Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/YYzrkPDEMpFz0VlMFyfkPlvrIPc.roa
File: YYzrkPDEMpFz0VlMFyfkPlvrIPc.roa (raw, json)
Hash identifier: ZTbSueGcUA5J+8KJD8a0DCRWPR/FrTGgSZg4efTERpc=
Subject key identifier: 61:8C:EB:90:F0:C4:32:91:73:D1:59:4C:17:27:E4:3E:5B:EB:20:F7
Certificate issuer: /CN=f90379f3afd94c0f26b67fffa34d6e946c29d624
Certificate serial: 01949D5479CAEC4FAA9186C9E2B20C9E2CB1
Authority key identifier: F9:03:79:F3:AF:D9:4C:0F:26:B6:7F:FF:A3:4D:6E:94:6C:29:D6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-QN586_ZTA8mtn__o01ulGwp1iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/YYzrkPDEMpFz0VlMFyfkPlvrIPc.roa
Signing time: Sat 25 Jan 2025 11:59:06 +0000
ROA not before: Sat 25 Jan 2025 11:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204834
IP address blocks: 185.237.84.0/24 maxlen: 24
185.237.86.0/23 maxlen: 23
185.237.86.0/24 maxlen: 24
185.237.87.0/24 maxlen: 24
2a0c:a700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9d:54:79:ca:ec:4f:aa:91:86:c9:e2:b2:0c:9e:2c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f90379f3afd94c0f26b67fffa34d6e946c29d624
Validity
Not Before: Jan 25 11:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=618ceb90f0c4329173d1594c1727e43e5beb20f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:40:f2:c2:56:e5:50:18:74:8a:0c:4f:e1:99:
c2:12:19:e3:f0:b0:61:a2:0b:dd:4b:f6:1a:af:14:
5d:35:9f:f7:59:98:09:85:de:6e:ab:8e:b5:10:2a:
10:5d:18:78:76:16:fa:62:10:bc:7f:70:a7:07:7e:
97:ec:44:ac:f4:5b:59:d4:4d:f1:4d:07:e6:e3:53:
ae:ca:58:e1:ba:b3:bf:3e:ec:de:8a:49:37:b4:a9:
f8:bd:77:71:cb:fb:a0:2d:32:08:80:f9:58:19:3f:
25:a9:46:cc:d8:fc:ea:79:aa:ca:cc:8a:f7:30:57:
87:5e:dd:68:02:56:ef:ec:14:43:12:e7:4a:76:74:
80:7c:21:a1:e6:32:ad:8b:bc:9f:8b:a4:ca:8a:99:
c4:c3:63:70:1a:41:4b:2c:94:9c:cf:86:08:43:26:
4d:7e:28:df:24:f0:a5:26:d0:5e:83:6b:06:50:89:
70:3e:8f:ba:46:f4:da:69:d0:28:02:cd:46:9e:d5:
0d:19:59:46:9d:52:80:53:80:0d:a7:b7:36:e3:0b:
21:6e:93:82:75:2d:1e:6d:96:a9:dc:b5:fc:df:6e:
c8:04:d5:58:7d:9f:d4:1b:9e:6b:54:20:d0:94:aa:
6f:c3:59:d5:36:eb:85:77:40:07:8c:f0:2a:5d:6c:
ba:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8C:EB:90:F0:C4:32:91:73:D1:59:4C:17:27:E4:3E:5B:EB:20:F7
X509v3 Authority Key Identifier:
keyid:F9:03:79:F3:AF:D9:4C:0F:26:B6:7F:FF:A3:4D:6E:94:6C:29:D6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-QN586_ZTA8mtn__o01ulGwp1iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/YYzrkPDEMpFz0VlMFyfkPlvrIPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/de7ef6-bdae-4717-b061-6f207951c4b2/1/1-QN586_ZTA8mtn__o01ulGwp1iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.84.0/24
185.237.86.0/23
IPv6:
2a0c:a700::/29
Signature Algorithm: sha256WithRSAEncryption
66:48:72:3b:c5:b3:d0:a6:c2:07:59:ed:87:5b:0d:d8:75:db:
6e:06:35:4a:38:81:ce:fe:fa:ff:0c:f3:35:11:08:cd:a3:b4:
ec:26:3e:5f:fa:f3:85:f0:c9:61:19:30:c5:37:4c:8d:c8:c1:
65:97:63:cc:eb:a9:56:55:56:a1:25:0e:f0:c6:dc:dd:83:8c:
38:3b:88:75:2d:f9:92:ea:30:54:7d:1b:d4:60:18:d5:24:6d:
c8:4f:78:bf:6a:2f:d9:bf:89:ae:4d:12:af:5b:13:fa:d1:b2:
31:2b:3f:97:d1:3b:b5:87:16:b8:55:fe:31:c7:fa:81:fc:62:
dc:07:1b:66:e0:ea:33:7f:02:b0:89:51:12:a8:6e:b6:0f:ca:
aa:4d:55:6f:f4:1d:e6:88:df:50:e4:59:32:5f:ea:7a:24:0e:
ce:eb:0a:1d:c8:88:a4:4f:69:ad:76:e2:85:b7:ca:c7:2c:f8:
f9:80:23:7a:aa:fe:11:3e:b5:75:44:15:fd:ae:a1:c3:f9:ab:
02:7e:0e:20:8e:92:17:20:06:cc:0e:d5:90:c9:be:ce:57:0e:
cf:ba:ec:c0:8e:d1:30:87:79:f5:d6:40:b1:43:49:b2:50:56:
c2:f8:8a:d2:3e:ce:98:bf:c9:a7:a9:a8:dc:00:b4:78:2d:43:
78:7e:49:c5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZSdVHnK7E+qkYbJ4rIMniyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MDM3OWYzYWZkOTRjMGYyNmI2N2ZmZmEzNGQ2ZTk0NmMy
OWQ2MjQwHhcNMjUwMTI1MTE1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThjZWI5MGYwYzQzMjkxNzNkMTU5NGMxNzI3ZTQzZTViZWIyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EDywlblUBh0igxP4ZnCEhnj8LBh
ogvdS/YarxRdNZ/3WZgJhd5uq461ECoQXRh4dhb6YhC8f3CnB36X7ESs9FtZ1E3x
TQfm41OuyljhurO/Puzeikk3tKn4vXdxy/ugLTIIgPlYGT8lqUbM2PzqearKzIr3
MFeHXt1oAlbv7BRDEudKdnSAfCGh5jKti7yfi6TKipnEw2NwGkFLLJScz4YIQyZN
fijfJPClJtBeg2sGUIlwPo+6RvTaadAoAs1GntUNGVlGnVKAU4ANp7c24wshbpOC
dS0ebZap3LX8327IBNVYfZ/UG55rVCDQlKpvw1nVNuuFd0AHjPAqXWy67QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGGM65DwxDKRc9FZTBcn5D5b6yD3MB8GA1UdIwQY
MBaAFPkDefOv2UwPJrZ//6NNbpRsKdYkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1RTjU4Nl9aVEE4bXRuX19vMDF1bEd3cDFpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvZGU3ZWY2LWJkYWUtNDcxNy1iMDYx
LTZmMjA3OTUxYzRiMi8xL1lZenJrUERFTXBGejBWbE1GeWZrUGx2cklQYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDYvZGU3ZWY2LWJkYWUtNDcxNy1iMDYxLTZmMjA3OTUxYzRi
Mi8xLzEtUU41ODZfWlRBOG10bl9fbzAxdWxHd3AxaVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAC57VQD
BAG57VYwDQQCAAIwBwMFAyoMpwAwDQYJKoZIhvcNAQELBQADggEBAGZIcjvFs9Cm
wgdZ7YdbDdh1224GNUo4gc7++v8M8zURCM2jtOwmPl/684XwyWEZMMU3TI3IwWWX
Y8zrqVZVVqElDvDG3N2DjDg7iHUt+ZLqMFR9G9RgGNUkbchPeL9qL9m/ia5NEq9b
E/rRsjErP5fRO7WHFrhV/jHH+oH8YtwHG2bg6jN/ArCJURKobrYPyqpNVW/0HeaI
31DkWTJf6nokDs7rCh3IiKRPaa124oW3yscs+PmAI3qq/hE+tXVEFf2uocP5qwJ+
DiCOkhcgBswO1ZDJvs5XDs+67MCO0TCHefXWQLFDSbJQVsL4itI+zpi/yaepqNwA
tHgtQ3h+ScU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:57 2025 by rpki-client on console.sobornost.net