Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/1YffucAnrX0zrPGVUVBeyKH78tE.roa
File: 1YffucAnrX0zrPGVUVBeyKH78tE.roa (raw, json)
Hash identifier: F+0MkZW1rwniUkgJEFMqZDUVPzIQlWc77ANUG11yVk0=
Subject key identifier: D5:87:DF:B9:C0:27:AD:7D:33:AC:F1:95:51:50:5E:C8:A1:FB:F2:D1
Certificate issuer: /CN=08af091858bb99651764399c6565df7a0834dbad
Certificate serial: 0194282568DF74C4B632B1BB8DCF906444C1
Authority key identifier: 08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/1YffucAnrX0zrPGVUVBeyKH78tE.roa
Signing time: Thu 02 Jan 2025 17:52:07 +0000
ROA not before: Thu 02 Jan 2025 17:52:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210896
IP address blocks: 185.239.24.0/24 maxlen: 24
2a13:f780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:68:df:74:c4:b6:32:b1:bb:8d:cf:90:64:44:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08af091858bb99651764399c6565df7a0834dbad
Validity
Not Before: Jan 2 17:52:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d587dfb9c027ad7d33acf19551505ec8a1fbf2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b0:14:a4:ba:fe:25:86:b4:f9:3b:e1:a6:6a:
cd:0b:2a:66:c3:94:bc:84:d1:5f:a9:0d:39:92:a6:
ad:41:05:6d:f6:b3:d5:bb:25:1c:f3:b2:78:2f:ff:
f2:59:18:7b:ca:79:5b:8a:2d:36:88:5b:53:b9:32:
57:f8:0e:53:01:d1:07:07:66:69:b5:39:0c:4e:00:
d2:31:11:60:d1:ff:f5:3c:af:81:76:89:8f:d4:35:
3f:9a:60:e1:1c:af:c0:4e:45:8e:36:44:e2:58:4c:
88:c4:b9:d3:a8:a1:33:23:38:cd:cc:5a:a3:bc:33:
61:f4:b1:7c:d6:87:c8:b0:36:65:bf:30:54:c7:fc:
8d:b4:d7:93:62:a0:20:f3:11:5f:6f:cf:7b:7e:e5:
de:66:73:57:96:44:45:9a:9e:2c:46:9d:2f:c9:35:
c2:70:ba:a4:7c:30:0f:50:80:bc:7f:5d:2e:57:93:
e2:51:4f:f9:26:ac:29:53:97:cb:72:7d:ff:64:16:
69:40:b0:0c:da:1d:20:da:2b:17:64:80:55:b9:bf:
ea:1b:c9:26:00:45:a1:4a:b2:88:a6:4a:3a:0e:23:
dd:cc:24:19:8f:c9:aa:0a:f3:94:14:4b:08:a5:01:
f9:12:b6:0e:3d:47:ce:b2:96:00:ba:6e:63:f9:cf:
47:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:87:DF:B9:C0:27:AD:7D:33:AC:F1:95:51:50:5E:C8:A1:FB:F2:D1
X509v3 Authority Key Identifier:
keyid:08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/1YffucAnrX0zrPGVUVBeyKH78tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.24.0/24
IPv6:
2a13:f780::/29
Signature Algorithm: sha256WithRSAEncryption
0a:a5:ad:4f:24:07:7a:2a:54:4a:79:96:6d:ea:84:68:5c:cf:
d2:cb:59:b9:e2:d7:ce:7d:92:c4:76:40:e8:1b:4f:95:f8:07:
7e:7a:b5:c1:ee:d1:df:82:6d:ff:0d:de:19:f3:30:dd:64:e7:
1e:ee:fc:f6:86:3e:26:dc:ad:2a:86:7b:e1:5a:40:87:23:eb:
4a:62:bd:d3:8d:9d:b5:d4:06:86:3d:1e:fa:b1:ee:df:16:f4:
04:c3:16:f3:84:80:2a:2a:d8:ce:4f:df:60:da:49:af:ac:df:
03:4d:23:4d:8d:e1:d4:f2:b3:8f:7b:9b:a1:c6:87:08:80:06:
46:9b:9c:d7:c8:f7:ab:06:25:78:63:53:17:37:a5:71:75:1d:
fc:08:7b:37:d4:27:fb:4e:cc:ec:f9:65:a6:f4:04:d5:bd:a4:
13:98:e9:08:af:5d:8c:d8:47:82:c3:ca:fc:73:0e:f3:b4:7e:
4b:41:2b:56:93:fc:26:8e:65:d2:ce:c9:f6:95:55:73:d3:0d:
7b:a7:a8:79:77:fe:45:bb:dd:20:eb:2b:6b:8c:69:c8:75:5e:
2e:1d:0c:81:79:cf:50:2d:ee:c6:e7:ae:bd:0e:1b:d2:5e:45:
df:d4:5b:34:64:77:a9:0c:2b:2c:24:3a:13:a5:bd:46:d5:6b:
46:bd:3a:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJWjfdMS2MrG7jc+QZETBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YWYwOTE4NThiYjk5NjUxNzY0Mzk5YzY1NjVkZjdhMDgz
NGRiYWQwHhcNMjUwMTAyMTc1MjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg3ZGZiOWMwMjdhZDdkMzNhY2YxOTU1MTUwNWVjOGExZmJmMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA87AUpLr+JYa0+TvhpmrNCypmw5S8
hNFfqQ05kqatQQVt9rPVuyUc87J4L//yWRh7ynlbii02iFtTuTJX+A5TAdEHB2Zp
tTkMTgDSMRFg0f/1PK+BdomP1DU/mmDhHK/ATkWONkTiWEyIxLnTqKEzIzjNzFqj
vDNh9LF81ofIsDZlvzBUx/yNtNeTYqAg8xFfb897fuXeZnNXlkRFmp4sRp0vyTXC
cLqkfDAPUIC8f10uV5PiUU/5JqwpU5fLcn3/ZBZpQLAM2h0g2isXZIBVub/qG8km
AEWhSrKIpko6DiPdzCQZj8mqCvOUFEsIpQH5ErYOPUfOspYAum5j+c9HJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNWH37nAJ619M6zxlVFQXsih+/LRMB8GA1UdIwQY
MBaAFAivCRhYu5llF2Q5nGVl33oINNutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYt
NTYxMjliN2RjMDE4LzEvMVlmZnVjQW5yWDB6clBHVlVWQmV5S0g3OHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYtNTYxMjliN2RjMDE4
LzEvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAue8YMA0E
AgACMAcDBQMqE/eAMA0GCSqGSIb3DQEBCwUAA4IBAQAKpa1PJAd6KlRKeZZt6oRo
XM/Sy1m54tfOfZLEdkDoG0+V+Ad+erXB7tHfgm3/Dd4Z8zDdZOce7vz2hj4m3K0q
hnvhWkCHI+tKYr3TjZ211AaGPR76se7fFvQEwxbzhIAqKtjOT99g2kmvrN8DTSNN
jeHU8rOPe5uhxocIgAZGm5zXyPerBiV4Y1MXN6VxdR38CHs31Cf7Tszs+WWm9ATV
vaQTmOkIr12M2EeCw8r8cw7ztH5LQStWk/wmjmXSzsn2lVVz0w17p6h5d/5Fu90g
6ytrjGnIdV4uHQyBec9QLe7G5669DhvSXkXf1Fs0ZHepDCssJDoTpb1G1WtGvTrN
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:51 2025 by rpki-client