Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/YuVFbu671lxJtgp8Dd5trr77imo.roa
File: YuVFbu671lxJtgp8Dd5trr77imo.roa (raw, json)
Hash identifier: eoCcK7MisnOAgEVb/tn2NdbeYwDzl1a566p1bHV7AcM=
Subject key identifier: 62:E5:45:6E:EE:BB:D6:5C:49:B6:0A:7C:0D:DE:6D:AE:BE:FB:8A:6A
Certificate issuer: /CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Certificate serial: 0194228E3DC8B89DA18F2D3B38AA981E4B86
Authority key identifier: F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/YuVFbu671lxJtgp8Dd5trr77imo.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202454
IP address blocks: 185.152.0.0/23 maxlen: 23
185.152.0.0/24 maxlen: 24
185.152.1.0/24 maxlen: 24
185.152.3.0/24 maxlen: 24
193.28.36.0/22 maxlen: 22
193.28.36.0/24 maxlen: 24
193.28.37.0/24 maxlen: 24
193.28.38.0/24 maxlen: 24
193.28.39.0/24 maxlen: 24
2a0a:2700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3d:c8:b8:9d:a1:8f:2d:3b:38:aa:98:1e:4b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62e5456eeebbd65c49b60a7c0dde6daebefb8a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:63:6b:ce:02:a1:73:09:39:2b:55:78:3d:23:
82:3f:80:d7:c2:44:9d:2e:ac:af:4d:34:55:0f:d2:
96:ff:10:d0:6d:0d:3c:30:14:95:7d:68:ce:4e:0e:
50:fa:77:6d:7a:ee:96:55:ac:dc:3a:79:0e:95:27:
68:ce:12:bb:79:35:fe:f2:fb:c3:cd:a5:ce:51:f8:
6b:98:1c:c7:48:22:50:54:10:56:fb:03:42:e5:09:
f3:f9:4f:4d:4a:f0:38:52:8a:e8:c5:94:13:f7:9b:
4a:d9:0b:be:3f:c6:ff:7d:0b:db:ea:bf:ec:d0:fd:
79:b4:14:f0:91:fb:9e:b5:09:1b:77:7f:07:e0:eb:
e6:a7:bd:5c:0d:86:c8:c3:6d:43:c5:72:9f:7d:8c:
6e:9e:d4:81:1d:4f:19:cd:46:da:39:cf:a4:a2:1c:
22:29:7c:b3:10:c9:c4:ae:ed:ac:7a:16:a4:48:92:
11:22:97:82:41:28:e4:26:40:e3:30:8b:1c:c9:83:
54:a3:15:8c:e6:77:dd:82:59:e1:fd:b9:13:53:4d:
b0:c1:17:4d:15:be:45:10:5e:8f:1a:f9:a1:26:b1:
03:b9:a5:7b:83:3a:9b:2d:ca:15:df:49:ec:d1:ed:
55:4f:90:74:0e:5b:33:8f:fb:e9:1b:29:47:5b:44:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E5:45:6E:EE:BB:D6:5C:49:B6:0A:7C:0D:DE:6D:AE:BE:FB:8A:6A
X509v3 Authority Key Identifier:
keyid:F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/YuVFbu671lxJtgp8Dd5trr77imo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.0.0/23
185.152.3.0/24
193.28.36.0/22
IPv6:
2a0a:2700::/29
Signature Algorithm: sha256WithRSAEncryption
9e:f9:37:a2:17:45:72:88:dd:20:3d:2d:d5:33:8a:42:1b:70:
f6:25:af:91:54:b1:3c:6d:e7:91:2b:be:0c:cb:4d:f4:16:1f:
32:e4:f9:ee:f4:bd:08:ed:09:a4:3d:20:68:bd:38:49:0d:7e:
40:fb:16:81:9b:b6:f1:28:a7:b3:53:42:df:bc:39:bc:23:3b:
93:7f:d2:b7:b5:13:b1:bb:c0:d9:04:f5:31:43:89:78:09:a0:
c1:85:3c:29:5e:d5:1c:26:ef:20:71:16:2b:99:58:d4:12:04:
76:b2:e4:9b:41:b7:69:66:ac:1e:6e:79:10:25:48:27:6d:55:
f6:ad:a8:6e:63:d7:75:fb:9b:a4:1f:c7:1d:48:11:99:e9:50:
1e:73:f3:09:ee:5c:a9:35:82:97:51:9c:54:21:8a:44:9f:de:
41:ec:73:91:81:83:27:b4:83:12:c5:88:67:a1:53:09:a1:e8:
b5:97:73:4a:e1:c3:35:54:4d:90:3e:56:c9:c9:dd:94:80:3f:
99:d0:05:02:21:25:64:a8:7c:c5:df:ec:80:d9:cf:93:6b:b0:
9c:cc:45:e1:0f:6e:90:ac:78:2e:78:60:d2:8b:02:21:88:ce:
23:b6:2a:9f:da:5c:54:06:73:76:ee:42:10:b7:cc:77:f1:56:
b7:fb:f2:80
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijj3IuJ2hjy07OKqYHkuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2Y0OTYzMzU3ZGRiOTg1NWY5YmFjNGM3ZDk5NWFkYzg5
YTM3MmEwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmU1NDU2ZWVlYmJkNjVjNDliNjBhN2MwZGRlNmRhZWJlZmI4YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmNrzgKhcwk5K1V4PSOCP4DXwkSd
LqyvTTRVD9KW/xDQbQ08MBSVfWjOTg5Q+ndteu6WVazcOnkOlSdozhK7eTX+8vvD
zaXOUfhrmBzHSCJQVBBW+wNC5Qnz+U9NSvA4UoroxZQT95tK2Qu+P8b/fQvb6r/s
0P15tBTwkfuetQkbd38H4Ovmp71cDYbIw21DxXKffYxuntSBHU8ZzUbaOc+kohwi
KXyzEMnEru2sehakSJIRIpeCQSjkJkDjMIscyYNUoxWM5nfdglnh/bkTU02wwRdN
Fb5FEF6PGvmhJrEDuaV7gzqbLcoV30ns0e1VT5B0Dlszj/vpGylHW0TfIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGLlRW7uu9ZcSbYKfA3eba6++4pqMB8GA1UdIwQY
MBaAFPDPSWM1fduYVfm6xMfZla3ImjcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAt
NmUwNTZiNjE3ZDJhLzEvWXVWRmJ1NjcxbHhKdGdwOERkNXRycjc3aW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAtNmUwNTZiNjE3ZDJh
LzEvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuZgAAwQA
uZgDAwQCwRwkMA0EAgACMAcDBQMqCicAMA0GCSqGSIb3DQEBCwUAA4IBAQCe+Tei
F0VyiN0gPS3VM4pCG3D2Ja+RVLE8beeRK74My030Fh8y5Pnu9L0I7QmkPSBovThJ
DX5A+xaBm7bxKKezU0LfvDm8IzuTf9K3tROxu8DZBPUxQ4l4CaDBhTwpXtUcJu8g
cRYrmVjUEgR2suSbQbdpZqwebnkQJUgnbVX2rahuY9d1+5ukH8cdSBGZ6VAec/MJ
7lypNYKXUZxUIYpEn95B7HORgYMntIMSxYhnoVMJoei1l3NK4cM1VE2QPlbJyd2U
gD+Z0AUCISVkqHzF3+yA2c+Ta7CczEXhD26QrHgueGDSiwIhiM4jtiqf2lxUBnN2
7kIQt8x38Va3+/KA
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:06 2025 by rpki-client