Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/YU0ymXaczDxniPQtB_xa4RTEU2Q.roa
File: YU0ymXaczDxniPQtB_xa4RTEU2Q.roa (raw, json)
Hash identifier: +3YrNwFP0+tuTgevzTw2FGRwOLOaLfupz3GSxL5OXLE=
Subject key identifier: 61:4D:32:99:76:9C:CC:3C:67:88:F4:2D:07:FC:5A:E1:14:C4:53:64
Certificate issuer: /CN=4c6b6371b945a35e9df308ff43803e2617851069
Certificate serial: 0194221FD6934CE6F74C6E8FAFE7E86BD79A
Authority key identifier: 4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/YU0ymXaczDxniPQtB_xa4RTEU2Q.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 194.182.152.0/23 maxlen: 23
194.182.152.0/24 maxlen: 24
194.182.153.0/24 maxlen: 24
2a10:cf80:1001::/48 maxlen: 48
2a10:cf80:2001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d6:93:4c:e6:f7:4c:6e:8f:af:e7:e8:6b:d7:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c6b6371b945a35e9df308ff43803e2617851069
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=614d3299769ccc3c6788f42d07fc5ae114c45364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:43:f7:15:a7:55:3e:53:c9:97:85:38:98:1c:
44:9b:42:6e:a2:c4:68:a9:8c:7a:99:a4:bb:95:c8:
ea:06:5e:5d:3f:cf:0a:09:95:12:64:6b:79:14:39:
78:30:a3:11:ef:d8:5c:81:77:d0:3d:c9:b1:a7:cb:
03:e1:51:07:e4:cf:57:c4:5d:b8:ee:de:1a:0e:75:
78:be:37:a3:4d:6e:ed:94:c3:66:1a:b4:3c:d9:96:
37:06:13:47:32:b0:59:d8:cc:28:51:f2:68:3d:0c:
27:19:26:08:3f:a2:8a:d0:d5:19:dd:25:1c:fd:a2:
a1:46:82:fa:99:7d:34:b1:d2:99:5d:92:10:7a:eb:
a5:69:d6:82:58:56:bd:a3:20:5f:67:42:19:f7:73:
c0:32:31:75:b2:6d:06:8c:e2:bd:8b:db:ee:3e:7d:
0c:10:92:f4:a5:fb:1b:8e:8c:ba:83:4d:87:fa:1d:
46:36:d0:2d:63:cb:b9:ce:dc:bd:72:4f:5b:d0:6b:
4c:c6:9b:95:2d:20:30:58:53:73:70:81:d5:2e:55:
45:6a:6f:ad:c8:4e:6a:b6:f0:27:e4:b1:08:09:c3:
9f:88:42:51:08:87:7a:eb:55:ca:03:fb:13:5b:db:
a6:64:4a:48:c9:cf:89:8b:6e:87:9c:50:47:bb:63:
f4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4D:32:99:76:9C:CC:3C:67:88:F4:2D:07:FC:5A:E1:14:C4:53:64
X509v3 Authority Key Identifier:
keyid:4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/YU0ymXaczDxniPQtB_xa4RTEU2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.182.152.0/23
IPv6:
2a10:cf80:1001::/48
2a10:cf80:2001::/48
Signature Algorithm: sha256WithRSAEncryption
4a:23:1e:d7:02:7d:65:4d:b6:b7:74:8b:8f:05:fc:fd:8d:b1:
8c:a0:ae:48:fa:28:7e:c9:bf:1b:9e:85:c1:f3:a3:04:c8:1e:
09:9d:f1:5e:7d:82:2d:b4:e9:97:f0:a8:6e:d1:94:10:b7:63:
74:d0:48:3a:22:ea:d9:b2:fd:6f:c7:a0:64:ff:3f:c4:c9:c5:
86:5d:8f:8a:75:1f:a4:84:63:0a:02:96:c8:eb:f2:1a:fd:21:
45:d5:78:c7:c7:1b:ca:b1:10:f2:ed:21:a9:5a:f6:20:cd:83:
2f:0d:dd:46:af:c3:85:ca:4a:cc:d1:9c:f1:b4:f2:21:5c:e5:
6e:39:fb:0b:d1:88:b8:59:e3:4e:47:b2:cf:3e:77:58:a3:cc:
5a:c9:6a:52:67:7c:f3:22:e8:ff:3e:bc:8c:54:14:5f:39:e3:
11:c2:01:4f:ad:81:27:1d:ac:fb:f2:6a:d1:90:f1:b5:31:cd:
01:80:09:ea:2a:f4:9c:34:5e:4f:70:38:d2:ad:04:76:29:2a:
d6:94:f8:51:0c:3a:63:e9:b6:22:65:e9:9f:8b:3f:4d:f5:10:
0e:22:17:37:2d:85:83:50:86:8c:5e:a1:a3:75:b3:2a:15:2e:
e7:80:c5:82:15:f2:30:a1:09:10:91:d6:b4:0e:56:2d:01:c0:
e1:96:6a:96
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQiH9aTTOb3TG6Pr+foa9eaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNmI2MzcxYjk0NWEzNWU5ZGYzMDhmZjQzODAzZTI2MTc4
NTEwNjkwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRkMzI5OTc2OWNjYzNjNjc4OGY0MmQwN2ZjNWFlMTE0YzQ1MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUP3FadVPlPJl4U4mBxEm0JuosRo
qYx6maS7lcjqBl5dP88KCZUSZGt5FDl4MKMR79hcgXfQPcmxp8sD4VEH5M9XxF24
7t4aDnV4vjejTW7tlMNmGrQ82ZY3BhNHMrBZ2MwoUfJoPQwnGSYIP6KK0NUZ3SUc
/aKhRoL6mX00sdKZXZIQeuuladaCWFa9oyBfZ0IZ93PAMjF1sm0GjOK9i9vuPn0M
EJL0pfsbjoy6g02H+h1GNtAtY8u5zty9ck9b0GtMxpuVLSAwWFNzcIHVLlVFam+t
yE5qtvAn5LEICcOfiEJRCId661XKA/sTW9umZEpIyc+Ji26HnFBHu2P0cwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGFNMpl2nMw8Z4j0LQf8WuEUxFNkMB8GA1UdIwQY
MBaAFExrY3G5RaNenfMI/0OAPiYXhRBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3Mjct
ZDk2MzkzYWYyZjIwLzEvWVUweW1YYWN6RHhuaVBRdEJfeGE0UlRFVTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3MjctZDk2MzkzYWYyZjIw
LzEvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwraYMBgE
AgACMBIDBwAqEM+AEAEDBwAqEM+AIAEwDQYJKoZIhvcNAQELBQADggEBAEojHtcC
fWVNtrd0i48F/P2NsYygrkj6KH7JvxuehcHzowTIHgmd8V59gi206ZfwqG7RlBC3
Y3TQSDoi6tmy/W/HoGT/P8TJxYZdj4p1H6SEYwoClsjr8hr9IUXVeMfHG8qxEPLt
Iala9iDNgy8N3Uavw4XKSszRnPG08iFc5W45+wvRiLhZ405Hss8+d1ijzFrJalJn
fPMi6P8+vIxUFF854xHCAU+tgScdrPvyatGQ8bUxzQGACeoq9Jw0Xk9wONKtBHYp
KtaU+FEMOmPptiJl6Z+LP031EA4iFzcthYNQhoxeoaN1syoVLueAxYIV8jChCRCR
1rQOVi0BwOGWapY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:03:43 2025 by rpki-client