Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/ybXLCYLFedfjToLJagSyCTcpeHA.roa
File: ybXLCYLFedfjToLJagSyCTcpeHA.roa (raw, json)
Hash identifier: gbNfOuV2uj5896RGvlpCBudkHR+raKKvekXxINbzOdA=
Subject key identifier: C9:B5:CB:09:82:C5:79:D7:E3:4E:82:C9:6A:04:B2:09:37:29:78:70
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 019424B3E3BB32B5CF3CDDF52A2E3DE44028
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/ybXLCYLFedfjToLJagSyCTcpeHA.roa
Signing time: Thu 02 Jan 2025 01:49:16 +0000
ROA not before: Thu 02 Jan 2025 01:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48693
IP address blocks: 185.248.168.0/24 maxlen: 24
185.248.169.0/24 maxlen: 24
185.248.170.0/24 maxlen: 24
185.248.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e3:bb:32:b5:cf:3c:dd:f5:2a:2e:3d:e4:40:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Jan 2 01:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9b5cb0982c579d7e34e82c96a04b20937297870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:99:47:bb:ba:61:7d:66:14:da:4a:a3:dd:56:
7f:0b:76:d2:03:cc:07:1f:13:79:01:84:97:e6:a8:
3a:ba:ba:a0:95:2d:d3:0a:0a:b5:0e:52:59:57:2f:
94:ff:1b:f8:1b:3d:59:33:be:45:a6:5a:aa:a1:04:
31:0b:ea:8f:2a:d7:30:ca:3e:74:e0:95:89:e7:1b:
60:fa:a6:73:75:f6:54:f7:33:d7:2b:4b:7b:c4:7e:
1b:0c:62:19:7f:9c:82:39:7e:b1:01:84:1e:11:6c:
41:75:ee:49:10:03:0a:1e:96:58:16:dc:61:5c:bc:
49:5f:8a:30:28:40:7a:0d:fb:09:23:74:ed:bb:d0:
91:d6:80:6a:bb:67:3e:a3:b0:50:ab:8a:f2:a1:75:
c9:40:e1:a0:85:13:7a:5a:7e:a4:b8:1c:fe:8d:87:
f7:0f:2d:49:38:53:1e:0d:97:b9:68:6c:0f:f7:ad:
17:86:d1:76:31:7a:8d:51:20:63:bd:24:ea:b3:77:
b3:cc:22:18:ff:fd:6f:ab:09:cb:8f:60:73:ec:23:
2d:10:d7:ec:02:2b:b2:34:3f:a5:5c:60:56:a3:8b:
53:83:f3:e0:0a:d9:17:33:05:34:ea:f9:a4:9e:b2:
09:a3:8c:af:86:87:c4:78:98:47:64:67:21:44:84:
14:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B5:CB:09:82:C5:79:D7:E3:4E:82:C9:6A:04:B2:09:37:29:78:70
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/ybXLCYLFedfjToLJagSyCTcpeHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.168.0/22
Signature Algorithm: sha256WithRSAEncryption
58:8c:ea:6f:e7:53:21:07:87:b0:fa:3b:0a:c2:35:f1:44:c1:
e1:f2:10:ff:15:af:48:c0:0f:08:48:91:b6:55:b2:11:28:d4:
1f:2e:89:08:79:68:6d:42:ea:d3:65:9c:00:7a:9d:10:75:9f:
38:8c:05:1c:fa:e9:f5:dc:54:fa:8a:2a:93:d6:7e:93:ae:cd:
f9:b3:01:a4:f0:7a:e2:28:ed:a5:ea:02:1f:a0:73:47:1c:b5:
45:21:68:0c:83:5b:da:fd:30:6c:80:71:c2:4b:29:b6:54:e4:
fa:8a:2e:68:28:d5:5f:4c:07:6d:fc:68:60:47:94:60:6f:ff:
32:e7:ef:67:44:70:ec:0a:8e:2b:02:07:30:f6:ce:15:8f:c6:
21:72:8e:90:d0:b2:25:b6:7f:0a:9a:fc:d9:04:38:66:bb:58:
d0:83:6f:c1:ca:0d:cb:07:c4:b2:0b:64:1e:0c:04:32:38:0b:
92:d8:3a:80:0e:63:bd:01:f9:38:5e:db:48:2e:85:df:3e:91:
b4:14:41:14:84:cf:f7:c9:ee:be:c9:6c:0d:ac:bb:f0:36:cd:
df:16:37:a1:09:ec:4c:8f:db:c8:e8:18:77:ed:55:49:90:2d:
f5:0b:78:94:9c:75:25:0a:f5:00:30:03:54:ae:b8:58:64:f8:
3b:1d:42:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks+O7MrXPPN31Ki495EAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjUwMTAyMDE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWI1Y2IwOTgyYzU3OWQ3ZTM0ZTgyYzk2YTA0YjIwOTM3Mjk3ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZlHu7phfWYU2kqj3VZ/C3bSA8wH
HxN5AYSX5qg6urqglS3TCgq1DlJZVy+U/xv4Gz1ZM75FplqqoQQxC+qPKtcwyj50
4JWJ5xtg+qZzdfZU9zPXK0t7xH4bDGIZf5yCOX6xAYQeEWxBde5JEAMKHpZYFtxh
XLxJX4owKEB6DfsJI3Ttu9CR1oBqu2c+o7BQq4ryoXXJQOGghRN6Wn6kuBz+jYf3
Dy1JOFMeDZe5aGwP960XhtF2MXqNUSBjvSTqs3ezzCIY//1vqwnLj2Bz7CMtENfs
AiuyND+lXGBWo4tTg/PgCtkXMwU06vmknrIJo4yvhofEeJhHZGchRIQUjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMm1ywmCxXnX406CyWoEsgk3KXhwMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEveWJYTENZTEZlZGZqVG9MSmFnU3lDVGNwZUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufioMA0G
CSqGSIb3DQEBCwUAA4IBAQBYjOpv51MhB4ew+jsKwjXxRMHh8hD/Fa9IwA8ISJG2
VbIRKNQfLokIeWhtQurTZZwAep0QdZ84jAUc+un13FT6iiqT1n6Trs35swGk8Hri
KO2l6gIfoHNHHLVFIWgMg1va/TBsgHHCSym2VOT6ii5oKNVfTAdt/GhgR5Rgb/8y
5+9nRHDsCo4rAgcw9s4Vj8Yhco6Q0LIltn8KmvzZBDhmu1jQg2/Byg3LB8SyC2Qe
DAQyOAuS2DqADmO9Afk4XttILoXfPpG0FEEUhM/3ye6+yWwNrLvwNs3fFjehCexM
j9vI6Bh37VVJkC31C3iUnHUlCvUAMANUrrhYZPg7HUIq
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:57:02 2025 by rpki-client