Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/YC3-xixw4XeW0DEnxSoXSA3y9I0.roa
File: YC3-xixw4XeW0DEnxSoXSA3y9I0.roa (raw, json)
Hash identifier: g2+qW4cdB8k/DANIZo5brjTh6TFBwg+CXUq3jLsJYWU=
Subject key identifier: 60:2D:FE:C6:2C:70:E1:77:96:D0:31:27:C5:2A:17:48:0D:F2:F4:8D
Certificate issuer: /CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Certificate serial: 01956FD65ECBB53BE8FA5E373E038CE0E06B
Authority key identifier: CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/YC3-xixw4XeW0DEnxSoXSA3y9I0.roa
Signing time: Fri 07 Mar 2025 09:01:14 +0000
ROA not before: Fri 07 Mar 2025 09:01:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211055
IP address blocks: 185.233.130.0/24 maxlen: 24
2a11:3400::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:d6:5e:cb:b5:3b:e8:fa:5e:37:3e:03:8c:e0:e0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Validity
Not Before: Mar 7 09:01:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=602dfec62c70e17796d03127c52a17480df2f48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b4:84:50:0e:ae:a9:91:b3:cf:4b:62:34:e7:
38:6a:22:67:06:14:b2:7c:42:b7:fc:7e:e1:a8:85:
91:47:a5:1d:13:76:3c:7b:e5:ad:10:c5:6a:1a:51:
65:fa:77:8b:7e:c7:96:c3:5d:18:68:0f:83:aa:c5:
d4:3a:c0:29:b5:1a:f8:b5:78:84:23:88:75:b0:b8:
fc:26:f8:c9:ab:f0:70:f9:6d:6a:61:2d:82:57:60:
b7:9e:b9:d3:66:22:90:3a:a2:cd:a1:d4:c9:3c:65:
e9:cc:18:fa:ab:2b:da:4c:b6:df:3d:e0:6a:2c:47:
ec:06:cc:a0:83:c2:45:83:aa:5d:32:3e:23:74:ef:
6d:d4:71:fe:6a:72:1a:d3:6c:8c:76:b7:e5:fb:b2:
49:54:8f:1a:30:fa:43:87:a9:ca:a9:eb:64:f2:cb:
fa:67:d7:aa:ea:6e:5c:40:e0:37:09:15:8d:9c:47:
18:1f:c4:d9:2a:66:7d:fd:f2:53:d3:29:e8:10:6f:
06:b5:de:b3:aa:b0:14:6f:85:01:3b:cb:bf:1a:d5:
c0:14:97:1d:e4:42:51:1c:99:ab:77:d9:c3:bf:2d:
fa:8a:0c:87:2d:14:28:a5:5e:78:a9:16:db:b3:22:
88:8f:ad:12:43:40:4e:67:6d:bc:35:9c:dd:42:9a:
9a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2D:FE:C6:2C:70:E1:77:96:D0:31:27:C5:2A:17:48:0D:F2:F4:8D
X509v3 Authority Key Identifier:
keyid:CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/YC3-xixw4XeW0DEnxSoXSA3y9I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yjKc7Y77QfO0ogeNlLuwo6q0-wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.130.0/24
IPv6:
2a11:3400::/29
Signature Algorithm: sha256WithRSAEncryption
86:5e:f9:64:96:c4:b2:7f:0a:38:c3:18:3a:06:00:ac:11:81:
46:90:52:8d:ae:2f:8d:98:ce:13:08:c8:b1:a9:1e:20:99:9c:
78:ee:e5:27:38:4b:71:c3:1b:5f:92:ae:96:ed:9c:8e:91:ec:
05:34:52:22:9f:f2:80:24:c3:9f:4a:65:cd:5d:27:09:20:d6:
67:1e:35:06:35:3b:75:fe:57:12:f2:00:a8:bc:18:d0:33:f8:
ae:51:54:ea:4c:9a:6f:34:85:7f:b2:ad:4a:83:49:6c:e7:93:
9a:b0:8d:a2:81:58:dd:be:a7:7d:f9:20:4b:1e:18:14:25:c9:
95:1c:69:7b:6c:83:06:dc:78:05:46:e2:32:18:91:10:32:98:
90:6d:24:3a:b2:85:be:a1:9c:68:72:79:9b:68:cc:08:cb:7d:
88:67:d3:5e:cf:a1:9c:28:79:18:8b:e9:96:a5:9f:ce:64:63:
23:7d:e0:97:c7:0c:2e:fe:2d:1a:17:29:1a:1f:96:58:f3:19:
50:8a:4e:37:79:31:7a:c9:ec:e5:88:6b:cb:6b:93:ea:48:c1:
7b:0c:03:dd:2e:c6:a5:7d:21:bb:51:b6:0d:7f:05:33:c2:b0:
32:00:8a:eb:93:8f:d6:74:11:94:ca:9f:60:d7:86:50:f8:41:
7b:81:3d:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVv1l7LtTvo+l43PgOM4OBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzI5Y2VkOGVmYjQxZjNiNGEyMDc4ZDk0YmJiMGEzYWFi
NGZiMDIwHhcNMjUwMzA3MDkwMTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJkZmVjNjJjNzBlMTc3OTZkMDMxMjdjNTJhMTc0ODBkZjJmNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77SEUA6uqZGzz0tiNOc4aiJnBhSy
fEK3/H7hqIWRR6UdE3Y8e+WtEMVqGlFl+neLfseWw10YaA+DqsXUOsAptRr4tXiE
I4h1sLj8JvjJq/Bw+W1qYS2CV2C3nrnTZiKQOqLNodTJPGXpzBj6qyvaTLbfPeBq
LEfsBsygg8JFg6pdMj4jdO9t1HH+anIa02yMdrfl+7JJVI8aMPpDh6nKqetk8sv6
Z9eq6m5cQOA3CRWNnEcYH8TZKmZ9/fJT0ynoEG8Gtd6zqrAUb4UBO8u/GtXAFJcd
5EJRHJmrd9nDvy36igyHLRQopV54qRbbsyKIj60SQ0BOZ228NZzdQpqaKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGAt/sYscOF3ltAxJ8UqF0gN8vSNMB8GA1UdIwQY
MBaAFMoynO2O+0HztKIHjZS7sKOqtPsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEt
OWRiYzM1NjcyMzI5LzEvWUMzLXhpeHc0WGVXMERFbnhTb1hTQTN5OUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEtOWRiYzM1NjcyMzI5
LzEveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuemCMA0E
AgACMAcDBQMqETQAMA0GCSqGSIb3DQEBCwUAA4IBAQCGXvlklsSyfwo4wxg6BgCs
EYFGkFKNri+NmM4TCMixqR4gmZx47uUnOEtxwxtfkq6W7ZyOkewFNFIin/KAJMOf
SmXNXScJINZnHjUGNTt1/lcS8gCovBjQM/iuUVTqTJpvNIV/sq1Kg0ls55OasI2i
gVjdvqd9+SBLHhgUJcmVHGl7bIMG3HgFRuIyGJEQMpiQbSQ6soW+oZxocnmbaMwI
y32IZ9Nez6GcKHkYi+mWpZ/OZGMjfeCXxwwu/i0aFykaH5ZY8xlQik43eTF6yezl
iGvLa5PqSMF7DAPdLsalfSG7UbYNfwUzwrAyAIrrk4/WdBGUyp9g14ZQ+EF7gT3t
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:11 2025 by rpki-client on console.sobornost.net