Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/YYYCMtBwNHe4EHfTd-SyJxJKG_M.roa
File: YYYCMtBwNHe4EHfTd-SyJxJKG_M.roa (raw, json)
Hash identifier: h4GWUGohIf5ID3tB6/XTOAv9drW9dQmEhCzXo7cj3II=
Subject key identifier: 61:86:02:32:D0:70:34:77:B8:10:77:D3:77:E4:B2:27:12:4A:1B:F3
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018795BF663E02127FE7C70FA848313EA3E7
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/YYYCMtBwNHe4EHfTd-SyJxJKG_M.roa
Signing time: Tue 18 Apr 2023 19:02:41 +0000
ROA not before: Tue 18 Apr 2023 19:02:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3285
IP address blocks: 95.140.144.0/21 maxlen: 24
80.90.176.0/23 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:bf:66:3e:02:12:7f:e7:c7:0f:a8:48:31:3e:a3:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Apr 18 19:02:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61860232d0703477b81077d377e4b227124a1bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:29:74:7f:62:f5:8e:32:3e:a5:a4:fb:2c:47:
30:59:82:7e:63:29:a3:2e:0e:06:8c:31:ee:6c:60:
03:11:f6:dc:d3:7b:f6:41:4f:00:3f:1f:ab:cb:5a:
f3:c0:4c:dd:51:ae:b9:05:90:0d:95:a9:ae:e0:30:
97:e1:3b:e7:e4:85:6a:59:3f:1b:86:0e:da:00:04:
17:3f:4f:79:21:8e:5c:77:82:9b:2c:39:f6:d9:b4:
e3:0a:25:2c:5b:86:fd:ae:60:90:5f:d3:7a:c0:18:
2a:ac:cd:f1:82:2e:a8:63:f1:ce:16:0f:3b:80:ad:
31:2c:7e:c3:17:b3:1d:b4:fd:2f:70:bb:af:e5:28:
47:38:4a:7a:26:c0:2c:ba:a0:91:d3:0e:5e:70:46:
40:11:bd:c2:76:ab:11:72:7c:b1:74:49:16:a8:2c:
02:c8:c2:7f:79:d0:b2:43:f7:9b:e3:80:9a:a5:45:
4d:78:58:ba:a2:7e:e6:c5:51:17:53:0a:c2:85:af:
e2:12:5b:eb:94:2a:f3:04:47:22:0e:ca:4f:c0:8f:
39:31:c7:bc:f7:13:c7:a3:58:07:54:4a:ef:9d:8a:
1b:28:0e:e4:e9:2a:e6:5c:b4:69:a1:2d:cf:20:56:
35:a8:dc:5f:0d:3a:93:d6:f4:01:68:4a:ac:f9:33:
e5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:86:02:32:D0:70:34:77:B8:10:77:D3:77:E4:B2:27:12:4A:1B:F3
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/YYYCMtBwNHe4EHfTd-SyJxJKG_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0/23
95.140.144.0/21
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
78:d0:e2:60:8c:a1:21:77:60:b7:06:13:7b:fb:bc:97:ff:bc:
f4:86:07:cf:11:5c:94:ca:29:b6:c7:86:95:07:9c:80:c5:c6:
4a:e4:bb:fb:ab:e4:56:be:ec:f3:e5:78:1a:c7:ec:76:ea:eb:
24:60:d6:5a:86:83:ec:17:e7:e1:88:db:a2:9c:92:b0:fd:d7:
7f:bd:4e:f5:dc:03:f3:82:75:cd:d2:75:ee:1e:de:cf:99:86:
8d:ac:e1:38:36:cf:31:1d:bd:8e:4a:7c:2e:a7:11:77:2e:93:
1f:7e:40:c2:20:5c:82:14:ad:b9:77:c5:d6:79:af:e1:cc:b5:
8e:d9:4c:a7:0a:eb:61:b7:1c:4b:01:8e:b7:c6:49:84:be:49:
a3:25:c6:89:06:d2:44:81:fb:24:39:31:9e:58:d5:ef:12:34:
b7:2c:62:30:b4:76:79:23:b6:53:c0:04:d2:4f:ee:36:1d:cd:
0c:d2:29:0d:21:76:a5:81:14:ea:0c:51:eb:18:b1:90:01:c5:
73:ba:64:1a:4d:42:9c:0c:23:15:92:4b:ad:4a:73:1c:dc:1d:
24:d4:45:19:40:78:04:3a:ad:5a:0d:53:93:30:05:85:a8:d0:
32:83:a1:50:61:b5:c0:db:4a:56:96:5e:cc:dc:aa:a4:56:13:
30:d1:dc:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYeVv2Y+AhJ/58cPqEgxPqPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwNDE4MTkwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTg2MDIzMmQwNzAzNDc3YjgxMDc3ZDM3N2U0YjIyNzEyNGExYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSl0f2L1jjI+paT7LEcwWYJ+Yymj
Lg4GjDHubGADEfbc03v2QU8APx+ry1rzwEzdUa65BZANlamu4DCX4Tvn5IVqWT8b
hg7aAAQXP095IY5cd4KbLDn22bTjCiUsW4b9rmCQX9N6wBgqrM3xgi6oY/HOFg87
gK0xLH7DF7MdtP0vcLuv5ShHOEp6JsAsuqCR0w5ecEZAEb3CdqsRcnyxdEkWqCwC
yMJ/edCyQ/eb44CapUVNeFi6on7mxVEXUwrCha/iElvrlCrzBEciDspPwI85Mce8
9xPHo1gHVErvnYobKA7k6SrmXLRpoS3PIFY1qNxfDTqT1vQBaEqs+TPlHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGGGAjLQcDR3uBB303fksicSShvzMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvWVlZQ010QndOSGU0RUhmVGQtU3lKeEpLR19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBUFqwAwQD
X4yQMA0EAgACMAcDBQAqABgYMA0GCSqGSIb3DQEBCwUAA4IBAQB40OJgjKEhd2C3
BhN7+7yX/7z0hgfPEVyUyim2x4aVB5yAxcZK5Lv7q+RWvuzz5Xgax+x26uskYNZa
hoPsF+fhiNuinJKw/dd/vU713APzgnXN0nXuHt7PmYaNrOE4Ns8xHb2OSnwupxF3
LpMffkDCIFyCFK25d8XWea/hzLWO2UynCuthtxxLAY63xkmEvkmjJcaJBtJEgfsk
OTGeWNXvEjS3LGIwtHZ5I7ZTwATST+42Hc0M0ikNIXalgRTqDFHrGLGQAcVzumQa
TUKcDCMVkkutSnMc3B0k1EUZQHgEOq1aDVOTMAWFqNAyg6FQYbXA20pWll7M3Kqk
VhMw0dwo
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:48 2025 by rpki-client