Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7d0ba2-97f5-420b-8dc0-c35410b5b691/1/y7pqrIfOM4grpXfLN2-wf1fCTBM.roa
File: y7pqrIfOM4grpXfLN2-wf1fCTBM.roa (raw, json)
Hash identifier: v2U5GSWu/G3ebOQx0tbHDGLoLjB8X7C4XKiRyj7FSr0=
Subject key identifier: CB:BA:6A:AC:87:CE:33:88:2B:A5:77:CB:37:6F:B0:7F:57:C2:4C:13
Certificate issuer: /CN=cae74fcce41933f427c537d365d5e761d2655eb6
Certificate serial: 019423D74D261A602E65D3FBB604DE2681CF
Authority key identifier: CA:E7:4F:CC:E4:19:33:F4:27:C5:37:D3:65:D5:E7:61:D2:65:5E:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yudPzOQZM_QnxTfTZdXnYdJlXrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7d0ba2-97f5-420b-8dc0-c35410b5b691/1/y7pqrIfOM4grpXfLN2-wf1fCTBM.roa
Signing time: Wed 01 Jan 2025 21:48:20 +0000
ROA not before: Wed 01 Jan 2025 21:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 185.126.108.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4d:26:1a:60:2e:65:d3:fb:b6:04:de:26:81:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cae74fcce41933f427c537d365d5e761d2655eb6
Validity
Not Before: Jan 1 21:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbba6aac87ce33882ba577cb376fb07f57c24c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:35:f5:d2:be:b9:dc:9c:c2:a1:90:35:47:58:
3a:40:a0:48:f1:61:21:2a:65:a8:f6:29:60:c8:44:
63:e2:82:c9:ce:e5:63:84:a0:35:73:12:ee:a4:7b:
a6:fc:88:78:79:d4:35:49:ff:8c:c0:2e:71:af:c4:
a6:18:9a:35:5a:49:6e:e3:86:07:00:4a:28:c0:e5:
70:ff:52:1d:2a:82:2f:be:5f:e4:ef:48:4e:26:eb:
90:fb:8a:16:13:30:9b:b8:a1:a3:6d:cf:73:7c:49:
78:e0:52:a1:5f:ab:81:73:61:c2:e0:b6:00:0c:bf:
48:13:31:10:1a:8c:1e:ab:e3:4d:28:2f:57:7d:dd:
dd:42:14:22:37:5f:41:f6:f5:ee:a6:bd:1a:87:4a:
27:7d:be:b3:2c:cb:e1:3c:3a:58:18:f0:4b:2d:9f:
8c:13:1c:5c:53:69:f7:1a:b7:30:dc:81:83:1a:9e:
af:53:e7:73:6c:14:82:3d:0d:b6:a5:e4:ca:03:8b:
68:6c:76:96:a9:24:63:e2:91:01:ca:55:99:c5:b8:
5f:0f:74:90:8d:3a:d8:d9:ac:d3:bd:cd:d0:ca:9a:
65:9c:8c:78:d8:fb:1b:3d:fb:c3:46:12:c4:c1:f3:
0b:c3:cf:dc:19:17:2f:8c:6e:77:f7:21:ed:d6:2f:
a1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BA:6A:AC:87:CE:33:88:2B:A5:77:CB:37:6F:B0:7F:57:C2:4C:13
X509v3 Authority Key Identifier:
keyid:CA:E7:4F:CC:E4:19:33:F4:27:C5:37:D3:65:D5:E7:61:D2:65:5E:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yudPzOQZM_QnxTfTZdXnYdJlXrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7d0ba2-97f5-420b-8dc0-c35410b5b691/1/y7pqrIfOM4grpXfLN2-wf1fCTBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7d0ba2-97f5-420b-8dc0-c35410b5b691/1/yudPzOQZM_QnxTfTZdXnYdJlXrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.108.0/22
Signature Algorithm: sha256WithRSAEncryption
70:7b:97:bd:42:40:1b:a6:1c:a2:46:80:08:47:b7:cf:20:ce:
3e:0b:f4:03:5c:73:d6:f8:16:89:90:64:ac:a3:67:03:c7:ce:
6b:11:ed:c4:cf:e9:10:b0:50:99:0a:54:86:a9:95:8b:4a:9e:
4d:04:22:75:eb:3d:86:ba:be:06:86:90:22:d3:db:90:f9:b0:
cf:89:0f:5b:22:9f:e0:13:b4:8b:34:29:09:f3:a8:17:48:df:
db:06:01:8b:0c:ca:0b:dd:19:68:50:54:5c:ca:6b:28:fb:88:
2c:79:4a:01:5e:04:69:e9:61:cc:74:be:49:c1:8e:3d:30:b2:
bf:55:58:8b:7a:6c:47:84:77:5a:a2:5e:f0:99:ec:db:c0:2c:
b3:11:08:23:24:06:4a:dd:fb:da:f3:45:b6:54:4d:6a:cc:88:
55:03:68:0c:60:5c:59:35:41:64:a6:3e:ba:19:cf:14:9b:5c:
37:e6:51:85:b6:16:d3:56:f8:5a:9e:c5:ce:d6:92:19:1f:97:
3e:75:c9:32:72:90:92:7f:81:a9:c5:27:fc:43:83:49:28:7e:
ae:e7:ec:24:69:a0:ba:25:4c:7c:69:f7:06:15:9b:d1:13:16:
d5:06:1a:6b:0f:75:9c:50:95:6f:0c:ec:19:fb:d5:b3:e4:89:
e6:c3:b6:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj100mGmAuZdP7tgTeJoHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTc0ZmNjZTQxOTMzZjQyN2M1MzdkMzY1ZDVlNzYxZDI2
NTVlYjYwHhcNMjUwMTAxMjE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmJhNmFhYzg3Y2UzMzg4MmJhNTc3Y2IzNzZmYjA3ZjU3YzI0YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzX10r653JzCoZA1R1g6QKBI8WEh
KmWo9ilgyERj4oLJzuVjhKA1cxLupHum/Ih4edQ1Sf+MwC5xr8SmGJo1Wklu44YH
AEoowOVw/1IdKoIvvl/k70hOJuuQ+4oWEzCbuKGjbc9zfEl44FKhX6uBc2HC4LYA
DL9IEzEQGoweq+NNKC9Xfd3dQhQiN19B9vXupr0ah0onfb6zLMvhPDpYGPBLLZ+M
ExxcU2n3Grcw3IGDGp6vU+dzbBSCPQ22peTKA4tobHaWqSRj4pEBylWZxbhfD3SQ
jTrY2azTvc3QypplnIx42PsbPfvDRhLEwfMLw8/cGRcvjG539yHt1i+h3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMu6aqyHzjOIK6V3yzdvsH9XwkwTMB8GA1UdIwQY
MBaAFMrnT8zkGTP0J8U302XV52HSZV62MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVkUHpPUVpNX1FueFRmVFpkWG5ZZEpsWHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83ZDBiYTItOTdmNS00MjBiLThkYzAt
YzM1NDEwYjViNjkxLzEveTdwcXJJZk9NNGdycFhmTE4yLXdmMWZDVEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83ZDBiYTItOTdmNS00MjBiLThkYzAtYzM1NDEwYjViNjkx
LzEveXVkUHpPUVpNX1FueFRmVFpkWG5ZZEpsWHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX5sMA0G
CSqGSIb3DQEBCwUAA4IBAQBwe5e9QkAbphyiRoAIR7fPIM4+C/QDXHPW+BaJkGSs
o2cDx85rEe3Ez+kQsFCZClSGqZWLSp5NBCJ16z2Gur4GhpAi09uQ+bDPiQ9bIp/g
E7SLNCkJ86gXSN/bBgGLDMoL3RloUFRcymso+4gseUoBXgRp6WHMdL5JwY49MLK/
VViLemxHhHdaol7wmezbwCyzEQgjJAZK3fva80W2VE1qzIhVA2gMYFxZNUFkpj66
Gc8Um1w35lGFthbTVvhansXO1pIZH5c+dckycpCSf4GpxSf8Q4NJKH6u5+wkaaC6
JUx8afcGFZvRExbVBhprD3WcUJVvDOwZ+9Wz5Inmw7YU
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:08:32 2025 by rpki-client