Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/U_YkWvIbAgSV60H8mUEYqY805XM.roa
File: U_YkWvIbAgSV60H8mUEYqY805XM.roa (raw, json)
Hash identifier: rIv2yHmGWREBYz1rPgWWMboLSc3Q207kM2zjs8JlUoo=
Subject key identifier: 53:F6:24:5A:F2:1B:02:04:95:EB:41:FC:99:41:18:A9:8F:34:E5:73
Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Certificate serial: 01942368C86B08514A3473B6183F670C24D7
Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/U_YkWvIbAgSV60H8mUEYqY805XM.roa
Signing time: Wed 01 Jan 2025 19:47:37 +0000
ROA not before: Wed 01 Jan 2025 19:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 81.17.200.0/21 maxlen: 21
81.90.64.0/20 maxlen: 20
82.133.128.0/17 maxlen: 17
87.108.0.0/16 maxlen: 16
109.75.232.0/21 maxlen: 21
194.187.212.0/22 maxlen: 22
217.64.176.0/20 maxlen: 20
2001:a68::/32 maxlen: 48
2a00:16a0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c8:6b:08:51:4a:34:73:b6:18:3f:67:0c:24:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53f6245af21b020495eb41fc994118a98f34e573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d5:ee:b1:78:c1:cc:39:d3:17:73:73:62:11:
dc:4d:58:d2:5c:48:e5:e1:46:ed:12:bd:e6:fa:7a:
25:4b:4f:26:e9:50:dd:63:c3:0e:b8:88:23:7a:63:
8a:63:cf:82:be:ab:c9:e4:91:7a:a8:f5:b4:10:34:
db:dc:b4:97:97:17:b4:a3:16:75:73:78:4c:87:40:
e7:5d:3a:36:40:16:77:66:cc:ab:72:27:dd:23:c7:
25:27:87:14:35:c1:26:35:19:9b:e2:10:0d:2c:06:
9a:9d:f7:17:19:1e:92:ee:89:33:4e:ea:d5:9d:90:
f3:d1:d8:11:cc:bf:89:c9:c5:52:1c:87:26:6d:7c:
e4:c4:05:a7:a6:89:17:8a:37:3a:2f:78:c4:e6:b2:
58:be:90:cc:37:e6:47:07:16:71:dd:9e:15:6a:78:
e0:d3:e8:ea:4b:3a:f5:10:22:9c:0b:17:94:aa:f5:
a2:2e:4a:f4:9e:b5:af:6b:9b:07:e7:f6:ee:10:cb:
e6:a7:22:01:22:96:9c:81:34:25:71:ae:d8:6d:a6:
df:a1:e2:93:52:71:1a:09:9e:10:a8:6e:2c:d2:c1:
8b:3f:da:0e:22:1f:b6:e4:89:4a:ff:0c:a1:05:fb:
22:53:21:27:3a:67:a4:c8:28:b5:81:c7:1b:08:e4:
7e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F6:24:5A:F2:1B:02:04:95:EB:41:FC:99:41:18:A9:8F:34:E5:73
X509v3 Authority Key Identifier:
keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/U_YkWvIbAgSV60H8mUEYqY805XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.200.0/21
81.90.64.0/20
82.133.128.0/17
87.108.0.0/16
109.75.232.0/21
194.187.212.0/22
217.64.176.0/20
IPv6:
2001:a68::/32
2a00:16a0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:16:86:26:a1:4a:3e:0a:10:a9:9d:97:9e:5b:8a:96:80:67:
cc:52:8c:cf:3b:3c:17:fe:be:4f:94:fb:ad:85:62:a5:cf:b8:
c1:4d:25:94:f6:7f:de:35:63:c6:b2:4c:95:1a:ca:3a:aa:f9:
a3:a7:c6:ae:f9:93:5c:f1:9b:e3:dd:ae:54:47:a4:3a:e0:d5:
b7:bf:ce:4e:30:40:5a:03:bf:f2:db:63:40:3f:94:00:4c:8c:
e9:dc:63:5a:62:ae:9e:a9:24:4b:0f:7a:d4:ef:1b:8b:e1:5f:
8e:45:8a:71:16:53:96:a3:3c:89:a9:f5:63:c5:66:be:71:93:
24:23:35:e4:5e:bb:4d:07:03:8a:78:3a:f4:73:1d:41:1d:b3:
07:e2:9b:b0:c5:a7:11:45:96:bc:00:fe:2b:ec:50:b0:de:ed:
2d:61:d7:10:a2:c0:0e:0e:2b:9b:5c:50:46:05:39:85:7b:63:
41:c5:3c:cf:cd:0a:48:cf:ff:79:63:48:7f:41:59:76:9a:28:
00:40:be:36:97:78:03:6e:92:44:fb:cf:4e:85:16:45:60:17:
f0:60:73:54:5c:d1:17:95:b6:cf:6e:50:5e:59:f6:98:57:f2:
c6:a1:6e:11:5a:2a:ff:4e:8d:c3:f3:d7:04:4f:3d:98:5d:85:
b0:eb:03:5c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQjaMhrCFFKNHO2GD9nDCTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGQ1YjMwYjQ2YzdiOTdiMmRiYzQ1ODljZWEzNjIyYWQ3
NTYxNTYwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Y2MjQ1YWYyMWIwMjA0OTVlYjQxZmM5OTQxMThhOThmMzRlNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dXusXjBzDnTF3NzYhHcTVjSXEjl
4UbtEr3m+nolS08m6VDdY8MOuIgjemOKY8+CvqvJ5JF6qPW0EDTb3LSXlxe0oxZ1
c3hMh0DnXTo2QBZ3ZsyrcifdI8clJ4cUNcEmNRmb4hANLAaanfcXGR6S7okzTurV
nZDz0dgRzL+JycVSHIcmbXzkxAWnpokXijc6L3jE5rJYvpDMN+ZHBxZx3Z4Vanjg
0+jqSzr1ECKcCxeUqvWiLkr0nrWva5sH5/buEMvmpyIBIpacgTQlca7YbabfoeKT
UnEaCZ4QqG4s0sGLP9oOIh+25IlK/wyhBfsiUyEnOmekyCi1gccbCOR+HwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFP2JFryGwIEletB/JlBGKmPNOVzMB8GA1UdIwQY
MBaAFNENWzC0bHuXstvEWJzqNiKtdWFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUt
M2U0MGQwMTc0MGIyLzEvVV9Za1d2SWJBZ1NWNjBIOG1VRVlxWTgwNVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUtM2U0MGQwMTc0MGIy
LzEvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQDURHIAwQE
UVpAAwQHUoWAAwMAV2wDBANtS+gDBALCu9QDBATZQLAwFAQCAAIwDgMFACABCmgD
BQAqABagMA0GCSqGSIb3DQEBCwUAA4IBAQALFoYmoUo+ChCpnZeeW4qWgGfMUozP
OzwX/r5PlPuthWKlz7jBTSWU9n/eNWPGskyVGso6qvmjp8au+ZNc8Zvj3a5UR6Q6
4NW3v85OMEBaA7/y22NAP5QATIzp3GNaYq6eqSRLD3rU7xuL4V+ORYpxFlOWozyJ
qfVjxWa+cZMkIzXkXrtNBwOKeDr0cx1BHbMH4puwxacRRZa8AP4r7FCw3u0tYdcQ
osAODiubXFBGBTmFe2NBxTzPzQpIz/95Y0h/QVl2migAQL42l3gDbpJE+89OhRZF
YBfwYHNUXNEXlbbPblBeWfaYV/LGoW4RWir/To3D89cETz2YXYWw6wNc
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:47 2025 by rpki-client