Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ynxBxfWpgHTQics2Y5aF-vGXbuc.roa
File: ynxBxfWpgHTQics2Y5aF-vGXbuc.roa (raw, json)
Hash identifier: 7pHDyXAtAcbeEGL9ODa/OQR3TX9/4v5a7IhFcaiXH4s=
Subject key identifier: CA:7C:41:C5:F5:A9:80:74:D0:89:CB:36:63:96:85:FA:F1:97:6E:E7
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019435D722D6301172451D3CD647414D0025
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ynxBxfWpgHTQics2Y5aF-vGXbuc.roa
Signing time: Sun 05 Jan 2025 09:41:19 +0000
ROA not before: Sun 05 Jan 2025 09:41:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197549
IP address blocks: 5.231.254.0/24 maxlen: 24
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.249.218.0/23 maxlen: 32
94.249.222.0/23 maxlen: 32
217.69.175.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:d7:22:d6:30:11:72:45:1d:3c:d6:47:41:4d:00:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 5 09:41:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca7c41c5f5a98074d089cb36639685faf1976ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:3e:17:9d:35:99:b5:d6:1f:7b:61:3c:90:
19:73:ed:05:6d:51:6d:1e:69:3e:b5:42:de:e4:b6:
aa:8c:8d:d8:a7:a2:90:0a:94:70:4a:b8:73:0f:bc:
85:09:92:92:ec:d9:b5:a1:61:a2:8c:16:bf:94:1b:
8d:64:1a:62:40:50:23:59:77:ff:d4:bd:51:aa:38:
ac:6b:f1:ef:9e:6a:9b:f1:b4:0f:58:d0:5c:b8:c1:
cd:6f:d8:ba:d1:39:ad:39:0e:b4:11:85:78:19:33:
85:60:ad:ab:2a:47:d9:54:dd:d5:bd:8c:e6:76:85:
4d:51:94:3a:81:02:15:da:c0:e2:75:dc:0b:46:5a:
cf:1c:64:57:68:69:4f:ad:40:8f:a4:cc:e0:9f:2c:
d9:c6:a6:af:15:4a:af:81:b1:7f:fc:ae:e7:1d:39:
54:53:cd:f4:60:dd:c1:5c:3d:ae:64:61:cb:bc:42:
71:e9:7b:7b:c3:6b:9f:b5:67:85:ae:74:00:08:13:
13:65:f6:4a:87:1c:53:f9:41:3b:d8:0e:19:17:60:
15:11:7e:17:17:bb:16:f9:e1:4d:3a:92:f1:30:94:
01:e6:b8:07:be:27:ff:6d:c0:47:ba:d6:03:90:39:
52:02:09:ac:98:8c:0b:7c:42:91:ea:dc:ed:c3:e1:
a9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7C:41:C5:F5:A9:80:74:D0:89:CB:36:63:96:85:FA:F1:97:6E:E7
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ynxBxfWpgHTQics2Y5aF-vGXbuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.254.0/24
85.93.0.0/19
89.106.64.0/19
89.144.0.0/18
94.249.218.0/23
94.249.222.0/23
217.69.175.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:48:88:eb:cd:4b:29:2b:a3:f1:33:13:b7:2f:3e:70:c7:f0:
79:af:21:70:f2:9c:2e:dd:0f:5e:d8:c6:d0:1a:a8:3b:79:ce:
48:10:9c:6d:2f:66:63:00:29:97:b1:85:b7:a0:43:c4:b1:96:
cc:9e:79:b1:ad:4d:a6:95:0a:2f:71:58:68:c7:42:6f:5e:40:
9b:e2:35:5d:c3:d2:61:44:57:07:c5:6d:25:0e:28:60:1f:01:
90:e9:e1:44:9b:92:6f:74:52:f1:d7:02:d9:5f:71:ce:9a:72:
e6:fe:9b:eb:93:4a:92:e0:0a:25:59:1f:6e:80:9b:99:94:70:
2b:fe:20:b2:c6:9c:fa:7f:59:fd:98:d4:ef:c7:40:8b:87:96:
33:17:f6:0b:b6:f2:36:94:f3:2d:40:14:ce:26:92:fa:64:52:
c7:22:eb:c8:e7:7e:0a:92:df:11:5a:f5:65:6a:4f:a7:95:a8:
25:98:34:36:d3:ca:cb:91:e6:83:c5:82:e2:7c:5a:1b:b8:10:
05:06:73:74:03:2c:b3:ff:85:a7:e7:71:05:cb:c3:9c:d4:53:
a7:dd:79:9e:d8:0d:ae:ab:39:09:97:96:d4:cd:1a:76:0c:45:
83:ab:7f:00:41:c3:b7:5f:3e:e4:9e:05:0c:e3:b6:27:93:e4:
2c:2b:a6:24
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQ11yLWMBFyRR081kdBTQAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTA1MDk0MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTdjNDFjNWY1YTk4MDc0ZDA4OWNiMzY2Mzk2ODVmYWYxOTc2ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIk+F501mbXWH3thPJAZc+0FbVFt
Hmk+tULe5LaqjI3Yp6KQCpRwSrhzD7yFCZKS7Nm1oWGijBa/lBuNZBpiQFAjWXf/
1L1Rqjisa/Hvnmqb8bQPWNBcuMHNb9i60TmtOQ60EYV4GTOFYK2rKkfZVN3VvYzm
doVNUZQ6gQIV2sDiddwLRlrPHGRXaGlPrUCPpMzgnyzZxqavFUqvgbF//K7nHTlU
U830YN3BXD2uZGHLvEJx6Xt7w2uftWeFrnQACBMTZfZKhxxT+UE72A4ZF2AVEX4X
F7sW+eFNOpLxMJQB5rgHvif/bcBHutYDkDlSAgmsmIwLfEKR6tztw+GpjQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMp8QcX1qYB00InLNmOWhfrxl27nMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveW54QnhmV3BnSFRRaWNzMlk1YUYtdkdYYnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABef+AwQF
VV0AAwQFWWpAAwQGWZAAAwQBXvnaAwQBXvneAwQA2UWvMA0GCSqGSIb3DQEBCwUA
A4IBAQCPSIjrzUspK6PxMxO3Lz5wx/B5ryFw8pwu3Q9e2MbQGqg7ec5IEJxtL2Zj
ACmXsYW3oEPEsZbMnnmxrU2mlQovcVhox0JvXkCb4jVdw9JhRFcHxW0lDihgHwGQ
6eFEm5JvdFLx1wLZX3HOmnLm/pvrk0qS4AolWR9ugJuZlHAr/iCyxpz6f1n9mNTv
x0CLh5YzF/YLtvI2lPMtQBTOJpL6ZFLHIuvI534Kkt8RWvVlak+nlaglmDQ208rL
keaDxYLifFobuBAFBnN0Ayyz/4Wn53EFy8Oc1FOn3Xme2A2uqzkJl5bUzRp2DEWD
q38AQcO3Xz7kngUM47Ynk+QsK6Yk
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:30:21 2025 by rpki-client