Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/YrSG8iS4KKWAsBmNwODHiTRKqSg.roa
File: YrSG8iS4KKWAsBmNwODHiTRKqSg.roa (raw, json)
Hash identifier: 1IWZloQMhvNIDdmdcUEOzGMSXHvRkyP4lSKlPzCP3W8=
Subject key identifier: 62:B4:86:F2:24:B8:28:A5:80:B0:19:8D:C0:E0:C7:89:34:4A:A9:28
Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Certificate serial: 019427B6604CC4F13007A1B930D6FA50EF1E
Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/YrSG8iS4KKWAsBmNwODHiTRKqSg.roa
Signing time: Thu 02 Jan 2025 15:50:51 +0000
ROA not before: Thu 02 Jan 2025 15:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44244
IP address blocks: 2.144.0.0/16 maxlen: 24
2.145.0.0/16 maxlen: 24
2.146.0.0/16 maxlen: 24
2.147.0.0/16 maxlen: 24
5.112.0.0/16 maxlen: 24
5.113.0.0/16 maxlen: 24
5.114.0.0/16 maxlen: 24
5.115.0.0/16 maxlen: 24
5.116.0.0/16 maxlen: 24
5.117.0.0/16 maxlen: 24
5.119.0.0/16 maxlen: 24
5.120.0.0/16 maxlen: 24
5.121.0.0/16 maxlen: 24
5.122.0.0/16 maxlen: 24
5.123.0.0/16 maxlen: 24
5.124.0.0/16 maxlen: 24
5.125.0.0/16 maxlen: 24
5.126.0.0/16 maxlen: 24
5.127.0.0/16 maxlen: 24
92.42.48.0/21 maxlen: 24
2a01:5ec0::/36 maxlen: 37
2a01:5ec0:1000::/36 maxlen: 37
2a01:5ec0:2000::/36 maxlen: 37
2a01:5ec0:3000::/36 maxlen: 37
2a01:5ec0:4000::/36 maxlen: 37
2a01:5ec0:5000::/36 maxlen: 37
2a01:5ec0:6000::/36 maxlen: 37
2a01:5ec0:7000::/36 maxlen: 37
2a01:5ec0:8000::/36 maxlen: 37
2a01:5ec0:9000::/36 maxlen: 37
2a01:5ec0:a000::/36 maxlen: 37
2a01:5ec0:b000::/36 maxlen: 37
2a01:5ec0:c000::/36 maxlen: 37
2a01:5ec0:d000::/36 maxlen: 37
2a01:5ec0:e000::/36 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:60:4c:c4:f1:30:07:a1:b9:30:d6:fa:50:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Validity
Not Before: Jan 2 15:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62b486f224b828a580b0198dc0e0c789344aa928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3d:4d:3f:67:ba:aa:fc:90:93:1f:72:9f:27:
7d:6a:dd:17:8a:46:22:d6:a0:a1:b2:f7:7d:6a:b6:
3a:12:44:f2:ab:3d:b8:d3:32:c4:64:10:ba:e0:92:
4f:a3:19:94:63:09:7a:ef:20:75:ff:33:67:7a:98:
04:3f:aa:75:c4:92:53:32:f9:83:a4:d1:6f:47:4c:
5e:e3:e7:5c:5e:cc:83:d2:64:fb:fe:29:dd:c1:04:
8e:ca:60:91:37:c3:2e:27:40:26:06:2f:3d:0d:46:
36:dd:b3:8a:48:f3:30:24:0a:94:4c:4d:95:a3:a7:
dc:71:6a:b0:40:28:13:a4:32:2e:6e:a4:66:62:bf:
36:0e:5f:ce:60:90:0a:1b:95:34:fc:62:5b:7e:4a:
32:99:03:b0:27:1b:86:29:ee:5a:cb:c5:85:1c:f6:
81:7e:0f:b4:af:26:be:7c:c3:21:2c:0b:24:bb:a6:
c8:ad:ee:36:8e:55:73:ca:77:6d:25:c4:21:cf:37:
d3:94:8d:a0:63:9e:79:04:1b:d4:a2:0b:54:46:2c:
80:e3:8d:16:1b:16:59:01:24:b7:7f:76:eb:59:98:
00:3c:b7:91:76:45:23:56:be:59:f7:22:d7:8a:67:
b1:96:0c:09:d1:8c:f9:29:55:9b:0d:11:90:e9:0c:
ea:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B4:86:F2:24:B8:28:A5:80:B0:19:8D:C0:E0:C7:89:34:4A:A9:28
X509v3 Authority Key Identifier:
keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/YrSG8iS4KKWAsBmNwODHiTRKqSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.144.0.0/14
5.112.0.0-5.117.255.255
5.119.0.0-5.127.255.255
92.42.48.0/21
IPv6:
2a01:5ec0::-2a01:5ec0:efff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7b:39:c7:f1:55:be:05:cf:68:7c:e1:5a:aa:0c:6b:0e:f5:7b:
75:69:4a:86:cc:46:4e:06:64:2e:6e:bc:b9:9b:1b:fb:ef:fb:
1c:ee:66:a8:5a:fe:fd:c8:92:dc:f3:16:9a:23:6c:ef:d3:55:
d4:34:f4:d6:fe:f2:33:80:db:45:2b:4a:c7:96:b1:ac:ca:48:
34:1c:60:60:35:6c:bc:a9:9e:d3:95:4d:e5:ad:81:c3:96:bd:
f9:50:ec:75:6a:f5:f3:1e:f8:9f:e7:84:bd:e7:9f:85:70:a5:
fd:97:8a:7d:d6:cb:e3:e0:6b:dc:95:20:c8:78:c2:e7:24:65:
85:9a:c2:2c:dc:00:47:0d:26:c0:ec:60:1b:e0:a3:63:a6:65:
f0:14:70:45:2b:81:19:b5:0e:33:18:77:95:14:30:22:f8:4a:
25:b4:16:94:5b:85:c0:c7:25:47:e2:1b:09:46:8d:38:4b:08:
fd:2e:b0:14:14:53:61:60:2e:1b:6b:8b:4f:bd:3c:44:b7:ba:
17:44:c9:86:c5:81:06:bf:c7:6e:a3:77:37:09:e7:07:15:e8:
37:44:2f:f6:02:4f:64:9d:1a:8e:12:fd:14:47:1a:15:c0:ac:
d5:dd:d7:f9:17:02:a7:c3:71:5e:ea:c2:c2:de:46:07:fe:3b:
67:d4:e1:d2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQntmBMxPEwB6G5MNb6UO8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi
Yzc1M2IwHhcNMjUwMTAyMTU1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmI0ODZmMjI0YjgyOGE1ODBiMDE5OGRjMGUwYzc4OTM0NGFhOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5z1NP2e6qvyQkx9ynyd9at0XikYi
1qChsvd9arY6EkTyqz240zLEZBC64JJPoxmUYwl67yB1/zNnepgEP6p1xJJTMvmD
pNFvR0xe4+dcXsyD0mT7/indwQSOymCRN8MuJ0AmBi89DUY23bOKSPMwJAqUTE2V
o6fccWqwQCgTpDIubqRmYr82Dl/OYJAKG5U0/GJbfkoymQOwJxuGKe5ay8WFHPaB
fg+0rya+fMMhLAsku6bIre42jlVzyndtJcQhzzfTlI2gY555BBvUogtURiyA440W
GxZZASS3f3brWZgAPLeRdkUjVr5Z9yLXimexlgwJ0Yz5KVWbDRGQ6Qzq5wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGK0hvIkuCilgLAZjcDgx4k0SqkoMB8GA1UdIwQY
MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt
OGQ3MTVhYzIxN2UyLzEvWXJTRzhpUzRLS1dBc0JtTndPREhpVFJLcVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy
LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDApBAIAATAjAwMCApAwCgMD
BAVwAwMBBXQwCgMDAAV3AwMHBQADBANcKjAwFwQCAAIwETAPAwUGKgFewAMGBCoB
XsDgMA0GCSqGSIb3DQEBCwUAA4IBAQB7OcfxVb4Fz2h84VqqDGsO9Xt1aUqGzEZO
BmQubry5mxv77/sc7maoWv79yJLc8xaaI2zv01XUNPTW/vIzgNtFK0rHlrGsykg0
HGBgNWy8qZ7TlU3lrYHDlr35UOx1avXzHvif54S955+FcKX9l4p91svj4GvclSDI
eMLnJGWFmsIs3ABHDSbA7GAb4KNjpmXwFHBFK4EZtQ4zGHeVFDAi+EoltBaUW4XA
xyVH4hsJRo04Swj9LrAUFFNhYC4ba4tPvTxEt7oXRMmGxYEGv8duo3c3CecHFeg3
RC/2Ak9knRqOEv0URxoVwKzV3df5FwKnw3Fe6sLC3kYH/jtn1OHS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:24 2025 by rpki-client