Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/YwES8R9xRhrFpLG3cV7yoeKQ6tE.roa
File: YwES8R9xRhrFpLG3cV7yoeKQ6tE.roa (raw, json)
Hash identifier: fX/IIRdgZ8uMVTDgkZp0nm1MBfHNGan3NvLFwQRulBs=
Subject key identifier: 63:01:12:F1:1F:71:46:1A:C5:A4:B1:B7:71:5E:F2:A1:E2:90:EA:D1
Certificate issuer: /CN=4a4b513f7e446e0cd6dcfe56829bbc9fe498d3e8
Certificate serial: 01942143E89A455C6138F21B5DA862521EAB
Authority key identifier: 4A:4B:51:3F:7E:44:6E:0C:D6:DC:FE:56:82:9B:BC:9F:E4:98:D3:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SktRP35EbgzW3P5Wgpu8n-SY0-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/YwES8R9xRhrFpLG3cV7yoeKQ6tE.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15791
IP address blocks: 185.109.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e8:9a:45:5c:61:38:f2:1b:5d:a8:62:52:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4b513f7e446e0cd6dcfe56829bbc9fe498d3e8
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=630112f11f71461ac5a4b1b7715ef2a1e290ead1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:be:3f:05:ed:a4:ac:d7:64:2a:18:c4:96:29:
38:db:c2:df:be:72:7b:35:01:73:aa:08:e5:75:21:
0b:ed:cf:f6:14:bf:25:90:1f:fd:95:76:53:60:ab:
5c:f5:17:4e:fb:13:86:ee:e1:bf:3c:65:66:1b:64:
1b:13:cd:30:46:56:c0:ad:1d:b8:dd:0a:39:63:53:
2c:8c:d8:61:59:a3:06:39:05:30:d1:16:4f:31:19:
9e:a4:a8:8b:68:46:a1:ac:ce:1e:ca:8f:3d:31:c2:
d7:07:81:fa:1c:42:25:3d:10:b9:65:2b:c1:69:a1:
e0:1c:87:66:26:08:9a:37:02:ec:49:e7:8f:5d:de:
5f:b6:f8:15:ab:46:a6:99:b9:21:fd:e4:3e:88:d3:
03:96:49:5f:3c:d6:3c:1f:9f:0d:72:6d:57:78:47:
37:e3:7f:77:a3:1e:07:0d:1c:f3:70:cf:19:e9:3e:
aa:cc:7d:cc:ca:c4:55:10:46:89:73:5e:3a:30:b1:
6b:d5:eb:84:31:0e:fa:ff:53:1a:71:b4:a0:86:a8:
69:c9:1c:7c:30:f8:c7:f7:a3:eb:16:43:b2:b3:87:
7b:7c:64:37:0a:98:d2:f3:4e:1d:38:81:08:c7:ef:
0f:ba:25:a8:ff:75:f6:bd:f5:ba:2e:33:3a:32:d6:
1e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:01:12:F1:1F:71:46:1A:C5:A4:B1:B7:71:5E:F2:A1:E2:90:EA:D1
X509v3 Authority Key Identifier:
keyid:4A:4B:51:3F:7E:44:6E:0C:D6:DC:FE:56:82:9B:BC:9F:E4:98:D3:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SktRP35EbgzW3P5Wgpu8n-SY0-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/YwES8R9xRhrFpLG3cV7yoeKQ6tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/SktRP35EbgzW3P5Wgpu8n-SY0-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.232.0/22
Signature Algorithm: sha256WithRSAEncryption
28:2d:f8:37:19:86:e7:91:81:02:3b:f5:a1:d9:3b:03:a3:7c:
c9:68:35:76:80:3a:22:68:fd:4e:fe:78:21:81:46:28:4f:da:
b7:03:e2:76:07:38:c7:a5:3a:e0:4e:c6:f4:9e:b7:c8:f9:28:
56:a3:64:b9:25:59:d5:5a:d9:cd:d2:6a:1f:b8:f3:91:b5:57:
e1:9e:bb:5c:31:d5:43:0a:ec:ff:bd:59:86:74:71:5b:1d:0a:
9c:18:5f:df:52:aa:4d:3d:dd:e1:9e:34:8d:ac:87:98:5c:8c:
dd:ea:d5:e0:5f:75:6e:56:e8:7a:b2:72:5b:3d:a4:52:69:db:
4d:56:06:9e:78:0b:c0:c4:50:26:cb:cf:37:f5:3b:2f:73:88:
69:3d:cb:88:43:d3:d8:ed:14:90:14:25:95:61:04:82:85:85:
a2:ad:30:0e:58:c9:ee:d1:56:d6:c2:74:78:26:3c:39:9a:bf:
c6:41:ae:3e:44:e3:5e:5e:50:9b:13:5e:56:8a:d9:56:a5:f2:
b9:3a:4c:87:09:fd:f0:70:4a:20:72:41:e2:64:57:a4:7e:6e:
99:43:b6:7d:56:03:ef:be:23:ca:ac:02:b7:3b:45:03:17:47:
27:86:cf:a1:13:ab:72:b4:3a:8d:f5:4f:a3:50:50:b5:aa:5a:
5b:ff:7c:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+iaRVxhOPIbXahiUh6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGI1MTNmN2U0NDZlMGNkNmRjZmU1NjgyOWJiYzlmZTQ5
OGQzZTgwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAxMTJmMTFmNzE0NjFhYzVhNGIxYjc3MTVlZjJhMWUyOTBlYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L4/Be2krNdkKhjElik428LfvnJ7
NQFzqgjldSEL7c/2FL8lkB/9lXZTYKtc9RdO+xOG7uG/PGVmG2QbE80wRlbArR24
3Qo5Y1MsjNhhWaMGOQUw0RZPMRmepKiLaEahrM4eyo89McLXB4H6HEIlPRC5ZSvB
aaHgHIdmJgiaNwLsSeePXd5ftvgVq0ammbkh/eQ+iNMDlklfPNY8H58Ncm1XeEc3
4393ox4HDRzzcM8Z6T6qzH3MysRVEEaJc146MLFr1euEMQ76/1MacbSghqhpyRx8
MPjH96PrFkOys4d7fGQ3CpjS804dOIEIx+8PuiWo/3X2vfW6LjM6MtYeDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMBEvEfcUYaxaSxt3Fe8qHikOrRMB8GA1UdIwQY
MBaAFEpLUT9+RG4M1tz+VoKbvJ/kmNPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2t0UlAzNUViZ3pXM1A1V2dwdThuLVNZMC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mYTU1MTktMGUzNS00NGNmLTlkNGYt
MmFlYTc1YzJkZjc4LzEvWXdFUzhSOXhSaHJGcExHM2NWN3lvZUtRNnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mYTU1MTktMGUzNS00NGNmLTlkNGYtMmFlYTc1YzJkZjc4
LzEvU2t0UlAzNUViZ3pXM1A1V2dwdThuLVNZMC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW3oMA0G
CSqGSIb3DQEBCwUAA4IBAQAoLfg3GYbnkYECO/Wh2TsDo3zJaDV2gDoiaP1O/ngh
gUYoT9q3A+J2BzjHpTrgTsb0nrfI+ShWo2S5JVnVWtnN0mofuPORtVfhnrtcMdVD
Cuz/vVmGdHFbHQqcGF/fUqpNPd3hnjSNrIeYXIzd6tXgX3VuVuh6snJbPaRSadtN
VgaeeAvAxFAmy8839Tsvc4hpPcuIQ9PY7RSQFCWVYQSChYWirTAOWMnu0VbWwnR4
Jjw5mr/GQa4+RONeXlCbE15WitlWpfK5OkyHCf3wcEogckHiZFekfm6ZQ7Z9VgPv
viPKrAK3O0UDF0cnhs+hE6tytDqN9U+jUFC1qlpb/3z6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:41 2025 by rpki-client