Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/722fe6-5f0a-49e8-abdb-caa2ad0de122/1/yaypQkj2AghrPvF04v2W54OMb7w.roa
File: yaypQkj2AghrPvF04v2W54OMb7w.roa (raw, json)
Hash identifier: hCq8GYL38w01XTv+RIEP/TCoZ0RM6Uh6E4DFeG+GgXc=
Subject key identifier: C9:AC:A9:42:48:F6:02:08:6B:3E:F1:74:E2:FD:96:E7:83:8C:6F:BC
Certificate issuer: /CN=bb376d0c9bef6b098fa63140bcc40d83d76bd549
Certificate serial: 0185714C3A1EC5E0B2B3F18437B6130FCF3B
Authority key identifier: BB:37:6D:0C:9B:EF:6B:09:8F:A6:31:40:BC:C4:0D:83:D7:6B:D5:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uzdtDJvvawmPpjFAvMQNg9dr1Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/722fe6-5f0a-49e8-abdb-caa2ad0de122/1/yaypQkj2AghrPvF04v2W54OMb7w.roa
Signing time: Mon 02 Jan 2023 07:04:59 +0000
ROA not before: Mon 02 Jan 2023 07:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 194.169.120.0/24 maxlen: 24
185.235.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:3a:1e:c5:e0:b2:b3:f1:84:37:b6:13:0f:cf:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb376d0c9bef6b098fa63140bcc40d83d76bd549
Validity
Not Before: Jan 2 07:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9aca94248f602086b3ef174e2fd96e7838c6fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:40:11:6f:71:72:bc:e0:bd:d4:ae:9e:d2:
e9:fb:3c:a0:bf:d4:8c:1e:f8:1f:2c:51:c6:4b:ad:
ad:2a:b5:4c:d1:e7:d1:15:2d:1f:0f:53:05:34:44:
00:f3:9c:0f:c4:21:fd:17:ab:91:67:a4:75:2b:1c:
b9:8a:dc:51:12:51:55:73:6b:82:70:46:2a:ce:df:
6a:4a:33:d6:36:c2:ec:b9:ae:43:c2:dd:83:85:3d:
1e:f2:cf:1a:65:95:c8:13:a4:20:6e:b9:e5:70:c8:
ce:bf:ad:c4:be:5a:db:6a:2f:8d:b2:1b:6c:8e:db:
ae:fb:d6:b2:4b:10:1f:00:8a:0a:da:c6:62:6a:f1:
56:19:d9:23:59:37:6e:a9:ce:7f:84:8e:d4:21:b3:
e8:b8:16:8e:1e:a3:88:31:35:01:55:e9:9d:d4:bc:
24:e8:f6:68:34:1b:3c:b4:fa:75:15:3c:d7:5b:9c:
99:53:7d:30:1b:62:a7:11:cf:bd:2f:e4:72:0e:cf:
a6:74:d8:f1:21:32:18:b1:8f:77:21:8c:8a:f2:a3:
3f:96:33:91:ca:70:f2:8d:bb:e7:58:64:1c:4c:e9:
97:fe:1d:e3:f0:a7:49:9d:c7:0a:bf:a2:1d:87:6e:
ba:82:68:46:7f:d8:24:a6:aa:d0:4d:25:4b:bc:76:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AC:A9:42:48:F6:02:08:6B:3E:F1:74:E2:FD:96:E7:83:8C:6F:BC
X509v3 Authority Key Identifier:
keyid:BB:37:6D:0C:9B:EF:6B:09:8F:A6:31:40:BC:C4:0D:83:D7:6B:D5:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uzdtDJvvawmPpjFAvMQNg9dr1Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/722fe6-5f0a-49e8-abdb-caa2ad0de122/1/yaypQkj2AghrPvF04v2W54OMb7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/722fe6-5f0a-49e8-abdb-caa2ad0de122/1/uzdtDJvvawmPpjFAvMQNg9dr1Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.77.0/24
194.169.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:cb:c2:d2:31:0f:be:39:41:58:8e:f6:61:e6:85:ab:6d:24:
c3:86:a5:ee:d3:47:30:e0:02:fc:97:31:39:12:70:db:5e:6e:
d6:8b:6c:6c:96:56:2b:fd:7e:d2:cb:43:1b:e4:08:74:e2:e6:
0a:0c:18:36:78:b7:ad:e3:8a:5f:de:bd:2d:c0:d0:bc:0a:33:
68:ea:77:91:7a:46:1c:27:33:b2:18:e6:ea:a9:1b:52:e6:d9:
22:3d:52:25:11:89:12:56:5a:0c:9c:ff:97:7a:cf:38:6b:38:
be:bd:a0:fc:b1:36:1d:04:52:57:ea:7d:b9:94:b4:ef:15:ab:
28:cd:18:29:9e:25:ff:6c:51:c0:e9:48:f9:dc:7c:92:85:fa:
5a:01:e1:8c:64:8a:30:87:be:c1:62:9f:71:05:70:4f:96:19:
cf:a1:1c:f4:73:ba:92:8e:a1:43:c4:0e:98:8d:69:1d:0d:3a:
c3:41:4c:4a:cb:9e:d3:23:a8:1e:20:bd:e4:f8:50:76:97:b9:
20:da:d5:c1:a0:db:3c:8d:f5:41:e6:a6:c0:64:cf:91:29:23:
da:23:9c:71:16:2c:f2:2c:83:d4:b3:f6:52:dd:7c:54:f4:dc:
5c:ff:b4:42:5a:3f:6d:1e:b2:f3:30:7b:c7:09:c1:1b:59:fa:
f6:c5:93:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxTDoexeCys/GEN7YTD887MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMzc2ZDBjOWJlZjZiMDk4ZmE2MzE0MGJjYzQwZDgzZDc2
YmQ1NDkwHhcNMjMwMTAyMDcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFjYTk0MjQ4ZjYwMjA4NmIzZWYxNzRlMmZkOTZlNzgzOGM2ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg1AEW9xcrzgvdSuntLp+zygv9SM
HvgfLFHGS62tKrVM0efRFS0fD1MFNEQA85wPxCH9F6uRZ6R1Kxy5itxRElFVc2uC
cEYqzt9qSjPWNsLsua5Dwt2DhT0e8s8aZZXIE6QgbrnlcMjOv63Evlrbai+Nshts
jtuu+9aySxAfAIoK2sZiavFWGdkjWTduqc5/hI7UIbPouBaOHqOIMTUBVemd1Lwk
6PZoNBs8tPp1FTzXW5yZU30wG2KnEc+9L+RyDs+mdNjxITIYsY93IYyK8qM/ljOR
ynDyjbvnWGQcTOmX/h3j8KdJnccKv6Idh266gmhGf9gkpqrQTSVLvHZaywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmsqUJI9gIIaz7xdOL9lueDjG+8MB8GA1UdIwQY
MBaAFLs3bQyb72sJj6YxQLzEDYPXa9VJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXpkdERKdnZhd21QcGpGQXZNUU5nOWRyMVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjJmZTYtNWYwYS00OWU4LWFiZGIt
Y2FhMmFkMGRlMTIyLzEveWF5cFFrajJBZ2hyUHZGMDR2Mlc1NE9NYjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjJmZTYtNWYwYS00OWU4LWFiZGItY2FhMmFkMGRlMTIy
LzEvdXpkdERKdnZhd21QcGpGQXZNUU5nOWRyMVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuetNAwQA
wql4MA0GCSqGSIb3DQEBCwUAA4IBAQA8y8LSMQ++OUFYjvZh5oWrbSTDhqXu00cw
4AL8lzE5EnDbXm7Wi2xsllYr/X7Sy0Mb5Ah04uYKDBg2eLet44pf3r0twNC8CjNo
6neRekYcJzOyGObqqRtS5tkiPVIlEYkSVloMnP+Xes84azi+vaD8sTYdBFJX6n25
lLTvFasozRgpniX/bFHA6Uj53HyShfpaAeGMZIowh77BYp9xBXBPlhnPoRz0c7qS
jqFDxA6YjWkdDTrDQUxKy57TI6geIL3k+FB2l7kg2tXBoNs8jfVB5qbAZM+RKSPa
I5xxFizyLIPUs/ZS3XxU9Nxc/7RCWj9tHrLzMHvHCcEbWfr2xZPY
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:29:50 2025 by rpki-client