Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/YjUMWxwdh0Y89-gJHbMgbsJEgaU.roa
File: YjUMWxwdh0Y89-gJHbMgbsJEgaU.roa (raw, json)
Hash identifier: KrtWJFhkx4N8oGIAIuxGUvBGGWYOY0hpVljnY5QbFz0=
Subject key identifier: 62:35:0C:5B:1C:1D:87:46:3C:F7:E8:09:1D:B3:20:6E:C2:44:81:A5
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C24B6F1EB5D243C24F0EFC88AADBD
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/YjUMWxwdh0Y89-gJHbMgbsJEgaU.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56884
IP address blocks: 84.246.111.0/24 maxlen: 24
91.247.178.0/24 maxlen: 24
176.97.213.0/24 maxlen: 24
178.23.188.0/24 maxlen: 24
194.26.223.0/24 maxlen: 24
213.232.252.0/24 maxlen: 24
2a11:a100::/29 maxlen: 29
2a13:8e00::/29 maxlen: 29
2a13:9200::/29 maxlen: 29
2a13:b100::/29 maxlen: 29
2a13:b500::/29 maxlen: 29
2a13:b700::/29 maxlen: 29
2a13:b900::/29 maxlen: 29
2a13:da00::/29 maxlen: 29
2a13:e200::/29 maxlen: 29
2a13:e400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:24:b6:f1:eb:5d:24:3c:24:f0:ef:c8:8a:ad:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62350c5b1c1d87463cf7e8091db3206ec24481a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0a:4b:5a:91:53:e4:6f:e0:66:46:f6:af:24:
0f:ce:39:7d:56:29:a6:5e:1d:48:3b:f6:87:89:c8:
b4:c6:71:36:53:5c:cd:39:fb:98:eb:33:e7:b5:b1:
36:87:8c:5d:f6:e0:84:e6:60:7c:d4:a6:f1:c6:04:
d7:cf:89:e4:1a:0f:7f:b2:d8:a3:af:fe:79:cc:ca:
df:94:28:72:e3:fa:bc:e4:4c:37:e5:17:6b:84:b9:
68:a3:9a:a2:fd:0e:5e:00:1f:e7:11:5c:35:15:95:
ec:30:51:a5:7f:47:62:35:61:40:a4:df:d6:6a:85:
3f:9b:1f:99:f9:c7:a5:c0:9f:52:71:8f:e7:d9:95:
0c:43:b7:8b:c4:e5:70:b0:f5:9c:e8:16:e3:53:97:
09:16:e2:60:fe:b5:96:c7:a0:be:cb:1b:b4:ee:6e:
3f:0e:e6:b7:01:0b:46:c7:ee:53:a6:1b:61:13:68:
6d:ae:db:8f:70:d1:d2:77:77:2b:fa:e1:4b:f8:d4:
a1:a9:fc:d6:14:8b:b9:63:45:e0:1e:de:26:b5:52:
d6:55:91:77:66:54:ac:0c:57:7f:d7:79:5f:78:70:
95:6a:db:4b:be:5d:c0:b7:eb:b0:28:31:2e:c6:1a:
cf:08:19:96:f8:56:7b:56:6d:ce:1f:62:2d:64:b2:
d8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:35:0C:5B:1C:1D:87:46:3C:F7:E8:09:1D:B3:20:6E:C2:44:81:A5
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/YjUMWxwdh0Y89-gJHbMgbsJEgaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.111.0/24
91.247.178.0/24
176.97.213.0/24
178.23.188.0/24
194.26.223.0/24
213.232.252.0/24
IPv6:
2a11:a100::/29
2a13:8e00::/29
2a13:9200::/29
2a13:b100::/29
2a13:b500::/29
2a13:b700::/29
2a13:b900::/29
2a13:da00::/29
2a13:e200::/29
2a13:e400::/29
Signature Algorithm: sha256WithRSAEncryption
50:59:fe:76:e5:46:a0:76:3b:8b:e4:36:d3:95:94:2d:c3:e2:
fc:c3:83:aa:3a:a4:b2:ad:4b:eb:6d:4c:2c:bd:47:6f:c9:8d:
18:ed:72:8c:b3:f4:d6:a2:e6:f8:71:55:42:93:fd:ef:1e:62:
6d:3b:b4:d8:dd:5c:cc:3d:6d:ff:20:d3:c7:e5:49:fe:1b:51:
03:10:bf:77:78:fb:ec:8f:04:66:5f:09:94:07:53:16:68:69:
eb:94:47:d0:ba:28:6b:95:d8:f0:7e:38:01:20:71:e9:8d:bf:
62:2b:a9:c7:aa:fe:ab:26:c5:ac:78:8d:5a:fd:57:e4:da:22:
8f:8d:14:e3:ac:6a:9a:56:34:b1:2d:e1:a0:cc:ce:2d:4f:25:
26:0f:43:08:fa:4d:57:31:76:38:73:1f:f5:e1:27:33:21:b2:
23:61:8a:52:5c:1e:e1:69:b5:0b:71:18:5c:3c:4b:4d:aa:be:
42:62:f9:42:84:16:b7:15:f0:2f:e0:2d:88:74:69:cd:2c:87:
81:b3:c5:93:74:be:d0:b3:51:10:07:08:2f:25:55:dc:e3:a0:
8e:3c:4e:09:0d:14:70:f4:20:a3:4c:e1:0e:a1:28:e7:7e:0d:
d5:56:c5:02:30:da:5a:bd:b6:e3:70:f5:c4:b5:58:67:c2:8c:
34:8b:42:c3
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZQmbCS28etdJDwk8O/Iiq29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjM1MGM1YjFjMWQ4NzQ2M2NmN2U4MDkxZGIzMjA2ZWMyNDQ4MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugpLWpFT5G/gZkb2ryQPzjl9Vimm
Xh1IO/aHici0xnE2U1zNOfuY6zPntbE2h4xd9uCE5mB81KbxxgTXz4nkGg9/stij
r/55zMrflChy4/q85Ew35RdrhLloo5qi/Q5eAB/nEVw1FZXsMFGlf0diNWFApN/W
aoU/mx+Z+celwJ9ScY/n2ZUMQ7eLxOVwsPWc6BbjU5cJFuJg/rWWx6C+yxu07m4/
Dua3AQtGx+5TphthE2htrtuPcNHSd3cr+uFL+NShqfzWFIu5Y0XgHt4mtVLWVZF3
ZlSsDFd/13lfeHCVattLvl3At+uwKDEuxhrPCBmW+FZ7Vm3OH2ItZLLYkwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGI1DFscHYdGPPfoCR2zIG7CRIGlMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvWWpVTVd4d2RoMFk4OS1nSkhiTWdic0pFZ2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowKgQCAAEwJAMEAFT2bwME
AFv3sgMEALBh1QMEALIXvAMEAMIa3wMEANXo/DBMBAIAAjBGAwUDKhGhAAMFAyoT
jgADBQMqE5IAAwUDKhOxAAMFAyoTtQADBQMqE7cAAwUDKhO5AAMFAyoT2gADBQMq
E+IAAwUDKhPkADANBgkqhkiG9w0BAQsFAAOCAQEAUFn+duVGoHY7i+Q205WULcPi
/MODqjqksq1L621MLL1Hb8mNGO1yjLP01qLm+HFVQpP97x5ibTu02N1czD1t/yDT
x+VJ/htRAxC/d3j77I8EZl8JlAdTFmhp65RH0Looa5XY8H44ASBx6Y2/Yiupx6r+
qybFrHiNWv1X5Noij40U46xqmlY0sS3hoMzOLU8lJg9DCPpNVzF2OHMf9eEnMyGy
I2GKUlwe4Wm1C3EYXDxLTaq+QmL5QoQWtxXwL+AtiHRpzSyHgbPFk3S+0LNREAcI
LyVV3OOgjjxOCQ0UcPQgo0zhDqEo534N1VbFAjDaWr2243D1xLVYZ8KMNItCww==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:16:05 2025 by rpki-client