Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/YjwHZ-U8mcXCH0aU6JQJG4PEKkA.roa
File: YjwHZ-U8mcXCH0aU6JQJG4PEKkA.roa (raw, json)
Hash identifier: AnaRhDa+1cCeJd4R7WSfA8EHeNFUa2CX4p8vAAGKzHM=
Subject key identifier: 62:3C:07:67:E5:3C:99:C5:C2:1F:46:94:E8:94:09:1B:83:C4:2A:40
Certificate issuer: /CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Certificate serial: 01941F8C2AA3ACBC471CCBF486A7DC19AB87
Authority key identifier: 43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/YjwHZ-U8mcXCH0aU6JQJG4PEKkA.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29399
IP address blocks: 185.95.168.0/22 maxlen: 24
185.95.168.0/24 maxlen: 24
185.95.169.0/24 maxlen: 24
185.95.170.0/24 maxlen: 24
185.95.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2a:a3:ac:bc:47:1c:cb:f4:86:a7:dc:19:ab:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432fe70f4cef10376836152f38e4e08532cc7b9f
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=623c0767e53c99c5c21f4694e894091b83c42a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:4b:84:f1:e5:ec:c9:88:c4:b2:31:b1:5c:
6e:9b:f2:f6:c7:0d:72:ae:1e:e7:1c:ce:2e:0b:eb:
54:57:57:b1:46:ba:6a:92:1c:83:00:0d:6b:7b:f7:
15:7b:2d:a8:05:5c:34:a1:9c:48:b6:8c:28:98:39:
17:a3:f3:10:1b:4c:cf:d0:78:17:ca:79:51:af:ae:
41:48:74:99:6f:e1:6d:12:5a:d0:91:3a:2b:cb:b9:
7f:b0:0d:29:b3:69:38:a9:84:db:6d:76:64:19:62:
a8:5b:69:49:51:b5:e6:7d:bf:c5:5b:b3:f4:42:37:
3b:00:a8:11:da:b0:d2:20:8f:38:5a:59:5d:6b:22:
35:12:9b:63:70:db:c8:05:0f:39:f0:58:43:c6:89:
ac:00:35:ae:47:da:05:9e:d9:ab:43:6d:c0:25:8e:
0d:88:12:64:02:e8:2a:e0:8a:74:48:fb:77:ac:09:
0e:71:d2:1b:ff:12:57:0c:a1:48:8c:6c:a0:bc:26:
18:32:fb:91:a4:c5:59:77:f2:8b:92:93:d6:6d:ed:
ac:11:73:05:f5:da:1b:e0:91:fb:59:5d:97:b7:4d:
d8:6e:95:cc:08:71:29:3f:63:7d:ca:b1:41:15:ce:
6e:ad:42:f1:b2:8a:28:6b:32:37:f8:f6:d3:9d:e9:
3a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3C:07:67:E5:3C:99:C5:C2:1F:46:94:E8:94:09:1B:83:C4:2A:40
X509v3 Authority Key Identifier:
keyid:43:2F:E7:0F:4C:EF:10:37:68:36:15:2F:38:E4:E0:85:32:CC:7B:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy_nD0zvEDdoNhUvOOTghTLMe58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/YjwHZ-U8mcXCH0aU6JQJG4PEKkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/307607-5706-4e44-bb8e-189d00a333ee/1/Qy_nD0zvEDdoNhUvOOTghTLMe58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:6a:3b:43:59:98:5c:1f:22:51:10:1e:9b:dc:85:ef:d1:db:
ff:58:d6:73:a2:cc:97:2e:5b:79:db:37:bf:ca:6c:25:c4:60:
7b:9a:bd:6a:33:1e:de:fa:d2:54:df:e2:50:05:7c:89:0d:76:
e4:92:b6:87:b0:b6:12:7f:25:63:d4:dd:e0:64:af:d1:9d:4c:
df:c4:b5:cc:10:d2:00:4b:b8:e4:ab:99:18:86:fc:d7:4d:cf:
66:d3:6e:25:f7:42:cf:75:f9:e8:cb:9b:25:b6:78:18:e2:b3:
aa:45:27:de:fc:92:f2:cc:c4:45:c5:9b:31:fb:f2:57:2f:69:
ff:4f:2d:09:e9:59:aa:1e:2e:2c:86:3e:47:ed:d7:76:a5:51:
76:f8:52:f7:a6:6b:67:ba:9e:2e:c1:b9:e7:a5:81:89:74:9b:
3c:e2:7e:b2:12:65:9d:b1:84:7e:82:0f:bd:60:7f:ea:1a:ec:
ea:c7:dd:db:16:80:b0:dc:cd:b6:6e:fe:be:d1:97:ac:58:47:
1c:c0:02:29:d4:73:37:a1:7d:f8:63:47:3d:13:d8:08:15:84:
bd:e1:40:98:0d:7c:70:ce:c3:86:10:51:00:fd:62:61:e0:23:
02:4c:02:0e:8b:89:45:db:58:78:17:8d:b9:b9:b9:6a:8c:76:
7b:c5:14:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCqjrLxHHMv0hqfcGauHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmZlNzBmNGNlZjEwMzc2ODM2MTUyZjM4ZTRlMDg1MzJj
YzdiOWYwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNjMDc2N2U1M2M5OWM1YzIxZjQ2OTRlODk0MDkxYjgzYzQyYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQJLhPHl7MmIxLIxsVxum/L2xw1y
rh7nHM4uC+tUV1exRrpqkhyDAA1re/cVey2oBVw0oZxItowomDkXo/MQG0zP0HgX
ynlRr65BSHSZb+FtElrQkTory7l/sA0ps2k4qYTbbXZkGWKoW2lJUbXmfb/FW7P0
Qjc7AKgR2rDSII84WlldayI1EptjcNvIBQ858FhDxomsADWuR9oFntmrQ23AJY4N
iBJkAugq4Ip0SPt3rAkOcdIb/xJXDKFIjGygvCYYMvuRpMVZd/KLkpPWbe2sEXMF
9dob4JH7WV2Xt03YbpXMCHEpP2N9yrFBFc5urULxsoooazI3+PbTnek6YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGI8B2flPJnFwh9GlOiUCRuDxCpAMB8GA1UdIwQY
MBaAFEMv5w9M7xA3aDYVLzjk4IUyzHufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUt
MTg5ZDAwYTMzM2VlLzEvWWp3SFotVThtY1hDSDBhVTZKUUpHNFBFS2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zMDc2MDctNTcwNi00ZTQ0LWJiOGUtMTg5ZDAwYTMzM2Vl
LzEvUXlfbkQwenZFRGRvTmhVdk9PVGdoVExNZTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+oMA0G
CSqGSIb3DQEBCwUAA4IBAQCxajtDWZhcHyJREB6b3IXv0dv/WNZzosyXLlt52ze/
ymwlxGB7mr1qMx7e+tJU3+JQBXyJDXbkkraHsLYSfyVj1N3gZK/RnUzfxLXMENIA
S7jkq5kYhvzXTc9m024l90LPdfnoy5sltngY4rOqRSfe/JLyzMRFxZsx+/JXL2n/
Ty0J6VmqHi4shj5H7dd2pVF2+FL3pmtnup4uwbnnpYGJdJs84n6yEmWdsYR+gg+9
YH/qGuzqx93bFoCw3M22bv6+0ZesWEccwAIp1HM3oX34Y0c9E9gIFYS94UCYDXxw
zsOGEFEA/WJh4CMCTAIOi4lF21h4F425ublqjHZ7xRRI
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:14:14 2025 by rpki-client