Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/yNY6bH1FZiObLlueEIjNydTMDc8.roa
File: yNY6bH1FZiObLlueEIjNydTMDc8.roa (raw, json)
Hash identifier: qo1xJTM/d0zWM2HJpgLbgXutgDhhFbPDIicjt7s6xR4=
Subject key identifier: C8:D6:3A:6C:7D:45:66:23:9B:2E:5B:9E:10:88:CD:C9:D4:CC:0D:CF
Certificate issuer: /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial: 019425217558EAC6256D87C6F9B7B20035BD
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/yNY6bH1FZiObLlueEIjNydTMDc8.roa
Signing time: Thu 02 Jan 2025 03:48:57 +0000
ROA not before: Thu 02 Jan 2025 03:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43775
IP address blocks: 91.147.180.0/24 maxlen: 24
91.147.181.0/24 maxlen: 24
91.147.183.0/24 maxlen: 24
91.147.184.0/24 maxlen: 24
91.147.185.0/24 maxlen: 24
91.147.186.0/24 maxlen: 24
91.147.187.0/24 maxlen: 24
91.147.188.0/24 maxlen: 24
91.147.189.0/24 maxlen: 24
91.147.190.0/24 maxlen: 24
91.147.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:75:58:ea:c6:25:6d:87:c6:f9:b7:b2:00:35:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8d63a6c7d4566239b2e5b9e1088cdc9d4cc0dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fc:76:69:d5:6f:be:8e:be:7a:5c:af:b0:94:
18:8e:4b:b9:ab:6d:e7:37:bb:42:7f:46:b0:10:22:
d4:82:5d:88:f1:91:be:76:46:0f:d1:d9:4d:ce:3b:
43:9a:90:bc:56:ef:7a:09:0f:0b:3e:bf:26:f5:cc:
6f:d1:f9:01:f7:7d:de:44:b3:74:a3:c9:ba:ef:97:
87:84:5d:51:fd:1d:27:82:ce:39:26:42:d4:86:3b:
f3:25:f7:f7:42:71:32:80:70:f4:4c:97:4c:b8:5b:
3f:b1:a1:bc:3f:96:73:20:32:2d:e4:54:2a:db:6f:
a5:b5:18:be:49:34:7c:22:79:d5:f1:3b:f3:dd:21:
d4:05:1a:06:4f:60:95:01:eb:6c:34:50:b2:a6:83:
df:98:f5:f7:e2:63:fa:50:53:d8:a3:0f:b6:27:dd:
a1:0e:26:d6:e3:42:0c:6e:9d:ed:92:0f:b4:d6:c1:
f9:df:64:e5:da:e8:8f:e9:a0:61:42:aa:b5:ee:37:
ed:7e:2e:12:c6:b2:4a:0b:e3:e1:c9:d4:64:90:06:
f7:a5:75:97:88:b1:d6:72:8f:40:cf:12:04:d1:76:
7d:f8:ca:0b:1d:73:e2:85:b0:ea:55:72:03:be:b9:
bb:f1:f6:77:fb:f5:10:7e:d7:fa:cd:bd:43:56:8d:
cd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D6:3A:6C:7D:45:66:23:9B:2E:5B:9E:10:88:CD:C9:D4:CC:0D:CF
X509v3 Authority Key Identifier:
keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/yNY6bH1FZiObLlueEIjNydTMDc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.180.0/23
91.147.183.0-91.147.191.255
Signature Algorithm: sha256WithRSAEncryption
06:7d:ff:64:b3:b2:eb:60:5f:82:f1:c1:6d:c7:73:52:70:3b:
9b:06:de:15:00:66:62:16:4f:70:b6:1b:09:1f:85:87:ce:ec:
42:b6:10:8e:4a:6a:a9:e5:ca:07:a4:3a:2e:9b:33:2d:cc:0d:
d3:74:e1:74:c6:21:2a:1f:42:60:c4:17:23:01:bd:56:1b:28:
e0:ca:0f:7d:f5:92:e7:3f:80:3e:bb:19:5f:01:3d:ec:cf:7a:
ac:34:a8:b0:49:ee:81:35:c7:c8:af:28:75:b3:65:39:e3:1d:
7e:d5:bc:56:aa:14:44:33:ef:a4:0b:06:6f:71:32:ee:da:0a:
3c:1e:ed:97:cf:53:ca:24:2b:6b:38:79:78:ba:61:04:9f:95:
3b:8d:be:6d:bf:9f:d4:b9:2b:04:8b:f8:57:da:b6:80:9f:64:
02:65:4a:06:f2:7d:62:3b:37:b0:2e:1a:04:10:c3:17:12:6c:
43:a9:6f:c3:bc:51:73:a1:7f:f0:f3:a9:23:dc:8c:95:86:69:
bb:a1:5d:37:e2:df:60:33:23:a8:5a:e3:6a:c7:87:f0:52:31:
b7:2f:43:1d:d7:e1:81:20:67:60:0c:58:0b:c5:4a:30:a6:7c:
b8:06:21:f6:c0:a2:17:41:fe:8a:e6:bb:d0:c9:b6:2d:69:89:
6a:be:b5:1c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIXVY6sYlbYfG+beyADW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQ2M2E2YzdkNDU2NjIzOWIyZTViOWUxMDg4Y2RjOWQ0Y2MwZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPx2adVvvo6+elyvsJQYjku5q23n
N7tCf0awECLUgl2I8ZG+dkYP0dlNzjtDmpC8Vu96CQ8LPr8m9cxv0fkB933eRLN0
o8m675eHhF1R/R0ngs45JkLUhjvzJff3QnEygHD0TJdMuFs/saG8P5ZzIDIt5FQq
22+ltRi+STR8InnV8Tvz3SHUBRoGT2CVAetsNFCypoPfmPX34mP6UFPYow+2J92h
DibW40IMbp3tkg+01sH532Tl2uiP6aBhQqq17jftfi4SxrJKC+PhydRkkAb3pXWX
iLHWco9AzxIE0XZ9+MoLHXPihbDqVXIDvrm78fZ3+/UQftf6zb1DVo3NGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMjWOmx9RWYjmy5bnhCIzcnUzA3PMB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEveU5ZNmJIMUZaaU9iTGx1ZUVJak55ZFRNRGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBW5O0MAwD
BABbk7cDBAZbk4AwDQYJKoZIhvcNAQELBQADggEBAAZ9/2SzsutgX4LxwW3Hc1Jw
O5sG3hUAZmIWT3C2GwkfhYfO7EK2EI5KaqnlygekOi6bMy3MDdN04XTGISofQmDE
FyMBvVYbKODKD331kuc/gD67GV8BPezPeqw0qLBJ7oE1x8ivKHWzZTnjHX7VvFaq
FEQz76QLBm9xMu7aCjwe7ZfPU8okK2s4eXi6YQSflTuNvm2/n9S5KwSL+FfatoCf
ZAJlSgbyfWI7N7AuGgQQwxcSbEOpb8O8UXOhf/DzqSPcjJWGabuhXTfi32AzI6ha
42rHh/BSMbcvQx3X4YEgZ2AMWAvFSjCmfLgGIfbAohdB/ormu9DJti1piWq+tRw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:20 2025 by rpki-client