Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/YwrBtGeaku_-WnsDDw1TfJix8FQ.roa
File: YwrBtGeaku_-WnsDDw1TfJix8FQ.roa (raw, json)
Hash identifier: ukCjnU6qDGipuaiBu3zJOyHzRciXy0B8bXniccRLO5M=
Subject key identifier: 63:0A:C1:B4:67:9A:92:EF:FE:5A:7B:03:0F:0D:53:7C:98:B1:F0:54
Certificate issuer: /CN=e7e356fd885796e5d3fe3c4ab51a8c7fd2e8ae5c
Certificate serial: 0195BD66DC6A541B7826CEB8F1069C5F77F1
Authority key identifier: E7:E3:56:FD:88:57:96:E5:D3:FE:3C:4A:B5:1A:8C:7F:D2:E8:AE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5-NW_YhXluXT_jxKtRqMf9Lorlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/YwrBtGeaku_-WnsDDw1TfJix8FQ.roa
Signing time: Sat 22 Mar 2025 10:29:49 +0000
ROA not before: Sat 22 Mar 2025 10:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59813
IP address blocks: 194.124.237.0/24 maxlen: 24
2a0f:3cc7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bd:66:dc:6a:54:1b:78:26:ce:b8:f1:06:9c:5f:77:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7e356fd885796e5d3fe3c4ab51a8c7fd2e8ae5c
Validity
Not Before: Mar 22 10:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=630ac1b4679a92effe5a7b030f0d537c98b1f054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:87:79:d2:9d:58:6f:ac:b9:b5:50:2e:28:
47:b3:d8:b7:d5:ad:91:1d:c8:7c:8e:af:79:50:86:
9b:f2:44:5d:b7:2b:78:69:7d:d9:06:95:1a:4c:81:
f0:1a:76:82:f1:91:a5:56:40:14:5d:e8:cd:7c:e1:
09:0e:a8:0e:29:3b:0e:5f:bb:17:d2:88:30:7f:36:
3b:c6:9f:dd:9d:bd:fd:05:f5:a9:d1:20:f8:78:91:
80:8a:a4:58:e2:ea:91:02:d7:52:cb:a5:2d:3c:a5:
aa:62:fd:17:fe:24:37:24:a4:eb:e2:71:ee:70:2f:
b0:8d:e8:71:a8:bb:2a:cb:dd:96:3a:16:c2:ea:20:
5c:ca:c3:e3:39:c1:28:07:a3:42:92:4c:3f:c2:15:
56:9b:b5:30:77:df:1d:bc:09:78:d2:25:5c:7a:96:
96:44:52:5f:0e:95:0d:33:71:9f:49:99:7d:1c:82:
57:b2:86:5a:47:2b:6f:64:9f:26:28:7c:9a:f8:cf:
84:4f:bf:8b:36:4b:8b:3d:13:dd:4e:96:7c:c9:47:
9d:94:06:97:7a:84:a4:84:f0:d6:3b:98:be:4d:03:
62:d8:9a:0b:dd:37:4f:aa:63:b5:33:9a:6b:1a:7c:
8a:48:31:78:7a:5c:1c:eb:44:bf:0b:ca:38:15:f3:
9a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0A:C1:B4:67:9A:92:EF:FE:5A:7B:03:0F:0D:53:7C:98:B1:F0:54
X509v3 Authority Key Identifier:
keyid:E7:E3:56:FD:88:57:96:E5:D3:FE:3C:4A:B5:1A:8C:7F:D2:E8:AE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-NW_YhXluXT_jxKtRqMf9Lorlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/YwrBtGeaku_-WnsDDw1TfJix8FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/5-NW_YhXluXT_jxKtRqMf9Lorlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.237.0/24
IPv6:
2a0f:3cc7::/32
Signature Algorithm: sha256WithRSAEncryption
47:36:32:db:ed:a9:cf:b2:1e:85:b0:9f:b2:99:1b:26:5e:39:
d4:ec:c5:dc:e9:d0:da:2f:b2:a5:da:6a:86:05:13:41:42:ae:
71:c7:dc:3c:42:85:47:13:14:26:85:56:2b:3c:90:ae:15:be:
8e:dd:ac:92:5e:16:3c:3f:1c:e7:de:bf:fd:25:bb:57:7c:3c:
5b:3b:ca:55:e8:e5:5d:79:9b:1f:9a:10:a7:ae:05:82:d3:e1:
65:70:ae:cf:37:77:92:07:7c:a6:4b:e2:cc:53:25:71:4f:9e:
2f:b6:c1:da:7e:fb:fe:b9:a1:35:ff:f6:ed:8c:67:47:77:0b:
4f:ca:a8:38:9e:91:35:8d:b7:10:d8:fd:25:29:1f:31:49:73:
45:ce:f1:96:54:a3:fe:03:97:a6:30:13:7f:87:a0:dd:c0:fe:
5f:d2:e1:d2:06:c6:ef:b7:6f:b8:03:1e:85:7e:3f:a3:ce:3a:
a4:42:1a:31:45:4e:4a:78:ce:03:a6:23:df:db:9a:90:f0:1d:
11:f1:3a:3e:31:71:06:b8:47:19:17:a1:2a:b8:b7:95:dd:25:
78:74:4c:b2:60:af:98:80:20:b5:4d:18:87:16:21:ea:81:10:
c5:48:97:d9:b6:a2:29:06:ad:b5:d5:8a:69:b2:74:e4:2b:b1:
af:78:25:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZW9ZtxqVBt4Js648QacX3fxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTM1NmZkODg1Nzk2ZTVkM2ZlM2M0YWI1MWE4YzdmZDJl
OGFlNWMwHhcNMjUwMzIyMTAyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBhYzFiNDY3OWE5MmVmZmU1YTdiMDMwZjBkNTM3Yzk4YjFmMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCqHedKdWG+subVQLihHs9i31a2R
Hch8jq95UIab8kRdtyt4aX3ZBpUaTIHwGnaC8ZGlVkAUXejNfOEJDqgOKTsOX7sX
0ogwfzY7xp/dnb39BfWp0SD4eJGAiqRY4uqRAtdSy6UtPKWqYv0X/iQ3JKTr4nHu
cC+wjehxqLsqy92WOhbC6iBcysPjOcEoB6NCkkw/whVWm7Uwd98dvAl40iVcepaW
RFJfDpUNM3GfSZl9HIJXsoZaRytvZJ8mKHya+M+ET7+LNkuLPRPdTpZ8yUedlAaX
eoSkhPDWO5i+TQNi2JoL3TdPqmO1M5prGnyKSDF4elwc60S/C8o4FfOa/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGMKwbRnmpLv/lp7Aw8NU3yYsfBUMB8GA1UdIwQY
MBaAFOfjVv2IV5bl0/48SrUajH/S6K5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1OV19ZaFhsdVhUX2p4S3RScU1mOUxvcmx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjg5MWQtNjY1Mi00ZmMyLWI5OTIt
MTM4NmY0OTBiMWJmLzEvWXdyQnRHZWFrdV8tV25zRER3MVRmSml4OEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjg5MWQtNjY1Mi00ZmMyLWI5OTItMTM4NmY0OTBiMWJm
LzEvNS1OV19ZaFhsdVhUX2p4S3RScU1mOUxvcmx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwnztMA0E
AgACMAcDBQAqDzzHMA0GCSqGSIb3DQEBCwUAA4IBAQBHNjLb7anPsh6FsJ+ymRsm
XjnU7MXc6dDaL7Kl2mqGBRNBQq5xx9w8QoVHExQmhVYrPJCuFb6O3aySXhY8Pxzn
3r/9JbtXfDxbO8pV6OVdeZsfmhCnrgWC0+FlcK7PN3eSB3ymS+LMUyVxT54vtsHa
fvv+uaE1//btjGdHdwtPyqg4npE1jbcQ2P0lKR8xSXNFzvGWVKP+A5emMBN/h6Dd
wP5f0uHSBsbvt2+4Ax6Ffj+jzjqkQhoxRU5KeM4DpiPf25qQ8B0R8To+MXEGuEcZ
F6EquLeV3SV4dEyyYK+YgCC1TRiHFiHqgRDFSJfZtqIpBq211YppsnTkK7GveCX5
-----END CERTIFICATE-----
Generated at Wed Apr 23 14:32:54 2025 by rpki-client