Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/Y33-idsN2IrHbXJmRfchF8SWRjM.roa
File: Y33-idsN2IrHbXJmRfchF8SWRjM.roa (raw, json)
Hash identifier: Qhp5Guy5ylBt3xJaF8ORUseIHpCiXnCFbO+p2dIHmtY=
Subject key identifier: 63:7D:FE:89:DB:0D:D8:8A:C7:6D:72:66:45:F7:21:17:C4:96:46:33
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 01958E2256DE19EDEFCFBE4324243E38E7E9
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/Y33-idsN2IrHbXJmRfchF8SWRjM.roa
Signing time: Thu 13 Mar 2025 06:12:49 +0000
ROA not before: Thu 13 Mar 2025 06:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 31.3.208.0/21 maxlen: 21
31.3.208.0/24 maxlen: 24
31.3.211.0/24 maxlen: 24
31.3.212.0/23 maxlen: 23
31.3.221.0/24 maxlen: 24
31.3.223.0/24 maxlen: 24
81.27.64.0/24 maxlen: 24
81.27.66.0/23 maxlen: 23
81.27.72.0/23 maxlen: 23
81.27.75.0/24 maxlen: 24
81.27.76.0/24 maxlen: 24
81.27.80.0/22 maxlen: 22
81.27.87.0/24 maxlen: 24
81.27.88.0/21 maxlen: 21
82.197.72.0/22 maxlen: 22
82.197.72.0/24 maxlen: 24
82.197.74.0/24 maxlen: 24
2001:9d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:22:56:de:19:ed:ef:cf:be:43:24:24:3e:38:e7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Mar 13 06:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=637dfe89db0dd88ac76d726645f72117c4964633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:6b:a4:6e:88:85:e8:ae:d5:bb:9f:36:35:
22:ac:cb:0c:d6:6e:c3:ce:1f:69:ba:1d:85:fe:70:
41:eb:1c:4b:2f:fc:03:7f:97:d7:67:c5:c7:1d:d0:
af:ff:ff:73:89:d1:f9:79:fa:68:3a:25:1a:3a:35:
13:41:8b:13:98:51:73:b2:27:7e:bf:47:af:9c:b3:
8a:96:70:7a:27:92:8b:90:51:8d:10:b1:6c:17:94:
22:60:30:22:3e:78:37:19:14:94:06:2d:fa:a6:37:
e8:97:1d:4e:31:c5:1b:ef:d1:16:a1:2d:95:28:d0:
a5:c2:be:c0:19:0a:a5:db:fe:ca:17:78:3b:b9:de:
0d:53:18:cb:23:db:06:13:b8:47:8e:7f:63:73:f6:
a4:15:39:b8:e5:69:d8:fc:fd:df:24:25:26:53:c4:
e0:33:3b:b6:c3:3c:2d:69:ba:f0:56:ff:a4:1d:e5:
c4:0a:43:fe:c4:08:56:ed:a0:3d:67:09:bb:61:be:
1b:47:8e:6b:51:e8:f5:92:9e:58:96:5c:9e:8a:98:
51:5d:ee:2c:62:84:85:52:fb:df:49:26:4a:af:e6:
92:78:85:73:4e:c0:9d:d6:3a:05:98:66:7b:87:05:
3b:ef:4e:e0:4d:37:70:03:73:ef:8d:23:85:6d:e0:
1d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7D:FE:89:DB:0D:D8:8A:C7:6D:72:66:45:F7:21:17:C4:96:46:33
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/Y33-idsN2IrHbXJmRfchF8SWRjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.208.0/21
31.3.221.0/24
31.3.223.0/24
81.27.64.0/24
81.27.66.0/23
81.27.72.0/23
81.27.75.0-81.27.76.255
81.27.80.0/22
81.27.87.0-81.27.95.255
82.197.72.0/22
IPv6:
2001:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
4d:77:dc:ce:ae:44:99:7e:dc:24:cb:97:d9:ec:bb:2a:e5:ed:
85:c3:8c:34:ff:cc:17:e1:ca:ad:95:ca:51:7e:a1:b3:59:d4:
1f:a5:d8:75:6a:9a:37:7a:c1:16:5e:e5:da:be:0f:34:17:30:
48:49:64:8c:88:2b:59:44:b8:72:f7:8a:d0:38:bf:ba:f7:43:
0b:73:09:b4:05:f1:21:05:bc:e7:35:00:42:cc:3b:1b:13:6e:
81:79:e4:3e:fa:da:ee:c0:24:11:7d:17:1b:ca:2d:6a:6a:a6:
65:9e:6c:cf:ad:6c:8a:75:90:69:f9:7f:2c:ad:9a:b7:e0:89:
40:cf:b6:c7:0b:5b:ba:18:ef:2c:ea:e5:b9:e6:a5:90:85:08:
d8:3b:8f:eb:90:44:61:49:71:ca:b5:cb:76:0c:30:30:0b:33:
e7:b5:13:92:b2:c6:0f:4e:2d:23:f5:4e:33:ad:2c:0a:79:a3:
92:01:af:39:39:2d:07:11:25:ac:5a:5e:cd:6a:07:04:a5:e5:
03:cf:2c:27:5e:39:cd:97:07:59:5a:f9:f1:ac:5f:87:4e:3a:
81:d3:94:cf:4b:0e:a8:69:72:09:ac:c7:c6:93:51:11:e2:d4:
2b:c3:2e:e9:cc:17:43:9b:e1:f8:b4:d0:6f:46:08:b7:83:e9:
21:fe:5d:86
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZWOIlbeGe3vz75DJCQ+OOfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjUwMzEzMDYxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdkZmU4OWRiMGRkODhhYzc2ZDcyNjY0NWY3MjExN2M0OTY0NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWZrpG6Iheiu1bufNjUirMsM1m7D
zh9puh2F/nBB6xxLL/wDf5fXZ8XHHdCv//9zidH5efpoOiUaOjUTQYsTmFFzsid+
v0evnLOKlnB6J5KLkFGNELFsF5QiYDAiPng3GRSUBi36pjfolx1OMcUb79EWoS2V
KNClwr7AGQql2/7KF3g7ud4NUxjLI9sGE7hHjn9jc/akFTm45WnY/P3fJCUmU8Tg
Mzu2wzwtabrwVv+kHeXECkP+xAhW7aA9Zwm7Yb4bR45rUej1kp5YllyeiphRXe4s
YoSFUvvfSSZKr+aSeIVzTsCd1joFmGZ7hwU7707gTTdwA3PvjSOFbeAdkwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFGN9/onbDdiKx21yZkX3IRfElkYzMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvWTMzLWlkc04ySXJIYlhKbVJmY2hGOFNXUmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDHwPQAwQA
HwPdAwQAHwPfAwQAURtAAwQBURtCAwQBURtIMAwDBABRG0sDBABRG0wDBAJRG1Aw
DAMEAFEbVwMEBVEbQAMEAlLFSDANBAIAAjAHAwUAIAEJ2DANBgkqhkiG9w0BAQsF
AAOCAQEATXfczq5EmX7cJMuX2ey7KuXthcOMNP/MF+HKrZXKUX6hs1nUH6XYdWqa
N3rBFl7l2r4PNBcwSElkjIgrWUS4cveK0Di/uvdDC3MJtAXxIQW85zUAQsw7GxNu
gXnkPvra7sAkEX0XG8otamqmZZ5sz61sinWQafl/LK2at+CJQM+2xwtbuhjvLOrl
uealkIUI2DuP65BEYUlxyrXLdgwwMAsz57UTkrLGD04tI/VOM60sCnmjkgGvOTkt
BxElrFpezWoHBKXlA88sJ145zZcHWVr58axfh046gdOUz0sOqGlyCazHxpNREeLU
K8Mu6cwXQ5vh+LTQb0YIt4PpIf5dhg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:00:38 2025 by rpki-client