Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/fc3591-3d78-4d9b-94ea-a65b9f607e3e/1/YFKVeEBJZW1VH1lMf1z8k2XR2dw.roa
File: YFKVeEBJZW1VH1lMf1z8k2XR2dw.roa (raw, json)
Hash identifier: ktDo2PZ71KEenNsxjiVRbbwqRhzDhrH0f5p3Dle1h/8=
Subject key identifier: 60:52:95:78:40:49:65:6D:55:1F:59:4C:7F:5C:FC:93:65:D1:D9:DC
Certificate issuer: /CN=091472e52047b5f7753ef1526dda38ed428bfe47
Certificate serial: 019421B18FA9626DD67147A1543876F45F5B
Authority key identifier: 09:14:72:E5:20:47:B5:F7:75:3E:F1:52:6D:DA:38:ED:42:8B:FE:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CRRy5SBHtfd1PvFSbdo47UKL_kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/fc3591-3d78-4d9b-94ea-a65b9f607e3e/1/YFKVeEBJZW1VH1lMf1z8k2XR2dw.roa
Signing time: Wed 01 Jan 2025 11:47:52 +0000
ROA not before: Wed 01 Jan 2025 11:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207095
IP address blocks: 185.166.52.0/24 maxlen: 24
185.166.53.0/24 maxlen: 24
185.166.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8f:a9:62:6d:d6:71:47:a1:54:38:76:f4:5f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091472e52047b5f7753ef1526dda38ed428bfe47
Validity
Not Before: Jan 1 11:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=605295784049656d551f594c7f5cfc9365d1d9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:df:19:8b:ed:2e:bc:ab:0e:be:8a:0d:b0:
b5:f5:87:bd:73:56:b2:c5:e4:ff:c2:ae:2f:14:1e:
e7:15:7a:a4:3c:43:73:99:bb:f2:98:8b:2b:87:8e:
7f:c3:52:16:11:44:c1:1a:86:3f:37:5a:20:1a:39:
f2:71:be:08:44:fe:5e:47:e4:ac:bd:02:74:cb:41:
3a:b2:43:9b:6f:2e:03:77:22:a5:a5:e4:6c:d1:64:
85:8c:f6:12:b0:79:0a:c2:8c:5e:1b:e6:e4:d9:22:
d5:0a:f0:0c:1e:17:7c:bd:2c:03:9e:c3:bd:ab:d7:
e5:c7:e6:6e:74:ce:50:8a:f0:c8:eb:4c:0a:e5:c2:
3a:6d:9c:ed:b4:a0:92:fb:83:68:4f:62:aa:c9:b2:
7f:a9:cb:15:b2:5b:d6:ad:0a:03:d4:eb:86:06:58:
89:6b:48:29:a9:f0:e3:77:b6:81:5f:f1:0f:1b:e3:
1b:65:16:b1:df:a5:3e:e6:bc:34:da:63:e9:4e:1c:
c6:11:c9:99:6c:91:03:43:63:29:d9:e5:0f:41:da:
cd:d3:9c:cc:68:5e:f6:00:b6:eb:2f:e1:dc:35:0e:
68:ca:b5:4e:c4:27:68:9d:31:8d:06:b5:71:f1:ef:
f3:9f:e3:69:f9:00:31:1a:0b:69:f6:b6:2d:0f:01:
e7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:52:95:78:40:49:65:6D:55:1F:59:4C:7F:5C:FC:93:65:D1:D9:DC
X509v3 Authority Key Identifier:
keyid:09:14:72:E5:20:47:B5:F7:75:3E:F1:52:6D:DA:38:ED:42:8B:FE:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CRRy5SBHtfd1PvFSbdo47UKL_kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fc3591-3d78-4d9b-94ea-a65b9f607e3e/1/YFKVeEBJZW1VH1lMf1z8k2XR2dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fc3591-3d78-4d9b-94ea-a65b9f607e3e/1/CRRy5SBHtfd1PvFSbdo47UKL_kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.52.0/23
185.166.55.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:9a:5c:22:f4:9c:25:29:ca:fd:bb:a2:e3:c8:34:3a:a0:bd:
38:ae:85:a8:bc:1b:0f:2d:4a:76:bf:40:35:7a:b3:28:16:9e:
67:e1:ff:9a:3b:d7:cc:e5:14:61:b8:80:71:7b:ea:e5:e6:ab:
89:dc:15:8e:6d:5f:96:fd:54:34:de:74:ae:0f:07:cb:ec:27:
f5:26:76:43:1c:0f:c8:2d:e7:5e:f9:db:f2:18:bb:c3:a2:75:
88:8b:c5:14:fe:da:74:d7:f8:c0:b8:95:7e:d7:2e:7a:c7:4d:
08:24:ae:6a:f6:59:98:bf:75:8b:53:cc:e8:77:91:66:28:3b:
45:80:1c:a3:bb:dd:f0:fc:1d:64:53:c2:ac:8c:7b:ac:ba:19:
f8:49:57:ce:86:8a:27:b2:d1:e5:24:06:b8:a0:85:8b:e6:d1:
6b:db:3c:a1:7c:bf:e1:0c:31:70:3e:df:bb:49:3e:6e:8e:b9:
5b:c8:93:49:d0:5d:26:68:58:00:18:41:c6:2a:3d:5d:a0:58:
31:67:44:d5:7e:b1:8a:d0:86:de:fe:c8:67:1e:2f:82:bd:41:
90:83:14:4c:1e:38:fe:be:84:54:79:8e:8f:e4:ae:7c:65:1f:
43:fe:a4:0a:3b:bf:67:c4:5b:f2:e5:1b:e0:e4:a9:e8:53:23:
b9:61:d6:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsY+pYm3WcUehVDh29F9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MTQ3MmU1MjA0N2I1Zjc3NTNlZjE1MjZkZGEzOGVkNDI4
YmZlNDcwHhcNMjUwMTAxMTE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUyOTU3ODQwNDk2NTZkNTUxZjU5NGM3ZjVjZmM5MzY1ZDFkOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6vfGYvtLryrDr6KDbC19Ye9c1ay
xeT/wq4vFB7nFXqkPENzmbvymIsrh45/w1IWEUTBGoY/N1ogGjnycb4IRP5eR+Ss
vQJ0y0E6skObby4DdyKlpeRs0WSFjPYSsHkKwoxeG+bk2SLVCvAMHhd8vSwDnsO9
q9flx+ZudM5QivDI60wK5cI6bZzttKCS+4NoT2KqybJ/qcsVslvWrQoD1OuGBliJ
a0gpqfDjd7aBX/EPG+MbZRax36U+5rw02mPpThzGEcmZbJEDQ2Mp2eUPQdrN05zM
aF72ALbrL+HcNQ5oyrVOxCdonTGNBrVx8e/zn+Np+QAxGgtp9rYtDwHnRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGBSlXhASWVtVR9ZTH9c/JNl0dncMB8GA1UdIwQY
MBaAFAkUcuUgR7X3dT7xUm3aOO1Ci/5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1JSeTVTQkh0ZmQxUHZGU2JkbzQ3VUtMX2tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mYzM1OTEtM2Q3OC00ZDliLTk0ZWEt
YTY1YjlmNjA3ZTNlLzEvWUZLVmVFQkpaVzFWSDFsTWYxejhrMlhSMmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mYzM1OTEtM2Q3OC00ZDliLTk0ZWEtYTY1YjlmNjA3ZTNl
LzEvQ1JSeTVTQkh0ZmQxUHZGU2JkbzQ3VUtMX2tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaY0AwQA
uaY3MA0GCSqGSIb3DQEBCwUAA4IBAQCKmlwi9JwlKcr9u6LjyDQ6oL04roWovBsP
LUp2v0A1erMoFp5n4f+aO9fM5RRhuIBxe+rl5quJ3BWObV+W/VQ03nSuDwfL7Cf1
JnZDHA/ILede+dvyGLvDonWIi8UU/tp01/jAuJV+1y56x00IJK5q9lmYv3WLU8zo
d5FmKDtFgByju93w/B1kU8KsjHusuhn4SVfOhoonstHlJAa4oIWL5tFr2zyhfL/h
DDFwPt+7ST5ujrlbyJNJ0F0maFgAGEHGKj1doFgxZ0TVfrGK0Ibe/shnHi+CvUGQ
gxRMHjj+voRUeY6P5K58ZR9D/qQKO79nxFvy5Rvg5KnoUyO5Ydaa
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:05:31 2025 by rpki-client