Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/YaKVerZeOE_k6lcVU7K8hRVZJuQ.roa
File: YaKVerZeOE_k6lcVU7K8hRVZJuQ.roa (raw, json)
Hash identifier: Dq1CxVYROGn+/alH1oWjuOgqMxlxJDluxPuaM2yn2Vs=
Subject key identifier: 61:A2:95:7A:B6:5E:38:4F:E4:EA:57:15:53:B2:BC:85:15:59:26:E4
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 0193D9E686DABEC7DA8BCDB42FEA657FE6AD
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/YaKVerZeOE_k6lcVU7K8hRVZJuQ.roa
Signing time: Wed 18 Dec 2024 13:13:03 +0000
ROA not before: Wed 18 Dec 2024 13:13:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.188.0/22 maxlen: 22
91.223.3.0/24 maxlen: 24
95.214.52.0/22 maxlen: 23
95.214.52.0/23 maxlen: 23
95.214.54.0/23 maxlen: 23
146.19.24.0/24 maxlen: 24
178.211.139.0/24 maxlen: 24
185.16.36.0/22 maxlen: 24
185.225.191.0/24 maxlen: 24
185.248.24.0/24 maxlen: 24
193.34.212.0/22 maxlen: 22
193.34.212.0/23 maxlen: 23
193.34.214.0/23 maxlen: 23
193.34.215.0/24 maxlen: 24
195.3.220.0/22 maxlen: 22
195.3.220.0/23 maxlen: 23
195.3.222.0/23 maxlen: 23
195.3.222.0/24 maxlen: 24
212.23.222.0/24 maxlen: 24
2a03:cfc0::/32 maxlen: 32
2a03:cfc0::/33 maxlen: 33
2a03:cfc0:8000::/33 maxlen: 33
2a09:d580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:e6:86:da:be:c7:da:8b:cd:b4:2f:ea:65:7f:e6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Dec 18 13:13:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61a2957ab65e384fe4ea571553b2bc85155926e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cf:3a:cf:36:61:ee:cf:dc:d6:d4:fe:a0:16:
9a:c0:f2:ba:34:c4:ba:8f:ba:7c:f1:ab:9b:01:2d:
5a:1b:d1:cf:a0:c5:1b:09:af:d6:59:39:c4:4e:09:
94:14:eb:b5:12:d2:62:fd:bc:45:63:d3:f3:11:4a:
54:dc:53:f8:b2:ef:04:47:12:50:39:c6:e3:f2:00:
e5:f1:9a:b7:b3:9b:89:12:ae:3b:b6:b0:c4:ab:a4:
54:b2:33:5e:8c:4d:cd:5c:75:19:52:b8:c5:cc:fd:
d1:b1:f0:15:1a:f9:3c:94:30:73:f4:1e:98:ea:23:
cc:9a:b8:01:0b:df:da:ff:03:bf:48:07:e3:88:3a:
c3:69:f3:95:89:1f:b2:1e:ee:29:3f:5c:31:f2:c4:
cd:a9:72:a3:74:21:37:e3:0e:fa:7c:f0:56:a8:fe:
28:f7:b2:1d:2e:e7:eb:83:f4:06:00:44:9d:47:05:
31:a5:b4:a9:77:07:aa:15:77:31:8c:d3:9f:ab:ab:
85:02:af:e8:5f:5d:9d:9c:0c:85:65:91:dd:b1:d7:
95:8d:e2:b0:e7:19:21:96:58:49:93:f5:d2:fa:d4:
cd:6c:66:57:f0:ad:e8:5b:3b:0c:b2:6a:00:64:c7:
82:85:03:24:c3:1c:33:23:52:13:e4:37:81:01:4a:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A2:95:7A:B6:5E:38:4F:E4:EA:57:15:53:B2:BC:85:15:59:26:E4
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/YaKVerZeOE_k6lcVU7K8hRVZJuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
91.223.3.0/24
95.214.52.0/22
146.19.24.0/24
178.211.139.0/24
185.16.36.0/22
185.225.191.0/24
185.248.24.0/24
193.34.212.0/22
195.3.220.0/22
212.23.222.0/24
IPv6:
2a03:cfc0::/32
2a09:d580::/29
Signature Algorithm: sha256WithRSAEncryption
52:e2:2d:0e:82:4f:3a:79:e3:bf:7c:22:bd:ea:cd:90:29:04:
fe:b1:40:3d:95:d2:04:c6:b1:14:04:19:4c:a4:40:56:77:a4:
d0:3a:b9:82:44:ea:3b:04:26:47:50:6e:e4:43:84:12:56:14:
69:6a:a6:e1:4a:e3:52:89:33:5c:a1:78:cf:a3:ea:dc:86:02:
ec:bd:a0:b5:50:10:59:bf:47:15:2d:cc:b4:ad:a3:37:d7:df:
f4:f8:7c:8a:ac:4f:a1:44:c3:46:99:2e:3c:70:bf:77:21:d4:
d5:db:01:1f:5c:18:f0:39:7e:f2:bf:8f:f8:22:59:09:c3:ba:
30:3a:1b:96:84:df:80:ca:5d:50:c9:a9:91:76:09:60:bc:78:
3c:76:2b:46:72:11:e3:dd:b6:c7:28:f8:43:5c:22:a4:83:18:
fc:01:79:f6:66:8a:d6:79:ae:52:62:37:ca:ce:f7:23:4c:c0:
41:d2:67:4f:3c:cb:78:5e:0e:f5:19:13:04:20:fd:5d:b9:6f:
08:e0:98:33:8c:91:b1:f1:53:3c:ce:b9:ca:fc:bb:b0:8e:0b:
db:4f:49:2a:80:f9:8d:79:a7:c3:f1:cc:d9:f1:ec:b2:35:63:
b2:8e:8e:5b:2e:6c:a5:53:ca:40:6f:6a:4f:3e:80:85:24:af:
2b:78:e8:de
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZPZ5obavsfai820L+plf+atMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjQxMjE4MTMxMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWEyOTU3YWI2NWUzODRmZTRlYTU3MTU1M2IyYmM4NTE1NTkyNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s86zzZh7s/c1tT+oBaawPK6NMS6
j7p88aubAS1aG9HPoMUbCa/WWTnETgmUFOu1EtJi/bxFY9PzEUpU3FP4su8ERxJQ
Ocbj8gDl8Zq3s5uJEq47trDEq6RUsjNejE3NXHUZUrjFzP3RsfAVGvk8lDBz9B6Y
6iPMmrgBC9/a/wO/SAfjiDrDafOViR+yHu4pP1wx8sTNqXKjdCE34w76fPBWqP4o
97IdLufrg/QGAESdRwUxpbSpdweqFXcxjNOfq6uFAq/oX12dnAyFZZHdsdeVjeKw
5xkhllhJk/XS+tTNbGZX8K3oWzsMsmoAZMeChQMkwxwzI1IT5DeBAUqfgwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGGilXq2XjhP5OpXFVOyvIUVWSbkMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvWWFLVmVyWmVPRV9rNmxjVlU3SzhoUlZaSnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCBbW8AwQA
W98DAwQCX9Y0AwQAkhMYAwQAstOLAwQCuRAkAwQAueG/AwQAufgYAwQCwSLUAwQC
wwPcAwQA1BfeMBQEAgACMA4DBQAqA8/AAwUDKgnVgDANBgkqhkiG9w0BAQsFAAOC
AQEAUuItDoJPOnnjv3wiverNkCkE/rFAPZXSBMaxFAQZTKRAVnek0Dq5gkTqOwQm
R1Bu5EOEElYUaWqm4UrjUokzXKF4z6Pq3IYC7L2gtVAQWb9HFS3MtK2jN9ff9Ph8
iqxPoUTDRpkuPHC/dyHU1dsBH1wY8Dl+8r+P+CJZCcO6MDobloTfgMpdUMmpkXYJ
YLx4PHYrRnIR4922xyj4Q1wipIMY/AF59maK1nmuUmI3ys73I0zAQdJnTzzLeF4O
9RkTBCD9XblvCOCYM4yRsfFTPM65yvy7sI4L209JKoD5jXmnw/HM2fHssjVjso6O
Wy5spVPKQG9qTz6AhSSvK3jo3g==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:28 2024 by rpki-client on console.sobornost.net