Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/YPHOfn8vNSyXedTPMRrZn1d32R8.roa
File: YPHOfn8vNSyXedTPMRrZn1d32R8.roa (raw, json)
Hash identifier: +SU3Gtb9zLJA/pqMo4r8oJi4+GamTZrRP9s0S75fJjU=
Subject key identifier: 60:F1:CE:7E:7F:2F:35:2C:97:79:D4:CF:31:1A:D9:9F:57:77:D9:1F
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 019397046E978C26145190B414658BA68EC1
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/YPHOfn8vNSyXedTPMRrZn1d32R8.roa
Signing time: Thu 05 Dec 2024 13:31:10 +0000
ROA not before: Thu 05 Dec 2024 13:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.19.56.0/21 maxlen: 24
23.19.56.0/24 maxlen: 24
23.19.59.0/24 maxlen: 24
23.19.62.0/24 maxlen: 24
23.106.32.0/21 maxlen: 21
23.106.56.0/21 maxlen: 21
23.106.232.0/21 maxlen: 21
81.17.56.0/21 maxlen: 24
81.17.56.0/22 maxlen: 22
81.17.60.0/24 maxlen: 24
81.17.61.0/24 maxlen: 24
81.17.62.0/24 maxlen: 24
81.17.63.0/24 maxlen: 24
95.168.176.0/20 maxlen: 24
95.168.176.0/21 maxlen: 21
95.168.184.0/24 maxlen: 24
95.168.185.0/24 maxlen: 24
95.168.186.0/23 maxlen: 23
95.168.186.0/24 maxlen: 24
95.168.187.0/24 maxlen: 24
95.168.188.0/22 maxlen: 22
173.208.48.0/21 maxlen: 21
173.234.16.0/21 maxlen: 24
173.234.16.0/24 maxlen: 24
173.234.17.0/24 maxlen: 24
173.234.18.0/23 maxlen: 23
173.234.18.0/24 maxlen: 24
173.234.19.0/24 maxlen: 24
173.234.20.0/23 maxlen: 23
173.234.22.0/23 maxlen: 23
173.234.72.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
185.222.24.0/22 maxlen: 24
185.222.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:04:6e:97:8c:26:14:51:90:b4:14:65:8b:a6:8e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Dec 5 13:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f1ce7e7f2f352c9779d4cf311ad99f5777d91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:27:c2:b5:05:31:7f:c0:ee:7a:00:c0:10:47:
60:5d:00:a9:f3:95:d4:c3:09:c5:13:6d:76:ed:f5:
d2:8d:81:4e:3e:1e:49:23:8c:04:66:06:b6:39:9a:
2d:1a:ab:96:ba:50:50:e6:cf:63:a1:f0:36:84:ce:
a7:ff:14:80:69:99:fe:fc:3e:56:c8:ab:f3:0d:17:
39:e3:a1:d6:e8:49:fe:02:a8:e7:06:30:15:34:14:
e1:4c:d3:50:fc:05:9f:54:16:80:37:3a:0c:79:dc:
0b:c1:19:57:a2:4f:8f:80:00:a0:b1:39:ec:70:07:
96:4b:8c:cc:d1:07:52:1f:c3:f2:1a:e3:6c:2b:7e:
89:8a:01:fa:a4:a7:4a:ba:21:ff:0f:c4:93:72:02:
c5:71:ed:18:e3:1b:df:05:a0:79:d7:3e:d0:20:b0:
ba:60:06:68:6f:da:60:08:86:73:9a:f1:18:8e:60:
6b:e5:ef:73:82:e8:07:9e:6a:0b:77:f0:d5:97:6b:
17:86:36:36:32:cd:03:f2:d6:22:63:5a:dc:da:d2:
e1:94:f9:b6:1b:43:df:74:55:ca:14:5c:7a:14:01:
f0:96:67:58:23:99:b0:21:d3:1a:2a:cf:55:64:a7:
1e:9a:fc:f3:26:14:b5:36:7c:ec:65:b0:77:6b:5b:
1b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F1:CE:7E:7F:2F:35:2C:97:79:D4:CF:31:1A:D9:9F:57:77:D9:1F
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/YPHOfn8vNSyXedTPMRrZn1d32R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.19.56.0/21
23.106.32.0/21
23.106.56.0/21
23.106.232.0/21
81.17.56.0/21
95.168.176.0/20
173.208.48.0/21
173.234.16.0/21
173.234.72.0/21
173.234.136.0/21
185.222.24.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:b7:5e:4f:24:a0:25:f2:f5:25:aa:77:2d:f4:79:04:2a:c0:
3d:66:5e:ea:f9:c8:21:33:18:bc:9c:19:90:95:19:06:bb:55:
87:b3:e6:e6:27:17:63:d3:15:0b:1c:01:68:89:66:02:a5:1f:
61:fe:d7:f9:da:4d:f3:38:3f:9a:3a:b2:19:dd:b3:97:e4:5e:
82:01:a1:4e:4b:22:60:8a:ac:96:83:2e:46:f8:49:7d:0c:d1:
68:84:fb:65:ec:ff:96:90:36:e8:4a:39:c4:ac:0d:49:97:cf:
6d:10:d5:aa:35:fb:5a:c4:ff:46:87:66:cd:a1:3e:6d:8b:cf:
6f:ba:8e:2d:bf:90:21:ab:b0:eb:c9:1d:cf:d8:8d:d5:18:89:
bc:90:9f:b9:1f:8d:85:91:69:1b:cd:76:4b:77:24:32:dd:f7:
82:0c:ce:6d:5c:03:19:2c:24:08:b4:85:be:7b:44:ea:e3:ea:
b1:ae:a6:b4:ad:d9:3d:ca:d2:42:fb:b0:8e:68:82:d6:60:a1:
35:73:1c:a8:79:9d:cd:d9:89:70:df:85:85:8a:12:b0:06:15:
8d:34:6d:4e:fb:0f:68:1a:f4:38:ba:13:4f:71:6c:f0:11:2b:
8a:91:8d:b5:2a:2c:49:88:69:ba:09:95:fa:14:82:21:06:fe:
23:fb:a5:47
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZOXBG6XjCYUUZC0FGWLpo7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQxMjA1MTMzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGYxY2U3ZTdmMmYzNTJjOTc3OWQ0Y2YzMTFhZDk5ZjU3NzdkOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCfCtQUxf8DuegDAEEdgXQCp85XU
wwnFE2127fXSjYFOPh5JI4wEZga2OZotGquWulBQ5s9jofA2hM6n/xSAaZn+/D5W
yKvzDRc546HW6En+AqjnBjAVNBThTNNQ/AWfVBaANzoMedwLwRlXok+PgACgsTns
cAeWS4zM0QdSH8PyGuNsK36JigH6pKdKuiH/D8STcgLFce0Y4xvfBaB51z7QILC6
YAZob9pgCIZzmvEYjmBr5e9zgugHnmoLd/DVl2sXhjY2Ms0D8tYiY1rc2tLhlPm2
G0PfdFXKFFx6FAHwlmdYI5mwIdMaKs9VZKcemvzzJhS1NnzsZbB3a1sb/QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGDxzn5/LzUsl3nUzzEa2Z9Xd9kfMB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvWVBIT2ZuOHZOU3lYZWRUUE1SclpuMWQzMlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDFxM4AwQD
F2ogAwQDF2o4AwQDF2roAwQDURE4AwQEX6iwAwQDrdAwAwQDreoQAwQDrepIAwQD
reqIAwQCud4YMA0GCSqGSIb3DQEBCwUAA4IBAQBct15PJKAl8vUlqnct9HkEKsA9
Zl7q+cghMxi8nBmQlRkGu1WHs+bmJxdj0xULHAFoiWYCpR9h/tf52k3zOD+aOrIZ
3bOX5F6CAaFOSyJgiqyWgy5G+El9DNFohPtl7P+WkDboSjnErA1Jl89tENWqNfta
xP9Gh2bNoT5ti89vuo4tv5Ahq7DryR3P2I3VGIm8kJ+5H42FkWkbzXZLdyQy3feC
DM5tXAMZLCQItIW+e0Tq4+qxrqa0rdk9ytJC+7COaILWYKE1cxyoeZ3N2Ylw34WF
ihKwBhWNNG1O+w9oGvQ4uhNPcWzwESuKkY21KixJiGm6CZX6FIIhBv4j+6VH
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:48:59 2025 by rpki-client