Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/Yt9gXDiWIpr00VKiBXNDF48bjqY.roa
File: Yt9gXDiWIpr00VKiBXNDF48bjqY.roa (raw, json)
Hash identifier: kNOqTgwZXqADcZE7dOIsWRRjBx8Fsv4SeraOG/D+3kE=
Subject key identifier: 62:DF:60:5C:38:96:22:9A:F4:D1:52:A2:05:73:43:17:8F:1B:8E:A6
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 01856FA6EDA26C544D3EF136C3A9466A5639
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/Yt9gXDiWIpr00VKiBXNDF48bjqY.roa
Signing time: Sun 01 Jan 2023 23:24:48 +0000
ROA not before: Sun 01 Jan 2023 23:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43289
IP address blocks: 178.175.128.0/19 maxlen: 24
178.17.160.0/20 maxlen: 24
178.175.160.0/20 maxlen: 24
103.197.148.0/22 maxlen: 24
2a00:1dc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:ed:a2:6c:54:4d:3e:f1:36:c3:a9:46:6a:56:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 1 23:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62df605c3896229af4d152a2057343178f1b8ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f5:fa:61:1b:7a:e8:ff:b2:ca:7a:ae:c9:a9:
2b:d8:93:54:2a:36:ec:59:5a:31:20:ec:25:38:cf:
50:1f:17:e7:c3:cd:da:aa:be:c0:73:94:f7:89:66:
13:9b:11:24:7c:70:96:df:58:d7:c8:54:c4:a5:65:
3d:91:cb:e2:d5:b7:01:ea:6e:95:6c:e4:33:1c:6a:
79:b3:a2:6b:04:18:5e:f1:03:45:29:e5:81:c9:6e:
e3:1f:70:59:36:4b:74:12:3d:98:fc:83:f6:52:2c:
9b:66:3c:36:ac:d8:85:eb:54:d6:d2:c3:f8:30:22:
23:78:00:29:45:ef:38:48:d4:b1:a0:ce:1f:d1:ff:
68:f8:53:f0:ce:5a:78:8f:c4:19:05:06:21:3d:08:
94:f2:6e:35:22:bb:86:0a:38:22:95:66:03:14:2b:
c6:af:b1:6e:b2:fd:99:fe:c2:23:a7:43:35:3d:9c:
37:3d:1d:bc:2a:fb:77:11:dd:a2:70:31:75:af:33:
53:fc:0c:37:c4:4c:a4:37:b6:30:f4:71:77:69:fc:
9a:69:68:e2:56:36:8b:74:57:14:06:1e:ae:28:fb:
34:16:ae:87:1b:fe:fc:af:c0:65:40:2d:93:c5:49:
a8:fe:58:68:cb:f5:d0:67:45:13:99:e9:0c:a4:0c:
11:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DF:60:5C:38:96:22:9A:F4:D1:52:A2:05:73:43:17:8F:1B:8E:A6
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/Yt9gXDiWIpr00VKiBXNDF48bjqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.197.148.0/22
178.17.160.0/20
178.175.128.0-178.175.175.255
IPv6:
2a00:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:8e:6e:98:c4:cd:05:ae:54:15:32:6f:95:d8:ab:a8:73:4f:
82:61:9e:9d:d1:ac:81:03:95:93:2f:89:b6:4b:a8:f9:cd:8e:
23:07:db:7c:56:e5:97:ae:63:49:42:83:00:aa:80:c6:35:09:
dc:71:4a:d6:f2:7e:7d:6d:79:fc:d8:74:24:f7:e8:60:bb:2b:
a2:9d:27:83:05:94:d0:a9:b7:b5:49:97:8f:d6:06:55:6f:b8:
aa:c5:08:a5:30:b4:06:d1:e7:68:be:e7:72:59:c4:c3:c6:d3:
ab:67:48:ec:32:45:f0:15:bd:db:c2:13:10:07:05:0f:83:9c:
e7:23:f6:c2:08:07:48:31:18:61:c9:fe:1d:ed:3e:9c:c5:d9:
6f:f9:40:f1:8a:9b:e1:e2:6a:df:38:a4:b2:3a:c3:aa:a7:17:
a8:41:b8:5e:60:a1:aa:c9:9e:b3:7b:56:f4:5b:06:01:f4:16:
87:ab:45:a6:31:68:9b:8f:3e:8f:95:49:72:00:ff:45:61:a4:
85:cb:9b:26:df:6a:0f:a0:d4:16:54:cb:65:36:64:09:8d:7a:
5e:e6:82:c4:76:11:03:0c:45:8a:5a:b0:a6:ce:56:d6:8c:09:
b0:89:f8:fa:fa:8b:a4:d2:90:77:94:4a:1e:36:4a:77:e6:3b:
fa:6b:22:12
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVvpu2ibFRNPvE2w6lGalY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjMwMTAxMjMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRmNjA1YzM4OTYyMjlhZjRkMTUyYTIwNTczNDMxNzhmMWI4ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovX6YRt66P+yynquyakr2JNUKjbs
WVoxIOwlOM9QHxfnw83aqr7Ac5T3iWYTmxEkfHCW31jXyFTEpWU9kcvi1bcB6m6V
bOQzHGp5s6JrBBhe8QNFKeWByW7jH3BZNkt0Ej2Y/IP2UiybZjw2rNiF61TW0sP4
MCIjeAApRe84SNSxoM4f0f9o+FPwzlp4j8QZBQYhPQiU8m41IruGCjgilWYDFCvG
r7Fusv2Z/sIjp0M1PZw3PR28Kvt3Ed2icDF1rzNT/Aw3xEykN7Yw9HF3afyaaWji
VjaLdFcUBh6uKPs0Fq6HG/78r8BlQC2TxUmo/lhoy/XQZ0UTmekMpAwRXwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGLfYFw4liKa9NFSogVzQxePG46mMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvWXQ5Z1hEaVdJcHIwMFZLaUJYTkRGNDhianFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCZ8WUAwQE
shGgMAwDBAeyr4ADBASyr6AwDQQCAAIwBwMFAyoAHcAwDQYJKoZIhvcNAQELBQAD
ggEBAKaObpjEzQWuVBUyb5XYq6hzT4Jhnp3RrIEDlZMvibZLqPnNjiMH23xW5Zeu
Y0lCgwCqgMY1CdxxStbyfn1tefzYdCT36GC7K6KdJ4MFlNCpt7VJl4/WBlVvuKrF
CKUwtAbR52i+53JZxMPG06tnSOwyRfAVvdvCExAHBQ+DnOcj9sIIB0gxGGHJ/h3t
PpzF2W/5QPGKm+Hiat84pLI6w6qnF6hBuF5goarJnrN7VvRbBgH0FoerRaYxaJuP
Po+VSXIA/0VhpIXLmybfag+g1BZUy2U2ZAmNel7mgsR2EQMMRYpasKbOVtaMCbCJ
+Pr6i6TSkHeUSh42SnfmO/prIhI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:38 2025 by rpki-client