Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/yR3tS_ANDk4tqqBt9oy3aE3IVVA.roa
File: yR3tS_ANDk4tqqBt9oy3aE3IVVA.roa (raw, json)
Hash identifier: CBFaXVlyf8O1AiwoLakDijfjU7v7khHrl6opiRBTnoo=
Subject key identifier: C9:1D:ED:4B:F0:0D:0E:4E:2D:AA:A0:6D:F6:8C:B7:68:4D:C8:55:50
Certificate issuer: /CN=edc260028cd2ab1d0e43774f4404decd27aef3cc
Certificate serial: 0194221F9943D82DB9EB5B19F98A5036EE26
Authority key identifier: ED:C2:60:02:8C:D2:AB:1D:0E:43:77:4F:44:04:DE:CD:27:AE:F3:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/yR3tS_ANDk4tqqBt9oy3aE3IVVA.roa
Signing time: Wed 01 Jan 2025 13:48:03 +0000
ROA not before: Wed 01 Jan 2025 13:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64411
IP address blocks: 185.165.164.0/22 maxlen: 22
2a0a:3e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:99:43:d8:2d:b9:eb:5b:19:f9:8a:50:36:ee:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc260028cd2ab1d0e43774f4404decd27aef3cc
Validity
Not Before: Jan 1 13:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c91ded4bf00d0e4e2daaa06df68cb7684dc85550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:3d:b7:a2:a7:a7:e4:1e:21:ee:e8:40:55:
f0:79:b5:8c:0a:9a:15:51:4b:58:44:65:00:26:3f:
b7:d5:c3:9e:a7:91:fb:06:b7:30:5d:61:8c:b2:ff:
38:f8:c8:40:61:f9:d3:b3:c9:32:e4:9d:fd:3c:4b:
73:69:d3:99:cc:09:cd:78:e3:79:fd:c4:bf:44:96:
25:1c:99:e7:22:db:61:2d:3d:fa:f3:12:bc:6a:d6:
44:96:1b:03:9b:51:51:b2:4c:5f:03:ab:67:94:51:
f6:ed:cc:8b:d5:38:d6:3a:59:fa:7e:0e:dc:8b:1b:
2b:0c:1c:8c:37:62:a3:05:84:fd:69:a6:78:08:7c:
06:0f:91:60:3b:cb:2d:bc:4b:e0:a3:5e:7b:d4:a7:
10:3c:11:11:9e:55:15:1b:dc:79:af:40:46:aa:a1:
d5:67:c5:b9:8d:ef:70:54:32:20:6f:76:7b:e2:42:
43:13:61:30:0f:35:78:31:b4:97:16:77:dd:ae:21:
9e:dc:ad:fa:87:e9:22:07:fc:db:e2:38:b9:dd:f2:
5c:0e:2b:0a:32:20:49:78:31:75:0c:52:09:90:09:
16:b7:64:71:1c:6d:ef:6a:1c:91:cf:9b:e2:7f:bb:
ae:f8:44:fc:a5:ba:10:a6:65:bf:fd:4d:c3:b2:86:
cf:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1D:ED:4B:F0:0D:0E:4E:2D:AA:A0:6D:F6:8C:B7:68:4D:C8:55:50
X509v3 Authority Key Identifier:
keyid:ED:C2:60:02:8C:D2:AB:1D:0E:43:77:4F:44:04:DE:CD:27:AE:F3:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/yR3tS_ANDk4tqqBt9oy3aE3IVVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/7cJgAozSqx0OQ3dPRATezSeu88w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.164.0/22
IPv6:
2a0a:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
0c:a9:c4:08:36:de:bd:33:79:46:b6:1e:e6:10:19:c0:7f:de:
c1:b2:2f:50:61:aa:3a:8e:f2:e0:78:26:c6:3c:7e:37:6c:f2:
19:cc:49:c3:17:f1:55:09:fa:2e:cb:ce:0d:ab:28:bf:dd:2b:
04:77:55:de:ff:d6:d9:3d:bd:d7:bb:1d:dc:67:cb:07:ef:51:
4d:10:14:ff:22:1c:ce:0e:09:3a:31:93:a2:4e:41:27:d1:e3:
f5:98:b3:4d:3a:ee:fd:0d:37:3c:5e:0b:6d:86:64:06:db:3e:
f6:ef:70:86:cb:46:06:f7:65:0b:24:18:95:90:93:9b:bd:3c:
ae:6b:7f:43:88:e3:95:cd:3a:e0:e1:32:c0:80:fd:78:75:de:
78:36:9c:3b:49:b6:f7:90:ed:5a:c4:11:36:e9:af:d4:a3:2d:
1f:5a:83:b8:5e:5d:e6:d0:28:f8:de:61:d4:3d:99:1d:1f:a5:
8d:00:17:a7:bf:20:68:20:e3:fe:8c:5e:fd:00:e0:9b:54:48:
ac:dc:55:09:67:d8:25:65:e3:be:e7:8d:fe:9d:fb:ba:51:00:
ce:23:7f:ab:92:c7:81:78:e9:28:e1:b2:fe:91:1e:2c:dc:dc:
3d:58:80:af:00:c5:6f:b8:d1:3d:11:a3:9d:ab:50:7a:46:29:
8b:9f:a8:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH5lD2C2561sZ+YpQNu4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzI2MDAyOGNkMmFiMWQwZTQzNzc0ZjQ0MDRkZWNkMjdh
ZWYzY2MwHhcNMjUwMTAxMTM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTFkZWQ0YmYwMGQwZTRlMmRhYWEwNmRmNjhjYjc2ODRkYzg1NTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ89t6Knp+QeIe7oQFXwebWMCpoV
UUtYRGUAJj+31cOep5H7BrcwXWGMsv84+MhAYfnTs8ky5J39PEtzadOZzAnNeON5
/cS/RJYlHJnnItthLT368xK8atZElhsDm1FRskxfA6tnlFH27cyL1TjWOln6fg7c
ixsrDByMN2KjBYT9aaZ4CHwGD5FgO8stvEvgo1571KcQPBERnlUVG9x5r0BGqqHV
Z8W5je9wVDIgb3Z74kJDE2EwDzV4MbSXFnfdriGe3K36h+kiB/zb4ji53fJcDisK
MiBJeDF1DFIJkAkWt2RxHG3vahyRz5vif7uu+ET8pboQpmW//U3DsobPtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMkd7UvwDQ5OLaqgbfaMt2hNyFVQMB8GA1UdIwQY
MBaAFO3CYAKM0qsdDkN3T0QE3s0nrvPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NKZ0FvelNxeDBPUTNkUFJBVGV6U2V1ODh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTUyYjYtMzM2Zi00NjY4LWJhZmIt
ZmRjMjU4Mzc3MzAxLzEveVIzdFNfQU5EazR0cXFCdDlveTNhRTNJVlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTUyYjYtMzM2Zi00NjY4LWJhZmItZmRjMjU4Mzc3MzAx
LzEvN2NKZ0FvelNxeDBPUTNkUFJBVGV6U2V1ODh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaWkMA0E
AgACMAcDBQMqCj4AMA0GCSqGSIb3DQEBCwUAA4IBAQAMqcQINt69M3lGth7mEBnA
f97Bsi9QYao6jvLgeCbGPH43bPIZzEnDF/FVCfouy84Nqyi/3SsEd1Xe/9bZPb3X
ux3cZ8sH71FNEBT/IhzODgk6MZOiTkEn0eP1mLNNOu79DTc8XgtthmQG2z7273CG
y0YG92ULJBiVkJObvTyua39DiOOVzTrg4TLAgP14dd54Npw7Sbb3kO1axBE26a/U
oy0fWoO4Xl3m0Cj43mHUPZkdH6WNABenvyBoIOP+jF79AOCbVEis3FUJZ9glZeO+
543+nfu6UQDOI3+rkseBeOko4bL+kR4s3Nw9WICvAMVvuNE9EaOdq1B6RimLn6jM
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:22:12 2025 by rpki-client