Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/YBabozhq7Bm__rh2KvKvZaWJJSk.roa
File: YBabozhq7Bm__rh2KvKvZaWJJSk.roa (raw, json)
Hash identifier: ZpYTHURBPLv+zLOzTtEUmCp4scPYCX2Bazth3B2lfOY=
Subject key identifier: 60:16:9B:A3:38:6A:EC:19:BF:FE:B8:76:2A:F2:AF:65:A5:89:25:29
Certificate issuer: /CN=966afc14d4a19a7c2c168eb2c81d5622b30149eb
Certificate serial: 019420683F56C3285B8608C51784A755115D
Authority key identifier: 96:6A:FC:14:D4:A1:9A:7C:2C:16:8E:B2:C8:1D:56:22:B3:01:49:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/YBabozhq7Bm__rh2KvKvZaWJJSk.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43273
IP address blocks: 5.252.172.0/22 maxlen: 22
91.196.248.0/22 maxlen: 22
91.238.168.0/22 maxlen: 22
185.149.244.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3f:56:c3:28:5b:86:08:c5:17:84:a7:55:11:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=966afc14d4a19a7c2c168eb2c81d5622b30149eb
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60169ba3386aec19bffeb8762af2af65a5892529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2b:0d:73:60:32:5d:02:7d:98:41:ac:02:80:
5b:0d:16:43:dd:c0:ea:e0:58:30:9a:fc:cd:a3:3c:
64:94:4e:39:d2:86:89:78:41:97:65:51:88:15:e4:
00:8a:4d:bb:11:a3:1c:5f:42:2e:47:8f:26:5f:0e:
2b:35:e9:ac:42:97:ba:bd:8b:66:be:d7:fc:7b:98:
d0:5a:f1:ce:16:e3:3c:c0:36:bc:03:ef:f7:fc:e0:
e3:fc:35:cd:39:4f:05:61:cb:5a:91:2b:23:27:2b:
87:63:87:ad:02:e5:f9:2c:58:7a:00:9b:ff:7b:e5:
b4:da:0b:9d:49:fa:23:77:77:57:48:e3:6a:2c:a1:
93:d7:1d:16:52:f0:5f:e9:de:76:1f:21:13:7e:1d:
d8:a2:24:9f:3b:72:2f:77:01:59:d8:9d:76:7b:bd:
f8:32:ca:e1:92:13:14:5f:ac:48:a3:21:ed:cf:84:
78:2d:de:fb:ab:56:3c:99:f5:ac:c8:5c:88:00:65:
d1:a5:46:7f:fb:16:b9:71:3b:f2:56:1b:22:73:d4:
dd:64:c8:c8:d8:11:7d:05:d9:6b:ab:52:2a:b5:e3:
be:7c:10:e5:52:a7:1b:ff:d3:44:40:d9:9b:39:0a:
4c:35:51:c5:2e:94:8c:5f:8e:44:0f:6e:6b:bd:73:
6c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:16:9B:A3:38:6A:EC:19:BF:FE:B8:76:2A:F2:AF:65:A5:89:25:29
X509v3 Authority Key Identifier:
keyid:96:6A:FC:14:D4:A1:9A:7C:2C:16:8E:B2:C8:1D:56:22:B3:01:49:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmr8FNShmnwsFo6yyB1WIrMBSes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/YBabozhq7Bm__rh2KvKvZaWJJSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1f7c98-18aa-47d8-ab41-1161edb9bf0e/1/lmr8FNShmnwsFo6yyB1WIrMBSes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.172.0/22
91.196.248.0/22
91.238.168.0/22
185.149.244.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:7d:b9:6d:6b:1f:77:9e:c6:5d:0b:ea:46:be:4a:93:f9:7d:
3a:6b:df:97:cd:f8:e7:09:52:4b:2b:23:0e:4f:07:86:d0:08:
c5:46:9b:16:18:b7:3c:72:0b:e0:6b:87:95:13:6a:09:e7:3f:
f2:71:e1:b6:17:1f:3a:2d:3b:87:4c:f5:76:f3:ac:86:b4:9a:
c2:10:12:23:0c:81:71:0a:4f:51:18:a6:af:1e:fe:14:e6:e9:
10:89:02:39:4d:47:82:8f:90:52:af:41:76:35:a5:f7:9f:1c:
f4:22:9d:9c:9e:b3:0d:99:c7:4d:f7:98:66:8b:13:99:c6:98:
19:07:fb:15:e0:76:54:d3:48:e2:d6:65:2f:13:5e:77:20:ff:
7c:96:3b:dc:f3:f9:28:a0:b8:e2:d1:d8:c0:9a:e8:59:24:97:
1b:48:db:0b:b4:ca:a2:23:0a:6e:de:82:bb:0f:5c:19:1d:bb:
00:4c:10:58:cb:7b:11:27:53:88:a4:aa:71:a4:83:2a:de:23:
02:07:c4:12:f5:81:a8:d4:4d:62:60:39:e6:93:a3:86:ab:7b:
b0:9a:ad:cd:17:e6:c4:06:d1:a4:a6:33:6e:f1:b0:68:56:9f:
67:6d:e0:4b:45:fa:c5:46:80:7b:f4:bb:fc:55:b2:bb:2e:7f:
31:30:29:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaD9WwyhbhgjFF4SnVRFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmFmYzE0ZDRhMTlhN2MyYzE2OGViMmM4MWQ1NjIyYjMw
MTQ5ZWIwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDE2OWJhMzM4NmFlYzE5YmZmZWI4NzYyYWYyYWY2NWE1ODkyNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ysNc2AyXQJ9mEGsAoBbDRZD3cDq
4FgwmvzNozxklE450oaJeEGXZVGIFeQAik27EaMcX0IuR48mXw4rNemsQpe6vYtm
vtf8e5jQWvHOFuM8wDa8A+/3/ODj/DXNOU8FYctakSsjJyuHY4etAuX5LFh6AJv/
e+W02gudSfojd3dXSONqLKGT1x0WUvBf6d52HyETfh3YoiSfO3IvdwFZ2J12e734
MsrhkhMUX6xIoyHtz4R4Ld77q1Y8mfWsyFyIAGXRpUZ/+xa5cTvyVhsic9TdZMjI
2BF9Bdlrq1IqteO+fBDlUqcb/9NEQNmbOQpMNVHFLpSMX45ED25rvXNs5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGAWm6M4auwZv/64diryr2WliSUpMB8GA1UdIwQY
MBaAFJZq/BTUoZp8LBaOssgdViKzAUnrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1yOEZOU2htbndzRm82eXlCMVdJck1CU2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xZjdjOTgtMThhYS00N2Q4LWFiNDEt
MTE2MWVkYjliZjBlLzEvWUJhYm96aHE3Qm1fX3JoMkt2S3ZaYVdKSlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xZjdjOTgtMThhYS00N2Q4LWFiNDEtMTE2MWVkYjliZjBl
LzEvbG1yOEZOU2htbndzRm82eXlCMVdJck1CU2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfysAwQC
W8T4AwQCW+6oAwQCuZX0MA0GCSqGSIb3DQEBCwUAA4IBAQB8fbltax93nsZdC+pG
vkqT+X06a9+XzfjnCVJLKyMOTweG0AjFRpsWGLc8cgvga4eVE2oJ5z/yceG2Fx86
LTuHTPV286yGtJrCEBIjDIFxCk9RGKavHv4U5ukQiQI5TUeCj5BSr0F2NaX3nxz0
Ip2cnrMNmcdN95hmixOZxpgZB/sV4HZU00ji1mUvE153IP98ljvc8/kooLji0djA
muhZJJcbSNsLtMqiIwpu3oK7D1wZHbsATBBYy3sRJ1OIpKpxpIMq3iMCB8QS9YGo
1E1iYDnmk6OGq3uwmq3NF+bEBtGkpjNu8bBoVp9nbeBLRfrFRoB79Lv8VbK7Ln8x
MCkY
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:41:11 2025 by rpki-client