Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2a829b-32b3-496a-80ce-a02467f6425f/1/YfJtBuAEzwrAwSN_J7xGNSKCjCE.roa
File: YfJtBuAEzwrAwSN_J7xGNSKCjCE.roa (raw, json)
Hash identifier: XmpRYRo5Vs4yfW8P8k8ClzDTbvhLktOQ+0fCN4Fj/SI=
Subject key identifier: 61:F2:6D:06:E0:04:CF:0A:C0:C1:23:7F:27:BC:46:35:22:82:8C:21
Certificate issuer: /CN=c1075b7a81af49deffb6c835c5608ee0b88432ca
Certificate serial: 0195FFAAAAF23E09775A8919F102CA2C438A
Authority key identifier: C1:07:5B:7A:81:AF:49:DE:FF:B6:C8:35:C5:60:8E:E0:B8:84:32:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQdbeoGvSd7_tsg1xWCO4LiEMso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/2a829b-32b3-496a-80ce-a02467f6425f/1/YfJtBuAEzwrAwSN_J7xGNSKCjCE.roa
Signing time: Fri 04 Apr 2025 07:18:49 +0000
ROA not before: Fri 04 Apr 2025 07:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24951
IP address blocks: 193.169.2.0/24 maxlen: 24
193.169.3.0/24 maxlen: 24
195.66.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:aa:aa:f2:3e:09:77:5a:89:19:f1:02:ca:2c:43:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1075b7a81af49deffb6c835c5608ee0b88432ca
Validity
Not Before: Apr 4 07:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61f26d06e004cf0ac0c1237f27bc463522828c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ad:c1:1a:e2:61:4d:b4:89:96:d4:e8:7b:bc:
d2:95:a5:01:5b:fa:c1:1c:38:88:90:80:c6:f7:9b:
88:1e:48:67:de:07:4e:91:6c:f7:19:54:1a:26:9a:
e3:db:bc:e8:6d:a2:4e:5c:b5:57:27:b2:a7:80:18:
c2:0c:e1:dc:84:ad:b5:ee:c7:7b:89:f3:0e:98:60:
cc:0f:f3:e1:8a:ed:78:82:7f:72:be:ef:f0:24:bb:
2b:7b:43:eb:21:ef:19:71:ab:c6:18:d8:52:8d:d3:
0d:25:67:0d:c9:2d:6d:22:cd:47:7e:f5:6b:15:ac:
46:96:c1:7d:63:62:bf:11:9a:ab:d9:6a:8a:22:1b:
e6:d4:4c:a9:e6:7f:48:c7:c3:73:25:65:c3:f0:2c:
f3:76:3b:88:41:83:31:11:0d:57:a9:de:7f:d8:b7:
34:41:ec:f0:c7:2e:41:21:93:a7:88:10:0f:55:74:
48:b5:6d:d8:f1:00:0b:71:c8:b1:b0:64:62:5d:85:
41:1a:49:61:60:46:a4:78:8d:1c:57:8f:cb:04:b1:
d9:ff:62:4a:0a:b5:79:d9:9d:29:0d:cd:38:e7:08:
cf:46:e4:76:42:8d:eb:0b:59:1d:b5:c7:81:f4:4d:
23:bd:dc:85:e5:3f:77:1f:c7:e2:68:e1:0b:39:28:
5d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F2:6D:06:E0:04:CF:0A:C0:C1:23:7F:27:BC:46:35:22:82:8C:21
X509v3 Authority Key Identifier:
keyid:C1:07:5B:7A:81:AF:49:DE:FF:B6:C8:35:C5:60:8E:E0:B8:84:32:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQdbeoGvSd7_tsg1xWCO4LiEMso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2a829b-32b3-496a-80ce-a02467f6425f/1/YfJtBuAEzwrAwSN_J7xGNSKCjCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2a829b-32b3-496a-80ce-a02467f6425f/1/wQdbeoGvSd7_tsg1xWCO4LiEMso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.2.0/23
195.66.85.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:9c:9b:57:10:ed:0d:e4:70:41:a8:10:de:3a:2c:7c:40:37:
2c:bb:f3:7b:87:aa:d3:24:2e:c7:da:ba:f6:58:3a:e4:3d:0b:
23:71:35:3e:e6:4c:54:a9:64:3f:d4:f6:5d:1e:da:e6:29:e3:
53:6f:5a:ea:e8:50:7e:aa:35:14:06:bc:30:18:aa:a3:8d:4c:
f5:a0:32:78:19:3b:75:a2:3f:bd:44:47:d9:ce:af:e0:2a:2b:
c2:2f:7b:9c:7f:f9:b4:85:76:1f:f4:17:16:11:77:07:a8:02:
61:b1:ef:68:f3:00:fa:38:17:b1:be:0c:e8:48:c0:a8:03:a6:
c0:42:60:00:b6:e6:c5:20:73:c0:d7:60:c3:93:72:16:e2:07:
44:99:fc:9d:d3:33:34:df:ae:9c:96:50:f5:1a:eb:87:6a:ef:
40:c5:d6:13:54:91:ed:45:9c:5c:42:92:cb:05:38:70:84:d7:
70:31:55:03:64:54:64:4e:92:1d:22:06:08:49:64:ff:19:a8:
d1:1b:5f:9e:d4:2a:4f:a0:cb:94:f8:75:38:ae:dd:de:7d:bf:
dc:63:83:9f:8e:29:15:f3:5e:f6:31:46:7a:82:01:53:9f:6c:
f3:73:26:53:67:94:4d:40:f3:af:e2:b8:9d:b6:2f:ab:7f:80:
d7:80:73:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX/qqryPgl3WokZ8QLKLEOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDc1YjdhODFhZjQ5ZGVmZmI2YzgzNWM1NjA4ZWUwYjg4
NDMyY2EwHhcNMjUwNDA0MDcxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYyNmQwNmUwMDRjZjBhYzBjMTIzN2YyN2JjNDYzNTIyODI4YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs63BGuJhTbSJltToe7zSlaUBW/rB
HDiIkIDG95uIHkhn3gdOkWz3GVQaJprj27zobaJOXLVXJ7KngBjCDOHchK217sd7
ifMOmGDMD/Phiu14gn9yvu/wJLsre0PrIe8ZcavGGNhSjdMNJWcNyS1tIs1HfvVr
FaxGlsF9Y2K/EZqr2WqKIhvm1Eyp5n9Ix8NzJWXD8CzzdjuIQYMxEQ1Xqd5/2Lc0
Qezwxy5BIZOniBAPVXRItW3Y8QALccixsGRiXYVBGklhYEakeI0cV4/LBLHZ/2JK
CrV52Z0pDc045wjPRuR2Qo3rC1kdtceB9E0jvdyF5T93H8fiaOELOShdCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGHybQbgBM8KwMEjfye8RjUigowhMB8GA1UdIwQY
MBaAFMEHW3qBr0ne/7bINcVgjuC4hDLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FkYmVvR3ZTZDdfdHNnMXhXQ080TGlFTXNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yYTgyOWItMzJiMy00OTZhLTgwY2Ut
YTAyNDY3ZjY0MjVmLzEvWWZKdEJ1QUV6d3JBd1NOX0o3eEdOU0tDakNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yYTgyOWItMzJiMy00OTZhLTgwY2UtYTAyNDY3ZjY0MjVm
LzEvd1FkYmVvR3ZTZDdfdHNnMXhXQ080TGlFTXNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwakCAwQA
w0JVMA0GCSqGSIb3DQEBCwUAA4IBAQBdnJtXEO0N5HBBqBDeOix8QDcsu/N7h6rT
JC7H2rr2WDrkPQsjcTU+5kxUqWQ/1PZdHtrmKeNTb1rq6FB+qjUUBrwwGKqjjUz1
oDJ4GTt1oj+9REfZzq/gKivCL3ucf/m0hXYf9BcWEXcHqAJhse9o8wD6OBexvgzo
SMCoA6bAQmAAtubFIHPA12DDk3IW4gdEmfyd0zM0366cllD1GuuHau9AxdYTVJHt
RZxcQpLLBThwhNdwMVUDZFRkTpIdIgYISWT/GajRG1+e1CpPoMuU+HU4rt3efb/c
Y4OfjikV8172MUZ6ggFTn2zzcyZTZ5RNQPOv4ridti+rf4DXgHOj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:01 2025 by rpki-client on console.sobornost.net