Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/YKP2-mUbLqVt8YjjDalCzO3YP4U.roa
File: YKP2-mUbLqVt8YjjDalCzO3YP4U.roa (raw, json)
Hash identifier: Yz1Fy2JsuM7B/qCN027yJ5VSafRq6NaaRWcEtGjJrwo=
Subject key identifier: 60:A3:F6:FA:65:1B:2E:A5:6D:F1:88:E3:0D:A9:42:CC:ED:D8:3F:85
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 0195C7B654EDFA2A476574CE9F6DA4605863
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/YKP2-mUbLqVt8YjjDalCzO3YP4U.roa
Signing time: Mon 24 Mar 2025 10:32:50 +0000
ROA not before: Mon 24 Mar 2025 10:32:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.19.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.20.0/24 maxlen: 24
217.12.21.0/24 maxlen: 24
217.12.22.0/23 maxlen: 23
217.12.22.0/24 maxlen: 24
217.12.23.0/24 maxlen: 24
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:b6:54:ed:fa:2a:47:65:74:ce:9f:6d:a4:60:58:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Mar 24 10:32:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a3f6fa651b2ea56df188e30da942ccedd83f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:4b:87:a7:37:e5:17:41:bf:87:39:1b:4d:
f5:5a:c6:9b:e9:b7:22:90:5f:7b:0a:4a:86:5c:6a:
af:ec:03:00:75:0e:1b:5c:6e:b2:36:85:cc:38:bc:
1c:26:fd:73:23:e6:ea:5d:27:f9:4a:f5:e0:58:33:
16:97:49:4b:e0:8b:b0:63:d8:37:8a:48:e7:f2:4f:
87:52:b4:95:57:e8:0c:27:86:42:80:4b:83:2e:4f:
5f:81:38:34:59:14:e0:b0:a9:bf:87:60:b3:9f:46:
9a:7f:42:8c:c9:f0:fa:39:b2:e8:9e:6e:a1:30:20:
d0:bd:e0:9a:98:9c:57:dd:22:78:99:9c:a6:c0:27:
b4:bf:a9:fe:c6:43:54:57:ae:ec:40:8a:0f:31:91:
a5:60:08:49:cb:29:c2:8b:1b:c6:1c:00:44:e6:0f:
85:8a:96:3c:f3:69:f4:00:07:8a:14:23:b3:9b:c9:
1d:53:94:0b:44:fc:e8:c0:75:af:ff:af:53:58:7c:
39:48:57:0d:b7:4a:f8:ed:9c:93:8f:7c:ff:83:87:
1f:02:80:85:44:06:7e:25:c3:a4:95:28:76:35:74:
e9:5d:ea:e8:9b:b5:c9:22:05:02:9c:17:da:b4:c3:
45:19:48:28:2e:2d:f2:b6:72:77:a1:2e:e9:6e:92:
8b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A3:F6:FA:65:1B:2E:A5:6D:F1:88:E3:0D:A9:42:CC:ED:D8:3F:85
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/YKP2-mUbLqVt8YjjDalCzO3YP4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:99:7d:54:e9:d5:08:32:99:82:1c:d4:f6:cf:ba:74:81:e0:
80:91:27:90:c6:20:ff:73:fb:40:20:ef:62:2d:06:f9:e7:73:
d1:3c:35:fc:6a:89:c2:03:02:6b:a1:51:12:c7:43:a9:24:ef:
93:6e:88:49:20:d6:06:af:fa:4f:18:0a:08:6f:ef:27:a1:50:
9e:ed:42:79:85:88:b1:d7:01:be:cf:e9:b8:53:0a:49:9e:cb:
86:19:50:f2:82:0f:fa:5d:40:f5:2b:cb:bc:d2:e6:c8:4e:4e:
8f:bb:d8:3e:bf:9d:65:b4:16:03:4f:03:83:b4:bc:ff:f0:02:
6e:99:6d:1c:c2:be:84:79:1b:2b:29:be:39:0c:59:0c:aa:bf:
44:59:54:bd:69:7a:59:6d:38:b3:bd:f1:ca:d1:1f:81:4c:50:
f7:a0:aa:64:7d:e6:d4:0a:f7:a7:39:80:05:94:fc:b5:c4:08:
b0:bd:52:6b:df:d2:2c:02:2a:9d:22:31:df:6d:cd:b7:53:83:
19:b4:ad:50:f6:b5:91:93:18:17:8a:10:f1:8c:cc:3c:13:f9:
84:db:19:f7:64:f5:7a:d0:a6:5f:e8:c6:2f:7d:42:34:d7:ad:
ad:6b:5e:a2:be:7f:f5:41:78:d7:56:28:11:9b:6e:80:29:7a:
c1:03:be:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXHtlTt+ipHZXTOn22kYFhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjUwMzI0MTAzMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGEzZjZmYTY1MWIyZWE1NmRmMTg4ZTMwZGE5NDJjY2VkZDgzZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcdLh6c35RdBv4c5G031Wsab6bci
kF97CkqGXGqv7AMAdQ4bXG6yNoXMOLwcJv1zI+bqXSf5SvXgWDMWl0lL4IuwY9g3
ikjn8k+HUrSVV+gMJ4ZCgEuDLk9fgTg0WRTgsKm/h2Czn0aaf0KMyfD6ObLonm6h
MCDQveCamJxX3SJ4mZymwCe0v6n+xkNUV67sQIoPMZGlYAhJyynCixvGHABE5g+F
ipY882n0AAeKFCOzm8kdU5QLRPzowHWv/69TWHw5SFcNt0r47ZyTj3z/g4cfAoCF
RAZ+JcOklSh2NXTpXerom7XJIgUCnBfatMNFGUgoLi3ytnJ3oS7pbpKLZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCj9vplGy6lbfGI4w2pQszt2D+FMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEvWUtQMi1tVWJMcVZ0OFlqakRhbEN6TzNZUDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMtOWZjMzY0MTFhY2Nj
LzEvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucX0AwQE
2QwQMA0GCSqGSIb3DQEBCwUAA4IBAQBemX1U6dUIMpmCHNT2z7p0geCAkSeQxiD/
c/tAIO9iLQb553PRPDX8aonCAwJroVESx0OpJO+TbohJINYGr/pPGAoIb+8noVCe
7UJ5hYix1wG+z+m4UwpJnsuGGVDygg/6XUD1K8u80ubITk6Pu9g+v51ltBYDTwOD
tLz/8AJumW0cwr6EeRsrKb45DFkMqr9EWVS9aXpZbTizvfHK0R+BTFD3oKpkfebU
CvenOYAFlPy1xAiwvVJr39IsAiqdIjHfbc23U4MZtK1Q9rWRkxgXihDxjMw8E/mE
2xn3ZPV60KZf6MYvfUI0162ta16ivn/1QXjXVigRm26AKXrBA77/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:17 2025 by rpki-client on console.sobornost.net