Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/YjBKXkQXMHf0_pA4qcpXsGbUeRk.roa
File: YjBKXkQXMHf0_pA4qcpXsGbUeRk.roa (raw, json)
Hash identifier: i1DqFHpsj9QAGTJ1gIk3MfC4El+yBvATAcNyHakLZNc=
Subject key identifier: 62:30:4A:5E:44:17:30:77:F4:FE:90:38:A9:CA:57:B0:66:D4:79:19
Certificate issuer: /CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Certificate serial: 018683CCB023823886459B0797DDC89308AB
Authority key identifier: 34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/YjBKXkQXMHf0_pA4qcpXsGbUeRk.roa
Signing time: Fri 24 Feb 2023 14:21:15 +0000
ROA not before: Fri 24 Feb 2023 14:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.138.164.0/24 maxlen: 24
2a11:4c02::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a11:4c03::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:cc:b0:23:82:38:86:45:9b:07:97:dd:c8:93:08:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Validity
Not Before: Feb 24 14:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62304a5e44173077f4fe9038a9ca57b066d47919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:2b:f7:bc:c5:d3:df:bd:03:3f:a2:c7:df:
89:50:dd:14:0b:55:ed:57:34:4e:b7:e8:6b:a6:d9:
e4:0a:e0:43:68:17:10:7c:84:96:83:43:a4:2c:84:
56:5b:30:03:2c:ae:77:aa:44:e6:3b:52:bc:c3:75:
62:cb:4c:a7:ca:92:17:c8:55:03:76:45:7e:92:36:
68:55:a1:d8:65:13:65:cc:c9:5d:3a:03:46:d5:7c:
0e:32:d6:f9:9b:8b:f3:8a:f0:4e:db:cc:a7:1b:68:
67:8e:45:e5:19:4d:fc:d9:3d:d7:ec:17:ae:9e:6e:
48:e5:06:3e:ff:24:89:3d:15:49:92:de:d0:eb:c9:
6c:3d:54:aa:f5:a3:65:2c:f1:4a:d4:02:9c:76:24:
ac:a0:a4:30:6c:13:16:d4:11:44:5e:93:bc:4b:dc:
6f:b4:04:26:93:d9:8d:e8:a0:8f:39:b5:75:92:be:
18:91:e2:3a:83:9e:60:23:a7:f3:a2:f8:6f:ac:35:
33:6f:c1:2d:84:50:94:54:a1:96:94:13:c6:87:29:
d6:a0:68:23:71:2d:a0:74:7d:68:ee:52:08:9e:ef:
c8:a3:4e:09:4c:5a:52:b8:85:f4:7b:11:f9:62:21:
42:2e:fc:84:b4:52:28:79:ec:f1:ae:a3:91:1d:8e:
1c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:30:4A:5E:44:17:30:77:F4:FE:90:38:A9:CA:57:B0:66:D4:79:19
X509v3 Authority Key Identifier:
keyid:34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/YjBKXkQXMHf0_pA4qcpXsGbUeRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/NKnrbE06V8mlZFbdvwASuBdQsdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.164.0/24
IPv6:
2a11:4c02::-2a11:4c04:ffff:ffff:ffff:ffff:ffff:ffff
2a11:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
70:18:61:ff:14:a0:54:5d:14:9b:20:9d:b8:b8:bd:9a:93:ec:
c7:ef:7d:e0:36:6a:3c:ab:85:ae:a8:2b:8a:de:7a:42:44:47:
1d:13:26:ec:4c:6a:c4:21:da:e9:9b:63:38:47:f0:84:3d:9e:
95:6a:6d:eb:71:25:e0:7c:10:a5:e6:ad:9b:f3:bb:be:a1:4f:
9d:47:2f:f0:3e:d2:31:40:8a:66:39:1e:7e:83:58:7a:bf:94:
67:34:69:b9:42:94:fc:ce:29:44:eb:8e:9e:4a:0f:b9:39:8b:
9b:4b:08:46:5b:98:71:ce:18:1c:b8:9e:2f:bf:c3:0f:c2:ee:
21:03:2f:1e:24:3b:2d:cd:8b:26:7a:03:52:91:05:38:f3:50:
f8:bb:fe:5f:4a:40:e5:86:ce:38:89:76:e1:c9:81:d7:32:0f:
49:06:0d:3d:92:58:05:82:7f:9c:72:1b:1e:95:d1:3b:31:09:
cf:b2:dd:2b:69:56:e0:c0:bd:ae:5a:fe:73:1e:95:94:7f:85:
16:14:e5:a8:df:4c:1b:39:28:d5:a6:58:f2:81:8d:90:66:64:
b9:b6:b8:d7:c2:ba:81:88:0e:a2:85:88:ef:f3:5a:bf:2d:64:
35:91:5c:3d:f6:76:05:2e:9b:e0:99:2e:68:dd:c6:0f:46:9b:
38:e9:73:51
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYaDzLAjgjiGRZsHl93IkwirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTllYjZjNGQzYTU3YzlhNTY0NTZkZGJmMDAxMmI4MTc1
MGIxZDMwHhcNMjMwMjI0MTQyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjMwNGE1ZTQ0MTczMDc3ZjRmZTkwMzhhOWNhNTdiMDY2ZDQ3OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8cr97zF09+9Az+ix9+JUN0UC1Xt
VzROt+hrptnkCuBDaBcQfISWg0OkLIRWWzADLK53qkTmO1K8w3Viy0ynypIXyFUD
dkV+kjZoVaHYZRNlzMldOgNG1XwOMtb5m4vzivBO28ynG2hnjkXlGU382T3X7Beu
nm5I5QY+/ySJPRVJkt7Q68lsPVSq9aNlLPFK1AKcdiSsoKQwbBMW1BFEXpO8S9xv
tAQmk9mN6KCPObV1kr4YkeI6g55gI6fzovhvrDUzb8EthFCUVKGWlBPGhynWoGgj
cS2gdH1o7lIInu/Io04JTFpSuIX0exH5YiFCLvyEtFIoeezxrqORHY4c9QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFGIwSl5EFzB39P6QOKnKV7Bm1HkZMB8GA1UdIwQY
MBaAFDSp62xNOlfJpWRW3b8AErgXULHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMt
MzQ1ZDA2NGRhN2JmLzEvWWpCS1hrUVhNSGYwX3BBNHFjcFhzR2JVZVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMtMzQ1ZDA2NGRhN2Jm
LzEvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAuYqkMB0E
AgACMBcwDgMFASoRTAIDBQAqEUwEAwUAKhFMBjANBgkqhkiG9w0BAQsFAAOCAQEA
cBhh/xSgVF0UmyCduLi9mpPsx+994DZqPKuFrqgrit56QkRHHRMm7ExqxCHa6Ztj
OEfwhD2elWpt63El4HwQpeatm/O7vqFPnUcv8D7SMUCKZjkefoNYer+UZzRpuUKU
/M4pROuOnkoPuTmLm0sIRluYcc4YHLieL7/DD8LuIQMvHiQ7Lc2LJnoDUpEFOPNQ
+Lv+X0pA5YbOOIl24cmB1zIPSQYNPZJYBYJ/nHIbHpXROzEJz7LdK2lW4MC9rlr+
cx6VlH+FFhTlqN9MGzko1aZY8oGNkGZkuba418K6gYgOooWI7/Navy1kNZFcPfZ2
BS6b4JkuaN3GD0abOOlzUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:05:15 2025 by rpki-client