Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/rYX5OSjisXVBgIC77wXTzITcbqs.roa
File: rYX5OSjisXVBgIC77wXTzITcbqs.roa (raw, json)
Hash identifier: SPnPR9xhnE7+gAosfCHCqCDCEcNhjAT2MXJYL+lu5nM=
Subject key identifier: AD:85:F9:39:28:E2:B1:75:41:80:80:BB:EF:05:D3:CC:84:DC:6E:AB
Certificate issuer: /CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Certificate serial: 019428230518F24F2C8612B9500D0745F32D
Authority key identifier: CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/rYX5OSjisXVBgIC77wXTzITcbqs.roa
Signing time: Thu 02 Jan 2025 17:49:31 +0000
ROA not before: Thu 02 Jan 2025 17:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197064
IP address blocks: 151.248.56.0/21 maxlen: 21
178.23.104.0/21 maxlen: 21
185.24.196.0/22 maxlen: 22
2a02:2408::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:05:18:f2:4f:2c:86:12:b9:50:0d:07:45:f3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Validity
Not Before: Jan 2 17:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad85f93928e2b175418080bbef05d3cc84dc6eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2d:48:7a:b3:4a:ba:9f:5d:47:59:15:b9:8b:
53:02:71:78:8c:42:e2:21:51:cb:79:18:24:f1:3f:
a8:b1:24:93:3c:35:42:91:c5:d8:1b:20:f9:a5:42:
3c:4b:7f:74:b2:00:a2:9b:b2:fb:d5:da:5d:93:62:
27:0e:f3:e0:d2:6e:10:2a:e3:c2:e2:ab:ee:59:7c:
69:eb:47:27:41:87:bd:27:ac:3f:01:65:24:d1:59:
43:d5:bb:82:43:81:45:60:b2:62:e2:f5:a7:36:11:
bf:05:ca:1e:c3:6e:ed:90:e5:93:79:30:d7:46:49:
bd:df:01:aa:6c:ec:66:c1:86:49:e7:54:a3:c8:29:
f1:d4:32:32:70:ed:da:c5:39:4b:d1:aa:6c:b2:c6:
9f:5d:f2:9b:1b:03:87:81:3b:85:ee:1b:d9:9b:b6:
32:d2:b8:1f:24:17:d2:b2:40:47:67:b3:96:53:d0:
bb:bd:d4:b7:39:49:2e:c7:ba:02:c5:88:37:97:f8:
1f:66:f7:b7:d5:15:96:cc:d0:6d:33:ef:d5:00:39:
8a:20:9c:09:ac:eb:f7:a8:ce:54:42:3b:e6:81:cd:
f9:db:6f:e3:3a:ac:d4:cc:36:b1:a8:0d:ac:e1:de:
b8:a0:f7:ff:79:18:4e:1e:78:b7:06:fa:42:58:2c:
ab:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:85:F9:39:28:E2:B1:75:41:80:80:BB:EF:05:D3:CC:84:DC:6E:AB
X509v3 Authority Key Identifier:
keyid:CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/rYX5OSjisXVBgIC77wXTzITcbqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.56.0/21
178.23.104.0/21
185.24.196.0/22
IPv6:
2a02:2408::/32
Signature Algorithm: sha256WithRSAEncryption
66:57:59:2a:43:54:0a:35:7d:43:0c:1f:95:9d:d7:ac:b4:3f:
0b:df:5b:ab:f5:44:d0:17:58:9d:0d:37:68:a3:33:c8:7a:4a:
73:3d:be:75:fb:6f:9b:0a:c1:05:42:7a:3b:27:6b:18:5c:db:
77:98:80:02:be:5f:1b:ca:c6:fb:9f:cf:7e:7e:6f:69:1e:ae:
e3:ca:02:2d:33:53:b1:e1:43:82:df:7f:6e:bd:11:9b:f3:3f:
b4:17:32:5b:40:1a:b7:7e:49:0c:d8:a2:f4:10:d8:59:7f:f4:
29:cc:3a:ee:9a:22:2c:49:19:a7:c7:5d:82:80:a8:87:db:58:
32:75:35:77:89:d0:8f:90:6f:9f:2d:69:14:11:6e:fd:33:39:
b5:bf:25:1b:49:cc:e3:65:5d:5f:92:be:09:50:b2:77:23:f3:
d2:84:b5:f4:ff:1f:67:af:4d:5a:aa:08:ce:ae:9a:aa:f9:2d:
b4:6a:80:22:a1:5b:40:ec:69:36:5e:69:96:19:97:45:b5:23:
75:57:b4:30:59:7f:88:0f:73:31:54:79:3c:5b:09:7a:00:8d:
5b:03:42:d8:e0:e5:95:16:81:f0:c7:bc:6e:fe:fb:97:6d:13:
e1:ee:8c:79:fc:90:be:1f:ea:72:4f:8d:09:dc:72:a5:16:74:
2c:88:86:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQoIwUY8k8shhK5UA0HRfMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMmNjN2NlNDJlNzljMzUxYWM3ZDI4ZjY0NWRlN2Y1OTM4
YWNjOWMwHhcNMjUwMTAyMTc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDg1ZjkzOTI4ZTJiMTc1NDE4MDgwYmJlZjA1ZDNjYzg0ZGM2ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni1IerNKup9dR1kVuYtTAnF4jELi
IVHLeRgk8T+osSSTPDVCkcXYGyD5pUI8S390sgCim7L71dpdk2InDvPg0m4QKuPC
4qvuWXxp60cnQYe9J6w/AWUk0VlD1buCQ4FFYLJi4vWnNhG/Bcoew27tkOWTeTDX
Rkm93wGqbOxmwYZJ51SjyCnx1DIycO3axTlL0apsssafXfKbGwOHgTuF7hvZm7Yy
0rgfJBfSskBHZ7OWU9C7vdS3OUkux7oCxYg3l/gfZve31RWWzNBtM+/VADmKIJwJ
rOv3qM5UQjvmgc3522/jOqzUzDaxqA2s4d64oPf/eRhOHni3BvpCWCyrhQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK2F+Tko4rF1QYCAu+8F08yE3G6rMB8GA1UdIwQY
MBaAFMssx85C55w1GsfSj2Rd5/WTisycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXl6SHprTG5uRFVheDlLUFpGM245Wk9Lekp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MGM0MDMtZTZlOS00MWUwLWIxNTct
NzgxZDhmYjFkMmZiLzEvcllYNU9TamlzWFZCZ0lDNzd3WFR6SVRjYnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MGM0MDMtZTZlOS00MWUwLWIxNTctNzgxZDhmYjFkMmZi
LzEveXl6SHprTG5uRFVheDlLUFpGM245Wk9Lekp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDl/g4AwQD
shdoAwQCuRjEMA0EAgACMAcDBQAqAiQIMA0GCSqGSIb3DQEBCwUAA4IBAQBmV1kq
Q1QKNX1DDB+VndestD8L31ur9UTQF1idDTdoozPIekpzPb51+2+bCsEFQno7J2sY
XNt3mIACvl8bysb7n89+fm9pHq7jygItM1Ox4UOC339uvRGb8z+0FzJbQBq3fkkM
2KL0ENhZf/QpzDrumiIsSRmnx12CgKiH21gydTV3idCPkG+fLWkUEW79Mzm1vyUb
SczjZV1fkr4JULJ3I/PShLX0/x9nr01aqgjOrpqq+S20aoAioVtA7Gk2XmmWGZdF
tSN1V7QwWX+ID3MxVHk8Wwl6AI1bA0LY4OWVFoHwx7xu/vuXbRPh7ox5/JC+H+py
T40J3HKlFnQsiIbn
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:46 2025 by rpki-client