Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/tyk8XT75cn8zz18jPPgELGweRVk.roa
File: tyk8XT75cn8zz18jPPgELGweRVk.roa (raw, json)
Hash identifier: uKMDqu/7xGmN09VNxX4lUYpk/n0JsqhlkttzUmsKYbk=
Subject key identifier: B7:29:3C:5D:3E:F9:72:7F:33:CF:5F:23:3C:F8:04:2C:6C:1E:45:59
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0191FF5ECD4D8B0411A679477FD6614CAA32
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/tyk8XT75cn8zz18jPPgELGweRVk.roa
Signing time: Tue 17 Sep 2024 09:44:48 +0000
ROA not before: Tue 17 Sep 2024 09:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 79.172.218.0/24 maxlen: 24
79.172.220.0/24 maxlen: 24
87.229.14.0/24 maxlen: 24
87.229.22.0/24 maxlen: 24
87.229.71.0/24 maxlen: 24
87.229.79.0/24 maxlen: 24
213.181.201.0/24 maxlen: 24
217.144.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:5e:cd:4d:8b:04:11:a6:79:47:7f:d6:61:4c:aa:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Sep 17 09:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7293c5d3ef9727f33cf5f233cf8042c6c1e4559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:47:6a:5d:dd:1e:27:9d:36:fd:83:5d:53:40:
f7:f4:4b:9a:5f:a4:7f:1f:0c:a7:e2:21:5d:ff:b9:
8f:d5:ca:e8:51:a2:62:b8:2e:e9:ba:57:b6:2e:a4:
33:53:dc:df:24:e3:7c:17:1d:18:f4:91:1c:d8:42:
1a:23:7f:5a:8e:6a:35:af:f4:47:21:a2:43:f2:49:
44:35:44:73:f3:f6:db:93:1c:4b:dd:a5:e5:dc:2d:
53:2c:bd:93:a0:d2:10:77:63:95:0e:01:da:57:f4:
e9:ab:1a:50:98:07:0d:e0:77:07:fd:39:52:df:93:
39:86:6a:14:2b:9e:7b:e9:e4:c4:fb:82:16:5e:20:
7b:4a:b6:78:e5:9f:be:44:62:b8:89:d5:40:32:d1:
ee:d2:ad:9a:71:45:ce:ae:cd:11:b3:1a:a6:5d:2a:
95:f1:f5:25:d9:ec:14:20:c0:e6:bf:ce:bb:f7:f9:
70:98:e2:b2:80:8a:e6:e0:d4:71:ca:8d:cb:c6:e0:
d0:5e:83:86:27:6d:31:6b:c8:0e:66:76:35:7e:23:
20:b7:c5:bd:8d:e9:b7:4e:4f:de:ef:f9:cc:c5:29:
48:d7:1d:ed:32:b9:93:5f:97:4c:0e:ca:bd:d2:06:
a4:89:11:92:64:0e:80:81:c3:9d:a2:55:1b:21:03:
23:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:29:3C:5D:3E:F9:72:7F:33:CF:5F:23:3C:F8:04:2C:6C:1E:45:59
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/tyk8XT75cn8zz18jPPgELGweRVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.218.0/24
79.172.220.0/24
87.229.14.0/24
87.229.22.0/24
87.229.71.0/24
87.229.79.0/24
213.181.201.0/24
217.144.62.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:97:31:92:24:05:df:95:5f:ca:ff:a5:17:76:e1:87:1e:b2:
4c:3c:a5:a4:0c:03:3f:a7:84:68:5a:76:70:80:78:68:b7:84:
7e:8a:f3:ed:7b:a2:f4:f8:e2:e2:0a:38:e5:6a:09:1f:f3:81:
ff:4a:57:73:b9:47:1a:58:03:fc:21:9c:5f:18:e3:9c:a5:29:
c7:02:b9:21:ed:89:a1:ce:5b:38:08:04:ff:f7:b5:7e:e1:65:
d9:4b:fc:0f:df:1b:db:0f:bb:63:b6:00:8b:46:e8:2c:fc:40:
91:e9:f0:1d:cb:53:33:dc:dc:5e:94:78:e8:a2:13:6b:60:d6:
a3:20:e2:dc:8f:23:55:f9:2a:bd:cb:eb:60:3b:74:c6:74:38:
ed:b1:51:35:38:46:d8:53:0f:86:6c:80:c6:f6:d2:36:de:db:
42:d2:ad:b4:37:ac:c3:77:e4:c8:0d:db:48:6e:14:56:1b:5d:
a9:6d:04:12:9e:de:35:6a:67:a2:46:94:2b:da:67:5a:f4:1a:
0d:16:b5:c4:e3:ea:e9:f8:da:83:84:6e:30:45:81:ab:e4:3f:
0a:9d:fe:6c:c6:8e:a2:10:c8:f5:5d:7d:38:b1:0a:cd:a3:e7:
53:c8:08:57:c6:9a:37:cb:f8:4e:20:b5:3c:36:23:29:c3:ee:
e8:a0:6e:a3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZH/Xs1NiwQRpnlHf9ZhTKoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwOTE3MDk0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI5M2M1ZDNlZjk3MjdmMzNjZjVmMjMzY2Y4MDQyYzZjMWU0NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikdqXd0eJ502/YNdU0D39EuaX6R/
Hwyn4iFd/7mP1croUaJiuC7pule2LqQzU9zfJON8Fx0Y9JEc2EIaI39ajmo1r/RH
IaJD8klENURz8/bbkxxL3aXl3C1TLL2ToNIQd2OVDgHaV/TpqxpQmAcN4HcH/TlS
35M5hmoUK5576eTE+4IWXiB7SrZ45Z++RGK4idVAMtHu0q2acUXOrs0RsxqmXSqV
8fUl2ewUIMDmv8679/lwmOKygIrm4NRxyo3LxuDQXoOGJ20xa8gOZnY1fiMgt8W9
jem3Tk/e7/nMxSlI1x3tMrmTX5dMDsq90gakiRGSZA6AgcOdolUbIQMjfQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLcpPF0++XJ/M89fIzz4BCxsHkVZMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvdHlrOFhUNzVjbjh6ejE4alBQZ0VMR3dlUlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAT6zaAwQA
T6zcAwQAV+UOAwQAV+UWAwQAV+VHAwQAV+VPAwQA1bXJAwQA2ZA+MA0GCSqGSIb3
DQEBCwUAA4IBAQBLlzGSJAXflV/K/6UXduGHHrJMPKWkDAM/p4RoWnZwgHhot4R+
ivPte6L0+OLiCjjlagkf84H/SldzuUcaWAP8IZxfGOOcpSnHArkh7Ymhzls4CAT/
97V+4WXZS/wP3xvbD7tjtgCLRugs/ECR6fAdy1Mz3NxelHjoohNrYNajIOLcjyNV
+Sq9y+tgO3TGdDjtsVE1OEbYUw+GbIDG9tI23ttC0q20N6zDd+TIDdtIbhRWG12p
bQQSnt41ameiRpQr2mda9BoNFrXE4+rp+NqDhG4wRYGr5D8Knf5sxo6iEMj1XX04
sQrNo+dTyAhXxpo3y/hOILU8NiMpw+7ooG6j
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:19 2025 by rpki-client