Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/e892a1-cb5d-41d2-9078-a3900ff45451/1/YKiu8Xhy4YGRnPsmfhZXeRWkmlw.roa
File: YKiu8Xhy4YGRnPsmfhZXeRWkmlw.roa (raw, json)
Hash identifier: W2Qk9HNfNUxgCgmpVb5xDsd/PI6WJRAoQxWcxNCmQ1A=
Subject key identifier: 60:A8:AE:F1:78:72:E1:81:91:9C:FB:26:7E:16:57:79:15:A4:9A:5C
Certificate issuer: /CN=fc4b8573ca0ebb478e008f70afa08ae58b7869a5
Certificate serial: 0194252163781B9881AF8ECED56DC286FA2D
Authority key identifier: FC:4B:85:73:CA:0E:BB:47:8E:00:8F:70:AF:A0:8A:E5:8B:78:69:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EuFc8oOu0eOAI9wr6CK5Yt4aaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/e892a1-cb5d-41d2-9078-a3900ff45451/1/YKiu8Xhy4YGRnPsmfhZXeRWkmlw.roa
Signing time: Thu 02 Jan 2025 03:48:52 +0000
ROA not before: Thu 02 Jan 2025 03:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12329
IP address blocks: 194.156.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:63:78:1b:98:81:af:8e:ce:d5:6d:c2:86:fa:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4b8573ca0ebb478e008f70afa08ae58b7869a5
Validity
Not Before: Jan 2 03:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60a8aef17872e181919cfb267e16577915a49a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:83:fb:0f:95:0e:5f:a5:81:f1:6b:c0:c6:bf:
96:1b:39:70:db:bf:d7:49:34:6d:32:ee:c1:6d:aa:
c4:39:24:60:85:e1:58:59:f6:58:1e:c8:61:78:a4:
5e:4f:d2:f6:3e:f1:5d:20:8b:c5:39:16:02:6b:9a:
90:bb:8c:3e:e9:90:86:d5:25:9b:29:1d:25:85:45:
70:e8:f1:e1:af:43:76:73:d1:46:ba:37:0e:c4:ab:
8d:11:dc:a7:98:af:53:92:72:38:f7:d3:eb:46:c3:
f9:27:30:5b:16:b0:0a:4a:69:f7:a1:a1:8e:34:bc:
38:ee:4a:c9:d1:8d:97:a1:10:ac:13:9c:b0:8b:57:
99:e5:47:57:8c:fc:7b:c8:25:c1:d0:a8:1a:f6:0b:
0d:e3:06:f8:56:dc:e3:36:41:e1:ff:28:88:cf:24:
78:fd:f0:24:01:bd:cd:68:ca:fd:93:5c:1c:8c:e3:
c9:3f:1a:6b:cd:73:82:58:c6:9a:66:91:f7:70:66:
4a:e6:41:ed:e6:f1:a9:a0:01:15:6d:e6:64:79:0d:
f1:e6:c2:71:26:9f:bc:97:a9:64:8a:e4:6e:3f:bf:
8c:82:de:42:f4:8d:93:c5:6a:44:ef:f5:b9:b1:13:
e7:cf:73:ed:6e:b2:e4:43:0a:5f:c4:c0:4a:e8:74:
fb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A8:AE:F1:78:72:E1:81:91:9C:FB:26:7E:16:57:79:15:A4:9A:5C
X509v3 Authority Key Identifier:
keyid:FC:4B:85:73:CA:0E:BB:47:8E:00:8F:70:AF:A0:8A:E5:8B:78:69:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EuFc8oOu0eOAI9wr6CK5Yt4aaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/e892a1-cb5d-41d2-9078-a3900ff45451/1/YKiu8Xhy4YGRnPsmfhZXeRWkmlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/e892a1-cb5d-41d2-9078-a3900ff45451/1/_EuFc8oOu0eOAI9wr6CK5Yt4aaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.86.0/24
Signature Algorithm: sha256WithRSAEncryption
32:dc:d8:1e:3b:2a:05:4b:c6:04:81:7d:bb:75:30:2b:bb:b4:
9f:6a:00:68:8d:27:c2:6d:e1:12:13:8d:de:d5:9a:f9:b9:9f:
29:c3:3e:c2:c8:01:1b:5f:ca:6d:9d:bf:3e:85:01:00:94:ed:
91:11:19:46:ed:35:c0:f0:b1:46:e9:7f:39:2a:86:41:2d:ac:
c5:b7:10:9d:78:92:2c:19:7a:3a:ed:12:5b:35:b4:8a:41:b6:
20:c6:8d:6e:da:db:18:bc:00:80:b4:79:b1:70:4e:e7:cf:c8:
6d:75:9d:62:7b:28:c8:87:f3:27:b7:90:b1:e7:2f:ce:10:0d:
1e:6a:0a:1e:69:ba:e0:28:d3:e3:3b:d5:40:56:46:81:45:d1:
33:e1:15:f7:7e:a7:55:b2:69:09:14:8b:8e:51:ed:63:f9:1b:
8d:28:df:11:93:04:28:3d:c4:87:27:86:8a:73:02:a8:8e:c7:
11:aa:7c:dd:39:34:86:cd:68:df:a2:81:24:ef:47:3b:ca:69:
ae:f4:1e:47:5e:c7:e2:61:db:fc:8d:17:48:e0:16:75:8e:d0:
f2:bd:0e:8f:22:e9:05:2c:be:06:89:a2:8b:76:92:01:54:f0:
83:67:91:8d:11:82:59:0d:10:04:9c:61:c2:74:dd:1d:7b:3b:
1c:12:87:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWN4G5iBr47O1W3ChvotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGI4NTczY2EwZWJiNDc4ZTAwOGY3MGFmYTA4YWU1OGI3
ODY5YTUwHhcNMjUwMTAyMDM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE4YWVmMTc4NzJlMTgxOTE5Y2ZiMjY3ZTE2NTc3OTE1YTQ5YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoP7D5UOX6WB8WvAxr+WGzlw27/X
STRtMu7BbarEOSRgheFYWfZYHshheKReT9L2PvFdIIvFORYCa5qQu4w+6ZCG1SWb
KR0lhUVw6PHhr0N2c9FGujcOxKuNEdynmK9TknI499PrRsP5JzBbFrAKSmn3oaGO
NLw47krJ0Y2XoRCsE5ywi1eZ5UdXjPx7yCXB0Kga9gsN4wb4VtzjNkHh/yiIzyR4
/fAkAb3NaMr9k1wcjOPJPxprzXOCWMaaZpH3cGZK5kHt5vGpoAEVbeZkeQ3x5sJx
Jp+8l6lkiuRuP7+Mgt5C9I2TxWpE7/W5sRPnz3PtbrLkQwpfxMBK6HT75QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCorvF4cuGBkZz7Jn4WV3kVpJpcMB8GA1UdIwQY
MBaAFPxLhXPKDrtHjgCPcK+giuWLeGmlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0V1RmM4b091MGVPQUk5d3I2Q0s1WXQ0YWFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9lODkyYTEtY2I1ZC00MWQyLTkwNzgt
YTM5MDBmZjQ1NDUxLzEvWUtpdThYaHk0WUdSblBzbWZoWlhlUldrbWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9lODkyYTEtY2I1ZC00MWQyLTkwNzgtYTM5MDBmZjQ1NDUx
LzEvX0V1RmM4b091MGVPQUk5d3I2Q0s1WXQ0YWFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpxWMA0G
CSqGSIb3DQEBCwUAA4IBAQAy3NgeOyoFS8YEgX27dTAru7SfagBojSfCbeESE43e
1Zr5uZ8pwz7CyAEbX8ptnb8+hQEAlO2RERlG7TXA8LFG6X85KoZBLazFtxCdeJIs
GXo67RJbNbSKQbYgxo1u2tsYvACAtHmxcE7nz8htdZ1ieyjIh/Mnt5Cx5y/OEA0e
agoeabrgKNPjO9VAVkaBRdEz4RX3fqdVsmkJFIuOUe1j+RuNKN8RkwQoPcSHJ4aK
cwKojscRqnzdOTSGzWjfooEk70c7ymmu9B5HXsfiYdv8jRdI4BZ1jtDyvQ6PIukF
LL4GiaKLdpIBVPCDZ5GNEYJZDRAEnGHCdN0dezscEoda
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:00 2025 by rpki-client