Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/YfIFhU0ONooUeM5LYDIwujefT70.roa
File: YfIFhU0ONooUeM5LYDIwujefT70.roa (raw, json)
Hash identifier: FzOwlF2eZufoM+/Vg+xA3fNm2T39ptzXccEUItomPVo=
Subject key identifier: 61:F2:05:85:4D:0E:36:8A:14:78:CE:4B:60:32:30:BA:37:9F:4F:BD
Certificate issuer: /CN=89b332d57ce14fab1ebd746817dd701062c74a88
Certificate serial: 0195A853A8D7E3817CA9F1712900792A978E
Authority key identifier: 89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/YfIFhU0ONooUeM5LYDIwujefT70.roa
Signing time: Tue 18 Mar 2025 08:16:49 +0000
ROA not before: Tue 18 Mar 2025 08:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34572
IP address blocks: 83.173.64.0/19 maxlen: 19
83.173.64.0/21 maxlen: 21
83.173.72.0/21 maxlen: 21
83.173.80.0/21 maxlen: 21
83.173.88.0/21 maxlen: 24
83.173.96.0/21 maxlen: 21
83.173.112.0/22 maxlen: 24
83.173.115.0/24 maxlen: 24
83.173.116.0/24 maxlen: 24
185.170.151.0/24 maxlen: 24
2a02:6100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:53:a8:d7:e3:81:7c:a9:f1:71:29:00:79:2a:97:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b332d57ce14fab1ebd746817dd701062c74a88
Validity
Not Before: Mar 18 08:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61f205854d0e368a1478ce4b603230ba379f4fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:04:15:97:11:61:f5:48:31:2c:80:fd:9c:8c:
69:fe:c1:56:17:ed:22:01:ff:ad:14:e6:92:45:8b:
b3:e9:e2:9e:e4:bb:78:af:74:fa:0e:90:42:e0:51:
c0:ef:87:3b:dd:9f:34:9f:be:e4:05:69:5b:e4:41:
54:4f:7a:d3:33:b5:86:e0:4d:64:7c:1d:eb:d6:ac:
51:e3:c0:97:8b:76:b1:f7:b0:6b:7d:4a:c6:fc:36:
b2:de:22:39:2c:7f:a6:aa:20:8b:0a:8b:82:79:8c:
18:c8:02:15:f6:81:56:16:2d:61:2e:aa:41:c6:5c:
c4:1e:0f:93:a4:10:75:f7:54:67:de:cc:29:9b:50:
7a:9f:1c:ef:65:86:d5:4b:0b:4c:3c:a1:00:47:bd:
e2:f1:9a:ac:af:98:9d:5d:d5:53:d3:9c:ee:58:d7:
6c:a9:88:f1:a1:d1:55:22:62:e6:24:6a:0f:10:75:
ea:5f:e9:3d:c6:2d:41:6f:7e:34:b2:98:4e:f1:b7:
bd:5f:50:6f:e4:7b:04:20:86:d0:f4:87:82:45:44:
a1:a7:b8:54:58:5b:b7:ef:a2:bb:ec:b9:71:fe:46:
3f:e6:71:39:f0:86:ec:8e:9d:95:ff:10:73:76:e7:
1d:bc:6c:03:f2:7c:4b:3e:5b:cb:85:91:28:12:e8:
33:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F2:05:85:4D:0E:36:8A:14:78:CE:4B:60:32:30:BA:37:9F:4F:BD
X509v3 Authority Key Identifier:
keyid:89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/YfIFhU0ONooUeM5LYDIwujefT70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ibMy1XzhT6sevXRoF91wEGLHSog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.173.64.0-83.173.103.255
83.173.112.0-83.173.116.255
185.170.151.0/24
IPv6:
2a02:6100::/32
Signature Algorithm: sha256WithRSAEncryption
5a:18:10:e1:c5:b7:7a:b4:34:c0:28:d4:f0:36:d6:e5:6b:7d:
d7:da:40:ce:6d:74:2d:91:ab:90:b2:d4:d6:42:6a:57:e2:09:
98:05:f1:2d:30:7c:64:3e:1d:64:6d:f7:52:5f:24:2d:30:93:
fd:77:2c:3b:eb:30:7f:ca:f2:64:30:e6:7b:ba:e8:48:82:86:
6a:15:05:9c:b3:c9:77:75:38:0c:00:ae:81:82:ef:da:78:3e:
c2:af:3e:34:6d:57:67:35:43:c0:f2:3f:45:a2:c7:70:5e:34:
4d:76:d9:aa:e1:c9:ff:df:1e:74:15:89:b7:cb:84:9a:b8:13:
c1:35:e6:54:ef:ef:5a:bc:99:4c:67:93:8e:8c:fb:77:16:e9:
e2:6a:3b:1f:47:a2:f2:d1:d7:51:14:fb:a2:63:63:47:af:0f:
bd:4a:0e:e0:d7:e4:7e:a1:91:46:b2:df:97:1c:8c:23:92:03:
83:64:f7:82:e0:40:b5:1f:cc:77:59:4d:61:98:b0:d4:1e:86:
d9:a2:3e:44:58:58:a3:0f:d6:60:b5:2a:4f:0b:2c:22:f3:fa:
e0:a5:fe:16:cf:df:a1:95:32:f0:43:c4:9b:dd:ad:d3:53:35:
54:7a:46:84:6a:f3:87:02:ea:d0:30:d7:c6:4a:b2:d9:15:1a:
7d:00:2a:3a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZWoU6jX44F8qfFxKQB5KpeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjMzMmQ1N2NlMTRmYWIxZWJkNzQ2ODE3ZGQ3MDEwNjJj
NzRhODgwHhcNMjUwMzE4MDgxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYyMDU4NTRkMGUzNjhhMTQ3OGNlNGI2MDMyMzBiYTM3OWY0ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gQVlxFh9UgxLID9nIxp/sFWF+0i
Af+tFOaSRYuz6eKe5Lt4r3T6DpBC4FHA74c73Z80n77kBWlb5EFUT3rTM7WG4E1k
fB3r1qxR48CXi3ax97BrfUrG/Day3iI5LH+mqiCLCouCeYwYyAIV9oFWFi1hLqpB
xlzEHg+TpBB191Rn3swpm1B6nxzvZYbVSwtMPKEAR73i8Zqsr5idXdVT05zuWNds
qYjxodFVImLmJGoPEHXqX+k9xi1Bb340sphO8be9X1Bv5HsEIIbQ9IeCRUShp7hU
WFu376K77Llx/kY/5nE58Ibsjp2V/xBzducdvGwD8nxLPlvLhZEoEugzvwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGHyBYVNDjaKFHjOS2AyMLo3n0+9MB8GA1UdIwQY
MBaAFImzMtV84U+rHr10aBfdcBBix0qIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJNeTFYemhUNnNldlhSb0Y5MXdFR0xIU29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84MTcxOWQtNDY3Yy00YWY3LWE4MjQt
NDZhMGRmNzc0ZmUxLzEvWWZJRmhVME9Ob29VZU01TFlESXd1amVmVDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84MTcxOWQtNDY3Yy00YWY3LWE4MjQtNDZhMGRmNzc0ZmUx
LzEvaWJNeTFYemhUNnNldlhSb0Y5MXdFR0xIU29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAZTrUAD
BANTrWAwDAMEBFOtcAMEAFOtdAMEALmqlzANBAIAAjAHAwUAKgJhADANBgkqhkiG
9w0BAQsFAAOCAQEAWhgQ4cW3erQ0wCjU8DbW5Wt919pAzm10LZGrkLLU1kJqV+IJ
mAXxLTB8ZD4dZG33Ul8kLTCT/XcsO+swf8ryZDDme7roSIKGahUFnLPJd3U4DACu
gYLv2ng+wq8+NG1XZzVDwPI/RaLHcF40TXbZquHJ/98edBWJt8uEmrgTwTXmVO/v
WryZTGeTjoz7dxbp4mo7H0ei8tHXURT7omNjR68PvUoO4NfkfqGRRrLflxyMI5ID
g2T3guBAtR/Md1lNYZiw1B6G2aI+RFhYow/WYLUqTwssIvP64KX+Fs/foZUy8EPE
m92t01M1VHpGhGrzhwLq0DDXxkqy2RUafQAqOg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net