Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1b8a9d-d3de-41bb-82c8-7ae263922822/1/yjMA-1ORB2j3sIAGFa6mi9z8nek.roa
File: yjMA-1ORB2j3sIAGFa6mi9z8nek.roa (raw, json)
Hash identifier: f15I1oJSwK3EkxUVYS/kSdLlBqc6CN56mZfr1WF/Wpo=
Subject key identifier: CA:33:00:FB:53:91:07:68:F7:B0:80:06:15:AE:A6:8B:DC:FC:9D:E9
Certificate issuer: /CN=1a8922d3481308dbd4c2ab6e70eada9f75f6db68
Certificate serial: 01941F8C7FD7BBA32506717275D656FF651E
Authority key identifier: 1A:89:22:D3:48:13:08:DB:D4:C2:AB:6E:70:EA:DA:9F:75:F6:DB:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Goki00gTCNvUwqtucOran3X222g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1b8a9d-d3de-41bb-82c8-7ae263922822/1/yjMA-1ORB2j3sIAGFa6mi9z8nek.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49223
IP address blocks: 185.77.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7f:d7:bb:a3:25:06:71:72:75:d6:56:ff:65:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a8922d3481308dbd4c2ab6e70eada9f75f6db68
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca3300fb53910768f7b0800615aea68bdcfc9de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1e:ce:5a:62:bf:73:d1:72:5d:b1:fc:ba:14:
01:2e:57:35:2c:4e:97:d9:21:65:17:39:ba:f9:82:
e6:ad:6b:ac:cb:c7:50:43:30:c4:9d:6b:64:72:15:
13:44:9a:c5:12:0b:fe:cb:d8:ac:8f:14:af:27:18:
cb:60:74:55:8f:fd:27:56:d5:69:7c:80:a2:e0:24:
2d:0d:1b:1d:15:79:59:d4:b5:4e:c1:90:d5:20:1a:
a0:62:4c:be:e6:56:99:2c:ef:2a:be:64:e9:3f:49:
8c:a5:c6:40:b9:db:91:c6:da:c5:0a:14:2f:c7:db:
c0:d9:fc:3f:30:71:2a:80:d4:8b:4b:16:8d:47:d2:
f9:3e:9b:cd:81:64:12:72:ee:bd:51:96:64:81:60:
1d:10:d6:3f:40:05:49:84:77:32:71:ef:10:3c:4b:
02:a5:50:f7:ee:ee:fe:cb:a1:dd:87:3b:23:fe:c1:
17:08:80:7c:65:5b:d9:d2:f6:c4:74:6e:85:69:a6:
43:55:f6:8b:1e:46:66:81:60:a6:7c:34:f4:8f:41:
9e:8f:7a:0c:f4:60:8e:ee:df:9a:fc:64:cb:31:c1:
c7:c4:32:8c:87:c4:b3:6a:d1:c4:34:ac:1f:4d:44:
5b:54:7d:36:bc:a2:3c:e2:ea:62:cb:55:8e:76:98:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:33:00:FB:53:91:07:68:F7:B0:80:06:15:AE:A6:8B:DC:FC:9D:E9
X509v3 Authority Key Identifier:
keyid:1A:89:22:D3:48:13:08:DB:D4:C2:AB:6E:70:EA:DA:9F:75:F6:DB:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goki00gTCNvUwqtucOran3X222g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1b8a9d-d3de-41bb-82c8-7ae263922822/1/yjMA-1ORB2j3sIAGFa6mi9z8nek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1b8a9d-d3de-41bb-82c8-7ae263922822/1/Goki00gTCNvUwqtucOran3X222g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.100.0/22
Signature Algorithm: sha256WithRSAEncryption
24:ab:91:56:ef:88:06:8d:e1:b2:e2:cd:c0:74:7b:1f:92:7c:
d4:99:1c:f8:ca:40:6d:d4:93:bc:20:6d:23:fe:87:91:24:99:
7f:03:03:96:b9:38:fb:2b:62:e3:0e:c8:3d:93:cf:26:84:e8:
9f:2b:0a:10:7e:26:42:bc:d0:97:bb:e3:06:10:08:ad:4e:b5:
5f:cc:11:21:9d:d5:b4:aa:d1:d6:df:3d:55:ed:b8:24:92:18:
91:ae:a9:37:e0:a2:ba:81:1c:28:f4:e4:38:8b:f9:59:25:0a:
17:cd:a8:24:de:df:25:78:e2:b6:4b:c3:f0:53:e6:48:9f:62:
12:d4:58:3d:7f:0c:04:1e:41:a3:dc:cb:b5:0f:cb:41:3b:88:
13:6c:f5:4c:2b:72:d5:3a:10:81:12:f4:69:72:6d:61:4d:2a:
72:be:cd:84:b8:8f:97:32:78:da:6c:54:06:bd:dd:80:ee:de:
d1:03:7e:7b:6c:42:f7:4f:65:36:ab:92:04:45:c1:d4:46:96:
0b:db:97:07:03:56:ee:84:38:0c:d6:86:97:8d:4c:37:e0:82:
a2:f5:96:8f:cc:f3:9b:97:92:0c:e3:e2:31:e4:c0:f8:e8:1f:
5f:87:2f:67:75:f4:99:f3:d0:19:39:6c:56:08:29:bc:09:07:
bc:ea:a2:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjH/Xu6MlBnFyddZW/2UeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODkyMmQzNDgxMzA4ZGJkNGMyYWI2ZTcwZWFkYTlmNzVm
NmRiNjgwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMzMDBmYjUzOTEwNzY4ZjdiMDgwMDYxNWFlYTY4YmRjZmM5ZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4R7OWmK/c9FyXbH8uhQBLlc1LE6X
2SFlFzm6+YLmrWusy8dQQzDEnWtkchUTRJrFEgv+y9isjxSvJxjLYHRVj/0nVtVp
fICi4CQtDRsdFXlZ1LVOwZDVIBqgYky+5laZLO8qvmTpP0mMpcZAuduRxtrFChQv
x9vA2fw/MHEqgNSLSxaNR9L5PpvNgWQScu69UZZkgWAdENY/QAVJhHcyce8QPEsC
pVD37u7+y6Hdhzsj/sEXCIB8ZVvZ0vbEdG6FaaZDVfaLHkZmgWCmfDT0j0Gej3oM
9GCO7t+a/GTLMcHHxDKMh8SzatHENKwfTURbVH02vKI84upiy1WOdpjJMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMozAPtTkQdo97CABhWupovc/J3pMB8GA1UdIwQY
MBaAFBqJItNIEwjb1MKrbnDq2p919ttoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29raTAwZ1RDTnZVd3F0dWNPcmFuM1gyMjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xYjhhOWQtZDNkZS00MWJiLTgyYzgt
N2FlMjYzOTIyODIyLzEveWpNQS0xT1JCMmozc0lBR0ZhNm1pOXo4bmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xYjhhOWQtZDNkZS00MWJiLTgyYzgtN2FlMjYzOTIyODIy
LzEvR29raTAwZ1RDTnZVd3F0dWNPcmFuM1gyMjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU1kMA0G
CSqGSIb3DQEBCwUAA4IBAQAkq5FW74gGjeGy4s3AdHsfknzUmRz4ykBt1JO8IG0j
/oeRJJl/AwOWuTj7K2LjDsg9k88mhOifKwoQfiZCvNCXu+MGEAitTrVfzBEhndW0
qtHW3z1V7bgkkhiRrqk34KK6gRwo9OQ4i/lZJQoXzagk3t8leOK2S8PwU+ZIn2IS
1Fg9fwwEHkGj3Mu1D8tBO4gTbPVMK3LVOhCBEvRpcm1hTSpyvs2EuI+XMnjabFQG
vd2A7t7RA357bEL3T2U2q5IERcHURpYL25cHA1buhDgM1oaXjUw34IKi9ZaPzPOb
l5IM4+Ix5MD46B9fhy9ndfSZ89AZOWxWCCm8CQe86qK4
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:47:27 2025 by rpki-client