Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8YENchuRgh0qszP18DuqK_SJeDc.roa
File: 8YENchuRgh0qszP18DuqK_SJeDc.roa (raw, json)
Hash identifier: ClgwzF2qsoPrjpFsBoqlEPHfpJN+flHqtUY+TBmQ9d4=
Subject key identifier: F1:81:0D:72:1B:91:82:1D:2A:B3:33:F5:F0:3B:AA:2B:F4:89:78:37
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422202D10E300C6ECBE40466BEED4BC2A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8YENchuRgh0qszP18DuqK_SJeDc.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2d:10:e3:00:c6:ec:be:40:46:6b:ee:d4:bc:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1810d721b91821d2ab333f5f03baa2bf4897837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:73:b3:0c:49:e8:5a:61:ba:c7:bb:cf:96:17:
d6:d3:8a:df:a4:7b:22:e1:7c:9a:a7:d3:e1:c5:c5:
3f:21:1e:a5:d7:13:ef:f9:76:24:f2:c3:12:e6:37:
2d:e7:a5:c4:84:67:19:be:e0:10:cd:92:67:4f:aa:
08:a6:16:03:cd:d0:fb:a7:f3:39:81:83:dd:9a:83:
90:d2:f0:7d:65:32:b7:96:8d:e8:ab:a3:be:cd:48:
77:c8:38:a3:18:f8:bf:83:a2:7d:dd:5b:b0:db:4e:
c1:3e:e6:01:33:3a:43:e3:4e:f5:f7:d6:07:2c:6a:
1a:ba:88:ed:a9:69:25:55:ec:22:ad:73:b7:d7:a6:
12:15:1a:2b:f6:37:3f:11:a5:67:c5:3e:79:16:e3:
b0:50:30:62:9a:0e:e7:bc:b1:9b:e3:3c:c2:87:7b:
cc:db:07:3e:56:c4:04:de:6e:f4:b5:85:67:6e:46:
47:82:79:94:cb:51:07:94:5e:88:94:72:aa:c9:6c:
da:01:bd:f5:26:a9:94:a1:87:94:ac:02:4c:99:c8:
89:07:04:ef:ec:d1:bc:72:83:c8:42:0b:9e:ed:79:
5a:fb:c9:8c:59:b5:2d:4f:57:be:b0:f9:98:15:74:
a6:65:8c:ce:2e:e1:51:f7:1e:51:e6:73:20:de:65:
55:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:81:0D:72:1B:91:82:1D:2A:B3:33:F5:F0:3B:AA:2B:F4:89:78:37
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8YENchuRgh0qszP18DuqK_SJeDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.225.2.0/24
185.226.107.0/24
185.227.145.0/24
185.232.206.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
11:71:dc:67:47:b4:24:8f:1c:59:ad:9c:dd:6e:02:da:60:98:
d5:cd:48:57:bc:eb:8b:7d:21:df:0f:79:0c:3f:0b:dc:df:72:
72:87:00:44:8e:32:82:79:bd:fd:4b:cb:f4:0d:3f:db:88:08:
ad:ca:fa:fd:ae:2c:51:d7:3e:d6:12:47:42:71:ec:a4:f8:9b:
b8:60:7c:44:4e:18:51:ed:de:c4:bc:f6:2a:1a:3f:66:b6:68:
5e:1d:d1:75:93:d2:80:8e:ba:ac:6d:c1:05:53:61:67:26:ec:
63:06:09:18:93:75:22:23:38:9d:f6:53:de:52:8d:72:77:35:
21:08:3d:9c:df:0e:42:66:87:b7:13:81:0d:cc:35:b5:77:c6:
6d:25:6c:a3:3d:e5:87:da:1a:cc:7f:b8:33:df:23:28:85:d0:
31:4d:5c:97:52:e5:fe:fe:7b:7d:d7:04:61:75:c6:27:eb:c7:
50:ee:a7:f9:d1:d8:59:79:0b:e6:80:ae:4b:55:18:8d:31:43:
1a:72:75:dc:0f:82:43:eb:02:50:7e:f8:da:38:33:ee:56:79:
3b:a6:09:e5:a3:e3:0b:a2:6f:85:44:1f:c6:a2:8d:c7:7d:8c:
48:4f:44:04:39:b4:03:e1:b2:5f:8f:aa:59:f1:04:6c:be:9a:
de:cb:88:ab
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZQiIC0Q4wDG7L5ARmvu1LwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgxMGQ3MjFiOTE4MjFkMmFiMzMzZjVmMDNiYWEyYmY0ODk3ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznOzDEnoWmG6x7vPlhfW04rfpHsi
4Xyap9PhxcU/IR6l1xPv+XYk8sMS5jct56XEhGcZvuAQzZJnT6oIphYDzdD7p/M5
gYPdmoOQ0vB9ZTK3lo3oq6O+zUh3yDijGPi/g6J93Vuw207BPuYBMzpD407199YH
LGoauojtqWklVewirXO316YSFRor9jc/EaVnxT55FuOwUDBimg7nvLGb4zzCh3vM
2wc+VsQE3m70tYVnbkZHgnmUy1EHlF6IlHKqyWzaAb31JqmUoYeUrAJMmciJBwTv
7NG8coPIQgue7Xla+8mMWbUtT1e+sPmYFXSmZYzOLuFR9x5R5nMg3mVVVwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFPGBDXIbkYIdKrMz9fA7qiv0iXg3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvOFlFTmNodVJnaDBxc3pQMThEdXFLX1NKZURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAucefAwQA
uc74AwQAuc77AwQBudEkAwQAudFKAwQCudKYAwQAudpmAwQAud9MAwQAueECAwQA
ueJrAwQAueORAwQAuejOAwQCueoUAwQCue7kAwQBufB4AwQAufvnMA0GCSqGSIb3
DQEBCwUAA4IBAQARcdxnR7QkjxxZrZzdbgLaYJjVzUhXvOuLfSHfD3kMPwvc33Jy
hwBEjjKCeb39S8v0DT/biAityvr9rixR1z7WEkdCceyk+Ju4YHxEThhR7d7EvPYq
Gj9mtmheHdF1k9KAjrqsbcEFU2FnJuxjBgkYk3UiIzid9lPeUo1ydzUhCD2c3w5C
Zoe3E4ENzDW1d8ZtJWyjPeWH2hrMf7gz3yMohdAxTVyXUuX+/nt91wRhdcYn68dQ
7qf50dhZeQvmgK5LVRiNMUMacnXcD4JD6wJQfvjaODPuVnk7pgnlo+MLom+FRB/G
oo3HfYxIT0QEObQD4bJfj6pZ8QRsvprey4ir
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:21:42 2025 by rpki-client