Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/IYyyhMB1ESxGlLx1uYqNqrIgR6U.roa
File: IYyyhMB1ESxGlLx1uYqNqrIgR6U.roa (raw, json)
Hash identifier: 4+KfJiZUKyrNHi/Wrz4kW/2Z3KBOulRvE66Y7Dq4jLQ=
Subject key identifier: 21:8C:B2:84:C0:75:11:2C:46:94:BC:75:B9:8A:8D:AA:B2:20:47:A5
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B563D76D6691E067ECF29992B9CAEF
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/IYyyhMB1ESxGlLx1uYqNqrIgR6U.roa
Signing time: Thu 02 Jan 2025 15:49:46 +0000
ROA not before: Thu 02 Jan 2025 15:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212815
IP address blocks: 91.209.71.0/24 maxlen: 24
185.171.202.0/24 maxlen: 24
2a10:4640::/32 maxlen: 32
2a10:4645::/32 maxlen: 32
2a10:4646:50::/44 maxlen: 44
2a10:4646:170::/44 maxlen: 44
2a10:4646:240::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:63:d7:6d:66:91:e0:67:ec:f2:99:92:b9:ca:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=218cb284c075112c4694bc75b98a8daab22047a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:46:83:e6:c2:1e:17:b8:2f:47:e1:a0:09:55:
d0:73:50:d6:11:44:ca:20:67:02:2b:6e:51:60:47:
2d:1e:a5:5c:78:c0:f4:c6:c3:09:a9:a1:55:ab:95:
2a:12:ec:ef:b2:2e:ab:ba:f8:5d:59:d5:56:e5:03:
31:7d:4b:cd:29:5c:7f:e1:23:f3:dc:96:7c:f9:df:
18:ca:a1:c6:91:d2:a5:43:70:2c:5a:2c:e9:f1:71:
26:18:b9:cf:b5:cb:69:33:cf:17:76:5c:53:f0:a3:
f9:38:88:e6:40:eb:65:4f:bf:6a:38:a1:17:5a:00:
b0:09:8c:3b:d6:f0:be:70:93:8c:ca:0b:65:3d:0d:
75:c8:b3:09:a8:7f:9a:6c:16:bb:86:17:5f:06:4a:
10:ea:97:05:19:82:b3:74:dc:e4:e5:4b:74:42:f6:
e7:52:e1:c7:bc:1d:c8:8f:23:bc:5c:80:1d:ae:96:
a7:b2:96:25:56:b0:44:33:d6:51:23:e1:56:cf:ad:
51:15:52:81:e7:ac:ee:33:3b:fc:2b:f2:a9:ca:5b:
c0:4e:40:c2:5e:ff:44:82:49:cd:07:b0:52:0b:cd:
a0:ef:a0:75:dc:ca:20:aa:37:b5:8c:fb:03:87:a9:
04:73:a1:96:ed:61:bb:ad:0f:c9:4e:98:d2:59:eb:
48:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:B2:84:C0:75:11:2C:46:94:BC:75:B9:8A:8D:AA:B2:20:47:A5
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/IYyyhMB1ESxGlLx1uYqNqrIgR6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.71.0/24
185.171.202.0/24
IPv6:
2a10:4640::/32
2a10:4645::/32
2a10:4646:50::/44
2a10:4646:170::/44
2a10:4646:240::/44
Signature Algorithm: sha256WithRSAEncryption
20:18:ac:01:6a:30:00:99:77:fa:64:ca:9b:1c:3b:89:53:ed:
c4:6e:54:f0:a5:d9:bd:f4:b5:6b:86:37:57:0f:d0:65:89:59:
61:28:3b:31:21:50:17:33:ad:09:fb:ab:48:ab:43:25:41:a6:
b0:6b:e4:53:da:46:bb:46:df:7d:11:0c:4a:32:8e:50:1f:b4:
64:68:1c:10:d3:98:dc:cf:fc:0e:e1:f9:05:31:d1:50:8d:43:
fc:c9:8e:f1:02:aa:4b:99:69:dc:0b:33:58:b9:93:a2:42:4a:
e9:84:82:50:e3:69:01:c2:10:a6:05:de:6e:7c:25:1c:17:26:
10:31:56:b7:f2:50:6e:01:7a:4a:43:21:49:d7:8a:f7:89:1c:
68:f3:19:98:3b:dc:07:7f:52:31:43:e8:48:0d:cd:b5:fd:54:
5d:61:c3:bc:95:0a:71:9b:84:fe:49:cf:25:7c:54:c6:87:7d:
6e:c4:ef:ce:02:53:8b:12:72:c0:64:b4:26:10:bd:58:8e:e1:
01:47:1c:bb:d5:5b:9c:d4:42:44:8f:b9:5e:83:6f:83:b0:a6:
82:a2:eb:73:3a:f6:db:74:28:48:52:53:46:9b:c7:6b:40:01:
9b:39:95:73:7c:f7:58:9f:97:85:36:b5:ab:ca:73:89:d7:67:
b7:d3:6e:ab
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQntWPXbWaR4Gfs8pmSucrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjYjI4NGMwNzUxMTJjNDY5NGJjNzViOThhOGRhYWIyMjA0N2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEaD5sIeF7gvR+GgCVXQc1DWEUTK
IGcCK25RYEctHqVceMD0xsMJqaFVq5UqEuzvsi6ruvhdWdVW5QMxfUvNKVx/4SPz
3JZ8+d8YyqHGkdKlQ3AsWizp8XEmGLnPtctpM88XdlxT8KP5OIjmQOtlT79qOKEX
WgCwCYw71vC+cJOMygtlPQ11yLMJqH+abBa7hhdfBkoQ6pcFGYKzdNzk5Ut0Qvbn
UuHHvB3IjyO8XIAdrpanspYlVrBEM9ZRI+FWz61RFVKB56zuMzv8K/KpylvATkDC
Xv9EgknNB7BSC82g76B13Mogqje1jPsDh6kEc6GW7WG7rQ/JTpjSWetIpwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFCGMsoTAdREsRpS8dbmKjaqyIEelMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvSVl5eWhNQjFFU3hHbEx4MXVZcU5xcklnUjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTASBAIAATAMAwQAW9FHAwQA
uavKMC8EAgACMCkDBQAqEEZAAwUAKhBGRQMHBCoQRkYAUAMHBCoQRkYBcAMHBCoQ
RkYCQDANBgkqhkiG9w0BAQsFAAOCAQEAIBisAWowAJl3+mTKmxw7iVPtxG5U8KXZ
vfS1a4Y3Vw/QZYlZYSg7MSFQFzOtCfurSKtDJUGmsGvkU9pGu0bffREMSjKOUB+0
ZGgcENOY3M/8DuH5BTHRUI1D/MmO8QKqS5lp3AszWLmTokJK6YSCUONpAcIQpgXe
bnwlHBcmEDFWt/JQbgF6SkMhSdeK94kcaPMZmDvcB39SMUPoSA3Ntf1UXWHDvJUK
cZuE/knPJXxUxod9bsTvzgJTixJywGS0JhC9WI7hAUccu9VbnNRCRI+5XoNvg7Cm
gqLrczr223QoSFJTRpvHa0ABmzmVc3z3WJ+XhTa1q8pziddnt9Nuqw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:03:29 2025 by rpki-client