Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/Yhr8lSQPkVNE2nE3dAVuTYK9ZTE.roa
File: Yhr8lSQPkVNE2nE3dAVuTYK9ZTE.roa (raw, json)
Hash identifier: DYAfTfRN42C4dDlnu2IUI5X6rPDqQbV+Vyawh6lte/Q=
Subject key identifier: 62:1A:FC:95:24:0F:91:53:44:DA:71:37:74:05:6E:4D:82:BD:65:31
Certificate issuer: /CN=ebc66403ad0c4537af9c32b0def0c52ac2aab104
Certificate serial: 019426D97B0B224613DD12BD3FA6637D12D6
Authority key identifier: EB:C6:64:03:AD:0C:45:37:AF:9C:32:B0:DE:F0:C5:2A:C2:AA:B1:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/68ZkA60MRTevnDKw3vDFKsKqsQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/Yhr8lSQPkVNE2nE3dAVuTYK9ZTE.roa
Signing time: Thu 02 Jan 2025 11:49:34 +0000
ROA not before: Thu 02 Jan 2025 11:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211936
IP address blocks: 185.33.94.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7b:0b:22:46:13:dd:12:bd:3f:a6:63:7d:12:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebc66403ad0c4537af9c32b0def0c52ac2aab104
Validity
Not Before: Jan 2 11:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=621afc95240f915344da713774056e4d82bd6531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:99:10:b8:27:6e:e8:5f:9a:6c:4d:9a:1a:af:
d4:a2:23:25:7f:2f:83:e1:c1:29:62:bc:35:48:cd:
30:84:7c:af:93:ce:a9:87:74:b3:d3:2d:55:6d:09:
4a:d3:e3:d5:a8:b4:03:a0:02:56:73:0d:1a:cd:b2:
87:77:99:b9:68:d2:d8:34:1b:0f:7d:d2:69:44:63:
4d:38:55:e1:ff:ec:1a:3f:86:70:87:f6:2a:68:08:
73:11:47:01:d4:67:cb:06:ea:22:06:9e:e6:9c:c0:
0a:eb:b6:48:8a:7e:83:9c:da:d7:0d:f3:05:a5:93:
5b:8d:1e:4e:a4:1e:85:96:c1:32:38:64:15:36:42:
58:cb:45:90:d1:8f:29:82:81:48:fb:38:3e:10:86:
39:4c:94:fa:73:46:29:c3:ab:83:ce:4c:e1:94:4b:
24:90:87:0d:33:e3:3f:81:30:84:30:7a:e0:2d:84:
90:46:32:41:7c:2b:fd:38:21:1e:9f:45:08:18:b2:
2b:58:93:f4:bf:e2:e1:a6:9c:1f:06:26:1c:b3:f2:
f3:07:47:0d:7c:04:7f:9f:6e:79:ec:07:0a:4c:8b:
9e:80:61:76:ea:59:63:9f:3c:a8:70:cd:d5:1e:a1:
59:e2:50:dc:b4:6d:3c:f7:fc:03:2c:bd:2b:57:10:
77:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1A:FC:95:24:0F:91:53:44:DA:71:37:74:05:6E:4D:82:BD:65:31
X509v3 Authority Key Identifier:
keyid:EB:C6:64:03:AD:0C:45:37:AF:9C:32:B0:DE:F0:C5:2A:C2:AA:B1:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68ZkA60MRTevnDKw3vDFKsKqsQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/Yhr8lSQPkVNE2nE3dAVuTYK9ZTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/7281da-0eb0-40a8-9983-d1a9da4a130d/1/68ZkA60MRTevnDKw3vDFKsKqsQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.94.0/23
Signature Algorithm: sha256WithRSAEncryption
86:5a:3b:25:39:33:d9:15:25:66:b6:34:d4:04:0b:1b:8d:f9:
ff:1d:62:ec:fe:e0:fb:ca:e7:c5:36:9c:86:1f:0a:05:87:f5:
6d:7c:20:f3:9a:10:1a:90:65:e5:00:70:21:f7:00:d6:a5:b3:
32:53:a0:51:28:1a:b9:1b:5c:ab:c7:b2:31:52:4a:94:69:8c:
b7:cd:1f:5e:78:11:8c:f7:6c:f6:24:7a:86:22:17:e7:1b:2a:
30:51:f9:fb:23:f7:84:c3:a9:2c:fa:bc:40:97:2d:d7:41:a2:
1a:72:6a:7f:cf:12:de:2b:a2:34:55:93:73:94:82:4c:51:dc:
4e:2a:d6:97:e1:f5:ba:39:05:fe:08:b9:cf:49:36:bb:ea:64:
a5:19:48:f8:03:d0:3d:98:9b:33:6b:86:ed:47:c6:31:29:27:
ed:61:7c:07:be:71:e6:a0:37:9e:eb:0e:ff:40:1b:ca:95:bb:
8d:95:05:5a:6d:18:f8:31:50:a5:ee:e4:fb:b8:80:69:a4:90:
23:b3:7d:1a:25:58:ca:c2:c3:2e:e1:7b:fa:39:37:6b:ae:b7:
a4:b9:49:7a:fb:44:f7:5c:1e:d8:80:10:e8:71:f6:05:86:0f:
23:a0:d9:2a:dd:47:0b:b9:89:51:3b:27:23:01:89:71:13:9c:
e6:69:7e:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2XsLIkYT3RK9P6ZjfRLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzY2NDAzYWQwYzQ1MzdhZjljMzJiMGRlZjBjNTJhYzJh
YWIxMDQwHhcNMjUwMTAyMTE0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFhZmM5NTI0MGY5MTUzNDRkYTcxMzc3NDA1NmU0ZDgyYmQ2NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65kQuCdu6F+abE2aGq/UoiMlfy+D
4cEpYrw1SM0whHyvk86ph3Sz0y1VbQlK0+PVqLQDoAJWcw0azbKHd5m5aNLYNBsP
fdJpRGNNOFXh/+waP4Zwh/YqaAhzEUcB1GfLBuoiBp7mnMAK67ZIin6DnNrXDfMF
pZNbjR5OpB6FlsEyOGQVNkJYy0WQ0Y8pgoFI+zg+EIY5TJT6c0Ypw6uDzkzhlEsk
kIcNM+M/gTCEMHrgLYSQRjJBfCv9OCEen0UIGLIrWJP0v+LhppwfBiYcs/LzB0cN
fAR/n2557AcKTIuegGF26lljnzyocM3VHqFZ4lDctG089/wDLL0rVxB3XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIa/JUkD5FTRNpxN3QFbk2CvWUxMB8GA1UdIwQY
MBaAFOvGZAOtDEU3r5wysN7wxSrCqrEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhaa0E2ME1SVGV2bkRLdzN2REZLc0txc1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi83MjgxZGEtMGViMC00MGE4LTk5ODMt
ZDFhOWRhNGExMzBkLzEvWWhyOGxTUVBrVk5FMm5FM2RBVnVUWUs5WlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi83MjgxZGEtMGViMC00MGE4LTk5ODMtZDFhOWRhNGExMzBk
LzEvNjhaa0E2ME1SVGV2bkRLdzN2REZLc0txc1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSFeMA0G
CSqGSIb3DQEBCwUAA4IBAQCGWjslOTPZFSVmtjTUBAsbjfn/HWLs/uD7yufFNpyG
HwoFh/VtfCDzmhAakGXlAHAh9wDWpbMyU6BRKBq5G1yrx7IxUkqUaYy3zR9eeBGM
92z2JHqGIhfnGyowUfn7I/eEw6ks+rxAly3XQaIacmp/zxLeK6I0VZNzlIJMUdxO
KtaX4fW6OQX+CLnPSTa76mSlGUj4A9A9mJsza4btR8YxKSftYXwHvnHmoDee6w7/
QBvKlbuNlQVabRj4MVCl7uT7uIBppJAjs30aJVjKwsMu4Xv6OTdrrrekuUl6+0T3
XB7YgBDocfYFhg8joNkq3UcLuYlROycjAYlxE5zmaX43
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:15:23 2025 by rpki-client