Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa
File: gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa (raw, json)
Hash identifier: V+jQPfwx3Xoa/wL9PzJ6rz+juFyDwb1B2F2Hpp1ngN4=
Subject key identifier: 81:89:D4:89:74:1E:1D:95:E8:53:66:40:37:E7:DB:B1:DF:8F:6F:1D
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 0195D2632D2D5ACBA60412F1E74FC2C75525
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa
Signing time: Wed 26 Mar 2025 12:17:49 +0000
ROA not before: Wed 26 Mar 2025 12:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201299
IP address blocks: 147.93.192.0/20 maxlen: 20
176.52.180.0/22 maxlen: 22
176.52.181.0/24 maxlen: 24
176.52.182.0/24 maxlen: 24
176.52.183.0/24 maxlen: 24
2a07:cbc0::/29 maxlen: 42
2a07:cbc0:100::/42 maxlen: 42
2a07:cbc0:140::/42 maxlen: 42
2a07:cbc0:180::/42 maxlen: 42
2a07:cbc0:1c0::/42 maxlen: 42
2a07:cbc0:200::/42 maxlen: 42
2a07:cbc0:300::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:63:2d:2d:5a:cb:a6:04:12:f1:e7:4f:c2:c7:55:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Mar 26 12:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8189d489741e1d95e853664037e7dbb1df8f6f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:3c:c4:7e:50:bc:8a:85:75:d3:1e:5e:51:
a3:3a:5f:b2:09:ed:e4:0f:d7:0a:77:e2:3a:6a:d3:
a5:5e:bf:26:e9:fe:68:ff:55:e5:d1:ec:6e:39:4d:
9d:ab:c1:0e:d6:1a:a9:40:18:2b:79:2b:30:af:43:
56:7e:66:ae:cc:a2:1a:14:50:e6:cc:47:ad:d0:ca:
79:9d:5a:b3:34:60:81:e4:3f:47:d5:81:78:a8:50:
61:5d:a3:57:d3:ef:b2:dc:20:fe:a0:bd:bd:3c:81:
0e:00:a2:d0:85:59:b4:3f:60:73:d8:21:d7:ad:30:
9f:87:51:9e:b1:c2:bb:61:09:17:6b:18:44:1b:1f:
03:2b:1a:d3:cb:0f:6c:ef:c0:f3:82:43:fb:0e:43:
61:13:f9:cc:c4:c0:09:a4:9e:73:61:7f:c9:48:eb:
b5:8d:2b:05:d7:86:fa:52:16:1d:46:25:a6:ef:07:
a2:ba:47:5b:49:8e:33:31:58:63:4f:30:a5:d3:7b:
9b:3a:db:d1:f6:9c:85:70:dd:0a:32:71:6b:76:6c:
73:89:e3:c2:e3:1b:b2:7f:2b:68:e4:3f:bc:87:c4:
bb:af:7f:c3:c0:dc:93:0e:5e:94:00:1b:f2:c8:17:
9d:57:f1:51:f5:07:50:17:fe:48:41:93:ff:ce:0f:
23:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:89:D4:89:74:1E:1D:95:E8:53:66:40:37:E7:DB:B1:DF:8F:6F:1D
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.93.192.0/20
176.52.180.0/22
IPv6:
2a07:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:a5:f0:5f:3e:2a:6c:a2:40:75:2e:43:2c:06:54:8b:90:3d:
19:ac:46:3b:ad:c6:88:e8:35:57:95:8b:50:d6:01:b8:85:91:
2c:82:0e:56:c0:23:23:a7:be:ab:04:82:5d:5e:d9:e9:a0:29:
9d:15:58:fe:9e:04:50:d4:8d:c5:cb:9e:e8:7b:ff:c1:9d:4f:
43:d4:2e:22:ba:75:4a:fb:00:05:f3:14:29:12:6b:47:38:79:
c6:cf:d2:52:da:41:19:ac:4c:85:8e:c1:5d:43:56:55:57:88:
05:13:12:3a:91:99:c7:40:51:2d:d1:67:0f:74:ae:ea:3d:22:
7b:7a:c9:aa:6e:62:0b:8f:36:cc:8e:51:5e:fc:b3:a4:c5:7f:
c5:fc:96:1f:26:8a:fd:e4:36:1b:4b:72:ee:0d:58:0d:75:e5:
fa:cb:a2:a6:96:6e:b3:23:7d:42:5f:55:e5:20:d7:7c:33:22:
9b:71:c6:72:49:fb:8c:c7:b1:47:38:54:d2:47:66:82:8a:40:
30:ca:5f:71:ad:d3:dc:b6:8b:0b:ad:68:96:70:6f:9b:23:64:
43:f3:fb:16:77:b0:7c:c2:1a:11:33:6a:11:c4:87:53:83:42:
10:ac:3c:50:ad:91:7f:23:d9:1d:bb:e0:64:0b:fd:88:6c:22:
a9:72:da:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZXSYy0tWsumBBLx50/Cx1UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjUwMzI2MTIxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTg5ZDQ4OTc0MWUxZDk1ZTg1MzY2NDAzN2U3ZGJiMWRmOGY2ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPI8xH5QvIqFddMeXlGjOl+yCe3k
D9cKd+I6atOlXr8m6f5o/1Xl0exuOU2dq8EO1hqpQBgreSswr0NWfmauzKIaFFDm
zEet0Mp5nVqzNGCB5D9H1YF4qFBhXaNX0++y3CD+oL29PIEOAKLQhVm0P2Bz2CHX
rTCfh1GescK7YQkXaxhEGx8DKxrTyw9s78DzgkP7DkNhE/nMxMAJpJ5zYX/JSOu1
jSsF14b6UhYdRiWm7weiukdbSY4zMVhjTzCl03ubOtvR9pyFcN0KMnFrdmxziePC
4xuyfyto5D+8h8S7r3/DwNyTDl6UABvyyBedV/FR9QdQF/5IQZP/zg8jRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIGJ1Il0Hh2V6FNmQDfn27Hfj28dMB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvZ1luVWlYUWVIWlhvVTJaQU4tZmJzZC1QYngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk13AAwQC
sDS0MA0EAgACMAcDBQMqB8vAMA0GCSqGSIb3DQEBCwUAA4IBAQA6pfBfPipsokB1
LkMsBlSLkD0ZrEY7rcaI6DVXlYtQ1gG4hZEsgg5WwCMjp76rBIJdXtnpoCmdFVj+
ngRQ1I3Fy57oe//BnU9D1C4iunVK+wAF8xQpEmtHOHnGz9JS2kEZrEyFjsFdQ1ZV
V4gFExI6kZnHQFEt0WcPdK7qPSJ7esmqbmILjzbMjlFe/LOkxX/F/JYfJor95DYb
S3LuDVgNdeX6y6Kmlm6zI31CX1XlINd8MyKbccZySfuMx7FHOFTSR2aCikAwyl9x
rdPctosLrWiWcG+bI2RD8/sWd7B8whoRM2oRxIdTg0IQrDxQrZF/I9kdu+BkC/2I
bCKpctp0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net