Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/YbcOnZW9_Zu9yKhH0Z8JxR5x7ds.roa
File: YbcOnZW9_Zu9yKhH0Z8JxR5x7ds.roa (raw, json)
Hash identifier: T1230kPwnEE+RQklCUukOAXYKF2qHjbHP0I92wmimQ8=
Subject key identifier: 61:B7:0E:9D:95:BD:FD:9B:BD:C8:A8:47:D1:9F:09:C5:1E:71:ED:DB
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3ADC5E75E84F6B56BFD1AA60CBEB2
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/YbcOnZW9_Zu9yKhH0Z8JxR5x7ds.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48108
IP address blocks: 94.131.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ad:c5:e7:5e:84:f6:b5:6b:fd:1a:a6:0c:be:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61b70e9d95bdfd9bbdc8a847d19f09c51e71eddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c4:3a:4a:5b:75:02:4b:6d:a3:80:31:5d:c5:
db:8a:71:23:2c:9e:24:fa:24:8d:f8:23:5b:9a:df:
26:78:c4:1e:1f:ab:3a:c8:82:9a:5d:a2:26:10:9f:
7c:95:85:42:66:f7:b7:d8:11:21:a4:e1:8f:be:a2:
ef:d1:e3:a2:59:d2:85:e0:7d:6f:f5:d9:7e:7d:b8:
86:79:b0:51:1f:70:36:63:d4:31:cf:4d:a5:0e:f5:
54:9a:8f:95:ba:28:58:3a:10:50:a2:3d:9d:11:dd:
70:76:96:89:31:a3:18:1e:7b:32:3c:f0:b4:1e:7c:
0c:39:c4:68:c8:07:ad:45:8b:af:ea:da:ba:01:32:
03:ef:74:df:09:9d:27:22:c5:07:0a:0d:c3:cb:4c:
a4:bb:d8:60:22:ff:4d:8c:33:f3:c6:3f:53:e5:5a:
bb:21:b7:c6:bc:29:41:17:ee:76:9d:bb:c8:0a:b7:
d5:03:7a:b7:d2:37:86:e7:d2:a1:c1:19:ae:1f:f6:
6b:c4:35:5c:a8:96:ab:7f:5c:f9:1c:0f:2b:16:9e:
0a:22:6a:2d:a0:09:c8:16:e2:5a:40:d5:8b:76:f4:
b3:e9:7d:b2:2e:30:1d:9b:2d:40:c0:4d:f3:7e:59:
f3:bd:f4:e5:ba:0f:5c:ab:9b:28:d6:45:f9:bc:d9:
01:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B7:0E:9D:95:BD:FD:9B:BD:C8:A8:47:D1:9F:09:C5:1E:71:ED:DB
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/YbcOnZW9_Zu9yKhH0Z8JxR5x7ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.104.0/24
Signature Algorithm: sha256WithRSAEncryption
85:2b:db:43:70:69:60:6e:a5:a9:70:c2:a1:a0:40:e7:ca:47:
45:fa:63:ca:5a:b1:76:06:30:ec:8b:cb:f8:5a:23:c4:c9:0e:
f8:18:3b:7c:b1:aa:f4:8a:ad:61:7e:73:9a:02:5c:76:12:9b:
23:61:43:75:ea:1d:76:1f:88:b9:e9:2a:0f:0a:77:5c:30:74:
a6:ec:21:2f:e6:dc:0b:ed:a6:8d:12:d6:97:8a:4a:58:39:d8:
20:3c:76:30:9f:16:2a:31:37:61:b9:f1:7e:fd:b8:a0:5b:26:
40:39:e3:d3:87:16:cd:ef:33:fb:64:51:94:96:a5:04:b5:3a:
80:b1:ab:7b:f8:9c:ee:33:9d:7d:5f:5c:ed:62:ea:c4:2b:7b:
a4:9b:11:04:fe:0d:07:88:c8:15:bf:bb:d3:ad:b2:a9:02:d4:
de:02:84:52:9f:03:41:14:c7:52:ed:78:98:0f:c8:8d:74:a5:
13:f0:06:17:6b:bc:a3:a4:79:7f:13:bf:dc:6c:77:12:87:d2:
b7:cc:6b:d1:ef:e5:dc:47:1f:93:aa:f8:98:7d:af:59:ad:99:
bd:9c:17:9f:10:7a:ac:5e:a6:f2:e8:cf:8a:53:da:e8:d1:61:
19:0b:02:31:69:4f:c4:e0:e8:84:7f:da:8e:e4:f4:11:87:0f:
20:87:84:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks63F516E9rVr/RqmDL6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI3MGU5ZDk1YmRmZDliYmRjOGE4NDdkMTlmMDljNTFlNzFlZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8Q6Slt1Aktto4AxXcXbinEjLJ4k
+iSN+CNbmt8meMQeH6s6yIKaXaImEJ98lYVCZve32BEhpOGPvqLv0eOiWdKF4H1v
9dl+fbiGebBRH3A2Y9Qxz02lDvVUmo+VuihYOhBQoj2dEd1wdpaJMaMYHnsyPPC0
HnwMOcRoyAetRYuv6tq6ATID73TfCZ0nIsUHCg3Dy0yku9hgIv9NjDPzxj9T5Vq7
IbfGvClBF+52nbvICrfVA3q30jeG59KhwRmuH/ZrxDVcqJarf1z5HA8rFp4KImot
oAnIFuJaQNWLdvSz6X2yLjAdmy1AwE3zflnzvfTlug9cq5so1kX5vNkBowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGG3Dp2Vvf2bvcioR9GfCcUece3bMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvWWJjT25aVzlfWnU5eUtoSDBaOEp4UjV4N2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXoNoMA0G
CSqGSIb3DQEBCwUAA4IBAQCFK9tDcGlgbqWpcMKhoEDnykdF+mPKWrF2BjDsi8v4
WiPEyQ74GDt8sar0iq1hfnOaAlx2EpsjYUN16h12H4i56SoPCndcMHSm7CEv5twL
7aaNEtaXikpYOdggPHYwnxYqMTdhufF+/bigWyZAOePThxbN7zP7ZFGUlqUEtTqA
sat7+JzuM519X1ztYurEK3ukmxEE/g0HiMgVv7vTrbKpAtTeAoRSnwNBFMdS7XiY
D8iNdKUT8AYXa7yjpHl/E7/cbHcSh9K3zGvR7+XcRx+TqviYfa9ZrZm9nBefEHqs
Xqby6M+KU9ro0WEZCwIxaU/E4OiEf9qO5PQRhw8gh4TR
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:28:58 2025 by rpki-client