Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/YZ3cGGgn3HsOpjA0zBs130Abo6g.roa
File: YZ3cGGgn3HsOpjA0zBs130Abo6g.roa (raw, json)
Hash identifier: fGOYtS+tJ6HeWPxeqC2rknIcNYVG8KdMBPe2mLOwcyY=
Subject key identifier: 61:9D:DC:18:68:27:DC:7B:0E:A6:30:34:CC:1B:35:DF:40:1B:A3:A8
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D59DF50AB827194C666593389A9340
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/YZ3cGGgn3HsOpjA0zBs130Abo6g.roa
Signing time: Wed 01 Jan 2025 07:47:38 +0000
ROA not before: Wed 01 Jan 2025 07:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 81.255.178.0/24 maxlen: 24
90.115.208.0/24 maxlen: 24
90.115.209.0/24 maxlen: 24
194.2.56.0/24 maxlen: 24
194.2.57.0/24 maxlen: 24
194.2.86.0/24 maxlen: 24
194.3.4.0/24 maxlen: 24
194.250.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:9d:f5:0a:b8:27:19:4c:66:65:93:38:9a:93:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=619ddc186827dc7b0ea63034cc1b35df401ba3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a5:44:4f:d9:15:21:9a:14:45:1a:23:7c:57:
dd:7c:fc:db:dd:eb:ef:c2:69:25:f7:39:a6:58:15:
1b:76:bc:6b:a0:02:6f:7d:a8:ba:0e:a2:41:84:aa:
aa:3b:ea:89:92:4e:aa:7d:c2:88:ad:72:21:4b:d9:
98:26:cf:3f:03:37:33:06:85:c0:53:70:f2:04:67:
2d:54:89:2a:8e:d6:a8:28:82:51:58:70:04:42:d4:
8a:dd:b5:83:a1:01:0f:6e:ce:cb:16:97:95:44:85:
39:60:a5:85:01:8a:bb:70:b4:0c:a1:95:62:1f:54:
f3:78:83:3d:5a:c4:71:db:5c:18:5e:bd:c9:78:35:
39:e5:67:d4:fd:55:8b:af:df:af:19:81:fb:ed:7f:
22:0d:89:85:8f:2c:38:5c:64:1e:b8:e3:52:0f:62:
c4:62:e4:dc:cf:c9:e0:98:31:26:0c:d1:d2:f2:77:
1c:76:27:65:93:e3:35:05:7a:93:3b:9b:71:1c:c8:
a6:a4:0a:ca:52:73:74:c7:c0:c3:25:8f:e3:34:e5:
2e:3b:ef:66:28:04:72:f5:44:25:53:bc:d9:53:84:
67:ea:0a:40:13:55:c4:5a:79:80:f2:32:79:53:45:
ce:82:2d:75:79:b2:cf:50:ad:8f:b1:76:41:64:74:
96:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9D:DC:18:68:27:DC:7B:0E:A6:30:34:CC:1B:35:DF:40:1B:A3:A8
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/YZ3cGGgn3HsOpjA0zBs130Abo6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.178.0/24
90.115.208.0/23
194.2.56.0/23
194.2.86.0/24
194.3.4.0/24
194.250.98.0/24
Signature Algorithm: sha256WithRSAEncryption
af:8e:c6:b8:bb:1f:0a:38:44:e8:9b:12:76:c3:e9:84:61:e9:
ed:bb:56:51:91:01:b3:de:b9:59:97:c4:83:fd:2f:81:ce:42:
a9:f4:30:74:21:96:2e:5a:9f:0a:f9:c3:fe:38:43:5f:7a:70:
6d:97:98:89:d2:9c:fa:5c:18:55:32:39:cb:bf:2d:c4:d5:b9:
90:96:89:a5:77:8c:bb:62:84:67:c6:fd:82:80:6c:c5:9d:79:
9b:5e:b6:6a:81:ec:af:20:9c:c4:26:42:6d:fe:85:7f:be:a1:
5c:eb:c5:6e:37:75:84:15:55:33:34:7a:6f:2e:c2:9d:79:71:
ce:76:b8:03:dd:24:3a:52:9a:cb:59:30:67:1a:2e:fa:3f:19:
7b:66:fc:68:b2:c1:07:71:9f:50:2c:9f:f7:65:cd:02:47:54:
3c:cb:c1:73:db:f1:7f:8f:59:39:ff:ad:6c:53:01:57:61:60:
c7:cf:f9:b0:40:f0:f0:21:dd:b7:dc:e2:31:f7:c0:ff:ae:03:
ac:87:85:b5:56:b5:fe:f2:6e:cc:8b:0a:f2:f9:e5:76:43:c4:
7d:a1:6f:ae:a4:ba:61:5d:45:c6:0c:20:62:7c:81:45:0c:4a:
5c:e6:06:67:f8:2a:ac:91:ed:60:84:e3:e5:9e:62:ec:16:74:
f0:04:1b:6a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQg1Z31CrgnGUxmZZM4mpNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlkZGMxODY4MjdkYzdiMGVhNjMwMzRjYzFiMzVkZjQwMWJhM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6VET9kVIZoURRojfFfdfPzb3evv
wmkl9zmmWBUbdrxroAJvfai6DqJBhKqqO+qJkk6qfcKIrXIhS9mYJs8/AzczBoXA
U3DyBGctVIkqjtaoKIJRWHAEQtSK3bWDoQEPbs7LFpeVRIU5YKWFAYq7cLQMoZVi
H1TzeIM9WsRx21wYXr3JeDU55WfU/VWLr9+vGYH77X8iDYmFjyw4XGQeuONSD2LE
YuTcz8ngmDEmDNHS8nccdidlk+M1BXqTO5txHMimpArKUnN0x8DDJY/jNOUuO+9m
KARy9UQlU7zZU4Rn6gpAE1XEWnmA8jJ5U0XOgi11ebLPUK2PsXZBZHSWkQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGGd3BhoJ9x7DqYwNMwbNd9AG6OoMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvWVozY0dHZ24zSHNPcGpBMHpCczEzMEFibzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUf+yAwQB
WnPQAwQBwgI4AwQAwgJWAwQAwgMEAwQAwvpiMA0GCSqGSIb3DQEBCwUAA4IBAQCv
jsa4ux8KOETomxJ2w+mEYentu1ZRkQGz3rlZl8SD/S+BzkKp9DB0IZYuWp8K+cP+
OENfenBtl5iJ0pz6XBhVMjnLvy3E1bmQlomld4y7YoRnxv2CgGzFnXmbXrZqgeyv
IJzEJkJt/oV/vqFc68VuN3WEFVUzNHpvLsKdeXHOdrgD3SQ6UprLWTBnGi76Pxl7
ZvxossEHcZ9QLJ/3Zc0CR1Q8y8Fz2/F/j1k5/61sUwFXYWDHz/mwQPDwId233OIx
98D/rgOsh4W1VrX+8m7Miwry+eV2Q8R9oW+upLphXUXGDCBifIFFDEpc5gZn+Cqs
ke1ghOPlnmLsFnTwBBtq
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:23:33 2025 by rpki-client