Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/YKTSjuC1HFTX7b7hXOaQuasHjw8.roa
File: YKTSjuC1HFTX7b7hXOaQuasHjw8.roa (raw, json)
Hash identifier: DCJ4Y27xyiCClFTgENixBHPREjuVymaDjhE/h8glQl4=
Subject key identifier: 60:A4:D2:8E:E0:B5:1C:54:D7:ED:BE:E1:5C:E6:90:B9:AB:07:8F:0F
Certificate issuer: /CN=4f8045ccf50977ebc3066a3ceed8fd32f1f023de
Certificate serial: 019425FC74076F65B6BF0E5494FEEA092111
Authority key identifier: 4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4BFzPUJd-vDBmo87tj9MvHwI94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/YKTSjuC1HFTX7b7hXOaQuasHjw8.roa
Signing time: Thu 02 Jan 2025 07:48:09 +0000
ROA not before: Thu 02 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35445
IP address blocks: 85.188.64.0/18 maxlen: 18
85.188.128.0/18 maxlen: 18
2001:67c:191c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:74:07:6f:65:b6:bf:0e:54:94:fe:ea:09:21:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8045ccf50977ebc3066a3ceed8fd32f1f023de
Validity
Not Before: Jan 2 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a4d28ee0b51c54d7edbee15ce690b9ab078f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c9:f9:50:a2:c8:79:05:a1:03:f8:db:0f:e6:
14:1d:dd:b0:cd:29:b9:69:f9:4e:4e:23:47:93:c1:
ba:6e:c0:be:74:46:c3:bf:3b:61:21:6e:31:72:84:
30:d6:a3:2b:27:a8:d4:24:53:37:b1:c6:70:8f:55:
21:da:9f:0f:60:86:3d:92:99:d1:90:2b:6e:dd:ce:
b2:5d:cf:df:13:0f:c8:cb:72:42:7a:90:64:d2:8a:
80:18:62:46:91:97:b3:47:3f:46:f0:c6:19:b2:e7:
53:0e:c6:ba:b2:99:ac:08:7b:8e:fd:c1:3c:41:16:
00:e5:ef:72:54:30:83:dd:69:15:dc:e9:8a:8e:2a:
f8:01:c4:17:72:66:6c:18:7a:dd:c9:ac:37:29:67:
7e:0a:92:c7:2d:e6:f8:c7:98:30:42:ca:31:31:93:
f6:de:2e:c9:96:61:a7:b2:3c:00:23:ce:7d:4d:e4:
78:c5:00:70:6b:a3:5b:f0:3f:7d:60:da:7d:a2:ab:
f6:03:ce:62:ac:bf:b2:89:3a:9b:5a:f1:17:72:88:
b6:41:28:fc:65:f3:dc:e7:2c:da:55:b0:5b:9c:92:
e8:27:44:ff:70:fe:c8:4a:aa:4c:3e:a4:a4:16:cf:
9f:80:cf:7f:d9:e1:82:0a:b0:5f:a8:07:84:7f:2a:
71:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A4:D2:8E:E0:B5:1C:54:D7:ED:BE:E1:5C:E6:90:B9:AB:07:8F:0F
X509v3 Authority Key Identifier:
keyid:4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4BFzPUJd-vDBmo87tj9MvHwI94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/YKTSjuC1HFTX7b7hXOaQuasHjw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/T4BFzPUJd-vDBmo87tj9MvHwI94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.188.64.0-85.188.191.255
IPv6:
2001:67c:191c::/48
Signature Algorithm: sha256WithRSAEncryption
4c:5d:f2:e6:6b:39:31:01:6d:df:de:af:22:95:97:bd:28:1a:
0e:4c:6f:f6:81:c2:f0:eb:6f:df:82:f4:f9:a3:cd:6f:33:4b:
24:c9:b3:73:8c:60:de:56:50:c2:62:15:10:40:b8:82:44:5b:
46:6d:4c:a3:10:87:3d:4e:b4:a6:a2:0c:34:eb:b4:3d:db:99:
82:bb:cc:36:da:bc:b1:23:06:08:71:b4:5e:d9:bc:5e:dd:f0:
f4:4e:bf:86:f6:da:53:59:76:3c:6d:d7:fe:82:4a:db:d7:af:
2a:ff:fc:18:55:45:a6:dd:97:5b:9f:82:87:e7:94:24:91:32:
db:8c:d4:27:62:3b:72:a6:03:73:a2:76:ad:a3:4a:20:75:f9:
d8:ae:e4:d3:6e:0e:d2:0d:c2:6b:97:e3:39:ab:e8:de:a5:9e:
07:e9:5a:8b:40:1a:ae:f1:f0:65:9a:f8:47:84:5d:d2:fd:51:
40:9e:b2:ab:51:11:38:cf:d3:92:a4:06:8d:45:d6:3a:e2:88:
6c:5c:7f:2e:f8:b0:70:a7:84:b2:6b:65:5b:24:0e:3e:9c:4b:
80:d4:01:99:56:e9:88:f6:19:f9:3d:b1:0c:72:8d:4b:71:84:
cf:a1:0a:11:89:0c:b8:58:7a:62:65:de:1a:7c:9c:46:3a:e5:
c5:da:a3:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQl/HQHb2W2vw5UlP7qCSERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODA0NWNjZjUwOTc3ZWJjMzA2NmEzY2VlZDhmZDMyZjFm
MDIzZGUwHhcNMjUwMTAyMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE0ZDI4ZWUwYjUxYzU0ZDdlZGJlZTE1Y2U2OTBiOWFiMDc4ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sn5UKLIeQWhA/jbD+YUHd2wzSm5
aflOTiNHk8G6bsC+dEbDvzthIW4xcoQw1qMrJ6jUJFM3scZwj1Uh2p8PYIY9kpnR
kCtu3c6yXc/fEw/Iy3JCepBk0oqAGGJGkZezRz9G8MYZsudTDsa6spmsCHuO/cE8
QRYA5e9yVDCD3WkV3OmKjir4AcQXcmZsGHrdyaw3KWd+CpLHLeb4x5gwQsoxMZP2
3i7JlmGnsjwAI859TeR4xQBwa6Nb8D99YNp9oqv2A85irL+yiTqbWvEXcoi2QSj8
ZfPc5yzaVbBbnJLoJ0T/cP7ISqpMPqSkFs+fgM9/2eGCCrBfqAeEfypxRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCk0o7gtRxU1+2+4VzmkLmrB48PMB8GA1UdIwQY
MBaAFE+ARcz1CXfrwwZqPO7Y/TLx8CPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRCRnpQVUpkLXZEQm1vODd0ajlNdkh3STk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83ZDllMTAtMmMxOS00ZGQ4LWE4MGYt
NDBjODY5N2JiZGU5LzEvWUtUU2p1QzFIRlRYN2I3aFhPYVF1YXNIanc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83ZDllMTAtMmMxOS00ZGQ4LWE4MGYtNDBjODY5N2JiZGU5
LzEvVDRCRnpQVUpkLXZEQm1vODd0ajlNdkh3STk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAZVvEAD
BAZVvIAwDwQCAAIwCQMHACABBnwZHDANBgkqhkiG9w0BAQsFAAOCAQEATF3y5ms5
MQFt396vIpWXvSgaDkxv9oHC8Otv34L0+aPNbzNLJMmzc4xg3lZQwmIVEEC4gkRb
Rm1MoxCHPU60pqIMNOu0PduZgrvMNtq8sSMGCHG0Xtm8Xt3w9E6/hvbaU1l2PG3X
/oJK29evKv/8GFVFpt2XW5+Ch+eUJJEy24zUJ2I7cqYDc6J2raNKIHX52K7k024O
0g3Ca5fjOavo3qWeB+lai0AarvHwZZr4R4Rd0v1RQJ6yq1EROM/TkqQGjUXWOuKI
bFx/LviwcKeEsmtlWyQOPpxLgNQBmVbpiPYZ+T2xDHKNS3GEz6EKEYkMuFh6YmXe
GnycRjrlxdqj5g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:13 2025 by rpki-client