Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/ysmv8pVpOBMqQ9sWsS6x7ZzfCkE.roa
File: ysmv8pVpOBMqQ9sWsS6x7ZzfCkE.roa (raw, json)
Hash identifier: l1esLwaLrNWre2KIEqdSBUJWZATlA9afvfAUu1SgNbA=
Subject key identifier: CA:C9:AF:F2:95:69:38:13:2A:43:DB:16:B1:2E:B1:ED:9C:DF:0A:41
Certificate issuer: /CN=bab73676fabaf12056edbb9c79d7154fede01f2c
Certificate serial: 0194282785E1A05DB1742D8E6E0309E9C3CA
Authority key identifier: BA:B7:36:76:FA:BA:F1:20:56:ED:BB:9C:79:D7:15:4F:ED:E0:1F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urc2dvq68SBW7bucedcVT-3gHyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/ysmv8pVpOBMqQ9sWsS6x7ZzfCkE.roa
Signing time: Thu 02 Jan 2025 17:54:26 +0000
ROA not before: Thu 02 Jan 2025 17:54:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47935
IP address blocks: 185.106.134.0/24 maxlen: 24
2a10:1680::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:85:e1:a0:5d:b1:74:2d:8e:6e:03:09:e9:c3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab73676fabaf12056edbb9c79d7154fede01f2c
Validity
Not Before: Jan 2 17:54:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cac9aff2956938132a43db16b12eb1ed9cdf0a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:06:84:03:62:c8:99:98:db:45:80:72:60:
05:cc:b9:da:1e:99:dd:cd:65:d2:c4:e6:46:ce:4f:
5e:95:13:60:56:66:31:d9:af:b4:45:8e:4b:dc:08:
75:38:0c:01:85:e1:54:b3:b0:f0:bd:7f:6a:a3:c7:
12:04:a7:87:92:62:b9:5c:0e:95:67:ee:a2:cb:cd:
2c:4f:2c:c7:6d:68:58:29:5c:62:ce:0d:26:84:44:
dc:17:76:be:0a:fd:74:f9:54:d2:9c:6a:4a:12:bd:
6b:d1:db:7b:e3:62:74:be:94:7e:f7:3d:a5:d7:e3:
5b:32:8b:e5:ba:7d:88:43:94:de:d1:29:5d:48:65:
20:b3:1c:33:13:c7:ba:b8:95:15:00:fc:d5:28:d5:
43:43:c6:81:28:0d:b7:ed:17:63:1c:6f:ba:1c:40:
8c:e9:98:ab:7f:ab:33:85:36:c5:d1:9b:c5:95:62:
73:49:c6:16:e6:36:f3:a3:cb:32:ca:21:13:9a:a8:
2f:a0:5f:ab:19:e3:c0:fa:bd:3d:17:a5:41:fa:80:
8f:d0:db:6a:82:c7:1e:a7:15:c6:7c:a6:1d:5e:e3:
e7:e1:74:a2:f0:4b:86:52:23:7c:99:b6:e6:a7:e8:
cd:37:69:7b:bd:82:ae:b6:68:29:0f:b4:69:f6:4f:
0a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C9:AF:F2:95:69:38:13:2A:43:DB:16:B1:2E:B1:ED:9C:DF:0A:41
X509v3 Authority Key Identifier:
keyid:BA:B7:36:76:FA:BA:F1:20:56:ED:BB:9C:79:D7:15:4F:ED:E0:1F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urc2dvq68SBW7bucedcVT-3gHyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/ysmv8pVpOBMqQ9sWsS6x7ZzfCkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/93f8fb-d424-4dab-9a0e-0f5be224f820/1/urc2dvq68SBW7bucedcVT-3gHyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.134.0/24
IPv6:
2a10:1680::/32
Signature Algorithm: sha256WithRSAEncryption
6a:fe:bb:c0:ac:c1:67:d3:2e:fe:82:1b:f9:ff:cb:d9:46:ac:
a3:a7:64:35:ca:33:6f:21:71:a2:11:fb:81:9b:7f:d9:ea:c3:
6d:b5:41:b8:d7:fe:34:85:f3:8b:67:a9:be:cd:f8:e4:6b:9d:
e0:43:8f:d2:36:1a:35:4e:f4:7c:fd:86:a5:5d:54:41:86:c9:
3f:3b:6a:cd:36:a0:02:f4:1f:fb:e2:1c:32:d8:de:1b:54:64:
bb:66:89:16:c1:bb:6e:79:90:4f:38:cc:d6:1f:1b:17:93:fd:
d8:7c:c0:30:c4:e0:9a:a7:a5:80:cc:da:66:49:61:23:b8:ed:
f7:da:01:af:eb:f7:17:5b:99:54:06:b7:3c:f2:01:4e:e3:3b:
cd:32:60:18:8b:b9:df:80:ef:8e:e2:a8:c3:2b:b1:d3:38:de:
52:e1:27:c0:e7:0c:c4:e8:7a:bc:26:82:27:6d:dd:51:6b:e7:
84:75:75:16:03:65:41:b0:dd:d1:3b:01:08:79:3d:5a:16:67:
6e:f0:e9:85:99:23:32:ee:26:26:99:66:88:8b:47:e9:05:bb:
1e:87:58:4e:ba:a8:c3:3a:eb:2a:18:4a:54:55:8a:2b:ac:b4:
97:6e:2c:85:60:72:40:e7:71:4d:a3:fb:ba:43:f2:ab:ed:e3:
6c:3f:d1:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJ4XhoF2xdC2ObgMJ6cPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjczNjc2ZmFiYWYxMjA1NmVkYmI5Yzc5ZDcxNTRmZWRl
MDFmMmMwHhcNMjUwMTAyMTc1NDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM5YWZmMjk1NjkzODEzMmE0M2RiMTZiMTJlYjFlZDljZGYwYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc0GhANiyJmY20WAcmAFzLnaHpnd
zWXSxOZGzk9elRNgVmYx2a+0RY5L3Ah1OAwBheFUs7DwvX9qo8cSBKeHkmK5XA6V
Z+6iy80sTyzHbWhYKVxizg0mhETcF3a+Cv10+VTSnGpKEr1r0dt742J0vpR+9z2l
1+NbMovlun2IQ5Te0SldSGUgsxwzE8e6uJUVAPzVKNVDQ8aBKA237RdjHG+6HECM
6Zirf6szhTbF0ZvFlWJzScYW5jbzo8syyiETmqgvoF+rGePA+r09F6VB+oCP0Ntq
gscepxXGfKYdXuPn4XSi8EuGUiN8mbbmp+jNN2l7vYKutmgpD7Rp9k8KtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMrJr/KVaTgTKkPbFrEuse2c3wpBMB8GA1UdIwQY
MBaAFLq3Nnb6uvEgVu27nHnXFU/t4B8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJjMmR2cTY4U0JXN2J1Y2VkY1ZULTNnSHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85M2Y4ZmItZDQyNC00ZGFiLTlhMGUt
MGY1YmUyMjRmODIwLzEveXNtdjhwVnBPQk1xUTlzV3NTNng3WnpmQ2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85M2Y4ZmItZDQyNC00ZGFiLTlhMGUtMGY1YmUyMjRmODIw
LzEvdXJjMmR2cTY4U0JXN2J1Y2VkY1ZULTNnSHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWqGMA0E
AgACMAcDBQAqEBaAMA0GCSqGSIb3DQEBCwUAA4IBAQBq/rvArMFn0y7+ghv5/8vZ
Rqyjp2Q1yjNvIXGiEfuBm3/Z6sNttUG41/40hfOLZ6m+zfjka53gQ4/SNho1TvR8
/YalXVRBhsk/O2rNNqAC9B/74hwy2N4bVGS7ZokWwbtueZBPOMzWHxsXk/3YfMAw
xOCap6WAzNpmSWEjuO332gGv6/cXW5lUBrc88gFO4zvNMmAYi7nfgO+O4qjDK7HT
ON5S4SfA5wzE6Hq8JoInbd1Ra+eEdXUWA2VBsN3ROwEIeT1aFmdu8OmFmSMy7iYm
mWaIi0fpBbseh1hOuqjDOusqGEpUVYorrLSXbiyFYHJA53FNo/u6Q/Kr7eNsP9G+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:01 2025 by rpki-client