Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/yHgH_lMUm4oFa_GnCsmAbIU1COM.roa
File: yHgH_lMUm4oFa_GnCsmAbIU1COM.roa (raw, json)
Hash identifier: MjR/P2+PrAk5Bu0tg2NHyXtBDLvOpshbkzdWh1K2WRs=
Subject key identifier: C8:78:07:FE:53:14:9B:8A:05:6B:F1:A7:0A:C9:80:6C:85:35:08:E3
Certificate issuer: /CN=a8707679223c883fed7f7c79ff2f293bff8730b5
Certificate serial: 019426D991D851C88AD86F3BDA093029D828
Authority key identifier: A8:70:76:79:22:3C:88:3F:ED:7F:7C:79:FF:2F:29:3B:FF:87:30:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHB2eSI8iD_tf3x5_y8pO_-HMLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/yHgH_lMUm4oFa_GnCsmAbIU1COM.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51752
IP address blocks: 91.220.88.0/24 maxlen: 24
185.15.220.0/22 maxlen: 22
2a03:c9c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:91:d8:51:c8:8a:d8:6f:3b:da:09:30:29:d8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8707679223c883fed7f7c79ff2f293bff8730b5
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c87807fe53149b8a056bf1a70ac9806c853508e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bc:dd:67:b3:d2:b0:4c:80:71:17:88:77:14:
a4:d7:15:f4:47:da:34:12:8a:22:48:f7:e7:86:2d:
64:c5:ae:71:cd:42:9a:f5:fa:df:09:d2:19:5c:4e:
45:b3:7f:cc:1e:3d:67:93:48:33:f4:39:9f:a9:d7:
86:38:e5:4c:cd:52:28:86:a3:62:2e:2c:d5:27:8e:
03:bd:af:0c:8b:f0:7c:d2:6b:a2:95:d9:0c:39:65:
38:19:cc:75:69:1e:98:04:2d:43:c8:3b:a7:93:bb:
b6:24:1b:15:f0:e4:10:fc:4c:19:79:80:8e:08:d7:
73:34:03:2b:5d:55:be:86:56:cc:65:1d:d6:56:99:
2a:85:ab:72:f1:6c:2b:db:b1:09:f7:9b:d7:01:82:
f5:28:9c:84:a2:6a:5f:3e:4b:be:eb:82:3e:cd:22:
b0:e8:38:33:bc:72:2b:2b:33:0a:29:c0:85:c1:58:
37:98:c0:92:f1:42:32:c7:19:96:59:d3:dc:79:9c:
55:c1:e0:a4:73:8c:1b:41:a1:08:b7:e4:5d:56:db:
8d:7a:47:10:6f:15:56:1c:a7:e4:dc:97:88:09:ac:
e2:e9:43:fa:70:38:40:f8:7a:ba:da:66:b4:f0:37:
be:8f:83:49:45:07:5d:46:6e:99:c4:ad:b1:75:f3:
05:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:78:07:FE:53:14:9B:8A:05:6B:F1:A7:0A:C9:80:6C:85:35:08:E3
X509v3 Authority Key Identifier:
keyid:A8:70:76:79:22:3C:88:3F:ED:7F:7C:79:FF:2F:29:3B:FF:87:30:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHB2eSI8iD_tf3x5_y8pO_-HMLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/yHgH_lMUm4oFa_GnCsmAbIU1COM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/qHB2eSI8iD_tf3x5_y8pO_-HMLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.88.0/24
185.15.220.0/22
IPv6:
2a03:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
52:75:ac:0b:3f:74:74:9c:7e:5f:7c:3f:bc:f2:b2:60:ed:97:
45:1c:e2:36:cb:42:56:09:7f:1f:d7:89:1e:ac:67:14:4e:6a:
91:bd:e0:d5:20:0f:67:8d:a4:df:8d:e0:59:cd:23:ba:78:54:
4a:e8:8b:d1:be:11:72:46:12:aa:41:42:09:41:da:09:50:27:
bc:eb:a9:34:55:cf:22:cc:cb:7f:94:60:9c:56:19:da:4a:1b:
e7:62:0c:1d:c9:37:de:74:82:68:83:84:fc:77:c4:f0:b0:d4:
de:57:9b:13:b5:63:7f:14:46:45:52:8b:a4:20:6c:d1:7c:1f:
48:8a:a1:2a:15:c7:b8:46:3c:d6:a5:7f:d1:d8:9c:bb:cb:9d:
06:19:ec:96:40:39:5f:78:63:07:eb:f5:69:53:23:6f:bd:92:
16:fc:56:b7:ce:c6:aa:1c:d3:ec:74:51:bc:a1:40:a7:d9:09:
78:e9:47:6f:22:33:0b:bc:9e:9c:3c:45:c3:29:f7:32:58:ed:
83:34:fc:f3:2e:f5:e1:a9:0b:0d:fa:be:e6:80:f9:3c:0d:8f:
47:99:fc:ce:35:e1:22:8c:67:1e:e1:52:85:f1:ea:08:f7:f6:
dc:9a:eb:65:1f:89:8d:bd:85:9d:b6:b9:08:ed:5a:a6:d2:fe:
ac:b5:a0:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2ZHYUciK2G872gkwKdgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA3Njc5MjIzYzg4M2ZlZDdmN2M3OWZmMmYyOTNiZmY4
NzMwYjUwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODc4MDdmZTUzMTQ5YjhhMDU2YmYxYTcwYWM5ODA2Yzg1MzUwOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLzdZ7PSsEyAcReIdxSk1xX0R9o0
EooiSPfnhi1kxa5xzUKa9frfCdIZXE5Fs3/MHj1nk0gz9DmfqdeGOOVMzVIohqNi
LizVJ44Dva8Mi/B80muildkMOWU4Gcx1aR6YBC1DyDunk7u2JBsV8OQQ/EwZeYCO
CNdzNAMrXVW+hlbMZR3WVpkqhaty8Wwr27EJ95vXAYL1KJyEompfPku+64I+zSKw
6DgzvHIrKzMKKcCFwVg3mMCS8UIyxxmWWdPceZxVweCkc4wbQaEIt+RdVtuNekcQ
bxVWHKfk3JeICazi6UP6cDhA+Hq62ma08De+j4NJRQddRm6ZxK2xdfMFiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMh4B/5TFJuKBWvxpwrJgGyFNQjjMB8GA1UdIwQY
MBaAFKhwdnkiPIg/7X98ef8vKTv/hzC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhCMmVTSThpRF90ZjN4NV95OHBPXy1ITUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9kYjk4NjYtZGJmNi00Mjk0LTk0Yjkt
NDA3ZmVmNjljZmI4LzEveUhnSF9sTVVtNG9GYV9HbkNzbUFiSVUxQ09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9kYjk4NjYtZGJmNi00Mjk0LTk0YjktNDA3ZmVmNjljZmI4
LzEvcUhCMmVTSThpRF90ZjN4NV95OHBPXy1ITUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9xYAwQC
uQ/cMA0EAgACMAcDBQAqA8nAMA0GCSqGSIb3DQEBCwUAA4IBAQBSdawLP3R0nH5f
fD+88rJg7ZdFHOI2y0JWCX8f14kerGcUTmqRveDVIA9njaTfjeBZzSO6eFRK6IvR
vhFyRhKqQUIJQdoJUCe866k0Vc8izMt/lGCcVhnaShvnYgwdyTfedIJog4T8d8Tw
sNTeV5sTtWN/FEZFUoukIGzRfB9IiqEqFce4RjzWpX/R2Jy7y50GGeyWQDlfeGMH
6/VpUyNvvZIW/Fa3zsaqHNPsdFG8oUCn2Ql46UdvIjMLvJ6cPEXDKfcyWO2DNPzz
LvXhqQsN+r7mgPk8DY9HmfzONeEijGce4VKF8eoI9/bcmutlH4mNvYWdtrkI7Vqm
0v6staDU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:18 2025 by rpki-client