Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/Y1j-uGE-hHjyQXF1dqHskSD6dUQ.roa
File: Y1j-uGE-hHjyQXF1dqHskSD6dUQ.roa (raw, json)
Hash identifier: Up3WLZNSHdEK1sMiRUY44r/SHAl87NKo+QPgupCnk6U=
Subject key identifier: 63:58:FE:B8:61:3E:84:78:F2:41:71:75:76:A1:EC:91:20:FA:75:44
Certificate issuer: /CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Certificate serial: 019424449CFB4044E7B161E693FE6354B1D4
Authority key identifier: DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/Y1j-uGE-hHjyQXF1dqHskSD6dUQ.roa
Signing time: Wed 01 Jan 2025 23:47:43 +0000
ROA not before: Wed 01 Jan 2025 23:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 91.107.72.0/21 maxlen: 21
91.107.88.0/21 maxlen: 21
159.253.124.0/22 maxlen: 22
185.91.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9c:fb:40:44:e7:b1:61:e6:93:fe:63:54:b1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Validity
Not Before: Jan 1 23:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6358feb8613e8478f241717576a1ec9120fa7544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:31:ce:80:e9:c5:29:df:a5:b3:aa:a0:25:76:
95:53:ae:87:5f:60:f9:88:e4:cb:1d:00:1b:1a:3f:
a7:03:03:d1:28:21:59:3e:5a:51:1b:ae:87:d7:60:
27:e0:df:6d:39:26:b2:c1:60:f8:1e:44:b2:45:e6:
32:7f:b8:3c:49:d6:1d:25:09:0c:12:f4:94:0b:14:
67:be:ac:ef:78:62:3b:5a:88:ae:5c:78:fe:47:ea:
97:1e:74:b6:8a:72:05:9d:84:7a:6e:93:f6:d8:d4:
12:6a:de:25:38:14:ef:1e:1b:9b:04:05:94:73:d4:
cd:b4:fb:b5:40:73:55:2b:4b:25:c5:a3:d8:59:89:
00:da:0a:4d:1b:f8:82:a9:ee:c3:94:33:fd:f1:58:
86:bf:67:a1:50:aa:9b:e5:3d:11:1f:b9:3e:c7:93:
5d:a9:e1:65:ad:bd:a0:f3:1b:2b:ac:23:a1:ad:c2:
10:bb:14:28:75:e5:fa:8a:4b:99:55:c2:d2:e8:77:
3d:e9:1a:a0:61:a4:b2:4e:32:9e:33:6f:e6:ac:9b:
74:5b:70:7b:26:84:36:ce:f8:6d:42:af:68:c7:a3:
68:f0:6b:87:b7:e2:2e:46:29:ea:c1:d8:7e:3d:48:
79:ba:b0:c8:b3:63:f0:f9:bd:7f:d3:7d:41:bd:9c:
5a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:58:FE:B8:61:3E:84:78:F2:41:71:75:76:A1:EC:91:20:FA:75:44
X509v3 Authority Key Identifier:
keyid:DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/Y1j-uGE-hHjyQXF1dqHskSD6dUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.72.0/21
91.107.88.0/21
159.253.124.0/22
185.91.132.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:78:89:7a:c0:33:8a:07:49:8f:fd:60:b1:96:03:d0:30:2d:
8f:8c:7c:15:6f:be:25:a5:e5:5c:43:86:ab:4b:16:ff:6c:2f:
65:4a:4d:50:93:47:01:2e:c8:4b:76:cd:13:ee:db:fb:33:c4:
b9:b0:c6:9d:ac:14:71:20:0f:83:9a:11:8e:e4:0a:08:a6:ad:
53:d0:cb:7a:18:45:ba:60:d3:01:47:ff:b4:be:11:04:e1:4f:
89:c4:bf:03:cd:90:31:74:95:60:aa:76:a9:c6:30:48:68:62:
49:e8:26:6e:a4:34:46:4c:67:c3:70:23:ce:64:aa:6e:83:5c:
ce:16:1f:87:c8:c5:2b:8b:8a:96:81:c1:7d:34:fe:c9:dd:6b:
b4:7a:5a:90:b3:70:08:74:e3:18:ff:0a:a2:e4:c9:0e:c1:09:
ba:b2:00:eb:86:43:20:b2:a6:a3:91:fc:4f:91:ac:b3:73:89:
08:4e:f8:bb:47:cf:ea:58:92:01:66:7c:23:e3:b2:80:54:f3:
cc:cc:1a:c4:1b:08:30:5a:28:cf:eb:ea:8f:14:4b:3d:22:e8:
66:b6:e9:53:8a:30:bf:58:8a:3d:80:9e:b4:98:8c:c3:a8:7a:
d7:e6:dc:23:51:64:5d:4a:d0:89:1b:25:22:70:e4:29:53:2e:
04:e3:55:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRJz7QETnsWHmk/5jVLHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGE5NzhiOWNlNWQyNmViY2FhZDBjY2I2NzkxOGE5ZGYz
MThmODYwHhcNMjUwMTAxMjM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU4ZmViODYxM2U4NDc4ZjI0MTcxNzU3NmExZWM5MTIwZmE3NTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTHOgOnFKd+ls6qgJXaVU66HX2D5
iOTLHQAbGj+nAwPRKCFZPlpRG66H12An4N9tOSaywWD4HkSyReYyf7g8SdYdJQkM
EvSUCxRnvqzveGI7WoiuXHj+R+qXHnS2inIFnYR6bpP22NQSat4lOBTvHhubBAWU
c9TNtPu1QHNVK0slxaPYWYkA2gpNG/iCqe7DlDP98ViGv2ehUKqb5T0RH7k+x5Nd
qeFlrb2g8xsrrCOhrcIQuxQodeX6ikuZVcLS6Hc96RqgYaSyTjKeM2/mrJt0W3B7
JoQ2zvhtQq9ox6No8GuHt+IuRinqwdh+PUh5urDIs2Pw+b1/031BvZxaMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGNY/rhhPoR48kFxdXah7JEg+nVEMB8GA1UdIwQY
MBaAFNqKl4uc5dJuvKrQzLZ5GKnfMY+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEt
Yjc4ZGFjMzdlYWM4LzEvWTFqLXVHRS1oSGp5UVhGMWRxSHNrU0Q2ZFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEtYjc4ZGFjMzdlYWM4
LzEvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2tIAwQD
W2tYAwQCn/18AwQCuVuEMA0GCSqGSIb3DQEBCwUAA4IBAQCteIl6wDOKB0mP/WCx
lgPQMC2PjHwVb74lpeVcQ4arSxb/bC9lSk1Qk0cBLshLds0T7tv7M8S5sMadrBRx
IA+DmhGO5AoIpq1T0Mt6GEW6YNMBR/+0vhEE4U+JxL8DzZAxdJVgqnapxjBIaGJJ
6CZupDRGTGfDcCPOZKpug1zOFh+HyMUri4qWgcF9NP7J3Wu0elqQs3AIdOMY/wqi
5MkOwQm6sgDrhkMgsqajkfxPkayzc4kITvi7R8/qWJIBZnwj47KAVPPMzBrEGwgw
WijP6+qPFEs9IuhmtulTijC/WIo9gJ60mIzDqHrX5twjUWRdStCJGyUicOQpUy4E
41Wr
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:44 2025 by rpki-client