Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/YBP5P3j2TNsBv3ucilxfmHT3OBA.roa
File: YBP5P3j2TNsBv3ucilxfmHT3OBA.roa (raw, json)
Hash identifier: ST+gZBhvoIsehqZJOy0m3LWRmspmOCBpSaQ3ai/Nj8o=
Subject key identifier: 60:13:F9:3F:78:F6:4C:DB:01:BF:7B:9C:8A:5C:5F:98:74:F7:38:10
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADA065D4BE7C930A5F77A4A480482
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/YBP5P3j2TNsBv3ucilxfmHT3OBA.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31363
IP address blocks: 195.91.255.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:da:06:5d:4b:e7:c9:30:a5:f7:7a:4a:48:04:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6013f93f78f64cdb01bf7b9c8a5c5f9874f73810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:80:a1:9e:97:f4:c6:40:0e:e8:ba:67:17:86:
38:a8:2e:61:14:e3:1d:ba:83:5b:f6:81:9c:c8:18:
21:1c:15:21:aa:35:69:e2:f8:24:63:71:fd:a6:63:
24:e4:61:3a:5a:00:cf:28:0a:16:f8:bb:5d:e2:99:
74:1c:c4:de:73:bd:6e:29:bb:e0:07:a0:1c:fc:c4:
16:44:e0:27:4f:86:4a:3a:15:15:9c:9a:85:78:cf:
fc:d8:0b:95:7f:31:50:f4:9a:a8:39:37:77:87:c5:
39:a9:80:cb:73:a0:fa:2b:e5:2a:c8:e5:a0:6c:b9:
8f:b4:2c:9a:80:a6:9e:b6:1f:e6:bf:9d:03:46:77:
af:08:c0:9b:48:fb:8d:c4:33:22:ad:a8:4a:ef:10:
e7:10:3d:ed:1c:79:39:fa:c1:68:b5:74:b5:4c:2a:
09:be:1e:65:cd:c1:d0:40:42:69:77:d0:ea:ea:52:
99:be:15:ee:2f:b3:2c:f8:27:c1:e2:f8:40:d3:e1:
79:ca:20:87:56:72:95:9e:57:86:90:bb:d5:ee:1b:
5d:84:06:9e:58:f9:4b:56:60:b9:ab:fc:3f:72:55:
34:d4:16:3f:dd:a6:dd:a8:2f:21:3f:84:1a:14:b9:
56:74:20:1b:dd:31:6a:7b:30:2c:3e:39:bd:33:0f:
f5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:13:F9:3F:78:F6:4C:DB:01:BF:7B:9C:8A:5C:5F:98:74:F7:38:10
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/YBP5P3j2TNsBv3ucilxfmHT3OBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.125.0/24
195.91.149.0/24
195.91.168.0/21
195.91.208.0/22
195.91.213.0/24
195.91.215.0/24
195.91.217.0-195.91.226.255
195.91.228.0-195.91.247.255
195.91.255.0/24
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
c5:0d:ea:95:18:3b:ef:b9:c4:5f:3b:30:07:6a:cb:67:17:10:
23:5f:92:95:7b:69:c4:69:72:7a:b3:80:d4:a4:b1:1d:5e:7b:
12:9e:b8:b9:82:ef:48:ea:8f:5d:66:21:41:0d:af:64:43:d6:
5a:9a:d0:9b:6e:42:c0:59:ae:5c:ca:9d:51:0a:59:46:85:5b:
68:c8:c4:28:36:2d:34:46:74:c1:be:01:12:94:2a:c1:c1:d2:
b1:df:a1:2e:bb:e5:a7:a4:d3:da:c5:54:0d:eb:d1:e1:f8:9f:
80:72:a7:87:ad:32:ae:2b:9c:ed:3a:94:5c:a1:88:ae:d1:11:
85:33:77:42:96:78:6f:55:2c:11:a8:6f:95:44:b3:91:54:f2:
10:8c:92:8d:66:6d:06:28:a3:3c:0c:49:3e:f5:53:99:9e:0d:
8f:36:4c:01:ae:84:3c:c9:dd:68:91:d0:a2:1a:69:22:e8:ed:
ce:36:17:19:b6:a5:c2:07:b9:25:ac:7e:82:29:93:e5:45:d8:
16:57:f4:05:4f:2a:45:ff:40:28:ce:55:b2:9f:77:92:ab:8b:
ce:50:dc:b2:e7:bb:77:63:d4:f0:9e:48:b9:3b:f5:bb:0c:25:
7a:46:bf:b5:18:14:d6:18:4d:1b:b1:ca:90:85:43:46:c3:a6:
ec:a0:a0:dd
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVtytoGXUvnyTCl93pKSASCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDEzZjkzZjc4ZjY0Y2RiMDFiZjdiOWM4YTVjNWY5ODc0ZjczODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4Chnpf0xkAO6LpnF4Y4qC5hFOMd
uoNb9oGcyBghHBUhqjVp4vgkY3H9pmMk5GE6WgDPKAoW+Ltd4pl0HMTec71uKbvg
B6Ac/MQWROAnT4ZKOhUVnJqFeM/82AuVfzFQ9JqoOTd3h8U5qYDLc6D6K+UqyOWg
bLmPtCyagKaeth/mv50DRnevCMCbSPuNxDMirahK7xDnED3tHHk5+sFotXS1TCoJ
vh5lzcHQQEJpd9Dq6lKZvhXuL7Ms+CfB4vhA0+F5yiCHVnKVnleGkLvV7htdhAae
WPlLVmC5q/w/clU01BY/3abdqC8hP4QaFLlWdCAb3TFqezAsPjm9Mw/1yQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGAT+T949kzbAb97nIpcX5h09zgQMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvWUJQNVAzajJUTnNCdjN1Y2lseGZtSFQzT0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBMBAIAATBGAwQAVj59AwQA
w1uVAwQDw1uoAwQCw1vQAwQAw1vVAwQAw1vXMAwDBADDW9kDBADDW+IwDAMEAsNb
5AMEA8Nb8AMEAMNb/zAOBAIAAjAIAwYCKgImmJgwDQYJKoZIhvcNAQELBQADggEB
AMUN6pUYO++5xF87MAdqy2cXECNfkpV7acRpcnqzgNSksR1eexKeuLmC70jqj11m
IUENr2RD1lqa0JtuQsBZrlzKnVEKWUaFW2jIxCg2LTRGdMG+ARKUKsHB0rHfoS67
5aek09rFVA3r0eH4n4Byp4etMq4rnO06lFyhiK7REYUzd0KWeG9VLBGob5VEs5FU
8hCMko1mbQYoozwMST71U5meDY82TAGuhDzJ3WiR0KIaaSLo7c42Fxm2pcIHuSWs
foIpk+VF2BZX9AVPKkX/QCjOVbKfd5Kri85Q3LLnu3dj1PCeSLk79bsMJXpGv7UY
FNYYTRuxypCFQ0bDpuygoN0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:54 2025 by rpki-client