Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/yYunS7Gu4WlQWthC1sVGd7xJ2GM.roa
File: yYunS7Gu4WlQWthC1sVGd7xJ2GM.roa (raw, json)
Hash identifier: 5GZd/Ikz9XdtpjCk77Sno5mG41cRYqwWUk37upb3Yg0=
Subject key identifier: C9:8B:A7:4B:B1:AE:E1:69:50:5A:D8:42:D6:C5:46:77:BC:49:D8:63
Certificate issuer: /CN=320444c0c2990b13749f3044662297ea824d5064
Certificate serial: 01856D41A8C633A260544D847758D4A81F54
Authority key identifier: 32:04:44:C0:C2:99:0B:13:74:9F:30:44:66:22:97:EA:82:4D:50:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgREwMKZCxN0nzBEZiKX6oJNUGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/yYunS7Gu4WlQWthC1sVGd7xJ2GM.roa
Signing time: Sun 01 Jan 2023 12:14:57 +0000
ROA not before: Sun 01 Jan 2023 12:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204983
IP address blocks: 185.233.172.0/22 maxlen: 22
2a0c:eb00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a8:c6:33:a2:60:54:4d:84:77:58:d4:a8:1f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320444c0c2990b13749f3044662297ea824d5064
Validity
Not Before: Jan 1 12:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c98ba74bb1aee169505ad842d6c54677bc49d863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a9:0b:63:9f:e5:e0:99:ad:40:f7:00:f0:ea:
27:44:ba:af:3c:8e:36:b0:1c:e9:88:1e:9a:e0:6b:
d1:88:f9:3b:06:c8:a1:77:04:5a:ae:88:0e:d2:4e:
8d:36:f0:7f:b9:69:d9:e7:13:99:ff:e5:2c:e3:30:
b3:9c:a9:80:34:c4:fb:9b:f6:4e:cb:56:c0:51:3e:
52:77:d5:ac:3e:ac:ba:4c:7f:e8:ea:39:e5:5c:04:
15:cf:1d:50:59:ef:7a:08:06:9a:2c:87:f1:8d:b5:
a7:a7:66:e0:bb:b8:4f:e6:a2:a9:46:e9:79:f7:12:
60:68:6c:b4:e2:4c:0d:08:14:1f:9b:68:5d:67:f2:
f1:7d:51:db:4a:81:b9:d2:79:43:0b:4c:86:5a:ac:
21:0e:0c:29:f9:2f:12:ed:6d:b8:24:0a:65:aa:19:
16:0b:09:6f:06:bb:47:e6:1f:ec:53:c5:b4:30:81:
4d:0f:d0:71:99:c6:be:d5:f3:19:b8:4f:b3:68:fb:
69:fa:e9:08:fa:43:03:74:e2:8f:3f:3d:87:5d:fc:
ef:a7:d6:48:2b:5e:6d:75:10:a6:2c:ba:6d:67:1e:
38:37:9b:ef:2e:d4:4a:b4:6c:c6:64:32:47:e8:d0:
ac:06:7b:c3:8f:ed:87:9f:43:9d:2a:e8:c8:d5:0c:
3a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8B:A7:4B:B1:AE:E1:69:50:5A:D8:42:D6:C5:46:77:BC:49:D8:63
X509v3 Authority Key Identifier:
keyid:32:04:44:C0:C2:99:0B:13:74:9F:30:44:66:22:97:EA:82:4D:50:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgREwMKZCxN0nzBEZiKX6oJNUGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/yYunS7Gu4WlQWthC1sVGd7xJ2GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/MgREwMKZCxN0nzBEZiKX6oJNUGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.172.0/22
IPv6:
2a0c:eb00::/32
Signature Algorithm: sha256WithRSAEncryption
5a:42:11:ff:84:b6:9b:51:8c:b3:97:07:76:fc:aa:d3:65:93:
8e:29:72:5a:33:82:53:8d:37:99:23:d5:32:2c:40:10:86:ba:
69:9a:93:8d:f7:c5:8b:ce:64:20:61:27:ab:ef:f6:c9:d1:61:
d8:0d:63:65:c8:d0:12:4c:45:86:d7:05:e0:8f:ab:26:20:7a:
9b:90:b4:98:b5:ee:69:61:13:b3:f3:c2:ca:db:92:5d:df:96:
75:8a:ac:f7:6d:2b:0c:a3:d0:f5:b5:04:df:65:07:8a:1c:16:
e8:0c:2b:ac:09:eb:20:92:5d:c5:42:cc:e4:1b:ea:ad:78:af:
ce:cc:ea:8e:7f:56:46:52:20:92:b4:c9:ac:a3:8e:d3:39:5c:
2c:50:28:04:60:98:df:a9:e0:57:5b:ed:72:89:2d:64:57:19:
93:a7:89:3a:a2:ca:cc:02:17:3a:43:fd:32:75:1e:4b:81:ef:
b8:57:66:23:a0:2a:36:e9:a1:4e:0f:fd:3a:0a:65:e5:86:70:
40:af:76:61:e4:cc:92:93:af:7c:33:9c:13:bb:fb:c6:b0:3c:
be:33:35:3b:3d:a4:ae:9a:0e:3c:e1:55:2c:e6:00:72:ca:f2:
70:aa:4b:19:4d:1b:4d:1b:12:43:66:75:b6:73:21:bd:93:2e:
29:8e:43:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtQajGM6JgVE2Ed1jUqB9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDQ0NGMwYzI5OTBiMTM3NDlmMzA0NDY2MjI5N2VhODI0
ZDUwNjQwHhcNMjMwMTAxMTIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThiYTc0YmIxYWVlMTY5NTA1YWQ4NDJkNmM1NDY3N2JjNDlkODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6kLY5/l4JmtQPcA8OonRLqvPI42
sBzpiB6a4GvRiPk7BsihdwRarogO0k6NNvB/uWnZ5xOZ/+Us4zCznKmANMT7m/ZO
y1bAUT5Sd9WsPqy6TH/o6jnlXAQVzx1QWe96CAaaLIfxjbWnp2bgu7hP5qKpRul5
9xJgaGy04kwNCBQfm2hdZ/LxfVHbSoG50nlDC0yGWqwhDgwp+S8S7W24JAplqhkW
CwlvBrtH5h/sU8W0MIFND9Bxmca+1fMZuE+zaPtp+ukI+kMDdOKPPz2HXfzvp9ZI
K15tdRCmLLptZx44N5vvLtRKtGzGZDJH6NCsBnvDj+2Hn0OdKujI1Qw6sQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMmLp0uxruFpUFrYQtbFRne8SdhjMB8GA1UdIwQY
MBaAFDIERMDCmQsTdJ8wRGYil+qCTVBkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdSRXdNS1pDeE4wbnpCRVppS1g2b0pOVUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy84NTUwMTEtMDkyYy00ZjdkLWEwYjYt
OTRkMTM2OTAyNWZlLzEveVl1blM3R3U0V2xRV3RoQzFzVkdkN3hKMkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy84NTUwMTEtMDkyYy00ZjdkLWEwYjYtOTRkMTM2OTAyNWZl
LzEvTWdSRXdNS1pDeE4wbnpCRVppS1g2b0pOVUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuemsMA0E
AgACMAcDBQAqDOsAMA0GCSqGSIb3DQEBCwUAA4IBAQBaQhH/hLabUYyzlwd2/KrT
ZZOOKXJaM4JTjTeZI9UyLEAQhrppmpON98WLzmQgYSer7/bJ0WHYDWNlyNASTEWG
1wXgj6smIHqbkLSYte5pYROz88LK25Jd35Z1iqz3bSsMo9D1tQTfZQeKHBboDCus
Cesgkl3FQszkG+qteK/OzOqOf1ZGUiCStMmso47TOVwsUCgEYJjfqeBXW+1yiS1k
VxmTp4k6osrMAhc6Q/0ydR5Lge+4V2YjoCo26aFOD/06CmXlhnBAr3Zh5MySk698
M5wTu/vGsDy+MzU7PaSumg484VUs5gByyvJwqksZTRtNGxJDZnW2cyG9ky4pjkMy
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:40:06 2025 by rpki-client