Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ryafTbFFi6QkP1ytCgUryuZnoks.roa
File: ryafTbFFi6QkP1ytCgUryuZnoks.roa (raw, json)
Hash identifier: R6odNW9S9N0zwz0XXE+3nxaiVJ3/HxcaALTcr4RRSbE=
Subject key identifier: AF:26:9F:4D:B1:45:8B:A4:24:3F:5C:AD:0A:05:2B:CA:E6:67:A2:4B
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747F407B209715E8654EF90BCE961AA
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ryafTbFFi6QkP1ytCgUryuZnoks.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60560
IP address blocks: 46.10.194.0/24 maxlen: 24
90.154.232.0/24 maxlen: 24
90.154.236.0/24 maxlen: 24
90.154.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f4:07:b2:09:71:5e:86:54:ef:90:bc:e9:61:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af269f4db1458ba4243f5cad0a052bcae667a24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fc:73:79:92:92:fa:88:80:2e:0a:bb:b5:69:
3a:aa:cd:d4:f1:3b:69:36:d2:ba:f3:03:34:c0:8f:
92:3b:e9:21:0b:3a:bf:c2:f3:d0:40:a9:38:5a:d9:
8f:b2:64:53:bf:fe:36:b5:4b:3a:b5:93:6d:95:c2:
4e:83:9e:fe:8f:71:0f:b3:1e:e0:3f:7f:d1:5f:75:
d5:5f:47:6a:d4:ac:5d:49:69:ed:58:9c:8d:1a:92:
8c:8a:2f:b8:5d:c3:5e:4e:0d:3e:c4:31:a5:6b:9a:
eb:76:72:d8:74:9b:a3:93:ca:3d:7d:c8:d0:5f:ae:
4f:53:9c:3b:9a:42:5b:8f:b2:11:8e:f9:f8:ed:81:
b5:b5:f8:8f:34:19:e5:fe:bf:fe:f1:c4:4d:bc:0b:
73:5e:fb:15:71:b6:a0:32:9a:3f:b2:bf:6c:b7:2d:
8f:62:e8:49:9b:57:ff:cc:f7:75:b1:59:4a:6b:8b:
27:b1:ef:84:31:6d:cb:20:42:5c:e8:9c:25:87:84:
0e:91:f8:30:65:ec:fe:e0:99:85:2b:e7:48:ee:75:
82:57:2b:49:40:3b:4f:2a:75:b1:94:90:f0:f2:f8:
6d:ac:05:35:e0:09:e6:44:56:2d:e5:a6:3c:0e:65:
30:90:73:22:78:50:15:ec:0e:a5:43:d0:77:5f:7d:
16:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:26:9F:4D:B1:45:8B:A4:24:3F:5C:AD:0A:05:2B:CA:E6:67:A2:4B
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ryafTbFFi6QkP1ytCgUryuZnoks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.194.0/24
90.154.232.0/24
90.154.236.0/23
Signature Algorithm: sha256WithRSAEncryption
22:f8:dd:08:b0:0a:29:9d:66:1e:b5:8e:cb:44:b0:c0:af:c4:
1b:08:dc:0f:92:f3:80:54:5e:08:ca:12:bc:76:f6:dc:1d:39:
a1:03:fb:99:f0:1e:51:1a:d5:8e:25:c6:e5:5e:6d:14:ce:9d:
9b:b7:4a:ef:49:d7:a4:9c:60:68:27:59:6b:36:3f:ac:e5:10:
ad:f7:e5:b5:b5:c4:15:0c:dc:b9:4e:2f:e3:09:5f:24:f8:1d:
cf:4b:ba:39:2b:8f:b1:95:48:01:83:eb:68:61:8c:c6:9d:b8:
8f:7c:89:9b:e7:38:da:81:6c:9b:92:76:01:2f:ed:9c:86:51:
9d:b0:d8:08:e3:64:22:2a:94:b7:f7:51:67:35:94:7c:5c:cb:
c5:b7:f1:b4:b9:54:56:16:48:d1:f6:dd:68:9f:80:7a:80:95:
db:54:aa:85:bd:6e:b7:85:41:fa:da:30:84:5b:4b:c2:b7:c4:
63:86:38:a1:ad:92:27:f9:e1:96:c7:02:ce:93:ea:d0:ff:72:
3a:89:0c:79:5b:60:f5:2b:d0:22:a7:d9:27:31:3f:bb:d5:7a:
ea:e5:29:d1:42:e3:19:86:c9:2e:af:f2:14:fb:ff:a1:da:4c:
8d:50:27:7d:c6:10:45:c5:de:63:fd:39:56:e7:66:06:2e:98:
70:7c:55:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR/QHsglxXoZU75C86WGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI2OWY0ZGIxNDU4YmE0MjQzZjVjYWQwYTA1MmJjYWU2NjdhMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvxzeZKS+oiALgq7tWk6qs3U8Ttp
NtK68wM0wI+SO+khCzq/wvPQQKk4WtmPsmRTv/42tUs6tZNtlcJOg57+j3EPsx7g
P3/RX3XVX0dq1KxdSWntWJyNGpKMii+4XcNeTg0+xDGla5rrdnLYdJujk8o9fcjQ
X65PU5w7mkJbj7IRjvn47YG1tfiPNBnl/r/+8cRNvAtzXvsVcbagMpo/sr9sty2P
YuhJm1f/zPd1sVlKa4snse+EMW3LIEJc6Jwlh4QOkfgwZez+4JmFK+dI7nWCVytJ
QDtPKnWxlJDw8vhtrAU14AnmRFYt5aY8DmUwkHMieFAV7A6lQ9B3X30WRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK8mn02xRYukJD9crQoFK8rmZ6JLMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvcnlhZlRiRkZpNlFrUDF5dENnVXJ5dVpub2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALgrCAwQA
WproAwQBWprsMA0GCSqGSIb3DQEBCwUAA4IBAQAi+N0IsAopnWYetY7LRLDAr8Qb
CNwPkvOAVF4IyhK8dvbcHTmhA/uZ8B5RGtWOJcblXm0Uzp2bt0rvSdeknGBoJ1lr
Nj+s5RCt9+W1tcQVDNy5Ti/jCV8k+B3PS7o5K4+xlUgBg+toYYzGnbiPfImb5zja
gWybknYBL+2chlGdsNgI42QiKpS391FnNZR8XMvFt/G0uVRWFkjR9t1on4B6gJXb
VKqFvW63hUH62jCEW0vCt8RjhjihrZIn+eGWxwLOk+rQ/3I6iQx5W2D1K9Aip9kn
MT+71Xrq5SnRQuMZhskur/IU+/+h2kyNUCd9xhBFxd5j/TlW52YGLphwfFXe
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:30:13 2025 by rpki-client