Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/yddKhM7KOA92RK-ZT-0HusxaQYw.roa
File: yddKhM7KOA92RK-ZT-0HusxaQYw.roa (raw, json)
Hash identifier: uLrI3OlvqopQFs6ZQSqG24HZECjcr/VUAtcXCl9AFog=
Subject key identifier: C9:D7:4A:84:CE:CA:38:0F:76:44:AF:99:4F:ED:07:BA:CC:5A:41:8C
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01963AD1CD923FDAA12D2E8048E05E5E63DE
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/yddKhM7KOA92RK-ZT-0HusxaQYw.roa
Signing time: Tue 15 Apr 2025 18:59:10 +0000
ROA not before: Tue 15 Apr 2025 18:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 95.214.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3a:d1:cd:92:3f:da:a1:2d:2e:80:48:e0:5e:5e:63:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Apr 15 18:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9d74a84ceca380f7644af994fed07bacc5a418c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:0d:52:c3:82:c3:8b:39:90:1e:69:4b:3d:
60:65:b3:96:25:5f:3d:68:8f:d1:ce:60:8f:c6:b7:
e8:2c:31:b8:b6:ca:77:70:39:74:13:5e:50:88:99:
de:1a:62:b6:a8:e5:e8:0e:c8:c2:c8:0a:f7:4f:7d:
b3:ea:84:b9:3a:69:0e:e8:5a:53:4d:a8:aa:9f:de:
ad:14:61:12:11:94:4c:50:48:d3:67:ea:aa:eb:d8:
9e:10:c2:68:89:3f:a4:79:fa:d7:57:a3:42:f2:b6:
6f:2a:13:97:02:76:02:ea:89:23:6c:6a:ef:3b:bc:
92:35:66:8f:1e:0f:5e:c8:0f:61:26:1d:dc:e4:54:
26:83:69:06:5b:ef:74:78:8b:d1:ea:5d:b5:3d:8e:
e6:2b:52:63:2d:1f:3f:16:e7:6f:1b:8a:3c:8e:e5:
b7:f9:08:8e:78:7b:5a:fd:7e:d3:cf:28:26:da:46:
9b:57:73:be:b9:98:b8:7c:96:85:51:eb:e3:ab:c5:
80:49:69:93:c5:e6:9a:1c:1c:56:0f:11:10:23:04:
74:a2:2b:86:7d:27:c0:d9:d4:6d:ac:03:fa:5c:3f:
e2:19:b2:2a:fe:74:de:a3:38:08:18:77:14:62:99:
3e:09:ef:df:df:2c:fb:92:f5:2b:27:ab:0a:fa:78:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D7:4A:84:CE:CA:38:0F:76:44:AF:99:4F:ED:07:BA:CC:5A:41:8C
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/yddKhM7KOA92RK-ZT-0HusxaQYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.173.0/24
Signature Algorithm: sha256WithRSAEncryption
94:81:aa:85:03:94:33:fc:90:eb:63:d2:e9:0c:42:43:5f:9d:
b9:55:2c:0d:01:fb:0f:de:53:a8:83:bb:e5:30:4f:72:5b:7b:
ec:4e:86:cd:bc:9d:f9:e5:28:e9:38:ed:3e:86:6e:7c:a8:1b:
b9:00:e8:9c:b6:05:78:f5:59:bb:91:9a:73:18:4a:05:1a:b6:
fb:88:1a:c5:fd:07:5c:43:e3:22:f6:d2:44:24:ba:e1:99:95:
b7:ae:39:63:fd:cf:0e:0a:6f:81:5b:c0:1d:23:e9:e4:62:e8:
82:77:58:29:d6:31:f8:5c:89:dc:cf:e4:d0:3c:27:aa:63:83:
78:56:b4:62:bd:89:be:66:d2:29:42:a7:3a:3d:02:d5:51:3c:
b1:bc:e5:a7:40:dd:bb:cb:a9:76:88:ec:a5:ea:af:04:df:0b:
ad:38:c7:97:0e:93:d2:4e:c8:4a:1a:a9:e1:14:a6:3e:99:50:
62:65:0c:97:3e:a9:42:01:62:bb:23:35:06:6d:ae:ec:d6:0b:
f3:d4:22:95:64:0c:d0:dd:b4:bf:8a:fa:b6:4c:96:7d:fa:1c:
99:98:ad:60:d6:b3:07:23:26:05:23:4a:9d:be:f5:e7:93:f3:
b3:51:1e:ff:69:cb:96:46:e2:74:f2:5a:9f:9a:d3:d4:fa:64:
b4:56:ba:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY60c2SP9qhLS6ASOBeXmPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjUwNDE1MTg1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ3NGE4NGNlY2EzODBmNzY0NGFmOTk0ZmVkMDdiYWNjNWE0MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtINUsOCw4s5kB5pSz1gZbOWJV89
aI/RzmCPxrfoLDG4tsp3cDl0E15QiJneGmK2qOXoDsjCyAr3T32z6oS5OmkO6FpT
Taiqn96tFGESEZRMUEjTZ+qq69ieEMJoiT+kefrXV6NC8rZvKhOXAnYC6okjbGrv
O7ySNWaPHg9eyA9hJh3c5FQmg2kGW+90eIvR6l21PY7mK1JjLR8/FudvG4o8juW3
+QiOeHta/X7Tzygm2kabV3O+uZi4fJaFUevjq8WASWmTxeaaHBxWDxEQIwR0oiuG
fSfA2dRtrAP6XD/iGbIq/nTeozgIGHcUYpk+Ce/f3yz7kvUrJ6sK+niCBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnXSoTOyjgPdkSvmU/tB7rMWkGMMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEveWRkS2hNN0tPQTkyUkstWlQtMEh1c3hhUVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9atMA0G
CSqGSIb3DQEBCwUAA4IBAQCUgaqFA5Qz/JDrY9LpDEJDX525VSwNAfsP3lOog7vl
ME9yW3vsTobNvJ355SjpOO0+hm58qBu5AOictgV49Vm7kZpzGEoFGrb7iBrF/Qdc
Q+Mi9tJEJLrhmZW3rjlj/c8OCm+BW8AdI+nkYuiCd1gp1jH4XIncz+TQPCeqY4N4
VrRivYm+ZtIpQqc6PQLVUTyxvOWnQN27y6l2iOyl6q8E3wutOMeXDpPSTshKGqnh
FKY+mVBiZQyXPqlCAWK7IzUGba7s1gvz1CKVZAzQ3bS/ivq2TJZ9+hyZmK1g1rMH
IyYFI0qdvvXnk/OzUR7/acuWRuJ08lqfmtPU+mS0VroJ
-----END CERTIFICATE-----
Generated at Wed Jun 4 23:27:59 2025 by rpki-client