Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/YFmwVrLg1hwmMKXx_Mm4unlp1Pk.roa
File: YFmwVrLg1hwmMKXx_Mm4unlp1Pk.roa (raw, json)
Hash identifier: k02tWA3CSFWvzMdYPWtnwp3L9wjqBp2dmnRijw+YwuE=
Subject key identifier: 60:59:B0:56:B2:E0:D6:1C:26:30:A5:F1:FC:C9:B8:BA:79:69:D4:F9
Certificate issuer: /CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba
Certificate serial: 019423D6F4324625C407ED3A3F91E6C6725D
Authority key identifier: A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/YFmwVrLg1hwmMKXx_Mm4unlp1Pk.roa
Signing time: Wed 01 Jan 2025 21:47:57 +0000
ROA not before: Wed 01 Jan 2025 21:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206880
IP address blocks: 193.164.147.0/24 maxlen: 24
2a12:6ac0:5121::/48 maxlen: 48
2a12:6ac0:dc10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f4:32:46:25:c4:07:ed:3a:3f:91:e6:c6:72:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba
Validity
Not Before: Jan 1 21:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6059b056b2e0d61c2630a5f1fcc9b8ba7969d4f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:62:c6:0c:68:b9:bf:13:61:77:af:5b:b7:e0:
83:79:00:6e:1b:d0:38:fe:81:ba:28:b4:ff:51:f3:
73:76:98:3a:7c:4d:10:b6:03:35:9e:37:9a:69:a1:
82:8a:0a:31:dd:5d:4e:6a:7c:fd:84:e7:09:9c:50:
0b:96:5c:44:cb:6e:b8:eb:92:6b:a9:dd:a2:9b:a1:
96:db:06:88:0f:71:92:26:35:dc:33:de:4e:85:65:
de:d9:11:cd:84:1b:42:23:47:54:a7:aa:da:23:c9:
fc:3e:0b:e4:a5:af:1b:68:00:ce:ca:23:ca:08:d7:
1c:84:d9:3c:9e:e9:32:c7:ac:42:f6:fc:72:5d:47:
c5:7d:08:da:6a:12:9a:25:2c:64:e5:48:43:6a:04:
2f:f8:96:12:24:7d:42:a6:f5:56:4f:d8:b6:df:25:
4a:31:b9:b8:56:0d:0f:2d:03:bb:78:21:8e:64:9b:
86:ff:97:19:9b:6d:93:93:f4:17:65:4c:29:e6:68:
82:68:2c:53:63:a9:03:ca:fd:39:21:dd:74:6e:dd:
e3:30:66:6d:62:ba:d7:f6:2a:fa:cc:5c:de:36:f2:
1d:b0:39:99:1b:79:b4:b1:8f:ac:d4:08:e2:2d:12:
04:da:fb:d6:2b:0e:51:90:31:73:7c:97:3a:df:73:
b0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:59:B0:56:B2:E0:D6:1C:26:30:A5:F1:FC:C9:B8:BA:79:69:D4:F9
X509v3 Authority Key Identifier:
keyid:A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/YFmwVrLg1hwmMKXx_Mm4unlp1Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.147.0/24
IPv6:
2a12:6ac0:5121::/48
2a12:6ac0:dc10::/48
Signature Algorithm: sha256WithRSAEncryption
9d:98:b9:ce:9b:74:fc:6c:2e:9d:9d:a7:35:26:ad:ce:01:82:
82:21:58:dd:1c:71:84:5e:a1:39:b5:65:d8:a0:67:ab:05:6d:
c3:5e:7b:fe:09:34:bc:33:d5:79:ff:cd:0c:a3:be:57:7e:df:
c9:07:e3:f9:ec:88:84:62:a2:be:b3:7b:3b:ce:68:eb:07:48:
70:e7:bb:32:ef:fd:12:25:a0:cc:fe:38:33:c9:84:83:cd:19:
79:5b:9b:ed:97:d3:06:36:a2:75:57:2d:dc:2d:c7:91:97:fe:
be:fd:f5:cc:77:6e:96:5a:78:88:8c:f8:66:76:91:a6:b0:26:
a2:70:0a:e8:2a:bd:e5:35:74:27:83:07:e7:95:b2:bd:13:33:
57:6a:85:80:0d:fd:f2:b2:16:a5:88:14:f2:b8:34:fd:13:e1:
e1:c9:30:a9:ad:b6:ac:a7:b1:9b:f6:30:c2:cc:23:97:3d:19:
be:ba:5a:47:74:4b:9d:a9:3a:a8:61:de:4a:55:5f:a7:f3:8a:
dd:44:4c:df:f5:bc:40:13:b5:1e:56:de:92:7e:4b:6f:23:7b:
70:00:d1:77:8d:e3:e9:20:e6:ac:93:59:c8:bb:b4:ce:c4:ba:
75:39:4c:ec:6f:fa:fd:89:86:19:36:1b:c2:29:01:0c:32:e7:
05:db:d4:fe
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQj1vQyRiXEB+06P5HmxnJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODQxY2M3MzJhYzczOGRjMWUzZmU2N2MxMmU1MTA0YmVm
ODYzYmEwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDU5YjA1NmIyZTBkNjFjMjYzMGE1ZjFmY2M5YjhiYTc5NjlkNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mLGDGi5vxNhd69bt+CDeQBuG9A4
/oG6KLT/UfNzdpg6fE0QtgM1njeaaaGCigox3V1Oanz9hOcJnFALllxEy26465Jr
qd2im6GW2waID3GSJjXcM95OhWXe2RHNhBtCI0dUp6raI8n8Pgvkpa8baADOyiPK
CNcchNk8nukyx6xC9vxyXUfFfQjaahKaJSxk5UhDagQv+JYSJH1CpvVWT9i23yVK
Mbm4Vg0PLQO7eCGOZJuG/5cZm22Tk/QXZUwp5miCaCxTY6kDyv05Id10bt3jMGZt
YrrX9ir6zFzeNvIdsDmZG3m0sY+s1AjiLRIE2vvWKw5RkDFzfJc633OwpQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGBZsFay4NYcJjCl8fzJuLp5adT5MB8GA1UdIwQY
MBaAFKWEHMcyrHONweP+Z8EuUQS++GO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQt
NjY2NjBiMjIyZmIwLzEvWUZtd1ZyTGcxaHdtTUtYeF9NbTR1bmxwMVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQtNjY2NjBiMjIyZmIw
LzEvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwaSTMBgE
AgACMBIDBwAqEmrAUSEDBwAqEmrA3BAwDQYJKoZIhvcNAQELBQADggEBAJ2Yuc6b
dPxsLp2dpzUmrc4BgoIhWN0ccYReoTm1ZdigZ6sFbcNee/4JNLwz1Xn/zQyjvld+
38kH4/nsiIRior6zezvOaOsHSHDnuzLv/RIloMz+ODPJhIPNGXlbm+2X0wY2onVX
Ldwtx5GX/r799cx3bpZaeIiM+GZ2kaawJqJwCugqveU1dCeDB+eVsr0TM1dqhYAN
/fKyFqWIFPK4NP0T4eHJMKmttqynsZv2MMLMI5c9Gb66Wkd0S52pOqhh3kpVX6fz
it1ETN/1vEATtR5W3pJ+S28je3AA0XeN4+kg5qyTWci7tM7EunU5TOxv+v2Jhhk2
G8IpAQwy5wXb1P4=
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:51:26 2025 by rpki-client