Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/Ky7rxpR-4kSoR04Qa7eCVK5uiAA.roa
File: Ky7rxpR-4kSoR04Qa7eCVK5uiAA.roa (raw, json)
Hash identifier: 79v9RJlNPMb159U3SJ5gXF4cXCcoiW5a6vs+5ie+7Wo=
Subject key identifier: 2B:2E:EB:C6:94:7E:E2:44:A8:47:4E:10:6B:B7:82:54:AE:6E:88:00
Certificate issuer: /CN=ca47921e4430521a7727888c13bc7b8e104cbdbe
Certificate serial: 0194236A2D9961478FC9AD3F21D76A00D208
Authority key identifier: CA:47:92:1E:44:30:52:1A:77:27:88:8C:13:BC:7B:8E:10:4C:BD:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykeSHkQwUhp3J4iME7x7jhBMvb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/Ky7rxpR-4kSoR04Qa7eCVK5uiAA.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203082
IP address blocks: 185.251.244.0/22 maxlen: 24
185.251.244.0/24 maxlen: 24
185.251.245.0/24 maxlen: 24
185.251.246.0/24 maxlen: 24
185.251.247.0/24 maxlen: 24
2a0c:6cc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2d:99:61:47:8f:c9:ad:3f:21:d7:6a:00:d2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca47921e4430521a7727888c13bc7b8e104cbdbe
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b2eebc6947ee244a8474e106bb78254ae6e8800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:01:bb:39:45:7f:6a:d7:49:f0:e1:65:d6:a5:
90:67:fc:54:6c:52:14:cb:f3:62:95:c6:f7:20:8b:
03:ff:42:ca:5f:b3:d3:eb:aa:f9:92:79:73:cc:96:
02:ef:87:73:40:54:61:54:37:58:58:0c:98:24:29:
e1:7c:f5:2b:12:80:87:55:71:32:4b:79:4d:4f:e1:
6a:1e:00:04:2d:ed:d1:55:ca:db:f9:44:7c:01:9b:
11:21:02:37:69:73:85:95:a6:a9:70:f4:a0:cf:07:
7c:72:06:bd:ad:1a:5f:5b:87:ed:ef:27:73:6f:b9:
3a:3c:8f:ea:bf:94:c0:e9:8d:19:b0:87:8e:43:8f:
a0:18:21:b1:c7:9d:14:f7:bc:9e:cb:a7:e1:b2:6a:
e4:d6:2e:c3:0a:18:85:dc:a1:67:43:bc:4f:32:6f:
90:1a:c2:50:4a:f5:64:b4:70:96:9a:eb:20:d6:cf:
fa:51:b2:94:dd:2d:60:81:c4:9e:3e:bf:b2:34:ea:
9f:fc:04:8c:3c:bb:73:b7:69:c5:58:39:f5:21:25:
b8:d9:2c:fe:60:55:1c:ea:7f:0c:bd:9d:14:23:87:
cc:f3:7f:27:e3:b9:75:3c:f7:2e:cd:87:8e:ba:e6:
55:e0:1f:d3:b4:67:0e:48:dc:cb:ad:5b:c1:88:92:
6d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2E:EB:C6:94:7E:E2:44:A8:47:4E:10:6B:B7:82:54:AE:6E:88:00
X509v3 Authority Key Identifier:
keyid:CA:47:92:1E:44:30:52:1A:77:27:88:8C:13:BC:7B:8E:10:4C:BD:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykeSHkQwUhp3J4iME7x7jhBMvb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/Ky7rxpR-4kSoR04Qa7eCVK5uiAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/ykeSHkQwUhp3J4iME7x7jhBMvb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.244.0/22
IPv6:
2a0c:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:11:1b:51:83:63:76:48:ac:ad:43:0b:e4:17:59:63:21:d4:
62:ac:a5:60:8d:d6:5e:cb:4f:57:0d:34:77:33:26:0b:c2:ed:
30:05:79:19:50:be:29:48:63:74:30:75:9b:1b:43:59:43:9b:
8e:ee:fa:73:30:93:59:6d:99:96:45:3c:07:4a:12:7a:5c:9d:
8e:91:b8:e9:4a:f7:b0:65:0e:a8:31:99:0a:53:52:1f:57:70:
45:2d:05:8d:b3:71:ae:0e:07:12:03:5c:94:bd:86:88:b0:d9:
b2:c4:1d:62:3b:d4:92:6f:77:df:af:aa:c6:68:f9:a6:d9:01:
62:c0:5c:b7:b8:79:01:6a:f2:f4:de:ac:be:68:f8:c3:9e:23:
a8:58:20:ff:bd:36:8b:49:66:78:d8:d6:4e:ef:54:88:fa:ea:
60:e6:8c:31:8a:81:cc:af:bf:de:9c:b9:69:8c:a6:06:01:0a:
a4:f1:4d:c6:e3:e7:f7:47:eb:03:f8:4f:b5:58:60:b7:8e:46:
58:92:f3:8f:58:dc:59:d0:27:30:d6:ef:3f:30:16:c9:d2:f7:
62:b4:af:d3:f8:05:0d:bd:ff:ee:fb:95:94:1e:1b:f1:65:d2:
7e:1f:c2:f2:e7:08:dd:f6:25:9d:f5:40:de:a4:86:ab:9d:09:
68:03:dd:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjai2ZYUePya0/IddqANIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDc5MjFlNDQzMDUyMWE3NzI3ODg4YzEzYmM3YjhlMTA0
Y2JkYmUwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJlZWJjNjk0N2VlMjQ0YTg0NzRlMTA2YmI3ODI1NGFlNmU4ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgG7OUV/atdJ8OFl1qWQZ/xUbFIU
y/Nilcb3IIsD/0LKX7PT66r5knlzzJYC74dzQFRhVDdYWAyYJCnhfPUrEoCHVXEy
S3lNT+FqHgAELe3RVcrb+UR8AZsRIQI3aXOFlaapcPSgzwd8cga9rRpfW4ft7ydz
b7k6PI/qv5TA6Y0ZsIeOQ4+gGCGxx50U97yey6fhsmrk1i7DChiF3KFnQ7xPMm+Q
GsJQSvVktHCWmusg1s/6UbKU3S1ggcSePr+yNOqf/ASMPLtzt2nFWDn1ISW42Sz+
YFUc6n8MvZ0UI4fM838n47l1PPcuzYeOuuZV4B/TtGcOSNzLrVvBiJJtbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCsu68aUfuJEqEdOEGu3glSubogAMB8GA1UdIwQY
MBaAFMpHkh5EMFIadyeIjBO8e44QTL2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtlU0hrUXdVaHAzSjRpTUU3eDdqaEJNdmI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82M2YxZTgtMzcxNS00NDE0LTlmM2It
ODNlNTVjNWY2ZjdkLzEvS3k3cnhwUi00a1NvUjA0UWE3ZUNWSzV1aUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82M2YxZTgtMzcxNS00NDE0LTlmM2ItODNlNTVjNWY2Zjdk
LzEveWtlU0hrUXdVaHAzSjRpTUU3eDdqaEJNdmI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufv0MA0E
AgACMAcDBQMqDGzAMA0GCSqGSIb3DQEBCwUAA4IBAQBtERtRg2N2SKytQwvkF1lj
IdRirKVgjdZey09XDTR3MyYLwu0wBXkZUL4pSGN0MHWbG0NZQ5uO7vpzMJNZbZmW
RTwHShJ6XJ2OkbjpSvewZQ6oMZkKU1IfV3BFLQWNs3GuDgcSA1yUvYaIsNmyxB1i
O9SSb3ffr6rGaPmm2QFiwFy3uHkBavL03qy+aPjDniOoWCD/vTaLSWZ42NZO71SI
+upg5owxioHMr7/enLlpjKYGAQqk8U3G4+f3R+sD+E+1WGC3jkZYkvOPWNxZ0Ccw
1u8/MBbJ0vditK/T+AUNvf/u+5WUHhvxZdJ+H8Ly5wjd9iWd9UDepIarnQloA91K
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:25 2025 by rpki-client