Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/YAyk3zFlveiyrktJmuMDObuicGM.roa
File: YAyk3zFlveiyrktJmuMDObuicGM.roa (raw, json)
Hash identifier: X7im5gEfQxzJ+2uFiNxaGzJ0zO2RD2TZsOAKFKiJMJs=
Subject key identifier: 60:0C:A4:DF:31:65:BD:E8:B2:AE:4B:49:9A:E3:03:39:BB:A2:70:63
Certificate issuer: /CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Certificate serial: 01942067CE5E6ABE4672A56F7D3B0605689F
Authority key identifier: 42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/YAyk3zFlveiyrktJmuMDObuicGM.roa
Signing time: Wed 01 Jan 2025 05:47:41 +0000
ROA not before: Wed 01 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48293
IP address blocks: 91.194.246.0/23 maxlen: 23
91.194.246.0/24 maxlen: 24
91.194.247.0/24 maxlen: 24
91.212.217.0/24 maxlen: 24
94.228.192.0/20 maxlen: 20
94.228.192.0/24 maxlen: 24
94.228.193.0/24 maxlen: 24
94.228.194.0/24 maxlen: 24
94.228.195.0/24 maxlen: 24
94.228.196.0/24 maxlen: 24
94.228.197.0/24 maxlen: 24
94.228.198.0/24 maxlen: 24
94.228.199.0/24 maxlen: 24
94.228.200.0/24 maxlen: 24
94.228.201.0/24 maxlen: 24
94.228.202.0/24 maxlen: 24
94.228.203.0/24 maxlen: 24
94.228.204.0/24 maxlen: 24
94.228.205.0/24 maxlen: 24
94.228.206.0/24 maxlen: 24
94.228.207.0/24 maxlen: 24
185.108.20.0/22 maxlen: 22
185.108.20.0/24 maxlen: 24
185.108.20.0/25 maxlen: 25
185.108.21.0/24 maxlen: 24
185.108.22.0/24 maxlen: 24
185.108.23.0/24 maxlen: 24
2a06:4180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ce:5e:6a:be:46:72:a5:6f:7d:3b:06:05:68:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Validity
Not Before: Jan 1 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=600ca4df3165bde8b2ae4b499ae30339bba27063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b8:01:77:35:38:4e:ed:ea:a8:32:84:9e:15:
a3:b2:2b:e6:ce:9e:bd:84:77:18:6b:da:af:78:a5:
dd:98:e4:db:73:d0:ac:a3:4b:75:9a:24:4b:92:cd:
11:51:db:fb:2f:3f:b7:a6:3d:b1:2f:ea:5d:72:17:
31:a5:90:8e:69:b2:b2:31:1d:6c:db:b8:c3:07:16:
51:b4:fb:54:86:e4:7d:93:de:d2:40:59:a3:d9:42:
33:db:cc:45:34:65:1d:42:27:6a:49:27:b8:a6:1c:
39:52:78:b8:71:79:d8:6f:03:63:fd:48:b9:db:50:
74:30:8f:75:e4:5f:e5:b4:f5:e9:77:65:48:5f:08:
f2:be:ac:1e:68:b4:2d:35:b0:6f:b3:a6:5b:5d:5b:
22:79:34:83:7c:3f:b6:3a:d5:4c:d3:c5:eb:1b:77:
7e:6f:7d:ef:a3:76:42:1c:bc:15:e1:07:eb:12:85:
28:5a:4c:cf:6c:5c:92:f2:25:e9:8c:75:fe:e8:29:
1a:11:f5:0c:84:33:19:be:11:1a:f1:78:00:3d:41:
c4:c7:02:f5:cf:a7:d3:e1:d9:18:16:0b:84:a7:35:
4e:08:e1:d2:d2:66:b0:11:4b:9e:dd:e3:83:b2:72:
ca:a4:f9:2d:e1:d0:cd:18:dc:47:d8:77:84:d4:d8:
dd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0C:A4:DF:31:65:BD:E8:B2:AE:4B:49:9A:E3:03:39:BB:A2:70:63
X509v3 Authority Key Identifier:
keyid:42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/YAyk3zFlveiyrktJmuMDObuicGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/QrTHmiKj_ph-8xkIzUT_gemxrPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.246.0/23
91.212.217.0/24
94.228.192.0/20
185.108.20.0/22
IPv6:
2a06:4180::/29
Signature Algorithm: sha256WithRSAEncryption
36:bd:78:0b:a9:6e:41:60:41:63:1d:82:e5:09:c1:89:70:85:
db:e2:3d:91:b5:68:17:b8:a1:7b:4e:93:29:96:c0:af:a7:59:
4d:67:ed:1c:a5:70:5b:9f:5a:5d:ad:36:cc:15:bb:4a:92:19:
2e:a9:9d:b8:1c:15:7d:56:3b:fd:92:ee:f7:30:bc:d1:6f:b8:
98:ea:30:26:ea:a0:6d:4f:53:31:09:7e:d9:40:0a:05:bd:82:
da:60:f6:d6:95:07:d8:ff:61:91:55:0e:c7:43:4c:6b:db:f3:
c8:54:50:16:88:7c:00:d0:c9:38:11:18:f9:10:b1:48:34:7c:
67:77:e8:fc:25:96:25:26:ff:4e:78:94:39:85:91:7e:21:f3:
a2:e0:00:11:6a:27:b1:23:b5:1a:d7:90:e5:9e:32:e2:4f:fa:
ab:ce:8f:b4:8d:75:95:d9:58:98:f3:a2:76:ac:30:22:94:ce:
0e:04:8b:ba:a9:49:0e:90:d4:f3:1b:12:a3:26:ae:76:53:94:
44:4b:18:78:b8:c8:c3:21:de:82:16:fb:57:65:0b:30:fb:b6:
29:ef:54:e6:11:9a:eb:12:e7:6c:bf:f8:f2:d6:d3:47:ac:f6:
9c:09:e4:2b:9a:58:30:03:82:2a:81:d6:09:f6:51:fa:9c:70:
f6:b2:5d:31
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQgZ85ear5GcqVvfTsGBWifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYjRjNzlhMjJhM2ZlOTg3ZWYzMTkwOGNkNDRmZjgxZTli
MWFjZjQwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBjYTRkZjMxNjViZGU4YjJhZTRiNDk5YWUzMDMzOWJiYTI3MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrgBdzU4Tu3qqDKEnhWjsivmzp69
hHcYa9qveKXdmOTbc9Cso0t1miRLks0RUdv7Lz+3pj2xL+pdchcxpZCOabKyMR1s
27jDBxZRtPtUhuR9k97SQFmj2UIz28xFNGUdQidqSSe4phw5Uni4cXnYbwNj/Ui5
21B0MI915F/ltPXpd2VIXwjyvqweaLQtNbBvs6ZbXVsieTSDfD+2OtVM08XrG3d+
b33vo3ZCHLwV4QfrEoUoWkzPbFyS8iXpjHX+6CkaEfUMhDMZvhEa8XgAPUHExwL1
z6fT4dkYFguEpzVOCOHS0mawEUue3eODsnLKpPkt4dDNGNxH2HeE1NjdLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGAMpN8xZb3osq5LSZrjAzm7onBjMB8GA1UdIwQY
MBaAFEK0x5oio/6YfvMZCM1E/4Hpsaz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQt
ZjI4ODEzN2NiNTAwLzEvWUF5azN6Rmx2ZWl5cmt0Sm11TURPYnVpY0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQtZjI4ODEzN2NiNTAw
LzEvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8L2AwQA
W9TZAwQEXuTAAwQCuWwUMA0EAgACMAcDBQMqBkGAMA0GCSqGSIb3DQEBCwUAA4IB
AQA2vXgLqW5BYEFjHYLlCcGJcIXb4j2RtWgXuKF7TpMplsCvp1lNZ+0cpXBbn1pd
rTbMFbtKkhkuqZ24HBV9Vjv9ku73MLzRb7iY6jAm6qBtT1MxCX7ZQAoFvYLaYPbW
lQfY/2GRVQ7HQ0xr2/PIVFAWiHwA0Mk4ERj5ELFINHxnd+j8JZYlJv9OeJQ5hZF+
IfOi4AARaiexI7Ua15DlnjLiT/qrzo+0jXWV2ViY86J2rDAilM4OBIu6qUkOkNTz
GxKjJq52U5RESxh4uMjDId6CFvtXZQsw+7Yp71TmEZrrEudsv/jy1tNHrPacCeQr
mlgwA4IqgdYJ9lH6nHD2sl0x
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:35:55 2025 by rpki-client