Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/yll503ISaq2wNzfEAk_Qb_MtGbg.roa
File: yll503ISaq2wNzfEAk_Qb_MtGbg.roa (raw, json)
Hash identifier: LYtS+Gvc0u0aK5E+MP2oP4ZNnIbSc6rSwiTMseFfpYs=
Subject key identifier: CA:59:79:D3:72:12:6A:AD:B0:37:37:C4:02:4F:D0:6F:F3:2D:19:B8
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 019423D6C45B346248C4D2632415F9868762
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/yll503ISaq2wNzfEAk_Qb_MtGbg.roa
Signing time: Wed 01 Jan 2025 21:47:45 +0000
ROA not before: Wed 01 Jan 2025 21:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 185.172.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c4:5b:34:62:48:c4:d2:63:24:15:f9:86:87:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: Jan 1 21:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca5979d372126aadb03737c4024fd06ff32d19b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:07:85:e3:25:cd:b5:97:2d:59:bd:58:d1:46:
09:5c:f4:38:34:19:dd:b8:4b:6c:cb:42:18:96:9b:
71:76:6f:14:6f:1e:84:4b:fa:ba:3a:66:c9:a9:13:
70:99:39:bf:12:6f:1a:cc:9f:18:52:2c:56:ac:31:
0f:b1:55:3f:27:87:8a:72:0c:24:69:7f:9d:24:46:
dc:14:19:b9:0a:cc:d1:94:12:a6:13:1b:ff:97:95:
04:b6:71:2d:cf:0e:fb:f2:9d:c9:26:da:46:25:df:
34:86:f6:ba:3c:19:db:27:50:36:ee:3a:9e:0a:fa:
8b:5c:86:03:33:bf:83:95:5c:41:20:b9:56:e4:c7:
fd:a1:67:3e:f2:3e:42:5a:00:5d:78:2e:44:2a:10:
f7:9e:20:47:bd:47:56:5d:10:ba:33:33:86:98:c9:
f5:5e:81:42:8d:15:93:1c:da:8b:b3:92:0b:bb:1d:
34:07:bb:d9:7f:66:4d:66:80:11:b0:60:23:b0:af:
0b:8a:86:9f:50:50:f5:d8:a1:cb:ae:46:53:c4:a0:
2e:4c:fd:fc:c9:95:19:67:e7:76:74:51:62:66:df:
b0:d9:ec:92:3e:d0:c0:14:23:16:4f:69:7b:93:c8:
98:3e:6c:55:4b:c8:04:31:45:fb:50:69:51:7d:58:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:59:79:D3:72:12:6A:AD:B0:37:37:C4:02:4F:D0:6F:F3:2D:19:B8
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/yll503ISaq2wNzfEAk_Qb_MtGbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.227.0/24
Signature Algorithm: sha256WithRSAEncryption
84:63:ef:44:65:96:9d:e4:09:6b:ec:97:42:ea:a4:b5:fa:85:
20:3c:e1:65:a0:dc:9a:d1:db:99:a4:5f:2c:c5:64:16:72:45:
65:2d:40:49:95:63:1b:04:d4:30:b0:fa:6a:bc:d6:43:1d:cd:
78:28:bd:f3:22:b1:87:25:04:77:8c:51:9f:ec:13:18:12:e9:
55:23:bf:7f:3d:b9:60:1a:a8:04:62:dc:cf:78:59:1a:e0:48:
6d:19:7c:8f:af:ec:24:f6:e8:15:55:28:dd:6b:24:40:d2:8d:
9d:05:03:dd:77:6c:6e:53:bd:45:c9:ae:5f:85:6c:11:07:df:
5d:82:86:4c:05:f3:1c:da:90:b1:d8:ec:1d:18:35:cc:e1:f6:
c4:66:c6:3d:42:94:1d:4b:38:bc:7a:75:ea:00:8f:59:6b:d3:
8f:f5:8b:6f:19:54:79:12:84:9c:bc:9e:5c:4d:83:1a:55:b1:
ea:19:d4:99:3a:28:01:19:3e:2e:69:8c:82:d9:9b:c6:c5:03:
50:75:29:f9:57:a3:2a:a2:94:99:5b:e0:81:fb:86:27:b2:b0:
74:90:5e:06:13:12:39:a1:87:1a:60:ff:c6:eb:08:c7:5b:42:
4e:67:5b:53:84:65:00:63:96:fc:7e:c8:81:7f:c5:f6:e7:96:
c2:3f:9e:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sRbNGJIxNJjJBX5hodiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjUwMTAxMjE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTU5NzlkMzcyMTI2YWFkYjAzNzM3YzQwMjRmZDA2ZmYzMmQxOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AeF4yXNtZctWb1Y0UYJXPQ4NBnd
uEtsy0IYlptxdm8Ubx6ES/q6OmbJqRNwmTm/Em8azJ8YUixWrDEPsVU/J4eKcgwk
aX+dJEbcFBm5CszRlBKmExv/l5UEtnEtzw778p3JJtpGJd80hva6PBnbJ1A27jqe
CvqLXIYDM7+DlVxBILlW5Mf9oWc+8j5CWgBdeC5EKhD3niBHvUdWXRC6MzOGmMn1
XoFCjRWTHNqLs5ILux00B7vZf2ZNZoARsGAjsK8LioafUFD12KHLrkZTxKAuTP38
yZUZZ+d2dFFiZt+w2eySPtDAFCMWT2l7k8iYPmxVS8gEMUX7UGlRfVhSAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpZedNyEmqtsDc3xAJP0G/zLRm4MB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEveWxsNTAzSVNhcTJ3TnpmRUFrX1FiX010R2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuazjMA0G
CSqGSIb3DQEBCwUAA4IBAQCEY+9EZZad5Alr7JdC6qS1+oUgPOFloNya0duZpF8s
xWQWckVlLUBJlWMbBNQwsPpqvNZDHc14KL3zIrGHJQR3jFGf7BMYEulVI79/Pblg
GqgEYtzPeFka4EhtGXyPr+wk9ugVVSjdayRA0o2dBQPdd2xuU71Fya5fhWwRB99d
goZMBfMc2pCx2OwdGDXM4fbEZsY9QpQdSzi8enXqAI9Za9OP9YtvGVR5EoScvJ5c
TYMaVbHqGdSZOigBGT4uaYyC2ZvGxQNQdSn5V6MqopSZW+CB+4YnsrB0kF4GExI5
oYcaYP/G6wjHW0JOZ1tThGUAY5b8fsiBf8X255bCP549
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:39:43 2025 by rpki-client