab:6b:e5:d5:6a:e9:6b:ec:8f:5b:89:64:25:86:
87:d3:40:76:c1:fc:bf:aa:6b:bf:f1:1c:21:b7:fb:07:5f:b3:
38:43:83:45:ab:bf:38:80:fe:5b:a3:85:9c:03:f4:e1:ed:27:
aa:fc:fa:61:d1:1b:8b:23:5b:9b:98:fb:bd:8f:22:f5:c4:81:
70:72:c5:7e:04:04:5c:66:8a:f1:e9:f4:f4:1f:c8:c5:ba:29:
b4:fc:60:c4:dc:ee:57:55:24:03:a2:3d:e0:66:73:08:fb:40:
77:54:83:aa:75:97:d1:be:c6:a8:78:fe:17:24:71:d2:04:19:
b3:a2:ea:1e:f7:1b:4e:11:05:a3:c8:f0:7d:9a:e5:c3:bc:61:
28:c1:48:53:b8:cb:9c:54:a5:dd:2e:fe:67:ad:a9:20:0c:5c:
ec:ca:a4:7f:d1:a8:5c:c9:61:df:a0:42:ad:18:b8:d9:89:8c:
32:41:1b:97:c3:85:7b:62:39:d7:33:6b:f6:65:b5:db:25:f0:
81:ae:68:e0:b7:23:3b:fd:0e:5e:00:e1:fb:be:59:c1:38:5f:
88:19:4d:73:9c:63:fe:d9:2a:c3:d7:ad:56:52:41:0e:02:da:
49:37:53:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjDAw7xcH6pLQRYyhQfpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTU2NTZjNjlkNTUzZGE5MmI3ODM4NTBlMTViMTcwNGU4
NzZkOTMwHhcNMjUwMTAxMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzIzYTg4MTFlOTNlZTMxYmFjYzNmYjk5NzFmOTVmMzJmYzkwNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYrTyaBZarUYZjcieMJ9V3+Uh4Rw
/k7LwkwO0gAsNVWKoUlZSqJrLYm1B6XiUfJ+hWBAp6uF5+EihtBW+hZyOKhP2icE
g2KXibZoRWp/I+ijOTRTuyJgrhi5cXpD9G26uxNMzbjOO0KVG4c1ErAgHRi/EZ0M
HphSyo8e9URJiajLpp8meKeHDjoC9beFGPpCbH5KCd8SQIqaU0N0LZKsxY8uxieT
CddXOq+D4aTp3XuBtPZeZlv/bAtiBVlwFVO24/8peJfcDGGAB1T+M8tXCOt2gu0t
8CLHKrx5wiQTqwKqn9aTIgbMfc7AiitgrpnEthz31QOc8z69a+aemnfqwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGMjqIEek+4xusw/uZcflfMvyQRQMB8GA1UdIwQY
MBaAFMtVZWxp1VPakreDhQ4VsXBOh22TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFWbGJHblZVOXFTdDRPRkRoV3hjRTZIYlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy80ZTIxNTAtNjY5ZC00NTU0LWI3Nzkt
MmJiODg2MWEzZTRkLzEvWXlPb2dSNlQ3akc2ekQtNWx4LVY4eV9KQkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy80ZTIxNTAtNjY5ZC00NTU0LWI3NzktMmJiODg2MWEzZTRk
LzEveTFWbGJHblZVOXFTdDRPRkRoV3hjRTZIYlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9wLAwQB
Xp4SMA0GCSqGSIb3DQEBCwUAA4IBAQATnV9k2h0r1iRqY0RLB7eYqTG7JbKIq2vl
1Wrpa+yPW4lkJYaH00B2wfy/qmu/8Rwht/sHX7M4Q4NFq784gP5bo4WcA/Th7Seq
/Pph0RuLI1ubmPu9jyL1xIFwcsV+BARcZorx6fT0H8jFuim0/GDE3O5XVSQDoj3g
ZnMI+0B3VIOqdZfRvsaoeP4XJHHSBBmzouoe9xtOEQWjyPB9muXDvGEowUhTuMuc
VKXdLv5nrakgDFzsyqR/0ahcyWHfoEKtGLjZiYwyQRuXw4V7YjnXM2v2ZbXbJfCB
rmjgtyM7/Q5eAOH7vlnBOF+IGU1znGP+2SrD161WUkEOAtpJN1PU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:06 2025 by rpki-client on console.sobornost.net