Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/YJ50MQnvVhHtjWvLvxqRLtfcQ7A.roa
File: YJ50MQnvVhHtjWvLvxqRLtfcQ7A.roa (raw, json)
Hash identifier: dYfbwzgf/ynRL4xNJih6ua1qw+Sw/CexFK1ACNOG+tc=
Subject key identifier: 60:9E:74:31:09:EF:56:11:ED:8D:6B:CB:BF:1A:91:2E:D7:DC:43:B0
Certificate issuer: /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial: 019423D6D438D188F52F54629F51191AEFCF
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/YJ50MQnvVhHtjWvLvxqRLtfcQ7A.roa
Signing time: Wed 01 Jan 2025 21:47:49 +0000
ROA not before: Wed 01 Jan 2025 21:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213145
IP address blocks: 185.14.172.0/24 maxlen: 24
185.14.173.0/24 maxlen: 24
185.14.174.0/24 maxlen: 24
185.14.175.0/24 maxlen: 24
185.117.99.0/24 maxlen: 24
185.117.120.0/24 maxlen: 24
185.117.121.0/24 maxlen: 24
185.117.122.0/24 maxlen: 24
185.117.123.0/24 maxlen: 24
188.125.171.0/24 maxlen: 24
188.125.172.0/24 maxlen: 24
188.125.173.0/24 maxlen: 24
188.125.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d4:38:d1:88:f5:2f:54:62:9f:51:19:1a:ef:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Validity
Not Before: Jan 1 21:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=609e743109ef5611ed8d6bcbbf1a912ed7dc43b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b0:c0:5c:32:73:bd:ee:39:6f:35:53:d9:dd:
f2:8b:83:a2:93:a0:01:7d:e1:ee:f6:80:36:37:0a:
91:4f:34:c4:2a:46:fe:b8:14:5a:90:45:bb:c5:02:
ce:ed:4b:29:a3:93:e4:92:ec:3a:de:0c:06:94:17:
c0:6a:cd:33:8c:7b:b8:5f:a0:3d:88:05:68:ca:53:
a2:b9:60:06:b4:a9:0f:c9:e5:0b:e0:6a:3e:cb:00:
29:90:da:d6:61:a7:bf:98:67:c6:c0:a5:05:be:38:
c9:81:25:42:c5:27:a8:bc:4a:e4:3b:e0:d8:85:17:
68:bb:82:5d:df:9d:a3:ca:3d:e0:ca:22:82:c2:1d:
96:2c:90:56:6e:dd:36:48:c3:d1:26:ba:d4:82:10:
cd:6c:f1:1d:71:fd:ca:0a:4a:5c:73:83:f8:0c:97:
4e:3e:86:f5:b1:9d:e7:bd:df:08:51:12:dd:3f:85:
c1:29:6d:35:d3:58:67:3f:07:9e:da:23:7d:81:d2:
5d:1e:e3:30:52:95:2e:d7:40:73:17:ac:97:ab:bf:
51:71:25:9d:de:3f:54:db:6b:26:98:94:f5:e9:1a:
79:e4:79:c0:10:ae:4c:e4:20:e3:5d:1f:2b:4c:be:
fd:93:a9:93:e2:83:8c:76:d6:f2:3c:5d:91:2a:ea:
96:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9E:74:31:09:EF:56:11:ED:8D:6B:CB:BF:1A:91:2E:D7:DC:43:B0
X509v3 Authority Key Identifier:
keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/YJ50MQnvVhHtjWvLvxqRLtfcQ7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.172.0/22
185.117.99.0/24
185.117.120.0/22
188.125.171.0-188.125.173.255
188.125.175.0/24
Signature Algorithm: sha256WithRSAEncryption
24:32:72:3d:da:2e:1f:d2:3d:cc:33:06:fc:d1:fd:58:f6:2f:
6c:5c:59:38:19:0e:73:3c:3a:5d:f5:1f:f7:12:c2:f3:9a:44:
89:e2:a5:90:83:2b:b0:de:01:34:6a:57:b3:71:99:1f:53:a2:
d2:12:11:9f:25:73:41:28:04:0a:21:3d:28:42:e1:a2:f9:60:
05:bd:5e:ee:13:e5:25:5d:ef:93:15:a9:ae:27:a5:7b:64:ec:
67:fe:36:42:7d:fa:01:e3:2b:cc:e8:1c:28:ca:36:a6:0d:21:
3a:c5:85:c5:8a:ed:e8:32:33:30:87:ef:d4:51:f3:37:a9:58:
35:ae:a9:cc:93:a2:61:ee:eb:84:96:6d:7a:bd:47:41:73:88:
2f:a5:b2:2d:6c:57:bc:b2:c1:4b:96:c2:d4:ea:e4:3d:47:89:
3a:0d:43:77:1e:bc:58:a4:1e:7e:cc:7e:79:ca:b1:ee:88:28:
70:a8:e7:c9:0c:8c:56:35:72:82:d1:01:e3:d9:7e:70:29:9b:
5f:76:2c:6b:b3:ec:c7:60:dc:8d:da:17:70:66:1d:59:c1:cb:
28:29:19:e1:c9:c3:39:f5:3e:0c:7e:5b:b6:20:bc:bd:f9:2b:
87:85:9c:e9:3b:ee:64:a7:2b:71:d0:e0:d2:d3:d2:61:0d:06:
69:a9:4e:97
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQj1tQ40Yj1L1Rin1EZGu/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOWU2ODg3ZWE3NTcyYTY0MTEzMDZjODdiMGNjMDg5Mzk3
YTYzNTQwHhcNMjUwMTAxMjE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDllNzQzMTA5ZWY1NjExZWQ4ZDZiY2JiZjFhOTEyZWQ3ZGM0M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrDAXDJzve45bzVT2d3yi4Oik6AB
feHu9oA2NwqRTzTEKkb+uBRakEW7xQLO7Uspo5Pkkuw63gwGlBfAas0zjHu4X6A9
iAVoylOiuWAGtKkPyeUL4Go+ywApkNrWYae/mGfGwKUFvjjJgSVCxSeovErkO+DY
hRdou4Jd352jyj3gyiKCwh2WLJBWbt02SMPRJrrUghDNbPEdcf3KCkpcc4P4DJdO
Pob1sZ3nvd8IURLdP4XBKW0101hnPwee2iN9gdJdHuMwUpUu10BzF6yXq79RcSWd
3j9U22smmJT16Rp55HnAEK5M5CDjXR8rTL79k6mT4oOMdtbyPF2RKuqWxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGCedDEJ71YR7Y1ry78akS7X3EOwMB8GA1UdIwQY
MBaAFJ6eaIfqdXKmQRMGyHsMwIk5emNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAt
ZWM1MDhkZWM3NzkzLzEvWUo1ME1RbnZWaEh0ald2THZ4cVJMdGZjUTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAtZWM1MDhkZWM3Nzkz
LzEvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCuQ6sAwQA
uXVjAwQCuXV4MAwDBAC8fasDBAG8fawDBAC8fa8wDQYJKoZIhvcNAQELBQADggEB
ACQycj3aLh/SPcwzBvzR/Vj2L2xcWTgZDnM8Ol31H/cSwvOaRInipZCDK7DeATRq
V7NxmR9TotISEZ8lc0EoBAohPShC4aL5YAW9Xu4T5SVd75MVqa4npXtk7Gf+NkJ9
+gHjK8zoHCjKNqYNITrFhcWK7egyMzCH79RR8zepWDWuqcyTomHu64SWbXq9R0Fz
iC+lsi1sV7yywUuWwtTq5D1HiToNQ3cevFikHn7MfnnKse6IKHCo58kMjFY1coLR
AePZfnApm192LGuz7Mdg3I3aF3BmHVnByygpGeHJwzn1Pgx+W7YgvL35K4eFnOk7
7mSnK3HQ4NLT0mENBmmpTpc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:53 2025 by rpki-client