Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/YOp8_XwcgPGtX480oZMMv5FkFTE.roa
File: YOp8_XwcgPGtX480oZMMv5FkFTE.roa (raw, json)
Hash identifier: JNbcPg+eKKH2RwoC8Uz9lo+3KmcraBTljIvma3VhA6Q=
Subject key identifier: 60:EA:7C:FD:7C:1C:80:F1:AD:5F:8F:34:A1:93:0C:BF:91:64:15:31
Certificate issuer: /CN=5f41c664c0c013dffb6e0dd1d73b369cba5fbd1c
Certificate serial: 019424458955EA19D1FED2A1240F5693279E
Authority key identifier: 5F:41:C6:64:C0:C0:13:DF:FB:6E:0D:D1:D7:3B:36:9C:BA:5F:BD:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X0HGZMDAE9_7bg3R1zs2nLpfvRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/YOp8_XwcgPGtX480oZMMv5FkFTE.roa
Signing time: Wed 01 Jan 2025 23:48:44 +0000
ROA not before: Wed 01 Jan 2025 23:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.98.156.0/24 maxlen: 24
2a12:a900:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:89:55:ea:19:d1:fe:d2:a1:24:0f:56:93:27:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f41c664c0c013dffb6e0dd1d73b369cba5fbd1c
Validity
Not Before: Jan 1 23:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60ea7cfd7c1c80f1ad5f8f34a1930cbf91641531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:2e:16:80:03:67:3e:09:8b:32:4a:22:7b:
c9:44:da:06:9c:c7:b4:a6:dc:7e:d3:5c:51:3a:06:
8b:d1:b2:95:78:84:77:7a:18:1d:65:c5:76:bd:0c:
25:86:d3:e2:39:fb:b0:00:50:1d:10:e4:43:e9:47:
fd:46:66:2c:0d:5b:10:82:11:77:cd:a9:b1:31:11:
c5:82:5c:0e:2d:0d:00:1d:43:7c:26:11:34:68:81:
e0:4b:2f:4e:04:fe:74:1c:2d:36:94:d0:6b:dc:9f:
bb:12:03:e1:fb:8d:30:b1:98:f8:75:8e:32:e3:b7:
97:65:2d:91:25:79:ad:d8:8e:a2:54:55:b5:56:7e:
4b:44:e9:78:1a:1a:ef:fd:4e:de:c4:5b:d3:b3:c3:
a2:ec:fc:01:79:1c:61:98:2b:7a:52:56:cb:5a:43:
7d:49:27:db:e3:11:ba:6d:03:85:b0:93:3e:3a:87:
ef:d7:5c:fb:bc:d9:d2:47:1f:79:e1:fa:09:1e:59:
d1:2b:16:cb:06:e4:92:73:89:03:3c:70:4c:3f:b0:
62:66:d3:ca:42:c8:4b:63:e3:b9:c4:81:14:9d:ce:
a7:94:91:c3:99:13:79:2e:73:97:cb:d1:32:18:7e:
b1:a8:4e:44:8a:15:ca:8a:b5:a0:35:6e:db:f1:e9:
38:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EA:7C:FD:7C:1C:80:F1:AD:5F:8F:34:A1:93:0C:BF:91:64:15:31
X509v3 Authority Key Identifier:
keyid:5F:41:C6:64:C0:C0:13:DF:FB:6E:0D:D1:D7:3B:36:9C:BA:5F:BD:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X0HGZMDAE9_7bg3R1zs2nLpfvRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/YOp8_XwcgPGtX480oZMMv5FkFTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/379a1d-52b9-4669-9625-62306abdfa03/1/X0HGZMDAE9_7bg3R1zs2nLpfvRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.156.0/24
IPv6:
2a12:a900:1::/48
Signature Algorithm: sha256WithRSAEncryption
48:f7:75:60:4f:9f:e3:81:2a:45:17:68:79:b5:ec:fb:31:7a:
d9:a6:a0:12:ca:37:e0:10:27:c8:d9:77:ec:aa:48:db:bc:54:
9e:28:a7:8b:c6:0d:95:27:2f:e8:d1:2b:5f:c6:2d:75:84:c3:
89:cf:0f:10:77:b9:05:2c:55:14:e6:e8:41:d4:98:eb:65:dd:
c7:16:54:1b:5e:07:96:47:1b:d2:06:bf:d9:36:31:b2:59:26:
7a:03:d1:f2:ef:8b:53:25:87:ce:4c:63:ba:2c:69:85:a4:8f:
f1:db:57:51:84:6a:04:0e:c6:da:c2:e7:75:af:3e:85:35:71:
61:64:a7:f9:a7:3f:72:33:68:db:11:3d:ef:d4:46:98:3d:11:
a9:91:75:20:c2:e3:5e:fe:b1:a0:19:b1:55:33:32:d2:65:a3:
bd:de:41:c4:4a:fa:04:a0:bf:1c:8d:78:ec:da:3b:0a:f8:c5:
91:9d:b2:f9:ab:ad:38:00:48:d0:0c:34:11:9d:16:32:9b:fc:
87:2c:ee:f9:01:71:7a:ba:e1:b7:22:fd:73:64:ea:1a:77:49:
e9:89:43:e5:79:e1:f5:7b:78:16:6b:cf:c5:e8:79:46:76:fe:
8a:31:e2:10:ba:b5:57:10:e8:78:74:81:87:a9:24:fa:9a:18:
72:4a:18:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRYlV6hnR/tKhJA9WkyeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNDFjNjY0YzBjMDEzZGZmYjZlMGRkMWQ3M2IzNjljYmE1
ZmJkMWMwHhcNMjUwMTAxMjM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVhN2NmZDdjMWM4MGYxYWQ1ZjhmMzRhMTkzMGNiZjkxNjQxNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrsuFoADZz4JizJKInvJRNoGnMe0
ptx+01xROgaL0bKVeIR3ehgdZcV2vQwlhtPiOfuwAFAdEORD6Uf9RmYsDVsQghF3
zamxMRHFglwOLQ0AHUN8JhE0aIHgSy9OBP50HC02lNBr3J+7EgPh+40wsZj4dY4y
47eXZS2RJXmt2I6iVFW1Vn5LROl4Ghrv/U7exFvTs8Oi7PwBeRxhmCt6UlbLWkN9
SSfb4xG6bQOFsJM+Oofv11z7vNnSRx954foJHlnRKxbLBuSSc4kDPHBMP7BiZtPK
QshLY+O5xIEUnc6nlJHDmRN5LnOXy9EyGH6xqE5EihXKirWgNW7b8ek4RQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGDqfP18HIDxrV+PNKGTDL+RZBUxMB8GA1UdIwQY
MBaAFF9BxmTAwBPf+24N0dc7Npy6X70cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDBIR1pNREFFOV83YmczUjF6czJuTHBmdlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNzlhMWQtNTJiOS00NjY5LTk2MjUt
NjIzMDZhYmRmYTAzLzEvWU9wOF9Yd2NnUEd0WDQ4MG9aTU12NUZrRlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNzlhMWQtNTJiOS00NjY5LTk2MjUtNjIzMDZhYmRmYTAz
LzEvWDBIR1pNREFFOV83YmczUjF6czJuTHBmdlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWKcMA8E
AgACMAkDBwAqEqkAAAEwDQYJKoZIhvcNAQELBQADggEBAEj3dWBPn+OBKkUXaHm1
7PsxetmmoBLKN+AQJ8jZd+yqSNu8VJ4op4vGDZUnL+jRK1/GLXWEw4nPDxB3uQUs
VRTm6EHUmOtl3ccWVBteB5ZHG9IGv9k2MbJZJnoD0fLvi1Mlh85MY7osaYWkj/Hb
V1GEagQOxtrC53WvPoU1cWFkp/mnP3IzaNsRPe/URpg9EamRdSDC417+saAZsVUz
MtJlo73eQcRK+gSgvxyNeOzaOwr4xZGdsvmrrTgASNAMNBGdFjKb/Ics7vkBcXq6
4bci/XNk6hp3SemJQ+V54fV7eBZrz8XoeUZ2/oox4hC6tVcQ6Hh0gYepJPqaGHJK
GJg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:54:21 2025 by rpki-client