Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yb-tuGxII5r4J70gfuceEMK8048.roa
File: yb-tuGxII5r4J70gfuceEMK8048.roa (raw, json)
Hash identifier: QLqXn/fm6qO7p5fUWNAe4Jmxz24osyPFtoJ7cN/kXHo=
Subject key identifier: C9:BF:AD:B8:6C:48:23:9A:F8:27:BD:20:7E:E7:1E:10:C2:BC:D3:8F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095B592B6DB8A35E47569857EC6B359
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yb-tuGxII5r4J70gfuceEMK8048.roa
Signing time: Mon 02 Jan 2023 03:45:37 +0000
ROA not before: Mon 02 Jan 2023 03:45:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210768
IP address blocks: 93.170.191.0/24 maxlen: 24
95.46.36.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:b5:92:b6:db:8a:35:e4:75:69:85:7e:c6:b3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9bfadb86c48239af827bd207ee71e10c2bcd38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6f:ff:6c:e1:ba:ce:81:bf:c6:66:17:2d:4c:
f7:da:5b:20:27:fe:a4:f2:4d:ee:c1:ac:cc:36:95:
83:76:a6:88:af:29:7e:68:25:96:32:bf:c0:09:bf:
6f:89:29:26:19:71:71:68:e4:35:58:54:cf:10:b9:
b9:36:54:98:90:6c:c0:f9:97:86:19:3f:ed:b9:63:
27:a1:d4:ec:06:60:f5:c4:59:1e:6c:0a:01:94:db:
e3:83:a8:7c:13:c9:aa:b3:29:81:20:4e:0e:e3:8b:
9f:37:8d:42:1c:ed:6e:4f:77:a7:30:cb:39:4e:9e:
8f:5c:23:b3:b9:dd:e2:1e:79:58:f5:85:29:86:7c:
42:bc:ac:3e:3f:2d:b1:22:e4:28:1f:bc:94:c0:28:
c3:83:e0:8b:7d:7b:2d:93:23:57:2a:47:41:c6:fd:
a6:cd:dc:50:60:f1:db:c7:49:7e:d8:da:b5:00:fa:
db:b4:32:c5:b9:11:d1:d8:b5:7c:11:f2:c5:74:9c:
63:ac:96:0c:3b:e5:0d:de:55:a0:64:c8:a8:0f:30:
81:43:e8:50:d8:59:34:21:ae:9c:0b:1a:d6:6a:12:
05:18:ce:a0:a9:99:a3:a3:20:f4:0a:bf:1d:0f:fe:
ca:7b:0f:fc:1a:a3:7b:af:58:19:01:fb:f3:1a:fe:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BF:AD:B8:6C:48:23:9A:F8:27:BD:20:7E:E7:1E:10:C2:BC:D3:8F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/yb-tuGxII5r4J70gfuceEMK8048.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.191.0/24
95.46.36.0/23
Signature Algorithm: sha256WithRSAEncryption
02:f4:a5:76:1b:58:69:6c:ed:ec:6c:76:ed:0c:87:d4:17:dd:
c5:94:80:06:48:41:5a:36:de:47:90:08:73:18:d1:cd:e7:01:
94:8c:e1:52:8b:a7:5f:dd:05:14:16:95:a8:45:30:45:fd:e7:
06:ec:ce:3d:48:f4:37:59:49:7c:b9:4b:53:fb:6d:f1:87:de:
65:6f:06:b0:d2:5c:17:a3:2e:0c:74:63:bb:bc:7d:91:71:aa:
fd:b2:c7:06:51:72:c1:83:eb:7e:26:23:a6:bb:49:6e:ff:83:
67:27:b8:67:ca:d8:24:3d:bb:82:57:10:c9:f9:06:4f:37:d6:
80:a5:30:f1:e3:ef:f4:5c:44:19:77:9d:21:a9:29:2f:ad:0c:
62:3e:f0:a5:08:76:bc:ee:86:3b:d9:59:69:ed:5f:03:f6:46:
ea:36:fa:5b:a7:b1:91:86:ce:b7:74:f4:f0:9b:19:1c:ec:3a:
1f:8c:5d:3d:17:b4:61:90:02:dc:ab:03:16:06:cc:91:e2:e4:
e6:1a:f6:0f:d5:e2:20:52:1f:b5:d5:53:69:7e:6a:33:d7:9c:
b9:3d:a8:aa:db:11:25:42:cf:ff:43:7e:83:c8:37:35:cf:7e:
ac:ef:1d:10:2a:80:b5:c4:38:58:9f:8e:e2:ee:95:88:c4:b7:
57:67:4e:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlbWSttuKNeR1aYV+xrNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJmYWRiODZjNDgyMzlhZjgyN2JkMjA3ZWU3MWUxMGMyYmNkMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2//bOG6zoG/xmYXLUz32lsgJ/6k
8k3uwazMNpWDdqaIryl+aCWWMr/ACb9viSkmGXFxaOQ1WFTPELm5NlSYkGzA+ZeG
GT/tuWMnodTsBmD1xFkebAoBlNvjg6h8E8mqsymBIE4O44ufN41CHO1uT3enMMs5
Tp6PXCOzud3iHnlY9YUphnxCvKw+Py2xIuQoH7yUwCjDg+CLfXstkyNXKkdBxv2m
zdxQYPHbx0l+2Nq1APrbtDLFuRHR2LV8EfLFdJxjrJYMO+UN3lWgZMioDzCBQ+hQ
2Fk0Ia6cCxrWahIFGM6gqZmjoyD0Cr8dD/7Kew/8GqN7r1gZAfvzGv5glwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMm/rbhsSCOa+Ce9IH7nHhDCvNOPMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveWItdHVHeElJNXI0SjcwZ2Z1Y2VFTUs4MDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXaq/AwQB
Xy4kMA0GCSqGSIb3DQEBCwUAA4IBAQAC9KV2G1hpbO3sbHbtDIfUF93FlIAGSEFa
Nt5HkAhzGNHN5wGUjOFSi6df3QUUFpWoRTBF/ecG7M49SPQ3WUl8uUtT+23xh95l
bwaw0lwXoy4MdGO7vH2Rcar9sscGUXLBg+t+JiOmu0lu/4NnJ7hnytgkPbuCVxDJ
+QZPN9aApTDx4+/0XEQZd50hqSkvrQxiPvClCHa87oY72Vlp7V8D9kbqNvpbp7GR
hs63dPTwmxkc7DofjF09F7RhkALcqwMWBsyR4uTmGvYP1eIgUh+11VNpfmoz15y5
Paiq2xElQs//Q36DyDc1z36s7x0QKoC1xDhYn47i7pWIxLdXZ06G
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:13 2025 by rpki-client