Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/yIVyJLl1EpKKS9GoVS2g6EtcfKo.roa
File: yIVyJLl1EpKKS9GoVS2g6EtcfKo.roa (raw, json)
Hash identifier: +BexIZ1+iniEPsBZlKynSCHhy877ZiICabmi/L0fbr0=
Subject key identifier: C8:85:72:24:B9:75:12:92:8A:4B:D1:A8:55:2D:A0:E8:4B:5C:7C:AA
Certificate issuer: /CN=f7bed33ff01e8e09dc4fedcd01139c0e77854aae
Certificate serial: 01941F8C71BB58AAD5BDF485191BCDC59DB4
Authority key identifier: F7:BE:D3:3F:F0:1E:8E:09:DC:4F:ED:CD:01:13:9C:0E:77:85:4A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/yIVyJLl1EpKKS9GoVS2g6EtcfKo.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42926
IP address blocks: 185.70.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:71:bb:58:aa:d5:bd:f4:85:19:1b:cd:c5:9d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7bed33ff01e8e09dc4fedcd01139c0e77854aae
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8857224b97512928a4bd1a8552da0e84b5c7caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:c8:0b:f5:39:6f:ad:44:a8:7c:ea:b8:2a:
8e:11:8c:94:f4:5f:da:fb:41:88:93:ba:81:c7:0f:
52:df:06:46:7b:11:21:f2:87:1c:34:ef:29:1d:e8:
09:22:1f:ce:23:9e:41:47:98:fc:eb:1f:d1:f7:66:
81:a6:03:1b:86:45:d5:70:5b:02:67:a5:0d:e1:3b:
b5:3c:ca:df:b4:4c:75:61:4c:ac:d1:9a:e5:41:a2:
0a:b2:35:73:ff:a3:a1:32:c8:cc:08:9b:10:02:0e:
3c:a5:1c:b9:6d:de:aa:4f:a2:99:99:b6:e7:0c:ac:
aa:bb:34:c7:dc:38:07:4f:9a:1f:7c:e2:57:d2:85:
2a:d4:72:51:63:d1:d7:fc:5c:5e:9e:5a:21:4b:1b:
e1:a8:c1:1e:d1:9b:a1:94:e4:7c:e1:04:29:13:2d:
5c:e4:a3:18:9d:4f:af:90:af:f5:49:a6:e5:12:65:
0b:f9:87:1e:c0:04:6d:87:a2:08:d2:e2:54:f5:f3:
8b:4b:82:32:cc:3b:76:bd:6a:4d:39:6b:7a:80:3f:
bd:b8:4d:88:d3:3a:37:5e:89:96:9e:46:f8:28:92:
90:c3:a4:3f:24:6d:be:35:50:e5:a6:16:4a:ca:0c:
d2:f6:81:6d:25:c5:db:b4:91:9f:d7:f1:44:91:47:
66:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:85:72:24:B9:75:12:92:8A:4B:D1:A8:55:2D:A0:E8:4B:5C:7C:AA
X509v3 Authority Key Identifier:
keyid:F7:BE:D3:3F:F0:1E:8E:09:DC:4F:ED:CD:01:13:9C:0E:77:85:4A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/yIVyJLl1EpKKS9GoVS2g6EtcfKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/977TP_AejgncT-3NAROcDneFSq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.84.0/22
Signature Algorithm: sha256WithRSAEncryption
01:c9:96:75:40:74:cf:51:04:42:67:9d:23:f8:d9:db:f0:d9:
98:98:a1:9c:0b:30:35:ce:6c:71:8b:49:77:33:ef:da:d2:08:
55:aa:f0:8c:ad:9b:75:99:28:84:42:fd:d2:d6:37:75:ad:99:
71:05:3e:b4:89:3e:ed:d2:80:d3:a4:a0:8a:0f:8c:76:95:e2:
24:b2:a2:eb:5b:ee:68:17:2b:3a:3a:09:20:ad:85:11:e7:e4:
f2:50:17:50:56:bf:2e:1f:bd:72:f5:17:c1:41:0a:cd:c8:28:
24:2b:87:a0:ad:7b:d0:61:7d:f6:df:dc:c5:2f:7d:b4:56:7b:
58:bf:d1:62:46:0d:81:17:c8:e4:48:fb:e5:b0:34:48:cc:d8:
43:51:bb:d1:54:61:ba:5e:01:4e:b1:46:bf:3f:ef:d7:d0:16:
1b:90:bd:e9:66:6b:80:50:a2:02:e1:0b:1b:5a:9a:f8:1f:13:
f9:ce:53:ce:b3:ad:16:b9:87:da:a4:ba:16:29:89:a9:e5:63:
9f:d8:78:6a:bc:c1:1e:c6:7e:62:80:11:ed:ac:45:d1:aa:ad:
bc:38:38:52:0b:9a:60:b4:bb:47:62:7b:99:45:bd:05:55:93:
06:22:63:1c:25:f3:3a:12:fe:30:b6:af:25:24:50:0e:01:14:
f9:71:39:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHG7WKrVvfSFGRvNxZ20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YmVkMzNmZjAxZThlMDlkYzRmZWRjZDAxMTM5YzBlNzc4
NTRhYWUwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODg1NzIyNGI5NzUxMjkyOGE0YmQxYTg1NTJkYTBlODRiNWM3Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj3IC/U5b61EqHzquCqOEYyU9F/a
+0GIk7qBxw9S3wZGexEh8occNO8pHegJIh/OI55BR5j86x/R92aBpgMbhkXVcFsC
Z6UN4Tu1PMrftEx1YUys0ZrlQaIKsjVz/6OhMsjMCJsQAg48pRy5bd6qT6KZmbbn
DKyquzTH3DgHT5offOJX0oUq1HJRY9HX/FxenlohSxvhqMEe0ZuhlOR84QQpEy1c
5KMYnU+vkK/1SablEmUL+YcewARth6II0uJU9fOLS4IyzDt2vWpNOWt6gD+9uE2I
0zo3XomWnkb4KJKQw6Q/JG2+NVDlphZKygzS9oFtJcXbtJGf1/FEkUdmAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiFciS5dRKSikvRqFUtoOhLXHyqMB8GA1UdIwQY
MBaAFPe+0z/wHo4J3E/tzQETnA53hUquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTc3VFBfQWVqZ25jVC0zTkFST2NEbmVGU3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YTZkMDEtYTM3NS00ZTExLTg3MWUt
OTllNjE0MWRlN2YxLzEveUlWeUpMbDFFcEtLUzlHb1ZTMmc2RXRjZktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YTZkMDEtYTM3NS00ZTExLTg3MWUtOTllNjE0MWRlN2Yx
LzEvOTc3VFBfQWVqZ25jVC0zTkFST2NEbmVGU3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUZUMA0G
CSqGSIb3DQEBCwUAA4IBAQAByZZ1QHTPUQRCZ50j+Nnb8NmYmKGcCzA1zmxxi0l3
M+/a0ghVqvCMrZt1mSiEQv3S1jd1rZlxBT60iT7t0oDTpKCKD4x2leIksqLrW+5o
Fys6OgkgrYUR5+TyUBdQVr8uH71y9RfBQQrNyCgkK4egrXvQYX3239zFL320VntY
v9FiRg2BF8jkSPvlsDRIzNhDUbvRVGG6XgFOsUa/P+/X0BYbkL3pZmuAUKIC4Qsb
Wpr4HxP5zlPOs60WuYfapLoWKYmp5WOf2HhqvMEexn5igBHtrEXRqq28ODhSC5pg
tLtHYnuZRb0FVZMGImMcJfM6Ev4wtq8lJFAOART5cTkW
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:45:02 2025 by rpki-client