Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/CYD_Z2qF6mHZ92tY0ftxYfveSAQ.roa
File: CYD_Z2qF6mHZ92tY0ftxYfveSAQ.roa (raw, json)
Hash identifier: IVgjWp28wTnlbtVuEQ1FT4HkeEGAz5yGW6fM8IpM3RI=
Subject key identifier: 09:80:FF:67:6A:85:EA:61:D9:F7:6B:58:D1:FB:71:61:FB:DE:48:04
Certificate issuer: /CN=9bdba95290a985a697763d30ab42f9c3784078b2
Certificate serial: 019427B58719E1D97655F4889135C8C3D709
Authority key identifier: 9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/CYD_Z2qF6mHZ92tY0ftxYfveSAQ.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209368
IP address blocks: 185.133.92.0/22 maxlen: 24
2a09:83c0::/29 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:87:19:e1:d9:76:55:f4:88:91:35:c8:c3:d7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bdba95290a985a697763d30ab42f9c3784078b2
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0980ff676a85ea61d9f76b58d1fb7161fbde4804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:a6:2f:2c:8b:7c:9f:d7:d2:09:49:6f:c8:
e4:ba:21:f5:ca:29:73:f4:a5:c8:e4:d7:ac:3c:44:
62:9a:64:88:8a:8b:89:8a:a2:e0:c0:a4:0d:f0:e5:
dd:a3:1b:05:f3:83:a5:da:34:2c:8e:28:dc:84:7c:
68:b1:11:74:21:a0:b0:96:77:52:a4:10:6a:ae:1e:
0c:9f:63:2d:d4:7c:6a:4c:32:ac:4e:11:59:25:62:
d8:74:0f:0b:be:a9:86:19:46:9b:04:9f:c1:7d:36:
f8:f2:a9:bc:83:95:a7:ec:04:84:ba:78:c8:57:81:
c7:88:ab:53:7e:92:b5:a9:8a:40:19:8e:e4:57:d2:
de:2c:b6:59:d6:fa:32:d6:72:53:86:98:3f:ab:b3:
e4:f2:34:c2:00:b6:30:66:0d:7d:92:d6:c5:8e:09:
12:81:65:fa:e3:b7:31:c1:45:dc:03:f6:d0:cd:b5:
af:1d:0e:82:c7:7e:59:6a:04:8c:da:73:22:e0:8b:
9d:09:4a:2f:f5:ea:c9:bd:c4:2e:83:b1:14:9b:71:
bc:d8:11:ca:b1:c3:60:57:98:3c:09:1b:45:e4:d7:
33:c1:a8:bb:df:55:46:08:2c:81:e1:04:23:f8:2d:
fa:e7:dd:5f:57:61:b1:01:88:c5:3b:f2:96:e4:d4:
8f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:80:FF:67:6A:85:EA:61:D9:F7:6B:58:D1:FB:71:61:FB:DE:48:04
X509v3 Authority Key Identifier:
keyid:9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/CYD_Z2qF6mHZ92tY0ftxYfveSAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/m9upUpCphaaXdj0wq0L5w3hAeLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.92.0/22
IPv6:
2a09:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:60:7b:eb:96:6b:3d:47:f4:98:b6:b4:2e:ed:12:f1:15:28:
d9:19:67:cd:82:12:4c:45:78:01:b3:9a:3a:e5:27:ef:d4:a7:
2a:4d:0c:d4:29:76:05:b6:61:94:f9:9b:80:3a:bd:38:d1:4a:
8b:1b:25:25:c5:66:0a:89:13:ff:51:7e:30:32:82:52:cf:0a:
51:a0:08:97:b7:48:83:13:e7:e4:d2:7b:aa:05:e7:93:76:88:
a9:e7:b9:a2:c6:fc:0c:02:5b:2b:2f:be:fc:fe:e0:37:c0:b0:
5b:54:dc:ba:24:12:e5:79:a4:19:11:ae:46:f6:1b:17:ec:bf:
2b:bf:33:a4:59:ba:34:af:75:43:a2:42:3e:d6:cd:f5:df:90:
62:02:70:1d:8a:c0:d6:a4:1d:d0:ae:a1:48:7d:1a:90:1b:dd:
0f:e2:ad:fe:6e:a6:07:4c:63:52:51:72:f5:c9:3c:44:a7:88:
bc:5c:2a:0c:de:ea:ca:52:c3:d7:dc:87:66:da:ee:63:f8:95:
ac:88:4c:63:51:8e:02:33:cf:29:b8:9b:bf:2f:2e:dd:8a:f5:
cc:82:5a:16:77:c4:d7:c6:d0:7c:23:7d:63:84:fe:fe:0c:00:
ec:4c:e4:e9:6b:13:2d:fb:c5:f5:7d:0f:e5:48:1f:4c:8e:93:
06:a2:86:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntYcZ4dl2VfSIkTXIw9cJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZGJhOTUyOTBhOTg1YTY5Nzc2M2QzMGFiNDJmOWMzNzg0
MDc4YjIwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTgwZmY2NzZhODVlYTYxZDlmNzZiNThkMWZiNzE2MWZiZGU0ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeGmLyyLfJ/X0glJb8jkuiH1yilz
9KXI5NesPERimmSIiouJiqLgwKQN8OXdoxsF84Ol2jQsjijchHxosRF0IaCwlndS
pBBqrh4Mn2Mt1HxqTDKsThFZJWLYdA8LvqmGGUabBJ/BfTb48qm8g5Wn7ASEunjI
V4HHiKtTfpK1qYpAGY7kV9LeLLZZ1voy1nJThpg/q7Pk8jTCALYwZg19ktbFjgkS
gWX647cxwUXcA/bQzbWvHQ6Cx35ZagSM2nMi4IudCUov9erJvcQug7EUm3G82BHK
scNgV5g8CRtF5Nczwai731VGCCyB4QQj+C36591fV2GxAYjFO/KW5NSPyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAmA/2dqheph2fdrWNH7cWH73kgEMB8GA1UdIwQY
MBaAFJvbqVKQqYWml3Y9MKtC+cN4QHiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQt
ODBhNjZjMGZjODg0LzEvQ1lEX1oycUY2bUhaOTJ0WTBmdHhZZnZlU0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQtODBhNjZjMGZjODg0
LzEvbTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYVcMA0E
AgACMAcDBQMqCYPAMA0GCSqGSIb3DQEBCwUAA4IBAQA6YHvrlms9R/SYtrQu7RLx
FSjZGWfNghJMRXgBs5o65Sfv1KcqTQzUKXYFtmGU+ZuAOr040UqLGyUlxWYKiRP/
UX4wMoJSzwpRoAiXt0iDE+fk0nuqBeeTdoip57mixvwMAlsrL778/uA3wLBbVNy6
JBLleaQZEa5G9hsX7L8rvzOkWbo0r3VDokI+1s3135BiAnAdisDWpB3QrqFIfRqQ
G90P4q3+bqYHTGNSUXL1yTxEp4i8XCoM3urKUsPX3Idm2u5j+JWsiExjUY4CM88p
uJu/Ly7divXMgloWd8TXxtB8I31jhP7+DADsTOTpaxMt+8X1fQ/lSB9MjpMGooYz
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:58:57 2025 by rpki-client