Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/9ccdfc-98b9-4a89-8bff-06ac63567b9b/1/DYB6_vFTAk_W94AsODjxl3J3t-E.roa
File: DYB6_vFTAk_W94AsODjxl3J3t-E.roa (raw, json)
Hash identifier: sWx7U+CtDD2rSDzR/gVvnHXhq3dcnzMA64XfOaF91gw=
Subject key identifier: 0D:80:7A:FE:F1:53:02:4F:D6:F7:80:2C:38:38:F1:97:72:77:B7:E1
Certificate issuer: /CN=86425207f1159a1aa3025bfb35bcad4f0428e781
Certificate serial: 018384DA1D913E887B3C5A8A68E082FF3D54
Authority key identifier: 86:42:52:07:F1:15:9A:1A:A3:02:5B:FB:35:BC:AD:4F:04:28:E7:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkJSB_EVmhqjAlv7NbytTwQo54E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/9ccdfc-98b9-4a89-8bff-06ac63567b9b/1/DYB6_vFTAk_W94AsODjxl3J3t-E.roa
Signing time: Wed 28 Sep 2022 16:07:10 +0000
ROA not before: Wed 28 Sep 2022 16:07:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208006
IP address blocks: 130.185.123.0/24 maxlen: 24
130.185.122.0/24 maxlen: 24
130.185.120.0/24 maxlen: 24
185.235.40.0/22 maxlen: 24
130.185.120.0/23 maxlen: 23
185.215.235.0/24 maxlen: 24
185.215.234.0/23 maxlen: 24
185.215.234.0/24 maxlen: 24
194.5.192.0/23 maxlen: 24
194.5.206.0/23 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:84:da:1d:91:3e:88:7b:3c:5a:8a:68:e0:82:ff:3d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86425207f1159a1aa3025bfb35bcad4f0428e781
Validity
Not Before: Sep 28 16:07:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d807afef153024fd6f7802c3838f1977277b7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:15:18:83:f2:7e:45:15:b0:80:0a:23:61:d1:
1d:c9:82:b2:9e:de:e1:61:04:a4:1f:f0:cd:59:0b:
0c:dd:16:e7:fb:7a:bb:4a:8e:75:70:4c:47:53:a9:
3d:0e:57:29:58:3f:6c:04:77:c8:e9:11:f5:7a:b3:
8d:3e:39:d5:fd:4f:d6:91:cb:a8:7a:2c:ac:b8:fd:
08:24:c8:05:69:9d:41:22:dd:8c:58:d0:fa:77:5f:
85:cc:a1:b6:5c:4a:9d:ad:05:59:a1:93:a0:0c:61:
81:0e:69:8f:db:ae:a2:24:b8:b8:54:cb:58:a3:7b:
4e:76:e1:96:b9:68:0e:35:34:43:cf:56:1a:ea:7d:
4b:ac:a8:b1:8d:ab:bd:9b:e2:8f:f6:dc:68:5e:05:
66:24:97:30:28:d3:d0:33:93:52:56:9b:13:c7:50:
81:3e:34:19:dd:b9:ad:61:82:f9:69:52:44:14:f7:
06:4c:25:74:58:1a:28:d3:20:1d:33:a0:13:0c:7f:
03:7d:44:9f:46:c5:e8:b5:ee:38:a6:dc:ec:b8:b7:
dd:ea:d1:20:f6:fb:7b:b6:11:2b:8a:4d:ef:5d:2f:
07:31:7f:d7:d3:d1:42:16:a3:d1:7a:90:dd:f0:42:
3a:eb:56:c9:d8:49:8b:2a:1d:b3:f3:7e:11:a0:e6:
4a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:80:7A:FE:F1:53:02:4F:D6:F7:80:2C:38:38:F1:97:72:77:B7:E1
X509v3 Authority Key Identifier:
keyid:86:42:52:07:F1:15:9A:1A:A3:02:5B:FB:35:BC:AD:4F:04:28:E7:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkJSB_EVmhqjAlv7NbytTwQo54E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/9ccdfc-98b9-4a89-8bff-06ac63567b9b/1/DYB6_vFTAk_W94AsODjxl3J3t-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/9ccdfc-98b9-4a89-8bff-06ac63567b9b/1/hkJSB_EVmhqjAlv7NbytTwQo54E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.215.234.0/23
185.235.40.0/22
194.5.192.0/23
194.5.206.0/23
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
b6:bf:b6:b4:4b:2b:b7:07:0f:28:3d:dd:73:5d:91:94:f2:dd:
73:21:b6:ca:9c:76:52:85:d0:d0:85:6c:4e:0d:9c:a7:a1:6b:
c8:d7:69:2d:fe:3c:00:10:7b:d4:a1:2e:c2:30:0f:ca:ce:51:
72:a8:02:00:9b:d5:af:1d:f4:77:cd:58:07:cf:4a:7f:4b:57:
5c:af:3e:7b:6a:f1:95:52:f9:92:0c:fd:b9:e5:ee:db:a9:c4:
e5:28:ad:8f:70:29:7f:2b:a1:6d:b3:7e:2b:66:ee:cf:cc:82:
d7:3d:ad:8a:4b:0e:3d:27:9f:43:ab:c7:7a:e4:e1:b9:27:8e:
c9:da:2a:11:d6:d1:1f:04:05:39:95:27:58:7c:98:df:0b:9a:
8e:bf:a8:c9:1c:5f:15:97:c6:0d:78:e6:c3:78:b4:78:9e:4f:
72:fa:29:71:d4:a1:e0:ee:9a:13:8c:c0:12:81:4b:70:3e:d0:
38:8c:8e:a3:6d:c2:fa:40:f7:d6:23:a3:b3:9c:e6:28:da:06:
68:c7:bd:a4:65:24:5b:db:9f:40:6a:47:20:51:33:ee:5d:f2:
0a:0a:7b:d2:06:8c:99:e5:9a:d3:ca:b1:c5:85:ed:fa:a9:44:
56:c3:7a:06:ed:76:63:56:ee:96:65:02:60:7f:e5:47:95:00:
fe:6d:b9:13
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYOE2h2RPoh7PFqKaOCC/z1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDI1MjA3ZjExNTlhMWFhMzAyNWJmYjM1YmNhZDRmMDQy
OGU3ODEwHhcNMjIwOTI4MTYwNzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDgwN2FmZWYxNTMwMjRmZDZmNzgwMmMzODM4ZjE5NzcyNzdiN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hUYg/J+RRWwgAojYdEdyYKynt7h
YQSkH/DNWQsM3Rbn+3q7So51cExHU6k9DlcpWD9sBHfI6RH1erONPjnV/U/Wkcuo
eiysuP0IJMgFaZ1BIt2MWND6d1+FzKG2XEqdrQVZoZOgDGGBDmmP266iJLi4VMtY
o3tOduGWuWgONTRDz1Ya6n1LrKixjau9m+KP9txoXgVmJJcwKNPQM5NSVpsTx1CB
PjQZ3bmtYYL5aVJEFPcGTCV0WBoo0yAdM6ATDH8DfUSfRsXote44ptzsuLfd6tEg
9vt7thErik3vXS8HMX/X09FCFqPRepDd8EI661bJ2EmLKh2z834RoOZKhQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFA2Aev7xUwJP1veALDg48Zdyd7fhMB8GA1UdIwQY
MBaAFIZCUgfxFZoaowJb+zW8rU8EKOeBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtKU0JfRVZtaHFqQWx2N05ieXRUd1FvNTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC85Y2NkZmMtOThiOS00YTg5LThiZmYt
MDZhYzYzNTY3YjliLzEvRFlCNl92RlRBa19XOTRBc09EanhsM0ozdC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC85Y2NkZmMtOThiOS00YTg5LThiZmYtMDZhYzYzNTY3Yjli
LzEvaGtKU0JfRVZtaHFqQWx2N05ieXRUd1FvNTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCgrl4AwQB
udfqAwQCuesoAwQBwgXAAwQBwgXOMA8EAgACMAkDBwIqDUrAAAAwDQYJKoZIhvcN
AQELBQADggEBALa/trRLK7cHDyg93XNdkZTy3XMhtsqcdlKF0NCFbE4NnKeha8jX
aS3+PAAQe9ShLsIwD8rOUXKoAgCb1a8d9HfNWAfPSn9LV1yvPntq8ZVS+ZIM/bnl
7tupxOUorY9wKX8roW2zfitm7s/Mgtc9rYpLDj0nn0Orx3rk4bknjsnaKhHW0R8E
BTmVJ1h8mN8Lmo6/qMkcXxWXxg145sN4tHieT3L6KXHUoeDumhOMwBKBS3A+0DiM
jqNtwvpA99Yjo7Oc5ijaBmjHvaRlJFvbn0BqRyBRM+5d8goKe9IGjJnlmtPKscWF
7fqpRFbDegbtdmNW7pZlAmB/5UeVAP5tuRM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:22 2025 by rpki-client