Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/YLX2PpJC2jdo1UiXusO_3hzsXug.roa
File: YLX2PpJC2jdo1UiXusO_3hzsXug.roa (raw, json)
Hash identifier: 8rbASZsr6aOYYISGy+IELA0dmKcsLlWy4ooK50nSGCM=
Subject key identifier: 60:B5:F6:3E:92:42:DA:37:68:D5:48:97:BA:C3:BF:DE:1C:EC:5E:E8
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 0194266B56D5EBD4A02EB48742885693085C
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/YLX2PpJC2jdo1UiXusO_3hzsXug.roa
Signing time: Thu 02 Jan 2025 09:49:16 +0000
ROA not before: Thu 02 Jan 2025 09:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29582
IP address blocks: 80.95.19.0/24 maxlen: 24
93.152.240.0/24 maxlen: 24
93.152.246.0/24 maxlen: 24
93.152.247.0/24 maxlen: 24
95.158.145.0/24 maxlen: 24
2a00:e200:103::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:56:d5:eb:d4:a0:2e:b4:87:42:88:56:93:08:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 09:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60b5f63e9242da3768d54897bac3bfde1cec5ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:b2:3f:5f:af:69:8d:8a:37:05:3f:44:bd:
52:16:3a:48:78:2a:69:1c:30:a4:c7:2d:79:05:1e:
15:6b:f2:9d:8b:a8:f9:3e:84:ee:1e:7f:19:4a:7a:
95:c3:fe:ae:05:55:94:fb:fa:da:7f:d3:6f:57:2a:
62:b5:25:c1:61:84:b3:bd:22:92:a6:e8:9f:9c:40:
7e:fb:6f:2f:80:a6:c2:10:77:8f:31:b0:83:39:57:
96:81:ee:9b:11:80:7a:45:b7:9f:46:e1:a8:86:7a:
2c:bd:88:cb:00:9f:7f:53:ca:8f:76:ef:32:0f:e7:
86:5f:ba:a7:4f:bc:ad:ee:99:76:af:e7:ee:5a:38:
e0:f3:98:4d:2d:c9:ad:68:da:ca:93:87:b2:e5:0c:
00:9d:71:08:4d:91:f1:f1:3a:97:37:53:4a:15:02:
79:cd:e1:bf:f2:76:58:55:1a:41:72:71:f8:9e:95:
6f:77:67:e9:83:a2:81:b6:8a:bb:3c:50:a2:25:c9:
82:51:65:fe:f8:ce:1e:80:e9:4f:2e:1b:3a:d5:b2:
22:54:37:b7:48:c7:02:6e:93:e5:1a:e4:d5:f8:5e:
1f:c5:40:3a:e2:44:28:9a:9d:1c:8e:82:c6:ac:06:
4e:7e:b0:30:7d:bc:20:3b:58:77:ab:55:e8:f3:97:
cc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B5:F6:3E:92:42:DA:37:68:D5:48:97:BA:C3:BF:DE:1C:EC:5E:E8
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/YLX2PpJC2jdo1UiXusO_3hzsXug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.19.0/24
93.152.240.0/24
93.152.246.0/23
95.158.145.0/24
IPv6:
2a00:e200:103::/48
Signature Algorithm: sha256WithRSAEncryption
56:a0:1f:eb:74:94:59:7b:4a:a1:8b:b8:c7:23:85:0f:1c:ca:
e9:f7:e6:24:6c:b6:83:5c:49:5d:77:26:bd:4b:c8:6a:b4:40:
a3:cc:69:ec:82:54:99:4d:53:8c:60:60:2e:7f:57:64:10:ef:
20:f9:a1:a0:16:0f:01:da:13:30:b7:20:65:de:72:ba:8e:c5:
59:73:fd:3a:75:1f:36:b3:56:1a:98:68:40:9d:92:71:c2:3c:
24:64:4c:0b:af:ed:58:19:71:43:26:b8:eb:14:57:03:b6:24:
fa:7d:94:3e:e0:a5:6e:5e:3a:e2:6c:31:bf:1f:48:e9:85:16:
ec:8a:3a:e3:fd:9e:41:63:10:9d:0b:6a:ae:41:bc:80:28:43:
f1:59:2b:76:73:05:d0:14:8d:ff:7b:1f:56:64:30:e7:fb:01:
b5:b1:e1:26:22:c3:4d:28:3a:42:d0:68:82:c6:26:9a:98:42:
4f:b8:84:7c:a8:35:84:aa:ed:48:92:cb:db:06:c7:ff:04:ff:
ba:45:0c:ae:9a:69:be:68:1d:9c:57:55:6c:11:1c:64:20:41:
af:3e:52:35:d7:8d:29:27:43:a7:b5:47:60:de:2a:d0:22:fb:
e5:31:54:69:a2:8c:14:78:07:81:fd:3a:0c:c8:76:a3:51:f9:
2c:80:32:1f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQma1bV69SgLrSHQohWkwhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjUwMTAyMDk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI1ZjYzZTkyNDJkYTM3NjhkNTQ4OTdiYWMzYmZkZTFjZWM1ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1KyP1+vaY2KNwU/RL1SFjpIeCpp
HDCkxy15BR4Va/Kdi6j5PoTuHn8ZSnqVw/6uBVWU+/raf9NvVypitSXBYYSzvSKS
puifnEB++28vgKbCEHePMbCDOVeWge6bEYB6RbefRuGohnosvYjLAJ9/U8qPdu8y
D+eGX7qnT7yt7pl2r+fuWjjg85hNLcmtaNrKk4ey5QwAnXEITZHx8TqXN1NKFQJ5
zeG/8nZYVRpBcnH4npVvd2fpg6KBtoq7PFCiJcmCUWX++M4egOlPLhs61bIiVDe3
SMcCbpPlGuTV+F4fxUA64kQomp0cjoLGrAZOfrAwfbwgO1h3q1Xo85fMFQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGC19j6SQto3aNVIl7rDv94c7F7oMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvWUxYMlBwSkMyamRvMVVpWHVzT18zaHpzWHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAUF8TAwQA
XZjwAwQBXZj2AwQAX56RMA8EAgACMAkDBwAqAOIAAQMwDQYJKoZIhvcNAQELBQAD
ggEBAFagH+t0lFl7SqGLuMcjhQ8cyun35iRstoNcSV13Jr1LyGq0QKPMaeyCVJlN
U4xgYC5/V2QQ7yD5oaAWDwHaEzC3IGXecrqOxVlz/Tp1HzazVhqYaECdknHCPCRk
TAuv7VgZcUMmuOsUVwO2JPp9lD7gpW5eOuJsMb8fSOmFFuyKOuP9nkFjEJ0Laq5B
vIAoQ/FZK3ZzBdAUjf97H1ZkMOf7AbWx4SYiw00oOkLQaILGJpqYQk+4hHyoNYSq
7UiSy9sGx/8E/7pFDK6aab5oHZxXVWwRHGQgQa8+UjXXjSknQ6e1R2DeKtAi++Ux
VGmijBR4B4H9OgzIdqNR+SyAMh8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:53:10 2025 by rpki-client