Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YSElbbTcfl7XCutcpoqWbZPGfxc.roa
File: YSElbbTcfl7XCutcpoqWbZPGfxc.roa (raw, json)
Hash identifier: qZyTsxmIQ3II81pO+tDK4DTLwf9Qla0nFVn2DwNSnxI=
Subject key identifier: 61:21:25:6D:B4:DC:7E:5E:D7:0A:EB:5C:A6:8A:96:6D:93:C6:7F:17
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B241763D9920F854EB70DDB13F3B2F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YSElbbTcfl7XCutcpoqWbZPGfxc.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151704
IP address blocks: 85.209.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:41:76:3d:99:20:f8:54:eb:70:dd:b1:3f:3b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6121256db4dc7e5ed70aeb5ca68a966d93c67f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6b:24:00:63:8a:20:65:a3:4a:86:f2:8d:04:
7d:79:17:d6:b2:c7:17:0a:5f:1a:66:60:db:1e:18:
4b:10:8b:50:98:65:4a:77:30:bd:9e:e9:8d:7a:ff:
56:e7:a6:1a:f2:b8:b8:91:79:70:fd:6b:5c:f4:fb:
82:33:b2:1a:9d:1f:ae:59:54:6f:96:3b:3b:ce:ab:
0b:68:1d:bd:fc:df:23:0c:6d:b4:49:54:a3:d3:51:
cd:22:ba:0c:e2:e2:64:15:ee:2d:66:01:c7:e2:a6:
47:89:0f:88:6a:f4:62:eb:7f:a4:93:34:15:f1:91:
08:06:6a:78:47:31:e0:1e:6c:3d:36:f2:53:ee:14:
25:24:63:6c:1d:b9:58:4e:bf:eb:e9:9f:93:55:fb:
4d:e6:2d:d1:5c:e5:a8:00:2f:56:6f:f3:69:17:6f:
13:46:fb:5f:ed:8a:29:08:ee:8d:79:60:53:05:28:
05:dc:54:6d:7a:2e:5d:9f:d2:d3:69:af:25:e6:84:
f8:fe:85:a1:3b:8f:6f:90:7c:f6:e9:c7:b4:1c:33:
0d:f5:a7:5b:ec:15:bb:95:1f:40:18:6c:1c:d1:ba:
23:39:84:89:63:4f:11:31:a1:33:e5:24:04:6a:5d:
7e:dc:35:00:cf:df:40:1b:27:f8:b9:da:3a:a0:cb:
a3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:21:25:6D:B4:DC:7E:5E:D7:0A:EB:5C:A6:8A:96:6D:93:C6:7F:17
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/YSElbbTcfl7XCutcpoqWbZPGfxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.161.0/24
Signature Algorithm: sha256WithRSAEncryption
15:56:ce:99:bf:6f:f6:c3:66:a2:93:9d:dd:92:62:ae:eb:82:
8e:9a:fd:0d:08:79:07:1f:e2:81:d4:9e:68:31:0e:a0:e0:95:
5c:d2:3f:0b:6c:f9:2e:5b:64:af:f3:8d:36:cf:a1:5c:52:01:
69:c4:2b:4b:fe:c2:6b:c6:36:de:3f:3f:2a:4e:19:d4:aa:8e:
d8:4f:eb:48:04:15:63:76:82:b8:62:5c:77:76:c6:df:55:be:
17:c6:e2:70:8c:da:02:9b:54:0b:c3:07:32:9b:ea:df:ff:52:
49:0c:26:10:36:91:b1:57:a7:2e:ec:d6:65:7b:45:85:56:97:
e1:ea:fe:90:0e:7e:53:1c:5a:02:de:ee:f0:00:be:b9:46:54:
fc:a1:ef:5c:5b:7b:ef:3c:41:ed:5c:5b:99:b4:cb:82:c3:92:
69:9c:3e:89:a0:b5:43:fa:90:16:dd:2c:91:8c:32:de:93:01:
73:6b:5e:bb:1e:38:1a:1f:c1:41:27:40:ff:78:c6:e9:03:58:
02:27:a7:ef:de:7d:63:13:aa:46:e1:90:a8:cf:23:bb:eb:9d:
a0:37:e2:75:da:e4:40:90:ee:bc:d4:17:cb:29:b6:bc:ea:31:
b2:ad:f9:cd:f7:7a:d7:c7:a6:d1:78:fb:a8:25:91:c9:33:e5:
48:09:d6:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskF2PZkg+FTrcN2xPzsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIxMjU2ZGI0ZGM3ZTVlZDcwYWViNWNhNjhhOTY2ZDkzYzY3ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2skAGOKIGWjSobyjQR9eRfWsscX
Cl8aZmDbHhhLEItQmGVKdzC9numNev9W56Ya8ri4kXlw/Wtc9PuCM7IanR+uWVRv
ljs7zqsLaB29/N8jDG20SVSj01HNIroM4uJkFe4tZgHH4qZHiQ+IavRi63+kkzQV
8ZEIBmp4RzHgHmw9NvJT7hQlJGNsHblYTr/r6Z+TVftN5i3RXOWoAC9Wb/NpF28T
Rvtf7YopCO6NeWBTBSgF3FRtei5dn9LTaa8l5oT4/oWhO49vkHz26ce0HDMN9adb
7BW7lR9AGGwc0bojOYSJY08RMaEz5SQEal1+3DUAz99AGyf4udo6oMuj7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEhJW203H5e1wrrXKaKlm2Txn8XMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWVNFbGJiVGNmbDdYQ3V0Y3BvcVdiWlBHZnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGhMA0G
CSqGSIb3DQEBCwUAA4IBAQAVVs6Zv2/2w2aik53dkmKu64KOmv0NCHkHH+KB1J5o
MQ6g4JVc0j8LbPkuW2Sv8402z6FcUgFpxCtL/sJrxjbePz8qThnUqo7YT+tIBBVj
doK4Ylx3dsbfVb4XxuJwjNoCm1QLwwcym+rf/1JJDCYQNpGxV6cu7NZle0WFVpfh
6v6QDn5THFoC3u7wAL65RlT8oe9cW3vvPEHtXFuZtMuCw5JpnD6JoLVD+pAW3SyR
jDLekwFza167HjgaH8FBJ0D/eMbpA1gCJ6fv3n1jE6pG4ZCozyO7652gN+J12uRA
kO681BfLKba86jGyrfnN93rXx6bRePuoJZHJM+VICdY3
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:49:30 2025 by rpki-client