Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e36b6-d5af-410a-9fb9-8a92df77a07f/1/yTJkU5c9_WyRyTlvE419PqU0IjM.roa
File: yTJkU5c9_WyRyTlvE419PqU0IjM.roa (raw, json)
Hash identifier: ut55SdaCNgLg+kxFsJJtdQQgrsFKbAJo6+C/kBalZ60=
Subject key identifier: C9:32:64:53:97:3D:FD:6C:91:C9:39:6F:13:8D:7D:3E:A5:34:22:33
Certificate issuer: /CN=93e079d7349891d2b4024895fa67e41c18f56fd4
Certificate serial: 01942068395AB2C7DF207A01C137B2181E6B
Authority key identifier: 93:E0:79:D7:34:98:91:D2:B4:02:48:95:FA:67:E4:1C:18:F5:6F:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-B51zSYkdK0AkiV-mfkHBj1b9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8e36b6-d5af-410a-9fb9-8a92df77a07f/1/yTJkU5c9_WyRyTlvE419PqU0IjM.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204101
IP address blocks: 185.111.152.0/22 maxlen: 22
2a06:5e40:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:39:5a:b2:c7:df:20:7a:01:c1:37:b2:18:1e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e079d7349891d2b4024895fa67e41c18f56fd4
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9326453973dfd6c91c9396f138d7d3ea5342233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:bc:a1:6c:d3:10:94:b8:97:43:db:ca:74:
07:ea:ff:92:bb:6b:5f:e3:8a:05:6e:02:58:12:3f:
8e:50:af:e4:1c:66:8b:f8:13:ce:b9:f7:4d:86:c0:
dc:ad:5e:56:9a:44:a0:45:df:54:ac:c4:de:0c:d2:
9d:a9:bb:88:85:97:2e:b9:5d:83:5f:01:5b:ef:12:
85:0a:1b:2a:24:0c:3a:33:90:a2:43:3c:4d:55:94:
e5:dd:18:2b:7e:3c:6f:97:3e:77:b4:5d:7c:35:d8:
06:48:52:ff:5f:1d:87:11:6a:cc:77:01:de:da:7a:
19:49:d9:2e:cb:34:70:7e:66:8c:e9:e0:51:89:2f:
74:48:63:47:cd:c0:da:06:2a:dc:34:f7:07:ea:15:
c4:dc:dd:8e:48:35:ff:4c:82:6b:dd:f3:30:41:5d:
2c:8c:3f:c8:a6:e0:72:75:4e:35:1e:5b:b2:4c:80:
71:0a:f8:a4:7e:7a:97:07:f7:f3:35:0e:96:53:29:
b9:62:f9:9b:b2:94:26:5e:73:a7:46:6e:71:4a:19:
5d:1d:69:4f:2f:4c:a5:64:f0:5a:9b:35:21:53:bd:
61:11:ea:06:d4:ed:34:87:11:9a:03:be:0d:d0:e4:
2b:91:c5:ef:7c:1b:08:fb:12:42:a7:36:9d:f1:38:
c2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:32:64:53:97:3D:FD:6C:91:C9:39:6F:13:8D:7D:3E:A5:34:22:33
X509v3 Authority Key Identifier:
keyid:93:E0:79:D7:34:98:91:D2:B4:02:48:95:FA:67:E4:1C:18:F5:6F:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-B51zSYkdK0AkiV-mfkHBj1b9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e36b6-d5af-410a-9fb9-8a92df77a07f/1/yTJkU5c9_WyRyTlvE419PqU0IjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e36b6-d5af-410a-9fb9-8a92df77a07f/1/k-B51zSYkdK0AkiV-mfkHBj1b9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.152.0/22
IPv6:
2a06:5e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
5f:b9:eb:bd:fb:e0:f5:fe:44:61:bb:1f:8d:e8:c9:9a:8a:a5:
bf:e4:1b:ad:45:87:29:6d:6e:b5:da:d6:ce:0b:63:e9:f2:cc:
f4:86:22:e2:b1:38:6d:91:2e:ee:b8:ba:90:f4:ed:37:04:f6:
f4:a6:5f:39:38:c4:80:c9:fc:b1:a7:e6:b5:96:04:5c:0d:05:
7a:33:eb:4a:8e:95:1e:9f:52:45:8e:77:95:f2:1e:fa:6f:1a:
9e:02:e8:be:35:fe:2c:4e:a1:5f:05:0a:7b:72:12:06:af:8a:
93:47:86:15:4f:e0:31:b9:73:8e:db:94:7b:a3:85:c0:06:c0:
bd:60:40:ea:b7:96:ec:37:69:10:b4:d6:75:e6:65:b6:91:8e:
93:99:2e:5d:0e:64:4b:66:a1:17:93:88:8e:49:c1:42:1f:22:
d4:0d:ee:2e:fd:cc:60:a5:16:64:f0:02:6c:60:b2:21:a1:93:
3f:f3:c0:86:1f:d7:ef:1e:48:8f:b2:ab:3d:cc:1e:0c:dc:60:
ae:4c:c3:49:af:38:38:e0:f1:78:cf:86:d2:6f:f3:5a:c4:fa:
46:91:22:6b:d7:c8:c8:35:b1:d8:33:b8:3a:4c:f6:9b:ed:e4:
ec:ca:0c:4c:14:d3:ed:e8:2b:47:db:07:87:a1:68:f4:1e:92:
44:b3:10:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaDlassffIHoBwTeyGB5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZTA3OWQ3MzQ5ODkxZDJiNDAyNDg5NWZhNjdlNDFjMThm
NTZmZDQwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTMyNjQ1Mzk3M2RmZDZjOTFjOTM5NmYxMzhkN2QzZWE1MzQyMjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPG8oWzTEJS4l0PbynQH6v+Su2tf
44oFbgJYEj+OUK/kHGaL+BPOufdNhsDcrV5WmkSgRd9UrMTeDNKdqbuIhZcuuV2D
XwFb7xKFChsqJAw6M5CiQzxNVZTl3Rgrfjxvlz53tF18NdgGSFL/Xx2HEWrMdwHe
2noZSdkuyzRwfmaM6eBRiS90SGNHzcDaBircNPcH6hXE3N2OSDX/TIJr3fMwQV0s
jD/IpuBydU41HluyTIBxCvikfnqXB/fzNQ6WUym5YvmbspQmXnOnRm5xShldHWlP
L0ylZPBamzUhU71hEeoG1O00hxGaA74N0OQrkcXvfBsI+xJCpzad8TjCnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMkyZFOXPf1skck5bxONfT6lNCIzMB8GA1UdIwQY
MBaAFJPgedc0mJHStAJIlfpn5BwY9W/UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1CNTF6U1lrZEswQWtpVi1tZmtIQmoxYjlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTM2YjYtZDVhZi00MTBhLTlmYjkt
OGE5MmRmNzdhMDdmLzEveVRKa1U1YzlfV3lSeVRsdkU0MTlQcVUwSWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTM2YjYtZDVhZi00MTBhLTlmYjktOGE5MmRmNzdhMDdm
LzEvay1CNTF6U1lrZEswQWtpVi1tZmtIQmoxYjlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuW+YMA8E
AgACMAkDBwAqBl5AAAEwDQYJKoZIhvcNAQELBQADggEBAF+567374PX+RGG7H43o
yZqKpb/kG61FhyltbrXa1s4LY+nyzPSGIuKxOG2RLu64upD07TcE9vSmXzk4xIDJ
/LGn5rWWBFwNBXoz60qOlR6fUkWOd5XyHvpvGp4C6L41/ixOoV8FCntyEgavipNH
hhVP4DG5c47blHujhcAGwL1gQOq3luw3aRC01nXmZbaRjpOZLl0OZEtmoReTiI5J
wUIfItQN7i79zGClFmTwAmxgsiGhkz/zwIYf1+8eSI+yqz3MHgzcYK5Mw0mvODjg
8XjPhtJv81rE+kaRImvXyMg1sdgzuDpM9pvt5OzKDEwU0+3oK0fbB4ehaPQekkSz
ELQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:11:42 2025 by rpki-client