Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/YR9oUfcPn7hi-EfIp0zPWNgdoLI.roa
File: YR9oUfcPn7hi-EfIp0zPWNgdoLI.roa (raw, json)
Hash identifier: gZUlOd3rhYgj7y7iYiifqKrTqOs4vDy8o9fKugEnj2M=
Subject key identifier: 61:1F:68:51:F7:0F:9F:B8:62:F8:47:C8:A7:4C:CF:58:D8:1D:A0:B2
Certificate issuer: /CN=8b21ffade930bd1fd2e1788cff407d9d34134e17
Certificate serial: 0194274825E7523BFBD2A4FD1658E0D0DA19
Authority key identifier: 8B:21:FF:AD:E9:30:BD:1F:D2:E1:78:8C:FF:40:7D:9D:34:13:4E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/YR9oUfcPn7hi-EfIp0zPWNgdoLI.roa
Signing time: Thu 02 Jan 2025 13:50:27 +0000
ROA not before: Thu 02 Jan 2025 13:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204782
IP address blocks: 185.240.96.0/22 maxlen: 22
2a0c:7a80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:25:e7:52:3b:fb:d2:a4:fd:16:58:e0:d0:da:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b21ffade930bd1fd2e1788cff407d9d34134e17
Validity
Not Before: Jan 2 13:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=611f6851f70f9fb862f847c8a74ccf58d81da0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:46:27:bc:43:6b:e6:32:cb:4e:1c:1b:b6:bd:
f1:6c:20:69:30:67:b9:33:9e:b4:53:fc:21:76:03:
03:52:a4:18:a0:32:a4:81:80:6f:33:5e:c0:07:8e:
9e:24:ca:f3:5d:ce:cc:65:73:c5:7e:21:51:ed:31:
d2:2c:28:c4:fb:3f:27:c3:cb:22:7a:b3:b3:9f:22:
55:1b:e2:e4:cd:41:55:49:56:67:9e:86:28:48:8e:
80:d4:d9:ef:1d:a9:2c:4d:b4:22:2f:6f:a3:7d:5b:
70:0b:32:e3:5e:f8:e7:ae:0d:66:bf:f9:44:d6:35:
e4:d0:68:e1:9e:6a:61:69:fe:9e:2c:6e:dc:8f:55:
f3:43:0a:64:22:00:54:43:d5:80:df:c9:d3:99:e1:
a6:43:32:5a:ea:c1:93:d1:52:77:e7:76:56:7b:ac:
aa:55:4d:c4:3c:cb:92:96:96:fc:79:be:ae:31:b9:
f3:96:3b:af:f7:7d:ff:75:a3:96:66:0b:b9:5c:49:
ce:0c:3c:f3:5f:42:b0:da:d9:c4:5c:cc:4d:8f:fb:
7e:b0:38:9e:2b:31:cf:a8:9a:86:62:28:33:4d:a0:
d8:0b:17:56:e7:27:58:c0:8f:2f:ca:03:fb:53:6f:
09:01:77:b0:5a:52:c2:8a:ad:eb:cf:42:64:63:22:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1F:68:51:F7:0F:9F:B8:62:F8:47:C8:A7:4C:CF:58:D8:1D:A0:B2
X509v3 Authority Key Identifier:
keyid:8B:21:FF:AD:E9:30:BD:1F:D2:E1:78:8C:FF:40:7D:9D:34:13:4E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/YR9oUfcPn7hi-EfIp0zPWNgdoLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.96.0/22
IPv6:
2a0c:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
0f:eb:38:d8:36:a8:4b:60:cb:97:f2:10:11:62:a9:ec:6a:ab:
67:3e:bc:25:20:99:51:27:4a:e4:44:cc:41:73:eb:5e:a0:08:
08:34:52:8f:a6:0e:5c:07:44:f1:5f:50:da:15:dc:c5:4a:b4:
9f:3c:e8:ea:1c:87:ad:c2:63:60:cf:a6:41:10:75:30:f5:43:
c7:27:1f:01:59:fb:ac:16:53:0a:60:d8:eb:20:8b:9b:02:d7:
64:a2:5c:7d:31:be:ab:0e:c6:c1:48:d1:2f:36:70:75:a5:90:
db:7b:79:ea:43:f8:77:b2:f8:d3:22:49:16:70:52:03:a9:51:
f2:5e:3b:5c:73:03:08:b9:a1:46:eb:24:73:a6:ce:64:be:ac:
20:22:79:ba:9c:81:8e:91:51:15:bb:50:e2:ef:ab:20:b6:68:
af:44:34:63:ef:17:00:b0:c3:0a:49:fb:da:0f:d1:03:f7:b3:
9f:4c:4a:a2:4f:8c:72:fa:ed:4a:0e:89:2f:77:8e:1d:ec:1b:
a2:78:db:35:41:a4:94:e3:49:a8:cf:d0:77:12:1c:7c:2a:28:
5a:91:4f:d1:3a:bd:8a:b0:06:08:3f:65:b4:74:22:97:05:58:
cb:cf:d6:b7:5f:97:cf:58:25:0e:48:e1:e2:2e:c8:fe:12:12:
ab:19:5c:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSCXnUjv70qT9Fljg0NoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjFmZmFkZTkzMGJkMWZkMmUxNzg4Y2ZmNDA3ZDlkMzQx
MzRlMTcwHhcNMjUwMTAyMTM1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFmNjg1MWY3MGY5ZmI4NjJmODQ3YzhhNzRjY2Y1OGQ4MWRhMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUYnvENr5jLLThwbtr3xbCBpMGe5
M560U/whdgMDUqQYoDKkgYBvM17AB46eJMrzXc7MZXPFfiFR7THSLCjE+z8nw8si
erOznyJVG+LkzUFVSVZnnoYoSI6A1NnvHaksTbQiL2+jfVtwCzLjXvjnrg1mv/lE
1jXk0Gjhnmphaf6eLG7cj1XzQwpkIgBUQ9WA38nTmeGmQzJa6sGT0VJ353ZWe6yq
VU3EPMuSlpb8eb6uMbnzljuv933/daOWZgu5XEnODDzzX0Kw2tnEXMxNj/t+sDie
KzHPqJqGYigzTaDYCxdW5ydYwI8vygP7U28JAXewWlLCiq3rz0JkYyJLJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGEfaFH3D5+4YvhHyKdMz1jYHaCyMB8GA1UdIwQY
MBaAFIsh/63pML0f0uF4jP9AfZ00E04XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85Y2UwZWItM2FiYS00YjM2LWI3YzQt
NDI1YzUxZDc4ODhiLzEvWVI5b1VmY1BuN2hpLUVmSXAwelBXTmdkb0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85Y2UwZWItM2FiYS00YjM2LWI3YzQtNDI1YzUxZDc4ODhi
LzEvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufBgMA0E
AgACMAcDBQMqDHqAMA0GCSqGSIb3DQEBCwUAA4IBAQAP6zjYNqhLYMuX8hARYqns
aqtnPrwlIJlRJ0rkRMxBc+teoAgINFKPpg5cB0TxX1DaFdzFSrSfPOjqHIetwmNg
z6ZBEHUw9UPHJx8BWfusFlMKYNjrIIubAtdkolx9Mb6rDsbBSNEvNnB1pZDbe3nq
Q/h3svjTIkkWcFIDqVHyXjtccwMIuaFG6yRzps5kvqwgInm6nIGOkVEVu1Di76sg
tmivRDRj7xcAsMMKSfvaD9ED97OfTEqiT4xy+u1KDokvd44d7BuieNs1QaSU40mo
z9B3Ehx8KihakU/ROr2KsAYIP2W0dCKXBVjLz9a3X5fPWCUOSOHiLsj+EhKrGVz/
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:53:37 2025 by rpki-client