Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/cee6d0-2a5a-47a5-9a6a-853d2f183eb8/1/yh39pVm08WyKzque3ySW6KQ3mm4.roa
File: yh39pVm08WyKzque3ySW6KQ3mm4.roa (raw, json)
Hash identifier: aDD+CJaY1WYlwKiV6sPZZhcyKFKZy1s5Oj5KyeAwphE=
Subject key identifier: CA:1D:FD:A5:59:B4:F1:6C:8A:CE:AB:9E:DF:24:96:E8:A4:37:9A:6E
Certificate issuer: /CN=a2e3a7673a7999dd496a080dbbafa1077ad980fb
Certificate serial: 0194FA7ED1199B59635CA452501E3B8FFA1E
Authority key identifier: A2:E3:A7:67:3A:79:99:DD:49:6A:08:0D:BB:AF:A1:07:7A:D9:80:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouOnZzp5md1JaggNu6-hB3rZgPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/cee6d0-2a5a-47a5-9a6a-853d2f183eb8/1/yh39pVm08WyKzque3ySW6KQ3mm4.roa
Signing time: Wed 12 Feb 2025 14:10:02 +0000
ROA not before: Wed 12 Feb 2025 14:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30884
IP address blocks: 185.92.156.0/22 maxlen: 22
185.93.132.0/22 maxlen: 22
2a05:f280::/29 maxlen: 29
2a05:fa00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:7e:d1:19:9b:59:63:5c:a4:52:50:1e:3b:8f:fa:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e3a7673a7999dd496a080dbbafa1077ad980fb
Validity
Not Before: Feb 12 14:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca1dfda559b4f16c8aceab9edf2496e8a4379a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:37:5b:d4:b0:e8:af:75:db:59:aa:7e:b3:af:
f1:be:bb:50:26:f2:ce:2e:60:d0:64:02:ba:36:3f:
b7:86:47:19:77:61:eb:12:3c:22:f4:66:d6:a6:c5:
66:4c:4a:35:6a:69:4f:ba:f7:78:43:35:5a:84:4a:
dc:56:9a:b8:dc:de:85:31:82:63:ac:c4:31:79:93:
97:fb:3a:e4:9e:81:cd:d4:7b:2f:93:ab:ec:01:d7:
87:5a:73:56:c3:07:d1:0e:e0:f1:87:57:6f:bc:3a:
93:e8:32:2a:d9:83:f0:71:2f:f7:aa:ee:b2:d6:9e:
cf:ae:b6:16:77:72:e5:cd:85:90:f7:89:cf:3b:22:
75:43:44:df:3b:34:26:e7:16:ae:f9:25:e8:e3:60:
66:9c:4d:7c:4d:24:ae:96:71:03:85:a5:b9:33:2a:
60:30:7b:1a:1a:06:89:fb:22:97:bb:d9:21:97:a9:
d4:d0:01:d3:7f:34:ff:1c:0d:70:09:3c:bf:0e:0b:
e4:52:c0:9e:97:63:b7:db:75:bc:a1:d4:ae:b2:86:
78:9f:d6:54:dc:e3:03:82:44:46:2b:bd:76:69:f5:
80:3f:0c:18:b2:b1:75:89:0e:6e:09:6f:79:3c:5d:
fb:3a:74:bc:5f:28:05:35:e8:c2:c8:24:16:24:9d:
0f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1D:FD:A5:59:B4:F1:6C:8A:CE:AB:9E:DF:24:96:E8:A4:37:9A:6E
X509v3 Authority Key Identifier:
keyid:A2:E3:A7:67:3A:79:99:DD:49:6A:08:0D:BB:AF:A1:07:7A:D9:80:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouOnZzp5md1JaggNu6-hB3rZgPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/cee6d0-2a5a-47a5-9a6a-853d2f183eb8/1/yh39pVm08WyKzque3ySW6KQ3mm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/cee6d0-2a5a-47a5-9a6a-853d2f183eb8/1/ouOnZzp5md1JaggNu6-hB3rZgPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.156.0/22
185.93.132.0/22
IPv6:
2a05:f280::/29
2a05:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
2f:63:7f:b8:ce:e2:73:91:2f:44:d3:d3:2f:6b:67:99:93:30:
40:a3:c3:b7:b4:80:d1:98:a6:c9:60:f1:52:77:1a:d1:4d:12:
bc:39:9b:a1:31:19:69:56:18:c5:06:8e:e1:71:ad:b9:25:c1:
4d:af:cb:07:ce:b2:ed:d3:68:aa:a3:39:e4:77:81:e7:57:ca:
f9:03:5e:d0:cb:81:ac:31:4b:42:74:7c:4a:0b:ba:86:ae:54:
58:26:b2:56:6e:83:a8:05:a3:65:96:46:e3:70:bf:24:72:6d:
0f:2b:21:b0:a2:96:36:3c:49:8e:57:c5:20:f4:db:22:28:1a:
9f:20:b0:df:12:48:b7:98:84:26:50:49:66:63:fc:88:e0:0d:
ac:d7:1c:6a:13:33:b0:2d:83:d3:0b:54:4c:0d:3b:f8:b3:e5:
a4:79:51:9e:ab:3d:47:55:a7:c6:26:ab:13:32:f0:c2:b1:bb:
71:12:cb:d5:8f:7e:45:d3:e5:9b:b7:b0:32:1a:75:92:77:3a:
73:4d:da:2e:44:1b:e0:af:9c:02:10:13:01:15:34:f5:b3:72:
e8:4e:d1:ad:97:3f:a4:6c:5e:d7:c0:54:7a:ea:17:ec:3a:e6:
98:59:24:a5:e8:88:90:eb:13:ec:25:fd:b2:57:d9:62:6d:95:
e7:d9:18:32
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZT6ftEZm1ljXKRSUB47j/oeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZTNhNzY3M2E3OTk5ZGQ0OTZhMDgwZGJiYWZhMTA3N2Fk
OTgwZmIwHhcNMjUwMjEyMTQxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFkZmRhNTU5YjRmMTZjOGFjZWFiOWVkZjI0OTZlOGE0Mzc5YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ddb1LDor3XbWap+s6/xvrtQJvLO
LmDQZAK6Nj+3hkcZd2HrEjwi9GbWpsVmTEo1amlPuvd4QzVahErcVpq43N6FMYJj
rMQxeZOX+zrknoHN1Hsvk6vsAdeHWnNWwwfRDuDxh1dvvDqT6DIq2YPwcS/3qu6y
1p7PrrYWd3LlzYWQ94nPOyJ1Q0TfOzQm5xau+SXo42BmnE18TSSulnEDhaW5Mypg
MHsaGgaJ+yKXu9khl6nU0AHTfzT/HA1wCTy/DgvkUsCel2O323W8odSusoZ4n9ZU
3OMDgkRGK712afWAPwwYsrF1iQ5uCW95PF37OnS8XygFNejCyCQWJJ0PvwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMod/aVZtPFsis6rnt8kluikN5puMB8GA1UdIwQY
MBaAFKLjp2c6eZndSWoIDbuvoQd62YD7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3VPblp6cDVtZDFKYWdnTnU2LWhCM3JaZ1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9jZWU2ZDAtMmE1YS00N2E1LTlhNmEt
ODUzZDJmMTgzZWI4LzEveWgzOXBWbTA4V3lLenF1ZTN5U1c2S1EzbW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9jZWU2ZDAtMmE1YS00N2E1LTlhNmEtODUzZDJmMTgzZWI4
LzEvb3VPblp6cDVtZDFKYWdnTnU2LWhCM3JaZ1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuVycAwQC
uV2EMBQEAgACMA4DBQMqBfKAAwUDKgX6ADANBgkqhkiG9w0BAQsFAAOCAQEAL2N/
uM7ic5EvRNPTL2tnmZMwQKPDt7SA0ZimyWDxUnca0U0SvDmboTEZaVYYxQaO4XGt
uSXBTa/LB86y7dNoqqM55HeB51fK+QNe0MuBrDFLQnR8Sgu6hq5UWCayVm6DqAWj
ZZZG43C/JHJtDyshsKKWNjxJjlfFIPTbIiganyCw3xJIt5iEJlBJZmP8iOANrNcc
ahMzsC2D0wtUTA07+LPlpHlRnqs9R1WnxiarEzLwwrG7cRLL1Y9+RdPlm7ewMhp1
knc6c03aLkQb4K+cAhATARU09bNy6E7RrZc/pGxe18BUeuoX7DrmmFkkpeiIkOsT
7CX9slfZYm2V59kYMg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:13 2025 by rpki-client