Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YIfcDH_bi8xCJk0iJSkKzpaHmyY.roa
File: YIfcDH_bi8xCJk0iJSkKzpaHmyY.roa (raw, json)
Hash identifier: wDHZaVr8djdYhk+GC/ux8hdI7RbDBg3YoQq2ComvjXY=
Subject key identifier: 60:87:DC:0C:7F:DB:8B:CC:42:26:4D:22:25:29:0A:CE:96:87:9B:26
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747E3128CC3AD8934EC146E029FFD07
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YIfcDH_bi8xCJk0iJSkKzpaHmyY.roa
Signing time: Thu 02 Jan 2025 13:50:10 +0000
ROA not before: Thu 02 Jan 2025 13:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25374
IP address blocks: 90.154.225.0/24 maxlen: 24
213.16.41.0/24 maxlen: 24
213.91.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e3:12:8c:c3:ad:89:34:ec:14:6e:02:9f:fd:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6087dc0c7fdb8bcc42264d2225290ace96879b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:64:f1:a5:c1:42:44:cd:3b:b3:04:08:6b:2d:
49:a3:fa:76:16:8b:75:1a:24:c9:f5:75:92:f3:28:
57:9a:f9:32:e4:1b:e9:f4:37:ba:78:66:d3:b0:56:
46:ac:45:a3:88:76:a8:7c:27:b5:c7:ce:9e:a0:c8:
33:e9:b2:78:cb:f3:82:45:fb:2c:9f:de:e1:07:bd:
aa:4e:30:57:58:8c:fc:2c:c0:27:4b:ba:f9:69:19:
62:b1:6a:f2:05:b0:1b:ce:1d:97:9b:71:ab:2b:ba:
0a:69:8d:f2:8b:2f:27:f0:07:79:4b:8c:a8:cd:9f:
98:6e:89:06:01:7b:b2:eb:d5:02:34:da:25:10:9a:
b6:b1:7c:87:a3:48:9f:08:a3:83:f9:75:9d:18:8f:
fa:b8:96:f5:f1:b4:d1:15:31:2f:0d:ef:42:b7:24:
2d:c8:18:8a:51:9f:32:1a:63:bd:51:ff:b9:18:50:
60:8c:bc:b0:74:4a:8b:8c:b4:f0:95:10:95:5d:b6:
2a:14:cf:a6:c5:99:e7:99:06:6d:a6:4d:df:1c:ff:
c7:32:2b:bd:6d:ce:03:67:5d:94:bb:d9:c0:5f:6e:
bc:98:c1:c6:2c:5b:a0:3f:72:4b:a6:3f:03:ed:93:
3e:50:0d:83:44:77:3b:2e:bd:5b:8e:ef:53:e4:fa:
4b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:87:DC:0C:7F:DB:8B:CC:42:26:4D:22:25:29:0A:CE:96:87:9B:26
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YIfcDH_bi8xCJk0iJSkKzpaHmyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.154.225.0/24
213.16.41.0/24
213.91.189.0/24
Signature Algorithm: sha256WithRSAEncryption
31:e5:4d:de:2a:20:0f:5b:48:50:c2:26:55:72:28:b1:ad:2f:
8b:b1:61:fc:06:ff:54:45:a5:6c:46:02:9f:3e:48:86:d3:0c:
a3:2f:0e:2e:ee:0d:da:8c:75:91:c2:19:64:b6:f0:ae:63:73:
c2:c6:68:aa:d2:83:78:a3:7d:2b:08:26:5e:a3:41:f7:44:ea:
28:c9:e7:26:cf:1f:d3:23:fd:97:50:04:44:84:4a:0e:06:0a:
5f:ea:d8:c4:b1:ef:f4:ee:28:05:87:db:60:e1:9f:81:f8:6e:
56:84:72:57:88:02:53:40:32:27:d8:0d:0c:5e:18:56:dd:52:
e1:27:e4:8f:8f:fd:3b:3f:0c:50:32:9b:63:5a:d5:f2:2f:a8:
79:eb:88:47:2c:ce:38:2a:de:e2:02:6b:0d:9b:54:43:e7:6a:
cd:2e:f5:bd:f6:07:e1:bd:cc:05:41:df:fd:1e:7e:f3:dd:7b:
46:e6:9c:d1:8e:96:47:8e:c6:e0:9f:ba:db:bc:2f:f6:f0:de:
61:8d:1a:90:5a:84:4f:0d:67:5e:21:62:cf:74:c9:a8:2c:a9:
1f:1b:53:f3:24:1e:54:44:72:36:69:76:c2:c4:88:bc:9c:9b:
cb:d5:5b:89:5c:b8:54:40:33:df:ae:66:4a:3a:80:bc:95:91:
16:50:ad:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR+MSjMOtiTTsFG4Cn/0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg3ZGMwYzdmZGI4YmNjNDIyNjRkMjIyNTI5MGFjZTk2ODc5YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2TxpcFCRM07swQIay1Jo/p2Fot1
GiTJ9XWS8yhXmvky5Bvp9De6eGbTsFZGrEWjiHaofCe1x86eoMgz6bJ4y/OCRfss
n97hB72qTjBXWIz8LMAnS7r5aRlisWryBbAbzh2Xm3GrK7oKaY3yiy8n8Ad5S4yo
zZ+YbokGAXuy69UCNNolEJq2sXyHo0ifCKOD+XWdGI/6uJb18bTRFTEvDe9CtyQt
yBiKUZ8yGmO9Uf+5GFBgjLywdEqLjLTwlRCVXbYqFM+mxZnnmQZtpk3fHP/HMiu9
bc4DZ12Uu9nAX268mMHGLFugP3JLpj8D7ZM+UA2DRHc7Lr1bju9T5PpLSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGCH3Ax/24vMQiZNIiUpCs6Wh5smMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvWUlmY0RIX2JpOHhDSmswaUpTa0t6cGFIbXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWprhAwQA
1RApAwQA1Vu9MA0GCSqGSIb3DQEBCwUAA4IBAQAx5U3eKiAPW0hQwiZVciixrS+L
sWH8Bv9URaVsRgKfPkiG0wyjLw4u7g3ajHWRwhlktvCuY3PCxmiq0oN4o30rCCZe
o0H3ROooyecmzx/TI/2XUAREhEoOBgpf6tjEse/07igFh9tg4Z+B+G5WhHJXiAJT
QDIn2A0MXhhW3VLhJ+SPj/07PwxQMptjWtXyL6h564hHLM44Kt7iAmsNm1RD52rN
LvW99gfhvcwFQd/9Hn7z3XtG5pzRjpZHjsbgn7rbvC/28N5hjRqQWoRPDWdeIWLP
dMmoLKkfG1PzJB5URHI2aXbCxIi8nJvL1VuJXLhUQDPfrmZKOoC8lZEWUK3L
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:43 2025 by rpki-client