Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/ykzyTv7T1S2XwwDG-sggPjN9lsM.roa
File: ykzyTv7T1S2XwwDG-sggPjN9lsM.roa (raw, json)
Hash identifier: Vk57ZFBFQ6iOSjEXuuqcT/SJyN9aVVIdiynEnpj05wg=
Subject key identifier: CA:4C:F2:4E:FE:D3:D5:2D:97:C3:00:C6:FA:C8:20:3E:33:7D:96:C3
Certificate issuer: /CN=d8ae1d7cc68b78c494c530eaa4a0f7559e25a4ef
Certificate serial: 01856F4B8E2ABA141E150147B2E351878852
Authority key identifier: D8:AE:1D:7C:C6:8B:78:C4:94:C5:30:EA:A4:A0:F7:55:9E:25:A4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2K4dfMaLeMSUxTDqpKD3VZ4lpO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/ykzyTv7T1S2XwwDG-sggPjN9lsM.roa
Signing time: Sun 01 Jan 2023 21:45:00 +0000
ROA not before: Sun 01 Jan 2023 21:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8218
IP address blocks: 185.75.241.0/24 maxlen: 24
2a05:5504:3::/48 maxlen: 48
2a05:5504:6::/48 maxlen: 48
2a05:5504:9::/48 maxlen: 48
2a05:5504:1::/48 maxlen: 48
2a05:5504:11::/48 maxlen: 48
2a05:5504:4::/48 maxlen: 48
2a05:5504:7::/48 maxlen: 48
2a05:5504:2::/48 maxlen: 48
2a05:5504:5::/48 maxlen: 48
2a05:5504:8::/48 maxlen: 48
2a05:5504:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:8e:2a:ba:14:1e:15:01:47:b2:e3:51:87:88:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ae1d7cc68b78c494c530eaa4a0f7559e25a4ef
Validity
Not Before: Jan 1 21:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca4cf24efed3d52d97c300c6fac8203e337d96c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:13:e4:73:e7:42:b6:49:b9:db:78:db:42:38:
48:41:fd:8c:57:bd:96:5b:d9:6d:ae:58:bf:d3:2c:
b5:1a:ee:bf:d7:07:40:f6:0a:b0:0b:50:a0:f2:41:
7b:8f:72:71:35:f4:be:e8:09:75:bc:2f:a9:6a:22:
c9:8c:78:70:ae:36:68:5d:6d:75:d6:67:42:0f:5f:
43:8c:95:07:5d:24:d3:76:6c:0f:1b:7a:8d:a8:aa:
dd:73:f5:50:29:0c:41:7f:97:fe:3b:95:a1:da:46:
52:4c:09:05:8c:60:79:20:14:74:27:3f:18:3a:83:
ea:f2:08:f5:08:64:1f:13:60:c6:79:a0:3e:d4:44:
1f:c3:97:be:53:6f:4b:cd:1c:1a:4b:cb:91:d2:a6:
d6:b3:c1:6f:aa:e3:bc:d3:36:27:7b:0d:34:22:5d:
dd:7d:77:a4:bc:b0:a2:22:5c:ba:71:e4:15:f9:51:
fe:02:28:ad:4e:9f:f6:df:1b:71:32:3d:4a:0b:37:
00:b8:36:f0:40:f7:cd:07:7c:90:43:0e:24:af:5e:
fa:5f:6b:cf:8c:bd:f2:b8:dd:fd:ec:4c:2a:04:d1:
dc:d6:71:53:79:8d:49:82:5e:2d:d9:a8:21:d7:da:
33:77:15:0c:df:e8:44:60:14:a7:ed:4b:77:69:0c:
c6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4C:F2:4E:FE:D3:D5:2D:97:C3:00:C6:FA:C8:20:3E:33:7D:96:C3
X509v3 Authority Key Identifier:
keyid:D8:AE:1D:7C:C6:8B:78:C4:94:C5:30:EA:A4:A0:F7:55:9E:25:A4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2K4dfMaLeMSUxTDqpKD3VZ4lpO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/ykzyTv7T1S2XwwDG-sggPjN9lsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/15c74c-f8b8-4f53-a131-64e431f74eea/1/2K4dfMaLeMSUxTDqpKD3VZ4lpO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.241.0/24
IPv6:
2a05:5504:1::-2a05:5504:9:ffff:ffff:ffff:ffff:ffff
2a05:5504:10::/47
Signature Algorithm: sha256WithRSAEncryption
33:c6:ee:4a:32:6f:d0:2b:51:5d:ec:d3:14:62:ff:cf:fb:2a:
af:dd:19:fb:45:4d:50:ee:dc:71:2c:a8:12:27:39:cd:6a:a3:
de:80:f5:20:dd:fb:43:b3:ce:5c:ad:41:42:27:84:6c:40:86:
ac:e2:5f:aa:97:5d:a3:dd:6a:92:e5:4d:53:c6:1c:ac:b7:21:
6a:5c:51:91:ec:d3:0e:b9:56:78:43:3c:9c:f3:db:6b:27:0f:
c0:e4:dc:4d:89:44:d5:cf:fe:48:76:8f:dd:bd:22:9a:aa:9e:
7d:0e:71:0a:4a:c7:f3:2f:29:a2:ea:d8:4f:1a:65:c1:6b:8d:
8a:5a:d8:ad:12:88:99:b4:53:50:cd:8e:a2:28:66:bd:20:e8:
33:07:19:f2:56:b1:bc:af:3e:52:22:96:a9:f0:c1:22:57:e9:
d8:e4:b2:bb:9b:85:4a:db:f9:80:35:34:1a:62:7c:bb:20:2e:
d8:17:b2:a6:6d:f3:1f:8b:a8:83:0a:fb:39:35:d5:5e:bf:1c:
9e:a1:f8:84:f5:9a:7e:44:30:5b:c2:26:64:44:98:26:5d:14:
98:35:a4:e6:95:8c:34:0e:b3:07:0a:8a:6b:fb:35:29:34:50:
7f:8c:77:0b:fc:43:38:65:f7:31:6b:18:26:30:6b:ec:02:7a:
a3:4d:f7:d1
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVvS44quhQeFQFHsuNRh4hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YWUxZDdjYzY4Yjc4YzQ5NGM1MzBlYWE0YTBmNzU1OWUy
NWE0ZWYwHhcNMjMwMTAxMjE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRjZjI0ZWZlZDNkNTJkOTdjMzAwYzZmYWM4MjAzZTMzN2Q5NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxPkc+dCtkm523jbQjhIQf2MV72W
W9ltrli/0yy1Gu6/1wdA9gqwC1Cg8kF7j3JxNfS+6Al1vC+paiLJjHhwrjZoXW11
1mdCD19DjJUHXSTTdmwPG3qNqKrdc/VQKQxBf5f+O5Wh2kZSTAkFjGB5IBR0Jz8Y
OoPq8gj1CGQfE2DGeaA+1EQfw5e+U29LzRwaS8uR0qbWs8FvquO80zYnew00Il3d
fXekvLCiIly6ceQV+VH+AiitTp/23xtxMj1KCzcAuDbwQPfNB3yQQw4kr176X2vP
jL3yuN397EwqBNHc1nFTeY1Jgl4t2agh19ozdxUM3+hEYBSn7Ut3aQzG0wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMpM8k7+09Utl8MAxvrIID4zfZbDMB8GA1UdIwQY
MBaAFNiuHXzGi3jElMUw6qSg91WeJaTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMks0ZGZNYUxlTVNVeFREcXBLRDNWWjRscE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xNWM3NGMtZjhiOC00ZjUzLWExMzEt
NjRlNDMxZjc0ZWVhLzEveWt6eVR2N1QxUzJYd3dERy1zZ2dQak45bHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xNWM3NGMtZjhiOC00ZjUzLWExMzEtNjRlNDMxZjc0ZWVh
LzEvMks0ZGZNYUxlTVNVeFREcXBLRDNWWjRscE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAuUvxMCME
AgACMB0wEgMHACoFVQQAAQMHASoFVQQACAMHASoFVQQAEDANBgkqhkiG9w0BAQsF
AAOCAQEAM8buSjJv0CtRXezTFGL/z/sqr90Z+0VNUO7ccSyoEic5zWqj3oD1IN37
Q7POXK1BQieEbECGrOJfqpddo91qkuVNU8YcrLchalxRkezTDrlWeEM8nPPbaycP
wOTcTYlE1c/+SHaP3b0imqqefQ5xCkrH8y8pourYTxplwWuNilrYrRKImbRTUM2O
oihmvSDoMwcZ8laxvK8+UiKWqfDBIlfp2OSyu5uFStv5gDU0GmJ8uyAu2Beypm3z
H4uogwr7OTXVXr8cnqH4hPWafkQwW8ImZESYJl0UmDWk5pWMNA6zBwqKa/s1KTRQ
f4x3C/xDOGX3MWsYJjBr7AJ6o0330Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:46 2023 by rpki-client on console-ams.rpki-client.org