Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/YKk_IxXaH7sfK7_gRS3093UyRYo.roa
File: YKk_IxXaH7sfK7_gRS3093UyRYo.roa (raw, json)
Hash identifier: COs47LOLhU2xn+3tfczoJAT+wVHUvoY7/hZnsmTjtwc=
Subject key identifier: 60:A9:3F:23:15:DA:1F:BB:1F:2B:BF:E0:45:2D:F4:F7:75:32:45:8A
Certificate issuer: /CN=e3154adb5a2ed999cf1db9c1271b2209dad3449e
Certificate serial: 0194206805114CEE9BC0E64C3C56DBF5D639
Authority key identifier: E3:15:4A:DB:5A:2E:D9:99:CF:1D:B9:C1:27:1B:22:09:DA:D3:44:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/YKk_IxXaH7sfK7_gRS3093UyRYo.roa
Signing time: Wed 01 Jan 2025 05:47:55 +0000
ROA not before: Wed 01 Jan 2025 05:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34729
IP address blocks: 193.138.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:05:11:4c:ee:9b:c0:e6:4c:3c:56:db:f5:d6:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3154adb5a2ed999cf1db9c1271b2209dad3449e
Validity
Not Before: Jan 1 05:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a93f2315da1fbb1f2bbfe0452df4f77532458a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6f:fb:49:31:26:60:89:19:e4:51:f5:22:49:
b0:ad:b7:36:50:3e:e4:25:dd:52:6e:09:af:48:66:
e7:0c:23:f9:be:27:3c:f5:9a:c5:a3:b9:69:ae:87:
0a:c4:a2:da:04:38:d6:2f:d0:35:71:53:e4:c3:99:
28:17:a7:ca:75:9d:85:1f:7e:5f:04:55:fa:34:5b:
8d:cf:90:66:c1:61:20:de:ee:62:dc:ef:8f:9a:7c:
bd:e1:83:76:60:6e:e8:94:3b:b0:02:fa:74:88:ca:
50:76:71:ab:d2:bf:cd:95:ae:a3:f0:7d:a4:40:db:
d9:5c:8e:c4:13:f6:e1:da:36:8e:cb:c0:6a:d1:ec:
97:1a:25:8f:c6:70:a8:6b:4e:3d:f9:d1:35:d2:3a:
7e:45:55:a6:2b:a5:90:83:65:48:45:9b:b2:74:8e:
8d:1a:2a:6c:82:f8:64:2a:46:da:44:33:f9:46:2b:
f9:df:2a:99:5b:e1:20:3c:17:4a:95:5f:94:fc:d2:
0c:b9:46:82:c4:72:3a:f2:35:5a:6a:2f:d5:d9:2c:
c6:f5:4b:4c:78:f7:0e:21:eb:ff:0e:c5:0b:15:ad:
fb:a9:64:3a:b2:01:d3:e0:8c:76:f7:21:7b:49:80:
a4:b0:99:29:99:d0:eb:e6:6b:5f:ff:f5:ab:99:cd:
14:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A9:3F:23:15:DA:1F:BB:1F:2B:BF:E0:45:2D:F4:F7:75:32:45:8A
X509v3 Authority Key Identifier:
keyid:E3:15:4A:DB:5A:2E:D9:99:CF:1D:B9:C1:27:1B:22:09:DA:D3:44:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/YKk_IxXaH7sfK7_gRS3093UyRYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.8.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3b:2d:5b:82:2f:15:8a:6c:14:89:4a:83:44:52:5a:10:f9:
ff:c8:c7:85:d1:90:8a:fd:35:e0:51:03:7d:ad:85:46:05:4d:
88:8a:fc:b5:73:cf:1c:f1:9a:e6:7e:34:e5:54:e4:c8:82:9d:
8e:93:b1:26:9e:0c:e5:0d:c6:62:3b:24:48:b1:87:58:f7:74:
78:fd:24:f9:04:a9:ec:66:0f:1c:c2:e7:dc:9e:18:69:03:d3:
8f:67:62:c2:be:e9:a7:fe:f2:6e:bc:e5:fc:56:3e:01:af:08:
40:09:a5:f4:66:df:d1:a7:a1:ec:8a:b4:09:b7:2b:29:ca:99:
eb:d0:9e:9e:bd:fb:80:f2:8c:a5:6e:53:5b:49:bd:3a:fd:c8:
0b:db:ae:d0:68:32:93:cd:d8:60:70:a6:94:bc:c9:87:1b:6a:
be:b4:44:17:d3:4b:d2:5d:83:2b:3a:70:68:6a:12:9e:76:52:
e4:3b:6b:f6:0f:d6:c7:51:ea:7d:72:06:7e:15:d2:24:c4:2b:
cd:7d:33:dd:6b:2d:3d:eb:e1:41:bf:42:80:22:f2:6d:90:06:
96:b3:40:62:52:52:c4:c9:08:1e:10:ea:e6:a2:28:37:5a:fe:
a4:e1:33:da:ca:5c:d7:7a:05:d1:ba:71:26:de:7a:bc:89:c0:
25:c6:18:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaAURTO6bwOZMPFbb9dY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTU0YWRiNWEyZWQ5OTljZjFkYjljMTI3MWIyMjA5ZGFk
MzQ0OWUwHhcNMjUwMTAxMDU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE5M2YyMzE1ZGExZmJiMWYyYmJmZTA0NTJkZjRmNzc1MzI0NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2/7STEmYIkZ5FH1Ikmwrbc2UD7k
Jd1SbgmvSGbnDCP5vic89ZrFo7lprocKxKLaBDjWL9A1cVPkw5koF6fKdZ2FH35f
BFX6NFuNz5BmwWEg3u5i3O+Pmny94YN2YG7olDuwAvp0iMpQdnGr0r/Nla6j8H2k
QNvZXI7EE/bh2jaOy8Bq0eyXGiWPxnCoa049+dE10jp+RVWmK6WQg2VIRZuydI6N
GipsgvhkKkbaRDP5Riv53yqZW+EgPBdKlV+U/NIMuUaCxHI68jVaai/V2SzG9UtM
ePcOIev/DsULFa37qWQ6sgHT4Ix29yF7SYCksJkpmdDr5mtf//Wrmc0U1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCpPyMV2h+7Hyu/4EUt9Pd1MkWKMB8GA1UdIwQY
MBaAFOMVSttaLtmZzx25wScbIgna00SeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhWSzIxb3UyWm5QSGJuQkp4c2lDZHJUUko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wMTY3ZWItMGQxNi00Y2MxLTgwNDct
MTQyZmNhY2Q3YTQ5LzEvWUtrX0l4WGFIN3NmSzdfZ1JTMzA5M1V5UllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wMTY3ZWItMGQxNi00Y2MxLTgwNDctMTQyZmNhY2Q3YTQ5
LzEvNHhWSzIxb3UyWm5QSGJuQkp4c2lDZHJUUko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYoIMA0G
CSqGSIb3DQEBCwUAA4IBAQAzOy1bgi8VimwUiUqDRFJaEPn/yMeF0ZCK/TXgUQN9
rYVGBU2Iivy1c88c8ZrmfjTlVOTIgp2Ok7EmngzlDcZiOyRIsYdY93R4/ST5BKns
Zg8cwufcnhhpA9OPZ2LCvumn/vJuvOX8Vj4BrwhACaX0Zt/Rp6HsirQJtyspypnr
0J6evfuA8oylblNbSb06/cgL267QaDKTzdhgcKaUvMmHG2q+tEQX00vSXYMrOnBo
ahKedlLkO2v2D9bHUep9cgZ+FdIkxCvNfTPday096+FBv0KAIvJtkAaWs0BiUlLE
yQgeEOrmoig3Wv6k4TPaylzXegXRunEm3nq8icAlxhhE
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:41:58 2025 by rpki-client