Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/217451-e1fb-4cc6-8165-804c4679093f/1/Y3RMoJznpenQfrP3I4h7m1FHoFA.roa
File: Y3RMoJznpenQfrP3I4h7m1FHoFA.roa (raw, json)
Hash identifier: e1BDAMfL6M0zEJOo5zSP4vUUcw0LzSTWKVMkd0N43ps=
Subject key identifier: 63:74:4C:A0:9C:E7:A5:E9:D0:7E:B3:F7:23:88:7B:9B:51:47:A0:50
Certificate issuer: /CN=0524066f866cf36e9cba9e9be6f90264da372f3e
Certificate serial: 019423D6E4D924AC51FB360F3F2164407698
Authority key identifier: 05:24:06:6F:86:6C:F3:6E:9C:BA:9E:9B:E6:F9:02:64:DA:37:2F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSQGb4Zs826cup6b5vkCZNo3Lz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/217451-e1fb-4cc6-8165-804c4679093f/1/Y3RMoJznpenQfrP3I4h7m1FHoFA.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198682
IP address blocks: 185.87.64.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e4:d9:24:ac:51:fb:36:0f:3f:21:64:40:76:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0524066f866cf36e9cba9e9be6f90264da372f3e
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63744ca09ce7a5e9d07eb3f723887b9b5147a050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:01:2b:17:dc:4c:97:d2:50:1e:ec:b9:61:18:
80:94:23:33:82:b7:35:80:f8:38:81:f5:ae:f0:3a:
48:50:ab:57:f9:97:02:7f:66:62:e2:de:ed:7d:21:
5f:78:37:5d:f7:08:e7:50:14:f0:c9:8d:96:38:7b:
12:b3:83:6c:65:d8:15:f1:c1:10:59:20:50:55:63:
4b:67:64:be:70:09:1f:c5:56:b6:f0:91:66:11:0f:
d6:e7:92:15:21:f4:c6:a2:76:d4:2f:2f:96:f7:86:
ea:d3:81:fa:95:71:5f:16:bc:b6:ba:8e:b9:aa:fc:
09:bd:fc:31:5d:c8:a9:98:23:eb:ec:d3:77:03:42:
72:41:90:85:7b:7e:41:46:1d:89:eb:60:fc:bc:e2:
e5:58:9f:4a:75:cf:5d:50:12:b5:6b:6e:08:67:57:
66:3e:b6:ec:56:c0:3a:db:f0:01:05:29:cd:ed:81:
a1:0d:57:4a:0f:51:13:de:fd:98:71:b5:42:4c:07:
df:a6:45:89:8e:e6:af:b1:09:6e:ec:fe:9b:ba:f5:
52:b2:de:02:82:b4:96:f3:c5:7d:6a:eb:ef:33:98:
67:ac:75:5d:8b:b6:29:cf:ed:ae:d4:8f:19:a9:84:
00:ea:07:46:65:f1:81:4b:af:a5:87:d4:b1:28:a5:
cb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:74:4C:A0:9C:E7:A5:E9:D0:7E:B3:F7:23:88:7B:9B:51:47:A0:50
X509v3 Authority Key Identifier:
keyid:05:24:06:6F:86:6C:F3:6E:9C:BA:9E:9B:E6:F9:02:64:DA:37:2F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSQGb4Zs826cup6b5vkCZNo3Lz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/217451-e1fb-4cc6-8165-804c4679093f/1/Y3RMoJznpenQfrP3I4h7m1FHoFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/217451-e1fb-4cc6-8165-804c4679093f/1/BSQGb4Zs826cup6b5vkCZNo3Lz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.64.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:a9:98:04:81:cf:c3:0a:5c:32:f1:db:04:5e:83:cd:86:b0:
63:ba:44:2f:6e:bd:bf:ad:14:33:28:9b:23:de:8a:5b:e5:03:
75:3c:12:32:d0:9e:d3:a2:e2:7c:b6:00:1b:29:80:e5:d6:df:
7f:b0:fa:c8:2f:01:4e:03:ab:f8:1c:12:2d:90:82:45:88:6f:
e5:6e:6e:08:bc:27:16:ce:aa:e0:2f:9b:13:5a:a3:14:17:a5:
f7:96:01:ad:ee:d0:8f:38:47:c8:37:ec:4e:79:06:a0:43:81:
0e:0a:be:52:e7:3d:45:46:55:09:cc:72:d7:f9:56:31:2a:e0:
d4:1c:80:c2:5c:d6:65:44:14:0b:29:cc:6b:c3:f1:6e:d5:e4:
d6:2e:0d:97:1e:68:1d:7c:50:60:6a:2d:b2:a9:b3:72:c5:af:
84:e1:e7:81:d2:4f:3b:45:40:41:71:c0:fb:d9:3b:c3:37:6d:
61:70:53:70:f3:a4:2e:9a:ff:09:e6:21:f9:cc:2b:04:a8:7c:
e6:d0:a2:0b:1c:21:e7:61:81:63:0e:fa:69:fc:3c:88:22:86:
4a:43:26:04:9e:d6:f3:16:12:8e:fc:7a:b4:dd:40:cf:c4:3c:
73:17:a0:06:a6:3d:65:79:78:32:6b:b0:bc:a0:ff:39:90:48:
f2:8f:e3:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1uTZJKxR+zYPPyFkQHaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjQwNjZmODY2Y2YzNmU5Y2JhOWU5YmU2ZjkwMjY0ZGEz
NzJmM2UwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc0NGNhMDljZTdhNWU5ZDA3ZWIzZjcyMzg4N2I5YjUxNDdhMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQErF9xMl9JQHuy5YRiAlCMzgrc1
gPg4gfWu8DpIUKtX+ZcCf2Zi4t7tfSFfeDdd9wjnUBTwyY2WOHsSs4NsZdgV8cEQ
WSBQVWNLZ2S+cAkfxVa28JFmEQ/W55IVIfTGonbULy+W94bq04H6lXFfFry2uo65
qvwJvfwxXcipmCPr7NN3A0JyQZCFe35BRh2J62D8vOLlWJ9Kdc9dUBK1a24IZ1dm
PrbsVsA62/ABBSnN7YGhDVdKD1ET3v2YcbVCTAffpkWJjuavsQlu7P6buvVSst4C
grSW88V9auvvM5hnrHVdi7Ypz+2u1I8ZqYQA6gdGZfGBS6+lh9SxKKXLTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGN0TKCc56Xp0H6z9yOIe5tRR6BQMB8GA1UdIwQY
MBaAFAUkBm+GbPNunLqem+b5AmTaNy8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNRR2I0WnM4MjZjdXA2YjV2a0NaTm8zTHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yMTc0NTEtZTFmYi00Y2M2LTgxNjUt
ODA0YzQ2NzkwOTNmLzEvWTNSTW9Kem5wZW5RZnJQM0k0aDdtMUZIb0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yMTc0NTEtZTFmYi00Y2M2LTgxNjUtODA0YzQ2NzkwOTNm
LzEvQlNRR2I0WnM4MjZjdXA2YjV2a0NaTm8zTHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVdAMA0G
CSqGSIb3DQEBCwUAA4IBAQAsqZgEgc/DClwy8dsEXoPNhrBjukQvbr2/rRQzKJsj
3opb5QN1PBIy0J7TouJ8tgAbKYDl1t9/sPrILwFOA6v4HBItkIJFiG/lbm4IvCcW
zqrgL5sTWqMUF6X3lgGt7tCPOEfIN+xOeQagQ4EOCr5S5z1FRlUJzHLX+VYxKuDU
HIDCXNZlRBQLKcxrw/Fu1eTWLg2XHmgdfFBgai2yqbNyxa+E4eeB0k87RUBBccD7
2TvDN21hcFNw86Qumv8J5iH5zCsEqHzm0KILHCHnYYFjDvpp/DyIIoZKQyYEntbz
FhKO/Hq03UDPxDxzF6AGpj1leXgya7C8oP85kEjyj+O+
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:21:52 2025 by rpki-client