Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/yhcAHEKxZVCODOjWlW2pWrhXUoA.roa
File: yhcAHEKxZVCODOjWlW2pWrhXUoA.roa (raw, json)
Hash identifier: BQdy1juZTcnmVxJwEM6u9j9UTa+bDec5eXCStK/qQwQ=
Subject key identifier: CA:17:00:1C:42:B1:65:50:8E:0C:E8:D6:95:6D:A9:5A:B8:57:52:80
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0195CD2DE18A109B8307B659B238CF44E832
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/yhcAHEKxZVCODOjWlW2pWrhXUoA.roa
Signing time: Tue 25 Mar 2025 12:01:30 +0000
ROA not before: Tue 25 Mar 2025 12:01:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42130
IP address blocks: 93.88.22.0/24 maxlen: 24
93.88.23.0/24 maxlen: 24
185.198.49.0/24 maxlen: 24
185.207.174.0/24 maxlen: 24
195.245.72.0/24 maxlen: 24
195.245.88.0/24 maxlen: 24
2a13:b2c0::/32 maxlen: 32
2a13:b2c1:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:2d:e1:8a:10:9b:83:07:b6:59:b2:38:cf:44:e8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 25 12:01:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca17001c42b165508e0ce8d6956da95ab8575280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:27:03:01:63:49:bf:fe:f1:44:f0:5a:95:5a:
bd:f8:f8:54:e0:1c:f3:af:91:12:5b:c2:c6:9f:21:
dd:63:ed:e3:3e:1d:5e:0b:d2:78:02:00:d8:16:0b:
28:6a:39:cd:62:bd:d0:aa:5a:6f:73:7f:5c:31:04:
23:68:f6:f3:64:74:dc:79:9d:8d:c2:cd:08:37:66:
ef:35:18:c0:06:d9:ff:84:4d:c6:4a:5b:08:4f:24:
86:f2:04:1a:97:aa:b7:1e:0b:9e:2e:1b:64:56:3c:
e7:87:e0:ad:c3:ab:c2:07:c9:84:eb:04:5d:68:c7:
c0:fa:9f:8b:71:10:2e:c5:f4:da:f8:80:49:9c:1b:
e1:0b:4e:e9:45:11:18:81:8c:9e:22:0e:23:60:92:
bc:c6:0a:d5:d3:5e:2d:25:5c:13:40:9c:74:d6:0c:
04:23:36:df:9f:50:8f:46:cc:80:b2:ac:ea:d1:31:
56:ad:02:ce:a5:d4:8d:ab:f2:2e:ab:81:ef:36:53:
02:11:54:3f:ac:60:07:00:90:af:8d:b3:af:e2:6f:
31:33:19:01:5d:14:70:b0:25:c5:cf:b3:eb:23:b2:
50:11:7c:af:66:1b:15:5b:4c:1a:1d:14:dd:63:ab:
f1:28:14:6e:46:75:ce:c6:2f:c0:f1:a5:89:fe:da:
21:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:17:00:1C:42:B1:65:50:8E:0C:E8:D6:95:6D:A9:5A:B8:57:52:80
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/yhcAHEKxZVCODOjWlW2pWrhXUoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.22.0/23
185.198.49.0/24
185.207.174.0/24
195.245.72.0/24
195.245.88.0/24
IPv6:
2a13:b2c0::/32
2a13:b2c1:1::/48
Signature Algorithm: sha256WithRSAEncryption
51:f9:3f:8a:c0:99:35:a5:e3:13:bc:b8:4b:f8:6a:0e:fc:4a:
d1:b6:6c:e8:38:10:24:38:4f:0c:7e:cf:3e:5b:85:25:ee:7f:
2d:de:c1:f6:5c:7d:1a:08:de:bf:85:d3:1c:ec:07:cc:b4:b4:
80:bf:d9:82:a9:2a:86:a4:9c:a4:43:f1:f0:c0:83:1e:26:bc:
4a:84:87:01:c3:6d:06:bb:af:99:c7:6e:80:bc:4d:28:fe:c8:
82:99:64:cc:e6:0f:32:fc:d7:ae:21:6b:91:05:9f:38:81:6e:
25:71:c0:bd:e1:6e:58:fb:b3:29:e1:4a:82:2f:4a:63:c8:e4:
47:e4:8f:91:24:7b:3b:4f:75:ec:74:61:7c:e4:33:c4:88:9b:
fb:16:ae:f7:2a:f1:b6:25:9d:68:b3:b8:7c:c1:ed:92:9d:5f:
81:e8:39:90:4a:75:51:81:fb:ec:f3:d0:18:7a:0f:82:b7:5c:
69:dd:33:5c:73:bc:e6:d0:ab:16:64:8f:95:10:74:68:ee:5b:
12:44:2a:02:a8:f9:ef:ff:3d:69:42:80:22:df:a7:d9:dc:1a:
1a:3f:81:9f:8e:b1:f9:da:45:9a:5a:8c:4a:b3:b2:1d:b4:ca:
7b:88:62:01:4b:ac:4f:68:08:c4:95:e5:95:2c:10:19:25:cc:
66:1c:2e:0e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZXNLeGKEJuDB7ZZsjjPROgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwMzI1MTIwMTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE3MDAxYzQyYjE2NTUwOGUwY2U4ZDY5NTZkYTk1YWI4NTc1MjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnycDAWNJv/7xRPBalVq9+PhU4Bzz
r5ESW8LGnyHdY+3jPh1eC9J4AgDYFgsoajnNYr3Qqlpvc39cMQQjaPbzZHTceZ2N
ws0IN2bvNRjABtn/hE3GSlsITySG8gQal6q3HgueLhtkVjznh+Ctw6vCB8mE6wRd
aMfA+p+LcRAuxfTa+IBJnBvhC07pRREYgYyeIg4jYJK8xgrV014tJVwTQJx01gwE
Izbfn1CPRsyAsqzq0TFWrQLOpdSNq/Iuq4HvNlMCEVQ/rGAHAJCvjbOv4m8xMxkB
XRRwsCXFz7PrI7JQEXyvZhsVW0waHRTdY6vxKBRuRnXOxi/A8aWJ/tohAwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMoXABxCsWVQjgzo1pVtqVq4V1KAMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEveWhjQUhFS3haVkNPRE9qV2xXMnBXcmhYVW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQBXVgWAwQA
ucYxAwQAuc+uAwQAw/VIAwQAw/VYMBYEAgACMBADBQAqE7LAAwcAKhOywQABMA0G
CSqGSIb3DQEBCwUAA4IBAQBR+T+KwJk1peMTvLhL+GoO/ErRtmzoOBAkOE8Mfs8+
W4Ul7n8t3sH2XH0aCN6/hdMc7AfMtLSAv9mCqSqGpJykQ/HwwIMeJrxKhIcBw20G
u6+Zx26AvE0o/siCmWTM5g8y/NeuIWuRBZ84gW4lccC94W5Y+7Mp4UqCL0pjyORH
5I+RJHs7T3XsdGF85DPEiJv7Fq73KvG2JZ1os7h8we2SnV+B6DmQSnVRgfvs89AY
eg+Ct1xp3TNcc7zm0KsWZI+VEHRo7lsSRCoCqPnv/z1pQoAi36fZ3BoaP4GfjrH5
2kWaWoxKs7IdtMp7iGIBS6xPaAjEleWVLBAZJcxmHC4O
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:32 2025 by rpki-client on console.sobornost.net