Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/YmYarA5XO8juvrriR0BtAqIdcCU.roa
File: YmYarA5XO8juvrriR0BtAqIdcCU.roa (raw, json)
Hash identifier: J8e/3PBcMoffAup3qudGNq5pMDjkvtJSIDtohCQMO8M=
Subject key identifier: 62:66:1A:AC:0E:57:3B:C8:EE:BE:BA:E2:47:40:6D:02:A2:1D:70:25
Certificate issuer: /CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Certificate serial: 0194258F3066AF4A0332F9E0768F25EF0895
Authority key identifier: BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/YmYarA5XO8juvrriR0BtAqIdcCU.roa
Signing time: Thu 02 Jan 2025 05:48:48 +0000
ROA not before: Thu 02 Jan 2025 05:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60522
IP address blocks: 86.111.152.0/21 maxlen: 32
134.255.192.0/22 maxlen: 32
185.29.216.0/22 maxlen: 32
185.205.124.0/22 maxlen: 32
195.192.216.0/21 maxlen: 32
217.61.192.0/20 maxlen: 32
2a00:ab60::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:30:66:af:4a:03:32:f9:e0:76:8f:25:ef:08:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Validity
Not Before: Jan 2 05:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62661aac0e573bc8eebebae247406d02a21d7025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:da:5d:a7:2c:d3:c5:66:73:4b:dd:4f:be:37:
8c:cd:4c:8a:99:2c:08:75:1e:4f:5a:13:15:bc:eb:
ae:78:9d:18:78:0c:99:8a:d3:ed:07:63:39:76:54:
fc:3c:10:7a:64:ac:01:99:f0:23:59:b0:8e:71:45:
7b:bd:d3:19:e9:8a:4d:1e:db:fe:3b:bd:b9:0f:6a:
af:f7:ab:29:46:f6:9e:ab:04:78:11:a9:ad:bd:70:
d3:f7:0c:76:8c:fd:5e:62:23:fd:20:fc:50:c3:1d:
ab:11:c1:39:4a:98:a4:0d:3a:d5:d4:f4:7d:36:42:
0b:cf:37:1c:16:17:d9:a4:8f:72:64:2b:96:55:52:
fa:1e:40:23:b5:45:bd:3b:d4:22:89:ef:ce:6e:d6:
6f:9b:d0:e8:12:b7:9e:3e:86:85:f2:13:87:c9:26:
7c:a9:59:8e:2f:c9:3f:c5:6d:e1:62:49:aa:34:6c:
2f:ee:09:9f:57:ae:d1:f5:dc:fc:0a:a9:60:8a:9d:
9b:54:b8:52:ed:74:b5:2c:17:07:7c:6e:e1:be:04:
f9:76:e1:0e:28:ce:e1:5a:ae:d9:e1:e9:77:3a:b7:
5a:e5:68:45:cd:ed:79:4b:4f:c5:d1:06:3a:f3:af:
8b:4c:c2:ef:ab:ee:14:81:86:27:98:81:34:e7:d6:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:66:1A:AC:0E:57:3B:C8:EE:BE:BA:E2:47:40:6D:02:A2:1D:70:25
X509v3 Authority Key Identifier:
keyid:BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/YmYarA5XO8juvrriR0BtAqIdcCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.152.0/21
134.255.192.0/22
185.29.216.0/22
185.205.124.0/22
195.192.216.0/21
217.61.192.0/20
IPv6:
2a00:ab60::/29
Signature Algorithm: sha256WithRSAEncryption
38:2e:e4:be:72:33:ff:76:e5:5e:eb:70:e1:3a:72:8d:aa:1a:
41:08:87:89:c8:aa:f5:cd:5b:ec:1d:cc:06:a0:a6:9a:8a:7e:
64:e5:6b:b2:4b:4f:62:98:ae:14:02:db:92:7a:df:45:4e:ce:
5f:78:20:cb:8c:b7:61:7d:4d:09:ac:99:c3:ad:3f:94:80:f5:
2e:3b:78:4d:ee:43:0a:21:9a:a2:df:0d:0f:83:da:0b:35:3e:
a9:a9:60:7c:76:13:42:cc:94:e9:11:b1:5f:4b:79:16:b5:5e:
af:6f:de:dc:00:86:08:6d:11:f1:e3:32:9d:78:f0:85:2f:ce:
c5:fe:88:05:e2:2b:71:63:d1:22:88:b7:a0:af:49:97:12:dd:
fa:b2:0d:d6:ba:0d:67:82:d7:ef:27:4c:46:65:5e:21:1a:74:
f8:f7:20:93:0e:d4:f1:85:16:ee:01:41:86:0a:36:63:0c:9e:
7c:f1:f3:68:43:ce:89:57:33:af:b7:fe:87:24:b4:97:34:37:
46:22:4e:56:32:4f:f9:f7:9a:fb:ad:78:ba:09:e4:76:75:4c:
05:5c:6c:43:d7:9c:0c:e3:47:e2:0d:92:2c:ab:c5:53:36:20:
85:67:42:23:ac:f8:35:83:91:59:89:db:b9:7d:6e:7b:20:40:
9b:5e:e7:27
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQljzBmr0oDMvngdo8l7wiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDhjYzM1NDg4YmQ5ZTZmMzEyYjIwZmM3NmExMDI3MmYw
Y2RlZGEwHhcNMjUwMTAyMDU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjY2MWFhYzBlNTczYmM4ZWViZWJhZTI0NzQwNmQwMmEyMWQ3MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdpdpyzTxWZzS91PvjeMzUyKmSwI
dR5PWhMVvOuueJ0YeAyZitPtB2M5dlT8PBB6ZKwBmfAjWbCOcUV7vdMZ6YpNHtv+
O725D2qv96spRvaeqwR4EamtvXDT9wx2jP1eYiP9IPxQwx2rEcE5SpikDTrV1PR9
NkILzzccFhfZpI9yZCuWVVL6HkAjtUW9O9Qiie/ObtZvm9DoEreePoaF8hOHySZ8
qVmOL8k/xW3hYkmqNGwv7gmfV67R9dz8Cqlgip2bVLhS7XS1LBcHfG7hvgT5duEO
KM7hWq7Z4el3Orda5WhFze15S0/F0QY686+LTMLvq+4UgYYnmIE059beyQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGJmGqwOVzvI7r664kdAbQKiHXAlMB8GA1UdIwQY
MBaAFL5IzDVIi9nm8xKyD8dqECcvDN7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQt
NDliYzQzNjYwYzk3LzEvWW1ZYXJBNVhPOGp1dnJyaVIwQnRBcUlkY0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQtNDliYzQzNjYwYzk3
LzEvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDVm+YAwQC
hv/AAwQCuR3YAwQCuc18AwQDw8DYAwQE2T3AMA0EAgACMAcDBQMqAKtgMA0GCSqG
SIb3DQEBCwUAA4IBAQA4LuS+cjP/duVe63DhOnKNqhpBCIeJyKr1zVvsHcwGoKaa
in5k5WuyS09imK4UAtuSet9FTs5feCDLjLdhfU0JrJnDrT+UgPUuO3hN7kMKIZqi
3w0Pg9oLNT6pqWB8dhNCzJTpEbFfS3kWtV6vb97cAIYIbRHx4zKdePCFL87F/ogF
4itxY9EiiLegr0mXEt36sg3Wug1ngtfvJ0xGZV4hGnT49yCTDtTxhRbuAUGGCjZj
DJ588fNoQ86JVzOvt/6HJLSXNDdGIk5WMk/595r7rXi6CeR2dUwFXGxD15wM40fi
DZIsq8VTNiCFZ0IjrPg1g5FZidu5fW57IECbXucn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:03 2025 by rpki-client