Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/ykinNBKuv2aUf3zoGP_gc5Krh-g.roa
File: ykinNBKuv2aUf3zoGP_gc5Krh-g.roa (raw, json)
Hash identifier: UHYGkWwi+Bc8CtX9dR7vpwojaXCxSC9SxUum639MnAM=
Subject key identifier: CA:48:A7:34:12:AE:BF:66:94:7F:7C:E8:18:FF:E0:73:92:AB:87:E8
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 01941FFAB0C3A06DD2E7F36162305DB1B187
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/ykinNBKuv2aUf3zoGP_gc5Krh-g.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208324
IP address blocks: 188.72.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b0:c3:a0:6d:d2:e7:f3:61:62:30:5d:b1:b1:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca48a73412aebf66947f7ce818ffe07392ab87e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:42:47:3a:f9:5f:9a:a3:5d:a1:8e:26:d9:
8f:8e:8c:80:1b:96:01:a3:57:b6:f1:68:89:67:13:
a3:44:b8:7a:bc:4e:27:fd:17:55:94:43:1c:66:5a:
e0:b0:80:12:28:5e:29:a1:a8:66:8b:07:e2:f0:f7:
28:8d:dc:7b:cf:2e:c8:ef:f5:5d:f1:25:f0:8c:ae:
dc:10:bb:04:ab:2a:f5:af:57:95:a0:75:e2:41:ec:
e4:c4:98:db:fa:3e:66:75:6a:84:3b:fd:fd:83:02:
c3:41:a8:5c:d9:92:e7:39:8d:65:c8:69:ec:86:e7:
71:bc:43:58:49:3e:b0:57:77:f9:38:8f:9a:50:ee:
2b:ca:71:88:54:d2:34:73:d4:19:c9:1d:21:91:e9:
ed:7a:fe:a5:8b:f5:67:69:d9:eb:b9:01:ec:94:5c:
aa:a4:bd:fd:4d:5f:d0:3b:2e:40:64:4a:06:5e:f8:
f2:67:87:56:c6:db:a3:ee:ab:b8:a3:e6:3d:2e:22:
f2:8d:e0:66:d8:6f:6f:58:04:36:19:54:be:db:53:
cc:52:38:60:5a:16:03:1c:d0:e3:05:d9:82:43:44:
94:da:11:26:19:f4:ba:46:74:b9:d9:ad:7d:ec:ef:
f9:98:16:50:2e:e5:dc:a8:11:77:ec:5d:f2:dc:09:
1c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:48:A7:34:12:AE:BF:66:94:7F:7C:E8:18:FF:E0:73:92:AB:87:E8
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/ykinNBKuv2aUf3zoGP_gc5Krh-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.44.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:fb:ba:dc:3e:d9:2e:49:ca:c2:b5:ce:a0:6a:78:71:7f:81:
00:d2:e5:8e:a4:34:b9:f6:f9:58:f3:3f:ed:26:38:94:6c:a0:
3e:8d:a2:29:3d:98:8c:6a:ea:7b:59:92:d7:1a:b2:d7:bb:fd:
1d:01:14:66:d1:98:e6:3c:bd:64:f4:ab:1b:91:ac:85:a7:13:
8d:92:ee:4b:eb:f0:51:2d:c4:e1:b2:fe:74:ad:19:2e:e4:c1:
d4:75:c4:7f:c9:d1:16:1e:1c:db:41:ff:5f:f6:cc:fa:a5:dc:
da:aa:af:69:6e:85:fe:9c:72:63:45:22:84:22:9a:33:57:f2:
74:fb:5f:03:4c:a8:34:84:31:b5:92:23:d2:15:02:4c:0a:56:
3a:9f:0b:09:be:a9:20:19:5a:02:92:8d:8a:86:c7:80:f6:bc:
d5:d1:36:0b:4f:26:b8:e3:67:e9:da:ec:82:d4:88:85:80:97:
c1:33:a8:fc:52:6a:83:f4:98:2b:2f:7b:78:72:93:bb:61:4b:
e1:ac:c3:01:b3:ff:98:a7:0a:de:19:f8:1b:f2:85:97:35:52:
4f:de:a3:85:1e:0f:8a:5e:a1:23:bc:b5:af:bd:4c:ed:f4:4a:
0f:44:18:77:31:33:7f:53:c1:69:fe:4d:1a:de:6a:78:bb:93:
2a:fd:31:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+rDDoG3S5/NhYjBdsbGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ4YTczNDEyYWViZjY2OTQ3ZjdjZTgxOGZmZTA3MzkyYWI4N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSFCRzr5X5qjXaGOJtmPjoyAG5YB
o1e28WiJZxOjRLh6vE4n/RdVlEMcZlrgsIASKF4poahmiwfi8Pcojdx7zy7I7/Vd
8SXwjK7cELsEqyr1r1eVoHXiQezkxJjb+j5mdWqEO/39gwLDQahc2ZLnOY1lyGns
hudxvENYST6wV3f5OI+aUO4rynGIVNI0c9QZyR0hkentev6li/VnadnruQHslFyq
pL39TV/QOy5AZEoGXvjyZ4dWxtuj7qu4o+Y9LiLyjeBm2G9vWAQ2GVS+21PMUjhg
WhYDHNDjBdmCQ0SU2hEmGfS6RnS52a197O/5mBZQLuXcqBF37F3y3AkclwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpIpzQSrr9mlH986Bj/4HOSq4foMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEveWtpbk5CS3V2MmFVZjN6b0dQX2djNUtyaC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEgsMA0G
CSqGSIb3DQEBCwUAA4IBAQDE+7rcPtkuScrCtc6ganhxf4EA0uWOpDS59vlY8z/t
JjiUbKA+jaIpPZiMaup7WZLXGrLXu/0dARRm0ZjmPL1k9KsbkayFpxONku5L6/BR
LcThsv50rRku5MHUdcR/ydEWHhzbQf9f9sz6pdzaqq9pboX+nHJjRSKEIpozV/J0
+18DTKg0hDG1kiPSFQJMClY6nwsJvqkgGVoCko2KhseA9rzV0TYLTya442fp2uyC
1IiFgJfBM6j8UmqD9JgrL3t4cpO7YUvhrMMBs/+YpwreGfgb8oWXNVJP3qOFHg+K
XqEjvLWvvUzt9EoPRBh3MTN/U8Fp/k0a3mp4u5Mq/TF7
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:10:14 2025 by rpki-client