Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/Ygud2H3mQvpplx2m1ZwaXdOogYA.roa
File: Ygud2H3mQvpplx2m1ZwaXdOogYA.roa (raw, json)
Hash identifier: /wnaFbQu+otS41ERWGG+1dFZ6eGw9L5BsokLI2OTM5g=
Subject key identifier: 62:0B:9D:D8:7D:E6:42:FA:69:97:1D:A6:D5:9C:1A:5D:D3:A8:81:80
Certificate issuer: /CN=3ed42a0487705606015e5a30da1e70f407e59e99
Certificate serial: 019426D8B3A71A4CF178FD16CE138C77DF53
Authority key identifier: 3E:D4:2A:04:87:70:56:06:01:5E:5A:30:DA:1E:70:F4:07:E5:9E:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PtQqBIdwVgYBXlow2h5w9Aflnpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/Ygud2H3mQvpplx2m1ZwaXdOogYA.roa
Signing time: Thu 02 Jan 2025 11:48:43 +0000
ROA not before: Thu 02 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2848
IP address blocks: 89.249.160.0/20 maxlen: 20
93.180.0.0/18 maxlen: 18
188.44.32.0/19 maxlen: 19
2a00:f480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:b3:a7:1a:4c:f1:78:fd:16:ce:13:8c:77:df:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ed42a0487705606015e5a30da1e70f407e59e99
Validity
Not Before: Jan 2 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=620b9dd87de642fa69971da6d59c1a5dd3a88180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6d:88:9e:10:01:92:c4:7d:e9:88:a1:15:88:
d3:ac:54:88:c5:90:79:9f:01:9b:cd:94:90:35:46:
ac:5f:7f:41:0d:8e:5a:96:46:0f:68:6d:5a:4c:5e:
d5:c1:e5:d5:d4:01:d7:d4:43:e0:b3:18:3f:78:fa:
b8:a8:8e:8a:c5:6a:33:d0:45:b2:42:c1:9c:e2:7d:
8a:d6:75:79:87:ae:55:0c:94:00:ac:c1:c6:14:90:
bb:1f:db:58:41:62:82:02:43:71:96:a7:61:4f:e9:
d0:d8:59:02:60:2c:1e:0a:2b:23:b7:8c:45:3d:94:
81:c4:58:ea:e8:79:aa:98:61:92:8c:bc:11:29:99:
36:6a:34:43:3d:db:77:04:03:b9:83:b6:14:3d:ce:
eb:a3:0e:c2:22:73:9b:4c:77:88:43:b6:a2:78:0c:
93:97:a8:39:f7:72:5d:d4:9f:4f:04:a9:d5:39:22:
05:bc:af:a3:d6:6d:be:20:1a:17:2f:5a:fe:20:3d:
73:46:c2:82:cd:c9:9f:2c:0a:93:ce:ed:a6:1b:c6:
52:91:67:1b:a3:23:ed:6a:e1:e2:72:65:ed:39:83:
1c:6e:85:62:3b:4d:e8:e5:66:35:ac:6d:44:af:bd:
4c:6d:56:1d:71:ce:b9:f3:0b:90:4c:58:29:6a:19:
11:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0B:9D:D8:7D:E6:42:FA:69:97:1D:A6:D5:9C:1A:5D:D3:A8:81:80
X509v3 Authority Key Identifier:
keyid:3E:D4:2A:04:87:70:56:06:01:5E:5A:30:DA:1E:70:F4:07:E5:9E:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtQqBIdwVgYBXlow2h5w9Aflnpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/Ygud2H3mQvpplx2m1ZwaXdOogYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fc93b1-064e-44ab-90da-8262539de46f/1/PtQqBIdwVgYBXlow2h5w9Aflnpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.160.0/20
93.180.0.0/18
188.44.32.0/19
IPv6:
2a00:f480::/32
Signature Algorithm: sha256WithRSAEncryption
64:3f:aa:36:8a:58:42:12:23:d1:1f:9f:ca:e0:5c:32:33:c4:
6e:a2:a2:c1:a8:6f:09:7e:27:c1:85:74:69:7a:aa:95:4a:90:
b9:e2:dd:f9:96:e4:39:85:6a:c5:8d:53:af:46:72:60:7c:94:
5e:cb:ae:a9:7e:6a:fe:2a:36:b4:f8:3c:ff:52:6d:ba:d6:53:
48:3c:58:b8:c4:30:4b:1a:c2:00:04:15:ce:f9:0e:5a:c6:a1:
93:f6:65:9b:65:db:be:ce:0a:77:97:0b:07:95:36:42:e6:d9:
47:39:2b:75:a1:18:d7:3b:7b:2b:39:ff:66:b8:ca:af:94:57:
fe:f1:0b:02:94:05:ef:c7:69:c7:4a:c0:6a:0e:aa:a1:22:e5:
da:52:71:37:18:82:0a:5b:3b:be:ab:96:55:7f:82:65:0e:f8:
5d:35:63:c4:b0:1f:36:96:e7:e9:f8:fa:09:8a:10:a7:cc:99:
16:12:7a:da:bc:50:d3:b6:ac:f2:ce:ea:33:af:11:ed:9e:43:
5a:de:f2:45:c8:55:10:0a:6d:a8:b7:09:d0:e6:f5:13:e6:3c:
d8:4e:1c:0a:3d:85:42:f1:bf:9c:44:5e:bf:97:87:cc:9a:ec:
2d:8c:36:8f:13:e1:fb:21:e3:e9:a5:7d:e6:65:ec:fc:91:41:
31:bf:73:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2LOnGkzxeP0WzhOMd99TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDQyYTA0ODc3MDU2MDYwMTVlNWEzMGRhMWU3MGY0MDdl
NTllOTkwHhcNMjUwMTAyMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBiOWRkODdkZTY0MmZhNjk5NzFkYTZkNTljMWE1ZGQzYTg4MTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym2InhABksR96YihFYjTrFSIxZB5
nwGbzZSQNUasX39BDY5alkYPaG1aTF7VweXV1AHX1EPgsxg/ePq4qI6KxWoz0EWy
QsGc4n2K1nV5h65VDJQArMHGFJC7H9tYQWKCAkNxlqdhT+nQ2FkCYCweCisjt4xF
PZSBxFjq6HmqmGGSjLwRKZk2ajRDPdt3BAO5g7YUPc7row7CInObTHeIQ7aieAyT
l6g593Jd1J9PBKnVOSIFvK+j1m2+IBoXL1r+ID1zRsKCzcmfLAqTzu2mG8ZSkWcb
oyPtauHicmXtOYMcboViO03o5WY1rG1Er71MbVYdcc658wuQTFgpahkRIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGILndh95kL6aZcdptWcGl3TqIGAMB8GA1UdIwQY
MBaAFD7UKgSHcFYGAV5aMNoecPQH5Z6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRRcUJJZHdWZ1lCWGxvdzJoNXc5QWZsbnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mYzkzYjEtMDY0ZS00NGFiLTkwZGEt
ODI2MjUzOWRlNDZmLzEvWWd1ZDJIM21RdnBwbHgybTFad2FYZE9vZ1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mYzkzYjEtMDY0ZS00NGFiLTkwZGEtODI2MjUzOWRlNDZm
LzEvUHRRcUJJZHdWZ1lCWGxvdzJoNXc5QWZsbnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEWfmgAwQG
XbQAAwQFvCwgMA0EAgACMAcDBQAqAPSAMA0GCSqGSIb3DQEBCwUAA4IBAQBkP6o2
ilhCEiPRH5/K4FwyM8RuoqLBqG8JfifBhXRpeqqVSpC54t35luQ5hWrFjVOvRnJg
fJRey66pfmr+Kja0+Dz/Um261lNIPFi4xDBLGsIABBXO+Q5axqGT9mWbZdu+zgp3
lwsHlTZC5tlHOSt1oRjXO3srOf9muMqvlFf+8QsClAXvx2nHSsBqDqqhIuXaUnE3
GIIKWzu+q5ZVf4JlDvhdNWPEsB82lufp+PoJihCnzJkWEnravFDTtqzyzuozrxHt
nkNa3vJFyFUQCm2otwnQ5vUT5jzYThwKPYVC8b+cRF6/l4fMmuwtjDaPE+H7IePp
pX3mZez8kUExv3Pu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net