Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/YdfGaXHdTb-LYhTs_wz6s9gnwBM.roa
File: YdfGaXHdTb-LYhTs_wz6s9gnwBM.roa (raw, json)
Hash identifier: gNJt9eBEIblRu0IFOMH1K6y+ICB3kC1BNK9Q6bATMgc=
Subject key identifier: 61:D7:C6:69:71:DD:4D:BF:8B:62:14:EC:FF:0C:FA:B3:D8:27:C0:13
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 01954BA63997F69C54E0124A21D024D36D23
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/YdfGaXHdTb-LYhTs_wz6s9gnwBM.roa
Signing time: Fri 28 Feb 2025 08:22:19 +0000
ROA not before: Fri 28 Feb 2025 08:22:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29014
IP address blocks: 45.139.156.0/22 maxlen: 24
45.139.158.0/23 maxlen: 23
85.158.0.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.6.0/24 maxlen: 24
85.158.7.0/24 maxlen: 24
93.92.128.0/21 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.133.0/24 maxlen: 24
93.92.134.0/23 maxlen: 23
185.8.8.0/22 maxlen: 24
185.8.8.0/24 maxlen: 24
192.42.65.0/24 maxlen: 24
193.41.116.0/23 maxlen: 24
194.126.239.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
195.177.233.0/24 maxlen: 24
2a00:12e8::/32 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:200::/40 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8:600::/40 maxlen: 40
2a00:12e8:700::/40 maxlen: 40
2a00:12e8:800::/40 maxlen: 48
2a00:12e8:800::/48 maxlen: 48
2a00:12e8:801::/48 maxlen: 48
2a00:12e8:802::/48 maxlen: 48
2a00:12e8:900::/40 maxlen: 40
2a00:12e8:f111::/48 maxlen: 48
2a00:12e8:f123::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:a6:39:97:f6:9c:54:e0:12:4a:21:d0:24:d3:6d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Feb 28 08:22:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61d7c66971dd4dbf8b6214ecff0cfab3d827c013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:df:19:6a:66:92:ab:5a:3f:2a:22:58:1b:ef:
f4:6d:1b:a1:85:7b:0e:5b:72:c2:7c:0a:32:11:ec:
ea:f4:2a:8f:a0:e9:cb:ad:43:c1:c4:7e:f5:09:24:
3d:48:33:e5:43:1f:2c:e8:7c:31:e7:7e:10:67:18:
3e:13:53:cd:0a:6c:45:1d:31:6f:ab:ea:e9:4e:47:
94:3a:34:67:0e:b3:ef:88:4c:ea:12:17:0e:07:67:
db:c4:52:fc:fe:72:58:6b:ff:1d:cb:06:51:4c:06:
5d:4b:db:29:6c:30:a6:e6:7f:3c:aa:29:4f:a6:5c:
5c:e9:c2:76:4e:58:01:28:e6:92:86:54:3f:72:15:
eb:d6:c1:52:a0:b0:36:2f:93:89:c4:df:80:0a:08:
68:c9:e1:45:21:4b:60:a2:da:8c:55:13:32:68:98:
06:04:4d:a9:67:c4:a7:8d:44:6a:8b:d3:af:bf:57:
59:46:c0:dc:02:20:c7:7f:16:f6:36:de:2f:93:19:
98:5c:72:f3:c0:32:a8:1f:6f:c7:0f:15:f7:55:f1:
38:3b:32:1a:e0:e2:6a:d4:88:41:af:84:24:ae:71:
27:ea:3a:ee:f7:1d:19:98:a2:dc:a4:a0:46:a0:ee:
60:09:9c:9d:ab:a9:82:09:21:33:e8:9a:c7:d1:72:
68:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D7:C6:69:71:DD:4D:BF:8B:62:14:EC:FF:0C:FA:B3:D8:27:C0:13
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/YdfGaXHdTb-LYhTs_wz6s9gnwBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
192.42.65.0/24
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
25:9b:9f:db:05:a1:23:1c:93:c8:a9:92:72:e5:37:90:20:5a:
6b:9f:1c:1e:46:06:08:9a:9d:d2:43:9d:c1:d0:0d:5f:49:7b:
7d:77:29:05:61:c9:10:0a:f5:07:f1:93:b2:31:00:13:11:05:
26:c0:c0:39:c0:e1:7f:c9:10:09:3f:4c:75:a4:99:7b:ea:f0:
43:7c:1c:8d:f6:42:16:7a:55:1c:6b:7d:0e:33:d5:01:31:c0:
09:6a:c8:df:75:fd:ee:47:2d:d9:3f:c1:dd:b0:1b:eb:d6:94:
2b:fc:a1:69:7b:d4:9d:b4:76:ff:a6:bc:6d:9f:2e:ac:e0:03:
0e:f1:de:ec:02:40:36:6b:89:f2:ad:dc:36:8b:a5:8f:1c:19:
6b:11:a7:a1:11:b3:a1:aa:b1:11:5e:51:20:e8:01:57:63:b6:
e3:12:2c:ed:00:f5:49:6a:57:aa:04:6c:9b:78:db:28:6a:d6:
73:5e:90:e6:c7:2f:18:90:32:d2:9e:de:81:22:e7:0b:30:fa:
a8:8c:1d:14:20:07:78:4a:44:36:05:00:23:c2:0d:0a:a0:19:
f8:87:90:70:20:ec:21:95:4b:ee:0a:91:83:2f:1a:42:9b:79:
f8:d2:9e:0b:84:1e:27:96:f5:a5:9c:b5:20:1b:48:9e:dc:3a:
67:d0:35:97
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZVLpjmX9pxU4BJKIdAk020jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYjhjMmYzN2JkOGQ3ZTA0ZTc2OTg1YTRjZWQ0NTU5ZDc2
NTFjNDMwHhcNMjUwMjI4MDgyMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ3YzY2OTcxZGQ0ZGJmOGI2MjE0ZWNmZjBjZmFiM2Q4MjdjMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd8ZamaSq1o/KiJYG+/0bRuhhXsO
W3LCfAoyEezq9CqPoOnLrUPBxH71CSQ9SDPlQx8s6Hwx534QZxg+E1PNCmxFHTFv
q+rpTkeUOjRnDrPviEzqEhcOB2fbxFL8/nJYa/8dywZRTAZdS9spbDCm5n88qilP
plxc6cJ2TlgBKOaShlQ/chXr1sFSoLA2L5OJxN+ACghoyeFFIUtgotqMVRMyaJgG
BE2pZ8SnjURqi9Ovv1dZRsDcAiDHfxb2Nt4vkxmYXHLzwDKoH2/HDxX3VfE4OzIa
4OJq1IhBr4QkrnEn6jru9x0ZmKLcpKBGoO5gCZydq6mCCSEz6JrH0XJo7wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGHXxmlx3U2/i2IU7P8M+rPYJ8ATMB8GA1UdIwQY
MBaAFEG4wvN72NfgTnaYWkztRVnXZRxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjIt
MjgxOGY2NTc4ZDFiLzEvWWRmR2FYSGRUYi1MWWhUc193ejZzOWdud0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjItMjgxOGY2NTc4ZDFi
LzEvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLYucAwQD
VZ4AAwQDXVyAAwQCuQgIAwQAwCpBAwQBwSl0AwQAwn7vAwQBw7HoMA0EAgACMAcD
BQAqABLoMA0GCSqGSIb3DQEBCwUAA4IBAQAlm5/bBaEjHJPIqZJy5TeQIFprnxwe
RgYImp3SQ53B0A1fSXt9dykFYckQCvUH8ZOyMQATEQUmwMA5wOF/yRAJP0x1pJl7
6vBDfByN9kIWelUca30OM9UBMcAJasjfdf3uRy3ZP8HdsBvr1pQr/KFpe9SdtHb/
prxtny6s4AMO8d7sAkA2a4nyrdw2i6WPHBlrEaehEbOhqrERXlEg6AFXY7bjEizt
APVJaleqBGybeNsoatZzXpDmxy8YkDLSnt6BIucLMPqojB0UIAd4SkQ2BQAjwg0K
oBn4h5BwIOwhlUvuCpGDLxpCm3n40p4LhB4nlvWlnLUgG0ie3Dpn0DWX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net