Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/68239f-09a3-4108-89ba-eee50dd9193c/1/YU4fCfmpK-fuEOwSolTjGJvHl-Q.roa
File: YU4fCfmpK-fuEOwSolTjGJvHl-Q.roa (raw, json)
Hash identifier: jEvy+I1e+1GaLBXiJtzyH21Rx3ZNEpokSAtj3mt7uI4=
Subject key identifier: 61:4E:1F:09:F9:A9:2B:E7:EE:10:EC:12:A2:54:E3:18:9B:C7:97:E4
Certificate issuer: /CN=005f0d44b221f4b11c89db68969f97c3c7154906
Certificate serial: 019423D74A79936766421C8094415AFBD8C6
Authority key identifier: 00:5F:0D:44:B2:21:F4:B1:1C:89:DB:68:96:9F:97:C3:C7:15:49:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF8NRLIh9LEcidtolp-Xw8cVSQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/68239f-09a3-4108-89ba-eee50dd9193c/1/YU4fCfmpK-fuEOwSolTjGJvHl-Q.roa
Signing time: Wed 01 Jan 2025 21:48:19 +0000
ROA not before: Wed 01 Jan 2025 21:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203099
IP address blocks: 185.142.60.0/22 maxlen: 24
2a07:2a00::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4a:79:93:67:66:42:1c:80:94:41:5a:fb:d8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005f0d44b221f4b11c89db68969f97c3c7154906
Validity
Not Before: Jan 1 21:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=614e1f09f9a92be7ee10ec12a254e3189bc797e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:52:66:8a:d8:c3:1e:29:a6:bc:32:f5:8f:f0:
fa:5c:77:c4:69:7a:cb:6a:c7:39:ca:c7:33:10:ff:
37:7a:b5:1e:6b:7f:21:e9:a8:48:a0:c2:3f:19:7b:
c0:63:c3:f9:ab:b9:95:e0:e3:ec:b5:b7:ac:71:01:
78:09:d1:0a:9e:f7:ab:45:bc:60:e9:a0:0f:c7:0d:
ad:61:69:4b:a6:6c:55:d2:e3:12:ff:25:70:14:6a:
44:f5:f0:73:0a:12:aa:a6:65:fa:a2:3b:40:47:49:
a3:36:e8:81:db:d4:5b:76:01:b9:14:25:40:34:62:
e2:33:02:60:5b:3c:1c:90:bf:3e:21:25:e4:94:37:
14:92:3c:23:e9:8f:06:3b:44:b8:01:f5:f7:7f:c2:
5c:04:2b:d5:72:52:d3:84:20:4a:71:62:9f:04:90:
3e:e2:48:17:76:3c:60:f3:54:de:4f:5f:ce:72:a0:
91:66:43:f8:16:1f:17:44:64:98:43:8d:73:27:24:
36:e8:a8:c5:88:43:f3:09:8f:ba:03:95:67:11:14:
a7:42:12:8e:3b:cc:ed:cc:a1:09:4d:da:28:25:81:
79:4b:2b:bd:5e:57:b8:cc:17:13:9f:7e:a7:ab:94:
06:83:eb:81:3e:ad:66:a3:b3:97:7d:d2:30:e4:06:
57:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4E:1F:09:F9:A9:2B:E7:EE:10:EC:12:A2:54:E3:18:9B:C7:97:E4
X509v3 Authority Key Identifier:
keyid:00:5F:0D:44:B2:21:F4:B1:1C:89:DB:68:96:9F:97:C3:C7:15:49:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF8NRLIh9LEcidtolp-Xw8cVSQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/68239f-09a3-4108-89ba-eee50dd9193c/1/YU4fCfmpK-fuEOwSolTjGJvHl-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/68239f-09a3-4108-89ba-eee50dd9193c/1/AF8NRLIh9LEcidtolp-Xw8cVSQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.60.0/22
IPv6:
2a07:2a00::/29
Signature Algorithm: sha256WithRSAEncryption
28:c5:23:ca:f8:80:ab:ad:10:5a:1e:61:a9:6b:1e:32:c2:bb:
56:d0:ae:24:12:f5:c6:d6:ef:a8:ec:fe:1b:f4:d9:36:27:99:
3b:4f:bf:81:b9:4d:c4:c8:61:d8:9f:e0:e4:96:6c:45:fc:29:
36:09:81:41:98:fb:41:70:c3:96:36:33:79:6a:37:fb:0e:d5:
a3:48:b7:6f:e7:ce:08:89:82:9e:3e:18:1a:93:e8:c9:94:eb:
24:37:8f:57:50:e0:89:2c:c6:85:db:42:7d:02:e5:73:7b:4b:
d3:52:58:af:a8:1e:15:8a:06:a1:ee:e3:a5:0b:01:37:38:49:
00:db:df:b3:35:32:7c:35:86:72:2c:70:94:b3:10:a3:c4:cb:
d3:76:1d:27:fb:83:21:59:06:17:c3:5f:58:65:80:dc:08:5a:
73:b7:4f:25:b8:53:ee:f7:0c:06:e0:b2:27:84:e4:99:a9:f1:
69:e9:e1:fb:80:77:8a:73:9f:e8:60:ed:b7:62:7d:69:de:95:
7d:38:30:9b:a0:9c:82:29:7c:fe:af:1b:7e:28:0a:c9:7c:79:
01:75:16:7e:59:bc:25:78:b0:1e:a3:6a:b7:35:72:6b:08:5f:
d7:8a:1a:f0:9c:13:7e:6e:a3:02:b2:cb:90:62:ba:61:96:34:
ea:44:20:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj10p5k2dmQhyAlEFa+9jGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWYwZDQ0YjIyMWY0YjExYzg5ZGI2ODk2OWY5N2MzYzcx
NTQ5MDYwHhcNMjUwMTAxMjE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRlMWYwOWY5YTkyYmU3ZWUxMGVjMTJhMjU0ZTMxODliYzc5N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81JmitjDHimmvDL1j/D6XHfEaXrL
asc5ysczEP83erUea38h6ahIoMI/GXvAY8P5q7mV4OPstbescQF4CdEKnverRbxg
6aAPxw2tYWlLpmxV0uMS/yVwFGpE9fBzChKqpmX6ojtAR0mjNuiB29RbdgG5FCVA
NGLiMwJgWzwckL8+ISXklDcUkjwj6Y8GO0S4AfX3f8JcBCvVclLThCBKcWKfBJA+
4kgXdjxg81TeT1/OcqCRZkP4Fh8XRGSYQ41zJyQ26KjFiEPzCY+6A5VnERSnQhKO
O8ztzKEJTdooJYF5Syu9Xle4zBcTn36nq5QGg+uBPq1mo7OXfdIw5AZXfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGFOHwn5qSvn7hDsEqJU4xibx5fkMB8GA1UdIwQY
MBaAFABfDUSyIfSxHInbaJafl8PHFUkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUY4TlJMSWg5TEVjaWR0b2xwLVh3OGNWU1FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82ODIzOWYtMDlhMy00MTA4LTg5YmEt
ZWVlNTBkZDkxOTNjLzEvWVU0ZkNmbXBLLWZ1RU93U29sVGpHSnZIbC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82ODIzOWYtMDlhMy00MTA4LTg5YmEtZWVlNTBkZDkxOTNj
LzEvQUY4TlJMSWg5TEVjaWR0b2xwLVh3OGNWU1FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY48MA0E
AgACMAcDBQMqByoAMA0GCSqGSIb3DQEBCwUAA4IBAQAoxSPK+ICrrRBaHmGpax4y
wrtW0K4kEvXG1u+o7P4b9Nk2J5k7T7+BuU3EyGHYn+DklmxF/Ck2CYFBmPtBcMOW
NjN5ajf7DtWjSLdv584IiYKePhgak+jJlOskN49XUOCJLMaF20J9AuVze0vTUliv
qB4Vigah7uOlCwE3OEkA29+zNTJ8NYZyLHCUsxCjxMvTdh0n+4MhWQYXw19YZYDc
CFpzt08luFPu9wwG4LInhOSZqfFp6eH7gHeKc5/oYO23Yn1p3pV9ODCboJyCKXz+
rxt+KArJfHkBdRZ+WbwleLAeo2q3NXJrCF/XihrwnBN+bqMCssuQYrphljTqRCCm
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:44:45 2025 by rpki-client