Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/yQy7eM1dnf4PpKmdYdpVPkLM0Jc.roa
File: yQy7eM1dnf4PpKmdYdpVPkLM0Jc.roa (raw, json)
Hash identifier: DDoDcsXZh4YYU/doPUeqAStuNbfj1liFM+n2Y9Ntpjc=
Subject key identifier: C9:0C:BB:78:CD:5D:9D:FE:0F:A4:A9:9D:61:DA:55:3E:42:CC:D0:97
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01942068691490A7D605CDECAA5FEF90B12B
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/yQy7eM1dnf4PpKmdYdpVPkLM0Jc.roa
Signing time: Wed 01 Jan 2025 05:48:21 +0000
ROA not before: Wed 01 Jan 2025 05:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51713
IP address blocks: 77.95.113.0/24 maxlen: 24
192.250.224.0/24 maxlen: 24
192.250.234.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
195.250.23.0/24 maxlen: 24
198.38.80.0/24 maxlen: 24
198.38.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:69:14:90:a7:d6:05:cd:ec:aa:5f:ef:90:b1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 1 05:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c90cbb78cd5d9dfe0fa4a99d61da553e42ccd097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b3:5e:67:b4:dc:35:4e:07:b5:31:f1:60:ad:
ee:b2:2b:c8:e7:0d:85:85:d5:cd:89:d2:71:7a:b5:
bb:d5:3f:7a:bb:80:6c:a2:ba:98:7f:f0:90:27:be:
27:62:03:39:f1:f9:6c:d4:4d:58:3a:bb:bf:4c:b2:
04:12:19:31:36:b4:5b:88:07:e5:71:84:31:9d:18:
59:3f:d4:a5:c6:18:85:08:b7:97:1c:99:02:c3:b0:
89:93:42:91:60:c3:92:ff:18:49:de:65:12:90:31:
7e:26:d3:0c:8f:e2:17:c9:a7:e1:12:26:1d:5f:f8:
a3:a6:2c:4e:49:b6:71:c8:8e:ae:08:4c:22:58:31:
fb:59:8e:65:b3:1d:60:8f:64:80:32:d8:91:63:6b:
fc:57:54:19:50:30:56:c0:6e:33:6a:f9:ad:fe:cf:
18:35:ea:1f:1b:b7:97:48:ad:48:3e:15:fe:95:d4:
15:23:34:e7:44:37:d9:07:2f:a0:6b:f7:18:91:78:
56:db:db:4f:91:fc:84:c4:6d:98:f6:50:43:ca:96:
ed:4d:a5:51:a1:77:5e:37:a4:36:8d:68:62:29:69:
ee:5a:d0:a0:1a:02:d5:23:b9:de:33:02:cb:2a:2c:
68:43:2e:be:35:e9:da:ca:b2:20:26:ba:3c:91:c5:
c5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0C:BB:78:CD:5D:9D:FE:0F:A4:A9:9D:61:DA:55:3E:42:CC:D0:97
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/yQy7eM1dnf4PpKmdYdpVPkLM0Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.113.0/24
192.250.224.0/24
192.250.234.0/24
192.250.239.0/24
195.250.23.0/24
198.38.80.0/24
198.38.82.0/24
Signature Algorithm: sha256WithRSAEncryption
23:a9:7e:4c:b9:6b:57:f7:d0:af:23:16:1c:39:5e:39:e1:12:
93:5b:47:f7:08:82:c7:6d:50:de:58:0b:a2:ab:99:05:8b:15:
ec:47:d6:74:e1:4b:41:0d:ab:5b:76:7b:be:a4:2a:e5:bb:cb:
76:20:a3:a9:9c:56:fc:f7:0d:69:1e:e2:87:9b:02:4f:fa:99:
86:49:87:f2:62:42:de:f8:c3:5d:39:c0:75:36:cf:13:bd:c2:
ea:34:87:2f:60:51:e5:f7:da:c4:6a:59:a3:e9:15:68:4d:d1:
a0:d3:88:15:52:44:3f:56:9a:8d:35:e6:66:0a:53:13:a0:3e:
55:23:04:2c:3f:e8:eb:c6:3f:67:e8:07:18:12:97:c8:87:7e:
f0:32:11:f3:a2:08:15:19:34:63:e5:d3:74:60:57:97:f6:09:
c4:15:43:95:a3:b2:04:b5:21:34:95:b9:f9:59:86:0e:ca:5c:
7f:99:7f:9e:40:8b:7a:e5:db:85:d4:d8:f1:bc:a1:f9:b0:b1:
f0:2a:f2:eb:ad:ea:a2:02:54:d3:eb:67:76:dc:69:5c:48:88:
2f:8a:fa:e2:8b:db:44:9c:3f:cb:e4:47:b5:2a:5d:5f:96:79:
d9:8b:8a:e5:ad:d0:3f:b2:77:aa:7a:91:77:b9:0c:a8:b3:44:
63:59:85:14
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQgaGkUkKfWBc3sql/vkLErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTAxMDU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBjYmI3OGNkNWQ5ZGZlMGZhNGE5OWQ2MWRhNTUzZTQyY2NkMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LNeZ7TcNU4HtTHxYK3usivI5w2F
hdXNidJxerW71T96u4BsorqYf/CQJ74nYgM58fls1E1YOru/TLIEEhkxNrRbiAfl
cYQxnRhZP9SlxhiFCLeXHJkCw7CJk0KRYMOS/xhJ3mUSkDF+JtMMj+IXyafhEiYd
X/ijpixOSbZxyI6uCEwiWDH7WY5lsx1gj2SAMtiRY2v8V1QZUDBWwG4zavmt/s8Y
NeofG7eXSK1IPhX+ldQVIzTnRDfZBy+ga/cYkXhW29tPkfyExG2Y9lBDypbtTaVR
oXdeN6Q2jWhiKWnuWtCgGgLVI7neMwLLKixoQy6+NenayrIgJro8kcXFDwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMkMu3jNXZ3+D6SpnWHaVT5CzNCXMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEveVF5N2VNMWRuZjRQcEttZFlkcFZQa0xNMEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATV9xAwQA
wPrgAwQAwPrqAwQAwPrvAwQAw/oXAwQAxiZQAwQAxiZSMA0GCSqGSIb3DQEBCwUA
A4IBAQAjqX5MuWtX99CvIxYcOV454RKTW0f3CILHbVDeWAuiq5kFixXsR9Z04UtB
Datbdnu+pCrlu8t2IKOpnFb89w1pHuKHmwJP+pmGSYfyYkLe+MNdOcB1Ns8TvcLq
NIcvYFHl99rEalmj6RVoTdGg04gVUkQ/VpqNNeZmClMToD5VIwQsP+jrxj9n6AcY
EpfIh37wMhHzoggVGTRj5dN0YFeX9gnEFUOVo7IEtSE0lbn5WYYOylx/mX+eQIt6
5duF1NjxvKH5sLHwKvLrreqiAlTT62d23GlcSIgvivrii9tEnD/L5Ee1Kl1flnnZ
i4rlrdA/sneqepF3uQyos0RjWYUU
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:29:12 2025 by rpki-client