Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/YP_OtbTfXy4ag_LD1Vtn22EHRME.roa
File: YP_OtbTfXy4ag_LD1Vtn22EHRME.roa (raw, json)
Hash identifier: bMlkzPUWguJFYPTxP6KmO2KEEflM5Z0o+KzoKulLmfY=
Subject key identifier: 60:FF:CE:B5:B4:DF:5F:2E:1A:83:F2:C3:D5:5B:67:DB:61:07:44:C1
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 018CC2DB0675247DEFCD50E1DFED5EFAB89E
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/YP_OtbTfXy4ag_LD1Vtn22EHRME.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39365
IP address blocks: 185.144.184.0/22 maxlen: 32
79.135.128.0/20 maxlen: 20
79.135.128.0/19 maxlen: 32
79.135.144.0/21 maxlen: 21
79.135.152.0/22 maxlen: 22
79.135.156.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:06:75:24:7d:ef:cd:50:e1:df:ed:5e:fa:b8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60ffceb5b4df5f2e1a83f2c3d55b67db610744c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3a:e9:ab:af:e8:c8:a2:d2:1d:a2:bc:87:18:
c6:cc:56:d8:66:4b:2a:2a:b8:32:22:d8:79:a9:41:
6f:08:92:77:e2:3f:fa:e7:42:97:5d:43:88:21:be:
2b:28:06:e1:d8:af:ec:ad:ab:31:41:a2:58:70:d4:
97:de:4a:8a:9e:23:85:7d:3f:cd:2a:11:1a:98:86:
6f:aa:6c:e3:1a:93:f9:b5:35:88:5f:2d:cd:d0:2f:
fb:c8:2f:6e:82:d8:80:59:02:c1:30:43:dd:62:09:
90:14:ca:e9:14:44:98:53:45:00:a8:90:79:f9:f6:
6b:35:df:03:56:85:ff:89:36:84:94:d8:f1:ac:a3:
72:a3:c1:ff:14:05:17:cc:64:47:75:78:db:ea:da:
8e:19:9f:14:2c:5c:23:7f:79:4b:e0:27:2f:e3:5d:
3d:0d:36:0d:50:0a:73:8f:d6:f8:92:c8:28:42:74:
06:df:ab:96:3b:68:05:3f:f7:97:5f:e6:c2:17:e6:
0f:1a:39:1c:ec:16:e8:d2:20:89:7b:bd:96:41:66:
3c:98:2c:79:2f:66:20:1b:3c:c6:b1:40:4d:b7:ef:
87:10:63:92:1f:b8:a6:80:e5:33:45:37:da:c2:ac:
61:be:88:32:f9:6c:a4:23:33:d4:c7:00:10:28:4a:
23:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FF:CE:B5:B4:DF:5F:2E:1A:83:F2:C3:D5:5B:67:DB:61:07:44:C1
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/YP_OtbTfXy4ag_LD1Vtn22EHRME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.128.0/19
185.144.184.0/22
Signature Algorithm: sha256WithRSAEncryption
98:39:d5:c6:30:c6:30:f8:e2:be:10:a8:da:c9:c6:c4:c2:7a:
1d:34:5d:0d:6e:9f:9b:c2:38:15:63:06:f4:51:b0:ae:15:36:
5b:81:de:33:1d:0e:c5:e0:ab:d2:06:5a:50:93:cf:a9:15:09:
b5:11:84:3c:9c:75:95:a1:d2:2c:11:d8:6d:c2:ef:a8:21:ef:
e5:b6:54:a7:db:5d:2c:e8:44:cd:fc:01:d4:7a:a5:21:b1:a6:
d9:a9:9e:1b:83:23:6b:2c:d8:0a:09:4f:a7:89:79:8d:39:59:
4a:60:11:5c:a7:a9:3b:14:d3:bf:2a:d7:a6:ad:db:aa:f7:32:
44:11:75:ab:df:f7:7a:62:73:00:0b:96:e5:36:0c:f4:c6:0b:
5e:d0:14:9b:56:3a:da:93:c0:0d:37:ab:7d:a9:09:bd:88:52:
62:aa:1f:ad:78:10:6f:2a:ef:a0:7d:53:ad:15:aa:7a:e7:c4:
47:d6:90:15:71:a3:83:f9:55:21:09:f2:12:f5:45:2f:59:4f:
70:fd:d8:9d:b0:7b:66:46:61:a9:98:a3:52:da:f6:7c:0d:7e:
3b:cb:29:00:f0:64:e7:1c:27:35:59:b9:81:42:63:71:ee:60:
d1:2d:33:f5:4c:75:63:57:24:1b:06:ee:43:ae:71:c6:9d:53:
27:00:7f:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2wZ1JH3vzVDh3+1e+rieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZmY2ViNWI0ZGY1ZjJlMWE4M2YyYzNkNTViNjdkYjYxMDc0NGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjrpq6/oyKLSHaK8hxjGzFbYZksq
KrgyIth5qUFvCJJ34j/650KXXUOIIb4rKAbh2K/srasxQaJYcNSX3kqKniOFfT/N
KhEamIZvqmzjGpP5tTWIXy3N0C/7yC9ugtiAWQLBMEPdYgmQFMrpFESYU0UAqJB5
+fZrNd8DVoX/iTaElNjxrKNyo8H/FAUXzGRHdXjb6tqOGZ8ULFwjf3lL4Ccv4109
DTYNUApzj9b4ksgoQnQG36uWO2gFP/eXX+bCF+YPGjkc7Bbo0iCJe72WQWY8mCx5
L2YgGzzGsUBNt++HEGOSH7imgOUzRTfawqxhvogy+WykIzPUxwAQKEojNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGD/zrW0318uGoPyw9VbZ9thB0TBMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvWVBfT3RiVGZYeTRhZ19MRDFWdG4yMkVIUk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFT4eAAwQC
uZC4MA0GCSqGSIb3DQEBCwUAA4IBAQCYOdXGMMYw+OK+EKjaycbEwnodNF0Nbp+b
wjgVYwb0UbCuFTZbgd4zHQ7F4KvSBlpQk8+pFQm1EYQ8nHWVodIsEdhtwu+oIe/l
tlSn210s6ETN/AHUeqUhsabZqZ4bgyNrLNgKCU+niXmNOVlKYBFcp6k7FNO/Ktem
rduq9zJEEXWr3/d6YnMAC5blNgz0xgte0BSbVjrak8ANN6t9qQm9iFJiqh+teBBv
Ku+gfVOtFap658RH1pAVcaOD+VUhCfIS9UUvWU9w/didsHtmRmGpmKNS2vZ8DX47
yykA8GTnHCc1WbmBQmNx7mDRLTP1THVjVyQbBu5DrnHGnVMnAH/K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:29 2025 by rpki-client