Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/bYwJVKNEie6jgjCIP7suKHbkq0A.roa
File: bYwJVKNEie6jgjCIP7suKHbkq0A.roa (raw, json)
Hash identifier: gBYweOoSxODSbbYi3S03mFZJ+Vs6bHOyqwK1v3lQMdI=
Subject key identifier: 6D:8C:09:54:A3:44:89:EE:A3:82:30:88:3F:BB:2E:28:76:E4:AB:40
Certificate issuer: /CN=e920237e725cf0a53ef43a74b5569551aff74e04
Certificate serial: 01941F8BFFF76D8DDB9436AE6D16D9853706
Authority key identifier: E9:20:23:7E:72:5C:F0:A5:3E:F4:3A:74:B5:56:95:51:AF:F7:4E:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/bYwJVKNEie6jgjCIP7suKHbkq0A.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61999
IP address blocks: 185.52.104.0/23 maxlen: 23
185.52.104.0/24 maxlen: 24
185.52.105.0/24 maxlen: 24
185.52.106.0/23 maxlen: 23
185.52.106.0/24 maxlen: 24
185.52.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:ff:f7:6d:8d:db:94:36:ae:6d:16:d9:85:37:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e920237e725cf0a53ef43a74b5569551aff74e04
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d8c0954a34489eea38230883fbb2e2876e4ab40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:91:54:ab:41:a2:2f:e4:92:46:1e:ae:0d:e0:
80:fb:87:ef:28:bc:e1:8d:ea:9d:03:07:82:a5:45:
07:c6:7a:96:37:ff:c2:98:88:32:f7:35:c1:3d:7e:
28:8c:30:6c:be:b5:36:b2:8d:e1:5e:f9:b0:0e:5f:
dc:45:54:f0:de:f7:ea:77:68:88:7d:4b:b2:4b:89:
3e:39:bf:83:5c:95:82:14:dc:9a:0b:ed:de:57:b2:
0f:04:54:3e:3c:28:5c:8f:cf:82:bd:6f:d8:4d:2b:
9d:8a:99:ce:e9:e3:83:43:39:0e:e0:a2:9c:95:e9:
d5:ae:e0:3b:6d:fb:4f:85:5b:f3:b7:0c:ea:3a:f0:
cb:48:5d:af:a7:5a:9d:f7:cb:45:e3:72:39:23:ad:
a4:d7:f3:c5:e8:64:66:20:b4:8b:9a:37:fc:c9:ad:
ec:f8:78:06:bc:af:37:f7:bb:7f:a6:db:7b:90:fa:
e9:21:30:ae:79:e7:4b:bd:b2:69:7b:93:6f:28:c1:
ea:f9:b0:63:94:3f:ac:56:ae:da:cf:56:1f:2d:ec:
5b:90:a9:31:69:5a:13:25:b0:58:59:02:89:e7:16:
41:b2:49:36:96:85:69:ec:4e:71:f1:f1:39:53:f6:
c8:7f:0e:cd:d3:cd:19:00:dc:88:79:d1:6d:80:24:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8C:09:54:A3:44:89:EE:A3:82:30:88:3F:BB:2E:28:76:E4:AB:40
X509v3 Authority Key Identifier:
keyid:E9:20:23:7E:72:5C:F0:A5:3E:F4:3A:74:B5:56:95:51:AF:F7:4E:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/bYwJVKNEie6jgjCIP7suKHbkq0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.104.0/22
Signature Algorithm: sha256WithRSAEncryption
23:2e:09:46:52:4e:6b:6d:33:16:ff:44:6e:06:ae:6b:89:f0:
46:9e:a8:e3:5d:5a:eb:25:a4:09:bd:d9:b8:74:7d:07:a4:32:
d6:d9:32:02:7a:8c:ff:3f:d7:16:ea:79:75:90:5c:8a:e7:5a:
21:a8:0d:98:33:e8:3b:a5:6c:84:63:79:ec:6b:9a:e0:ed:51:
b8:cd:b3:a2:cd:a1:0c:43:98:9a:a5:1f:0c:77:12:36:c1:64:
cc:e3:b2:2e:6c:56:d3:47:d9:71:13:ee:a9:25:27:55:b9:a0:
20:34:ec:79:bf:3b:91:d9:e3:45:6b:86:0c:ab:a1:87:a3:5d:
54:0d:77:f9:5c:8d:47:94:92:d6:1f:d5:d3:84:f0:31:6d:cf:
9f:42:7d:13:5e:98:4f:28:61:86:1f:ec:f8:47:a3:98:f3:4f:
11:17:e6:5e:b6:f1:17:81:e8:00:98:ed:86:3a:9c:70:c7:f1:
9e:02:cc:52:c6:18:52:42:e5:9d:60:49:4f:e2:91:51:0f:c3:
52:48:b6:bf:7a:4a:46:10:b1:1d:16:45:4d:4c:fb:26:a0:44:
ec:ff:8f:6e:9b:83:56:05:d3:b4:1e:1b:e7:0b:98:ef:6e:97:
79:e8:7a:ab:b6:83:11:6f:32:40:7c:fc:b2:68:9a:23:e4:63:
29:83:65:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfi//3bY3blDaubRbZhTcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MjAyMzdlNzI1Y2YwYTUzZWY0M2E3NGI1NTY5NTUxYWZm
NzRlMDQwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhjMDk1NGEzNDQ4OWVlYTM4MjMwODgzZmJiMmUyODc2ZTRhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJFUq0GiL+SSRh6uDeCA+4fvKLzh
jeqdAweCpUUHxnqWN//CmIgy9zXBPX4ojDBsvrU2so3hXvmwDl/cRVTw3vfqd2iI
fUuyS4k+Ob+DXJWCFNyaC+3eV7IPBFQ+PChcj8+CvW/YTSudipnO6eODQzkO4KKc
lenVruA7bftPhVvztwzqOvDLSF2vp1qd98tF43I5I62k1/PF6GRmILSLmjf8ya3s
+HgGvK8397t/ptt7kPrpITCueedLvbJpe5NvKMHq+bBjlD+sVq7az1YfLexbkKkx
aVoTJbBYWQKJ5xZBskk2loVp7E5x8fE5U/bIfw7N080ZANyIedFtgCR8rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2MCVSjRInuo4IwiD+7Lih25KtAMB8GA1UdIwQY
MBaAFOkgI35yXPClPvQ6dLVWlVGv904EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlNBamZuSmM4S1UtOURwMHRWYVZVYV8zVGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hNTYwZDAtMDM2OC00OWMzLTliODgt
ZWIxMTM5YTMzZDBhLzEvYll3SlZLTkVpZTZqZ2pDSVA3c3VLSGJrcTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hNTYwZDAtMDM2OC00OWMzLTliODgtZWIxMTM5YTMzZDBh
LzEvNlNBamZuSmM4S1UtOURwMHRWYVZVYV8zVGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTRoMA0G
CSqGSIb3DQEBCwUAA4IBAQAjLglGUk5rbTMW/0RuBq5rifBGnqjjXVrrJaQJvdm4
dH0HpDLW2TICeoz/P9cW6nl1kFyK51ohqA2YM+g7pWyEY3nsa5rg7VG4zbOizaEM
Q5iapR8MdxI2wWTM47IubFbTR9lxE+6pJSdVuaAgNOx5vzuR2eNFa4YMq6GHo11U
DXf5XI1HlJLWH9XThPAxbc+fQn0TXphPKGGGH+z4R6OY808RF+ZetvEXgegAmO2G
Opxwx/GeAsxSxhhSQuWdYElP4pFRD8NSSLa/ekpGELEdFkVNTPsmoETs/49um4NW
BdO0HhvnC5jvbpd56HqrtoMRbzJAfPyyaJoj5GMpg2WL
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:39:29 2025 by rpki-client