Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/yVJnFS7lt_m44ZGvk9I8EF_xDD0.roa
File: yVJnFS7lt_m44ZGvk9I8EF_xDD0.roa (raw, json)
Hash identifier: /jOq2cHp+9BcWaWydmDU1C8hLNvjhT4eXiMG9sdmdg4=
Subject key identifier: C9:52:67:15:2E:E5:B7:F9:B8:E1:91:AF:93:D2:3C:10:5F:F1:0C:3D
Certificate issuer: /CN=d695cb86586cbfd2462afa052c96a25c162830a8
Certificate serial: 01942823A626F4311E8591B172014CC57F82
Authority key identifier: D6:95:CB:86:58:6C:BF:D2:46:2A:FA:05:2C:96:A2:5C:16:28:30:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1pXLhlhsv9JGKvoFLJaiXBYoMKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/yVJnFS7lt_m44ZGvk9I8EF_xDD0.roa
Signing time: Thu 02 Jan 2025 17:50:12 +0000
ROA not before: Thu 02 Jan 2025 17:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210834
IP address blocks: 185.215.68.0/22 maxlen: 24
188.93.168.0/21 maxlen: 21
188.93.168.0/24 maxlen: 24
188.93.172.0/24 maxlen: 24
188.93.173.0/24 maxlen: 24
188.93.174.0/24 maxlen: 24
188.93.175.0/24 maxlen: 24
2a0b:880::/32 maxlen: 32
2a0b:880::/36 maxlen: 36
2a0b:880:1::/48 maxlen: 48
2a0b:880:4::/48 maxlen: 48
2a0b:880:5::/48 maxlen: 48
2a0b:880:6::/48 maxlen: 48
2a0b:880:8::/48 maxlen: 48
2a0b:880:11::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:a6:26:f4:31:1e:85:91:b1:72:01:4c:c5:7f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d695cb86586cbfd2462afa052c96a25c162830a8
Validity
Not Before: Jan 2 17:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c95267152ee5b7f9b8e191af93d23c105ff10c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a5:45:95:9e:0a:87:84:ff:23:d9:64:8f:9f:
dd:1f:73:ab:43:95:2d:67:63:2f:5d:74:ea:99:2e:
e2:a3:e9:25:79:a0:c1:fa:4a:3d:4d:cb:b9:a4:7a:
02:8f:2d:ab:17:8a:10:96:46:78:cb:2f:bf:14:b7:
d2:83:39:7a:56:a9:38:35:c4:eb:9e:de:0d:a2:00:
a0:bf:74:c3:0e:8b:aa:43:33:54:e0:1c:35:94:29:
4c:6a:0d:c1:2f:34:6c:db:59:ba:90:c0:ab:38:36:
95:43:0b:e8:5f:9a:dd:57:ff:f3:3c:d3:79:58:20:
15:3e:2f:12:4c:e4:f2:8c:d5:55:4c:15:07:44:c9:
05:42:15:ec:0c:fc:9e:33:d5:b2:aa:24:ea:63:78:
3a:df:a2:76:a5:fc:35:92:32:0b:a4:d0:f9:d3:eb:
8e:0f:28:00:9b:2c:ae:b5:51:0d:3f:df:4a:35:c1:
ee:d9:bb:f5:23:8b:3f:2d:07:c9:0c:0a:a7:b6:a5:
23:0d:46:c1:f6:c8:cd:6b:06:03:a7:b2:9e:6f:80:
0b:c1:ca:a8:74:a1:4c:6c:f9:92:7b:f3:f1:84:74:
c6:db:1e:1d:46:dc:b1:00:76:79:20:be:45:78:d5:
1a:a5:12:d5:30:0c:28:9f:66:ec:ea:f8:b2:b6:b3:
38:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:52:67:15:2E:E5:B7:F9:B8:E1:91:AF:93:D2:3C:10:5F:F1:0C:3D
X509v3 Authority Key Identifier:
keyid:D6:95:CB:86:58:6C:BF:D2:46:2A:FA:05:2C:96:A2:5C:16:28:30:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1pXLhlhsv9JGKvoFLJaiXBYoMKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/yVJnFS7lt_m44ZGvk9I8EF_xDD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3dbfeb-b2e2-4816-9ba9-a5cd81b5e00b/1/1pXLhlhsv9JGKvoFLJaiXBYoMKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.68.0/22
188.93.168.0/21
IPv6:
2a0b:880::/32
Signature Algorithm: sha256WithRSAEncryption
ac:ad:67:74:82:5d:be:81:22:f9:07:00:1e:1d:fb:ff:b9:3c:
c7:bd:ca:41:16:54:16:0a:4d:cc:4e:b2:e6:86:9a:86:8d:6b:
51:12:b2:ab:87:43:13:56:ec:47:8d:5b:f6:39:24:2a:38:da:
c7:3b:eb:33:c8:fd:fc:6f:ec:03:ba:af:bb:99:d1:a1:b9:b7:
cb:86:3a:d3:d4:23:92:e2:88:98:d3:6d:34:ca:64:c1:50:15:
f3:12:99:d7:ad:23:e0:67:4a:e3:3a:25:b0:f8:be:42:a0:da:
34:af:e4:b0:56:16:c5:e3:a3:e6:5d:71:41:89:1a:2b:86:5c:
f0:30:16:20:3a:27:a5:7f:64:c9:5d:eb:2e:2a:e9:ee:76:d4:
d2:0e:1f:39:91:2d:df:7e:d9:f3:e5:d6:7b:62:b8:64:ea:cc:
30:8d:ea:a8:5a:09:ee:b6:29:5b:c8:67:6b:04:31:49:81:d2:
9f:41:48:aa:74:12:96:ec:a7:63:2e:e3:dc:e3:08:c6:88:9e:
25:ef:81:3e:de:80:69:1f:ec:78:4b:0a:eb:43:ba:47:e9:e9:
3c:c7:21:f3:78:fe:ed:82:18:11:73:94:62:3f:d8:1e:8b:dc:
c2:08:32:39:cc:04:ac:3a:ea:d3:f9:84:f0:9c:9b:8d:94:f8:
71:6b:91:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoI6Ym9DEehZGxcgFMxX+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTVjYjg2NTg2Y2JmZDI0NjJhZmEwNTJjOTZhMjVjMTYy
ODMwYTgwHhcNMjUwMTAyMTc1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUyNjcxNTJlZTViN2Y5YjhlMTkxYWY5M2QyM2MxMDVmZjEwYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KVFlZ4Kh4T/I9lkj5/dH3OrQ5Ut
Z2MvXXTqmS7io+kleaDB+ko9Tcu5pHoCjy2rF4oQlkZ4yy+/FLfSgzl6Vqk4NcTr
nt4NogCgv3TDDouqQzNU4Bw1lClMag3BLzRs21m6kMCrODaVQwvoX5rdV//zPNN5
WCAVPi8STOTyjNVVTBUHRMkFQhXsDPyeM9WyqiTqY3g636J2pfw1kjILpND50+uO
DygAmyyutVENP99KNcHu2bv1I4s/LQfJDAqntqUjDUbB9sjNawYDp7Keb4ALwcqo
dKFMbPmSe/PxhHTG2x4dRtyxAHZ5IL5FeNUapRLVMAwon2bs6viytrM4PwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMlSZxUu5bf5uOGRr5PSPBBf8Qw9MB8GA1UdIwQY
MBaAFNaVy4ZYbL/SRir6BSyWolwWKDCoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBYTGhsaHN2OUpHS3ZvRkxKYWlYQllvTUtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zZGJmZWItYjJlMi00ODE2LTliYTkt
YTVjZDgxYjVlMDBiLzEveVZKbkZTN2x0X200NFpHdms5SThFRl94REQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zZGJmZWItYjJlMi00ODE2LTliYTktYTVjZDgxYjVlMDBi
LzEvMXBYTGhsaHN2OUpHS3ZvRkxKYWlYQllvTUtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuddEAwQD
vF2oMA0EAgACMAcDBQAqCwiAMA0GCSqGSIb3DQEBCwUAA4IBAQCsrWd0gl2+gSL5
BwAeHfv/uTzHvcpBFlQWCk3MTrLmhpqGjWtRErKrh0MTVuxHjVv2OSQqONrHO+sz
yP38b+wDuq+7mdGhubfLhjrT1COS4oiY0200ymTBUBXzEpnXrSPgZ0rjOiWw+L5C
oNo0r+SwVhbF46PmXXFBiRorhlzwMBYgOielf2TJXesuKunudtTSDh85kS3fftnz
5dZ7Yrhk6swwjeqoWgnutilbyGdrBDFJgdKfQUiqdBKW7KdjLuPc4wjGiJ4l74E+
3oBpH+x4SwrrQ7pH6ek8xyHzeP7tghgRc5RiP9gei9zCCDI5zASsOurT+YTwnJuN
lPhxa5Ef
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:08 2025 by rpki-client on console.sobornost.net