Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/y434m32YaOSFWfdjMrvD69-28ws.roa
File: y434m32YaOSFWfdjMrvD69-28ws.roa (raw, json)
Hash identifier: 2wH2CADXRiwQAKzkBQR9rJEZcF/YGQDp6VtufnWzYz8=
Subject key identifier: CB:8D:F8:9B:7D:98:68:E4:85:59:F7:63:32:BB:C3:EB:DF:B6:F3:0B
Certificate issuer: /CN=afcc1d30edeeab54b5812a990a943e3e8fe8391d
Certificate serial: 019424B2B1ACCE6F7757125F12D83BEB4A39
Authority key identifier: AF:CC:1D:30:ED:EE:AB:54:B5:81:2A:99:0A:94:3E:3E:8F:E8:39:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/y434m32YaOSFWfdjMrvD69-28ws.roa
Signing time: Thu 02 Jan 2025 01:47:58 +0000
ROA not before: Thu 02 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199298
IP address blocks: 185.21.220.0/22 maxlen: 22
2a00:5c20::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:b1:ac:ce:6f:77:57:12:5f:12:d8:3b:eb:4a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afcc1d30edeeab54b5812a990a943e3e8fe8391d
Validity
Not Before: Jan 2 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb8df89b7d9868e48559f76332bbc3ebdfb6f30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:71:86:76:35:d1:5e:25:3c:42:31:e5:83:62:
81:0f:83:8a:3d:8f:5f:e7:7c:ba:de:03:dc:2a:60:
cb:6e:51:60:da:c0:36:da:85:e9:53:44:fb:71:4e:
fe:79:c3:d6:5e:38:af:9d:79:67:2d:c3:55:4d:8c:
91:4b:41:cf:eb:48:cc:52:63:28:e4:e9:95:f6:c9:
be:7e:11:2c:c4:74:db:80:46:db:2c:37:f1:78:68:
dc:c0:a3:aa:e5:6c:61:ac:73:c1:09:03:ac:49:eb:
a6:32:90:52:c1:c6:a7:14:53:16:c4:7a:af:18:62:
af:47:11:6a:aa:71:a0:94:48:e0:9b:88:79:d5:d7:
3a:c8:82:03:ae:cb:2c:b3:98:f2:c5:fa:e2:f2:d7:
a5:35:75:fd:ea:01:38:36:1a:dc:91:e4:64:47:10:
37:6b:96:d9:bd:c0:91:3f:fd:c7:d3:b9:d5:5e:e7:
38:1c:fc:d1:7c:c2:ae:61:d3:51:b6:81:52:c4:27:
f8:fd:96:c1:3d:34:93:f4:20:c8:5d:e2:c8:d0:a5:
39:7b:83:79:81:b6:4c:63:86:c6:f5:56:c2:69:9c:
26:1a:62:35:6d:0f:16:97:2f:01:3e:af:a2:54:50:
03:f3:fe:1a:66:a9:10:bd:4a:7d:fa:9d:a5:81:f5:
1f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8D:F8:9B:7D:98:68:E4:85:59:F7:63:32:BB:C3:EB:DF:B6:F3:0B
X509v3 Authority Key Identifier:
keyid:AF:CC:1D:30:ED:EE:AB:54:B5:81:2A:99:0A:94:3E:3E:8F:E8:39:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/y434m32YaOSFWfdjMrvD69-28ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.220.0/22
IPv6:
2a00:5c20::/32
Signature Algorithm: sha256WithRSAEncryption
70:32:85:ce:12:a1:2c:b5:7e:5f:89:fc:a6:01:c6:cc:4d:7e:
44:06:a4:e7:f3:3a:03:e0:de:c9:40:4c:5a:b3:53:ad:3b:b0:
6a:a1:ee:98:d5:86:71:ec:44:12:c5:e2:5c:cd:04:d8:02:91:
39:31:fa:2a:85:42:6f:7d:82:d5:1e:8a:5a:ba:fe:e1:fc:12:
c1:29:a1:ee:a4:f0:82:ca:22:45:53:66:ce:40:2e:a8:d6:2e:
73:96:45:d1:d2:0d:61:46:34:6f:37:4b:1b:44:88:e9:ef:53:
31:b0:4d:02:93:c5:22:77:a7:c1:1d:73:3b:31:d4:a7:05:c8:
2c:26:e0:3d:4f:99:f4:be:9b:36:d4:74:cc:00:8c:34:59:b8:
86:bf:74:7e:e1:62:58:dd:3a:61:ab:67:91:80:77:16:23:5d:
6a:38:a6:8a:5a:bf:da:e7:64:c2:fe:9a:46:6b:05:6a:69:e5:
9f:67:54:22:56:6d:5b:ed:5f:8b:3e:39:b5:3e:da:36:72:ed:
bb:74:ad:ff:03:c1:c3:eb:4a:c0:8b:06:85:23:f9:09:76:d0:
12:ea:45:d6:08:6c:db:a4:58:e1:c1:d6:96:94:9e:32:16:1e:
e5:92:73:98:eb:63:93:c8:c7:94:e3:b5:8b:2d:6c:5a:fa:86:
16:66:7c:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksrGszm93VxJfEtg760o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2MxZDMwZWRlZWFiNTRiNTgxMmE5OTBhOTQzZTNlOGZl
ODM5MWQwHhcNMjUwMTAyMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjhkZjg5YjdkOTg2OGU0ODU1OWY3NjMzMmJiYzNlYmRmYjZmMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXGGdjXRXiU8QjHlg2KBD4OKPY9f
53y63gPcKmDLblFg2sA22oXpU0T7cU7+ecPWXjivnXlnLcNVTYyRS0HP60jMUmMo
5OmV9sm+fhEsxHTbgEbbLDfxeGjcwKOq5WxhrHPBCQOsSeumMpBSwcanFFMWxHqv
GGKvRxFqqnGglEjgm4h51dc6yIIDrssss5jyxfri8telNXX96gE4NhrckeRkRxA3
a5bZvcCRP/3H07nVXuc4HPzRfMKuYdNRtoFSxCf4/ZbBPTST9CDIXeLI0KU5e4N5
gbZMY4bG9VbCaZwmGmI1bQ8Wly8BPq+iVFAD8/4aZqkQvUp9+p2lgfUfdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMuN+Jt9mGjkhVn3YzK7w+vftvMLMB8GA1UdIwQY
MBaAFK/MHTDt7qtUtYEqmQqUPj6P6DkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjh3ZE1PM3VxMVMxZ1NxWkNwUS1Qb19vT1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wMjE3YzItNzM1NC00MDYxLTllZjct
YTIyMGZlNmEyYTI1LzEveTQzNG0zMllhT1NGV2Zkak1ydkQ2OS0yOHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wMjE3YzItNzM1NC00MDYxLTllZjctYTIyMGZlNmEyYTI1
LzEvcjh3ZE1PM3VxMVMxZ1NxWkNwUS1Qb19vT1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRXcMA0E
AgACMAcDBQAqAFwgMA0GCSqGSIb3DQEBCwUAA4IBAQBwMoXOEqEstX5fifymAcbM
TX5EBqTn8zoD4N7JQExas1OtO7Bqoe6Y1YZx7EQSxeJczQTYApE5MfoqhUJvfYLV
Hopauv7h/BLBKaHupPCCyiJFU2bOQC6o1i5zlkXR0g1hRjRvN0sbRIjp71MxsE0C
k8Uid6fBHXM7MdSnBcgsJuA9T5n0vps21HTMAIw0WbiGv3R+4WJY3Tphq2eRgHcW
I11qOKaKWr/a52TC/ppGawVqaeWfZ1QiVm1b7V+LPjm1Pto2cu27dK3/A8HD60rA
iwaFI/kJdtAS6kXWCGzbpFjhwdaWlJ4yFh7lknOY62OTyMeU47WLLWxa+oYWZnxm
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:22:12 2025 by rpki-client