Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/YHZXlT3XECUJzw-eVadVmxx7MSw.roa
File: YHZXlT3XECUJzw-eVadVmxx7MSw.roa (raw, json)
Hash identifier: sOGpM5/yuXY0OyU564TCIjFnpEWvZ7TXDU8k254N34o=
Subject key identifier: 60:76:57:95:3D:D7:10:25:09:CF:0F:9E:55:A7:55:9B:1C:7B:31:2C
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0194266BF3A72DB70342C434C247C5B84B77
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/YHZXlT3XECUJzw-eVadVmxx7MSw.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 80.254.228.0/24 maxlen: 24
185.92.171.0/24 maxlen: 24
2a13:5241::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f3:a7:2d:b7:03:42:c4:34:c2:47:c5:b8:4b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=607657953dd7102509cf0f9e55a7559b1c7b312c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:18:77:2e:0a:0d:d6:9c:75:63:67:ea:09:fc:
ff:43:7c:db:4a:a7:13:f2:fc:cb:5c:31:d4:33:69:
f1:56:f6:8e:50:8e:d3:07:c3:4e:56:52:c8:89:f3:
26:82:98:5b:58:94:6f:c9:28:27:ac:b7:bd:46:d6:
95:8e:eb:ca:62:d9:f5:89:16:51:31:b5:36:eb:1e:
08:c4:23:aa:fe:ac:ed:8c:8c:3b:73:29:65:d0:5e:
2c:de:f5:e7:ac:81:0e:83:86:1b:16:19:d5:21:85:
64:01:bb:5a:96:77:c2:78:d5:e1:44:97:b7:f4:af:
43:2e:20:86:cb:aa:a5:38:d6:84:ba:9b:77:47:96:
dd:f1:78:f8:6d:57:98:95:6d:54:07:a7:d5:e9:19:
b5:9a:be:2a:e2:3a:d1:e1:6f:6b:2b:30:d9:2b:99:
ec:67:43:f5:77:65:31:0b:bf:56:71:54:1e:2a:9e:
03:0d:e2:d2:45:fc:d6:0b:21:9e:bd:ba:96:48:17:
f2:74:ee:a6:3e:d4:92:94:75:50:0f:dc:9d:7e:6a:
28:01:b7:84:69:12:70:e1:e1:51:f8:48:4a:50:93:
50:e7:f3:76:27:be:88:a4:1a:35:33:8b:ac:fa:a8:
21:91:f7:96:81:37:41:09:af:bb:ad:48:6b:2e:e8:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:76:57:95:3D:D7:10:25:09:CF:0F:9E:55:A7:55:9B:1C:7B:31:2C
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/YHZXlT3XECUJzw-eVadVmxx7MSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.228.0/24
185.92.171.0/24
IPv6:
2a13:5241::/32
Signature Algorithm: sha256WithRSAEncryption
aa:7c:2f:60:0f:a2:1e:f1:b2:66:80:c1:19:18:ef:87:21:15:
61:16:fd:33:2d:48:ad:7b:17:69:cb:29:b3:c0:4b:fc:11:02:
a3:1a:2f:c9:a6:87:b0:fd:6c:b4:cd:3b:2f:bf:4d:e9:3d:ea:
c3:8c:b4:91:ce:0e:b3:15:c8:22:86:87:a0:53:65:23:0e:c1:
1c:d2:03:76:f5:34:4a:cc:63:76:53:5f:5c:c0:b6:66:7a:15:
4d:c5:8f:41:91:1e:35:47:db:6a:3e:ef:f9:f8:cf:53:35:87:
72:49:94:1f:9e:bd:02:7b:68:52:35:e9:05:76:bd:8a:7f:bf:
0c:92:1a:14:d7:8a:47:b7:e8:e7:f8:dc:13:d1:82:a1:b5:d9:
af:cd:ab:b8:e2:66:77:26:e4:5a:2b:d7:b1:64:f3:d8:fb:54:
e2:0a:ec:f2:40:6e:f1:01:c0:ca:44:a4:42:76:d7:e7:fa:cd:
30:88:3e:cd:89:4c:a7:aa:27:f6:8e:f3:f5:8c:68:ae:a1:89:
81:59:2a:20:ab:7f:c4:5e:d8:ca:ab:4d:28:ba:ee:5d:44:e7:
1b:7a:28:57:f2:17:ae:c6:0e:e1:1c:b5:5f:3e:a5:a1:0a:20:
70:06:0c:89:69:f4:dd:c0:3b:24:45:25:cc:e7:38:11:e8:58:
17:28:22:70
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma/OnLbcDQsQ0wkfFuEt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc2NTc5NTNkZDcxMDI1MDljZjBmOWU1NWE3NTU5YjFjN2IzMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRh3LgoN1px1Y2fqCfz/Q3zbSqcT
8vzLXDHUM2nxVvaOUI7TB8NOVlLIifMmgphbWJRvySgnrLe9RtaVjuvKYtn1iRZR
MbU26x4IxCOq/qztjIw7cyll0F4s3vXnrIEOg4YbFhnVIYVkAbtalnfCeNXhRJe3
9K9DLiCGy6qlONaEupt3R5bd8Xj4bVeYlW1UB6fV6Rm1mr4q4jrR4W9rKzDZK5ns
Z0P1d2UxC79WcVQeKp4DDeLSRfzWCyGevbqWSBfydO6mPtSSlHVQD9ydfmooAbeE
aRJw4eFR+EhKUJNQ5/N2J76IpBo1M4us+qghkfeWgTdBCa+7rUhrLugwuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGB2V5U91xAlCc8PnlWnVZscezEsMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvWUhaWGxUM1hFQ1VKenctZVZhZFZteHg3TVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUP7kAwQA
uVyrMA0EAgACMAcDBQAqE1JBMA0GCSqGSIb3DQEBCwUAA4IBAQCqfC9gD6Ie8bJm
gMEZGO+HIRVhFv0zLUitexdpyymzwEv8EQKjGi/Jpoew/Wy0zTsvv03pPerDjLSR
zg6zFcgihoegU2UjDsEc0gN29TRKzGN2U19cwLZmehVNxY9BkR41R9tqPu/5+M9T
NYdySZQfnr0Ce2hSNekFdr2Kf78MkhoU14pHt+jn+NwT0YKhtdmvzau44mZ3JuRa
K9exZPPY+1TiCuzyQG7xAcDKRKRCdtfn+s0wiD7NiUynqif2jvP1jGiuoYmBWSog
q3/EXtjKq00ouu5dROcbeihX8heuxg7hHLVfPqWhCiBwBgyJafTdwDskRSXM5zgR
6FgXKCJw
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:47:38 2025 by rpki-client