Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/yvQyy9Z9k5i1VmlHAKaertyzN34.roa
File: yvQyy9Z9k5i1VmlHAKaertyzN34.roa (raw, json)
Hash identifier: Ff1Cn1lR26UTFSkop2LtIu2dpCA0zAQ/5vNY09uigMg=
Subject key identifier: CA:F4:32:CB:D6:7D:93:98:B5:56:69:47:00:A6:9E:AE:DC:B3:37:7E
Certificate issuer: /CN=9258825767fbc083732a96e1812ccc5bfe150185
Certificate serial: 019426D99269D7BA5FD3F5441D5944BDE7B1
Authority key identifier: 92:58:82:57:67:FB:C0:83:73:2A:96:E1:81:2C:CC:5B:FE:15:01:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kliCV2f7wINzKpbhgSzMW_4VAYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/yvQyy9Z9k5i1VmlHAKaertyzN34.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48803
IP address blocks: 185.67.56.0/22 maxlen: 22
217.73.96.0/20 maxlen: 20
2a00:c740::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:92:69:d7:ba:5f:d3:f5:44:1d:59:44:bd:e7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9258825767fbc083732a96e1812ccc5bfe150185
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caf432cbd67d9398b556694700a69eaedcb3377e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:cb:78:c7:e2:5c:dc:37:7a:97:e0:a5:2e:47:
1b:65:94:26:58:40:b5:24:ba:c2:80:6a:c7:db:d3:
63:4d:9b:86:9f:10:79:72:8c:19:ac:15:8c:70:34:
0a:c1:cb:62:d0:25:59:e0:5e:fc:d7:72:d3:16:bf:
52:26:5d:ad:64:81:37:49:9e:fd:2c:12:2c:6e:dd:
7b:2a:91:e4:7f:d4:2c:b0:7b:da:82:08:c3:b2:6c:
58:a2:a0:72:9e:83:35:0e:83:81:ca:35:81:b7:ae:
39:dc:c2:d3:8f:85:ac:5d:8c:ef:25:eb:3d:7e:a4:
2e:2e:79:ed:88:e5:09:7b:0d:07:3e:f8:8a:2b:ac:
f7:76:f3:04:b0:88:c2:5a:75:43:e7:8d:20:df:70:
e1:32:6b:e2:4f:e1:38:5d:70:88:fa:e3:8b:e2:a3:
76:4d:9a:50:60:9d:03:a3:80:6f:75:47:07:31:36:
43:94:f3:fa:53:c9:2c:a5:2d:5b:f6:e2:de:5e:c6:
4a:7d:37:08:ab:51:c5:e6:7d:46:17:48:de:c5:47:
d6:e6:62:b2:7d:74:ee:3c:16:60:dc:23:4f:b0:a6:
57:37:5e:e0:69:96:88:e3:99:86:56:3c:d9:99:d9:
09:07:79:21:55:24:cc:ef:8c:c6:9b:75:5a:02:7d:
f4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F4:32:CB:D6:7D:93:98:B5:56:69:47:00:A6:9E:AE:DC:B3:37:7E
X509v3 Authority Key Identifier:
keyid:92:58:82:57:67:FB:C0:83:73:2A:96:E1:81:2C:CC:5B:FE:15:01:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kliCV2f7wINzKpbhgSzMW_4VAYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/yvQyy9Z9k5i1VmlHAKaertyzN34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/kliCV2f7wINzKpbhgSzMW_4VAYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.56.0/22
217.73.96.0/20
IPv6:
2a00:c740::/32
Signature Algorithm: sha256WithRSAEncryption
3e:b9:f6:74:61:31:57:60:d9:c0:16:24:1a:94:bb:65:b6:b5:
06:df:cf:4d:60:ad:8d:f3:81:d8:a9:a1:8d:cf:1a:09:24:87:
64:f0:ba:20:bb:9d:0f:32:c7:a4:26:35:62:14:23:da:ea:b7:
2f:eb:b5:60:33:3f:7e:de:e4:4d:e3:19:45:ad:13:37:63:dd:
48:65:56:ac:4c:c1:1c:c2:cf:6b:64:d2:cf:3e:13:1d:ac:b2:
1f:99:d4:3f:c8:27:10:f7:f3:6c:b8:d9:7d:50:5f:d8:f7:70:
5e:5b:3a:5c:d2:14:f9:9e:af:f2:42:b3:bf:2a:a3:c9:ae:d3:
a4:56:49:09:c8:36:e6:7d:64:e6:2b:b7:05:f4:17:69:cd:65:
b4:b0:2e:ab:26:f2:f5:a8:e4:36:23:0d:f6:09:90:c8:f2:2e:
2b:6f:bc:2a:0f:da:f7:9e:d4:8f:8d:d2:6d:40:a3:8e:34:5c:
bc:fc:c3:51:5d:3d:8b:1c:97:b8:b5:a1:5c:1f:f4:65:e9:47:
3e:fe:34:42:65:cd:41:4a:02:e4:21:21:76:70:49:9a:9b:64:
69:58:b7:88:14:6a:31:2a:7a:9b:8d:3f:33:08:8b:8f:27:56:
90:57:4f:9f:44:54:db:6c:99:d6:f0:86:8a:d3:64:cb:8b:96:
33:37:2c:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2ZJp17pf0/VEHVlEveexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTg4MjU3NjdmYmMwODM3MzJhOTZlMTgxMmNjYzViZmUx
NTAxODUwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0MzJjYmQ2N2Q5Mzk4YjU1NjY5NDcwMGE2OWVhZWRjYjMzNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ct4x+Jc3Dd6l+ClLkcbZZQmWEC1
JLrCgGrH29NjTZuGnxB5cowZrBWMcDQKwcti0CVZ4F7813LTFr9SJl2tZIE3SZ79
LBIsbt17KpHkf9QssHvaggjDsmxYoqBynoM1DoOByjWBt6453MLTj4WsXYzvJes9
fqQuLnntiOUJew0HPviKK6z3dvMEsIjCWnVD540g33DhMmviT+E4XXCI+uOL4qN2
TZpQYJ0Do4BvdUcHMTZDlPP6U8kspS1b9uLeXsZKfTcIq1HF5n1GF0jexUfW5mKy
fXTuPBZg3CNPsKZXN17gaZaI45mGVjzZmdkJB3khVSTM74zGm3VaAn307QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMr0MsvWfZOYtVZpRwCmnq7cszd+MB8GA1UdIwQY
MBaAFJJYgldn+8CDcyqW4YEszFv+FQGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xpQ1YyZjd3SU56S3BiaGdTek1XXzRWQVlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS83YjY2NzctZDJjNC00MTkxLTlmZWUt
YmQxOWIwODM2MTUxLzEveXZReXk5WjlrNWkxVm1sSEFLYWVydHl6TjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS83YjY2NzctZDJjNC00MTkxLTlmZWUtYmQxOWIwODM2MTUx
LzEva2xpQ1YyZjd3SU56S3BiaGdTek1XXzRWQVlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUM4AwQE
2UlgMA0EAgACMAcDBQAqAMdAMA0GCSqGSIb3DQEBCwUAA4IBAQA+ufZ0YTFXYNnA
FiQalLtltrUG389NYK2N84HYqaGNzxoJJIdk8Logu50PMsekJjViFCPa6rcv67Vg
Mz9+3uRN4xlFrRM3Y91IZVasTMEcws9rZNLPPhMdrLIfmdQ/yCcQ9/NsuNl9UF/Y
93BeWzpc0hT5nq/yQrO/KqPJrtOkVkkJyDbmfWTmK7cF9BdpzWW0sC6rJvL1qOQ2
Iw32CZDI8i4rb7wqD9r3ntSPjdJtQKOONFy8/MNRXT2LHJe4taFcH/Rl6Uc+/jRC
Zc1BSgLkISF2cEmam2RpWLeIFGoxKnqbjT8zCIuPJ1aQV0+fRFTbbJnW8IaK02TL
i5YzNywb
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:51 2025 by rpki-client