Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/y6x_24Dy53Nfp_v4SHdevrYUamY.roa
File: y6x_24Dy53Nfp_v4SHdevrYUamY.roa (raw, json)
Hash identifier: /hAFYzSqfOWN1oUzWJx+3CY4gEnfKm1KUm8wm3S6om4=
Subject key identifier: CB:AC:7F:DB:80:F2:E7:73:5F:A7:FB:F8:48:77:5E:BE:B6:14:6A:66
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 019420D65CA634C063BC82226D76996056A5
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/y6x_24Dy53Nfp_v4SHdevrYUamY.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61272
IP address blocks: 85.206.160.0/20 maxlen: 32
85.206.240.0/22 maxlen: 32
88.119.160.0/20 maxlen: 32
91.216.163.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
185.64.104.0/22 maxlen: 32
213.252.228.0/22 maxlen: 32
213.252.232.0/23 maxlen: 32
213.252.238.0/23 maxlen: 32
2a04:2180::/32 maxlen: 64
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5c:a6:34:c0:63:bc:82:22:6d:76:99:60:56:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbac7fdb80f2e7735fa7fbf848775ebeb6146a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4e:de:2d:00:de:32:82:bb:c3:c4:8c:a2:73:
4a:48:4d:0a:c0:b8:a4:7c:a9:88:dc:51:55:c5:c3:
4d:70:1f:e0:72:a9:75:84:11:02:39:37:89:72:b8:
2e:db:ce:52:e4:ad:4c:d2:0b:f6:70:9a:10:74:b9:
f3:a6:82:3a:96:29:2f:26:44:c8:04:9e:81:07:83:
0a:b4:8a:d0:10:49:a2:58:db:0f:26:2a:f5:51:12:
93:3a:7f:b9:6f:2d:df:6c:bf:b0:01:ba:43:fd:cb:
f2:f2:de:58:a6:5c:14:36:1c:73:e6:ae:e6:02:46:
9e:74:43:d5:ef:27:10:44:0f:0f:e4:41:c7:65:7d:
8d:26:81:79:ab:56:f6:30:6d:0a:72:dd:f8:13:a8:
68:05:0e:37:80:96:45:d9:a7:2c:e8:de:b5:a6:29:
4f:c5:3e:70:52:9b:11:d6:1c:91:ab:3c:f2:bd:68:
db:73:a8:61:4a:74:e3:c8:9a:00:77:57:14:f2:c5:
3a:4e:84:6b:db:5a:7b:92:43:a9:7b:c8:fa:e4:c9:
2e:4b:d4:31:d8:88:3f:1e:06:6d:28:36:79:5c:e2:
7b:22:37:ef:10:50:ec:64:b8:05:d8:46:b1:ac:84:
84:30:af:ce:04:fe:3f:15:3d:ce:ad:45:10:62:5a:
d8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AC:7F:DB:80:F2:E7:73:5F:A7:FB:F8:48:77:5E:BE:B6:14:6A:66
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/y6x_24Dy53Nfp_v4SHdevrYUamY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0/20
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
213.252.228.0-213.252.233.255
213.252.238.0/23
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:13:0b:99:7f:29:87:48:97:b5:99:b6:71:f8:18:9a:99:a7:
dc:5c:f1:a0:b9:1c:65:a9:37:cd:96:70:3a:2c:97:96:b2:51:
50:0f:e0:7f:29:00:75:69:e6:82:26:dc:36:cb:41:5e:c8:af:
06:ad:c1:82:06:9c:33:a3:bc:41:51:58:46:a5:77:32:d4:a2:
49:7b:c5:e8:30:1d:0d:d3:b5:8b:96:e4:94:7e:28:b9:12:9e:
1b:c3:c2:64:30:9e:be:b4:bd:bb:84:39:31:3f:14:2f:8c:42:
8d:01:b5:50:30:72:58:ba:82:d0:bd:f9:7a:86:f1:7a:d5:4f:
e6:c3:65:20:dd:bb:19:0f:f0:d3:0c:c5:bf:a2:bf:d6:d7:29:
20:78:be:a0:f3:1b:96:b7:77:ff:25:6b:8a:37:07:83:af:eb:
9c:25:18:89:5a:27:34:d1:46:c5:45:c7:21:c4:91:06:4f:29:
4d:a6:db:64:7d:07:c7:74:8d:b4:f9:0b:bd:20:56:44:92:84:
18:63:bd:d3:55:8f:67:89:18:ae:a9:68:58:a5:91:17:6b:a0:
d1:b8:6f:ed:60:8f:7b:62:31:39:80:8f:3a:a5:b8:10:d8:74:
83:c1:13:67:d1:32:88:8f:23:52:65:ba:b2:09:0c:39:a9:26:
35:4c:8e:1d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZQg1lymNMBjvIIibXaZYFalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmFjN2ZkYjgwZjJlNzczNWZhN2ZiZjg0ODc3NWViZWI2MTQ2YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U7eLQDeMoK7w8SMonNKSE0KwLik
fKmI3FFVxcNNcB/gcql1hBECOTeJcrgu285S5K1M0gv2cJoQdLnzpoI6likvJkTI
BJ6BB4MKtIrQEEmiWNsPJir1URKTOn+5by3fbL+wAbpD/cvy8t5YplwUNhxz5q7m
AkaedEPV7ycQRA8P5EHHZX2NJoF5q1b2MG0Kct34E6hoBQ43gJZF2acs6N61pilP
xT5wUpsR1hyRqzzyvWjbc6hhSnTjyJoAd1cU8sU6ToRr21p7kkOpe8j65MkuS9Qx
2Ig/HgZtKDZ5XOJ7IjfvEFDsZLgF2EaxrISEMK/OBP4/FT3OrUUQYlrYZwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFMusf9uA8udzX6f7+Eh3Xr62FGpmMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEveTZ4XzI0RHk1M05mcF92NFNIZGV2cllVYW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA+BAIAATA4AwQEVc6gAwQC
Vc7wAwQEWHegAwQAW9ijAwQCuRkwAwQCuUBoMAwDBALV/OQDBAHV/OgDBAHV/O4w
IQQCAAIwGwMFACoEIYAwEgMHBCoEIYHAEAMHACoEIYHAEjANBgkqhkiG9w0BAQsF
AAOCAQEAkxMLmX8ph0iXtZm2cfgYmpmn3FzxoLkcZak3zZZwOiyXlrJRUA/gfykA
dWnmgibcNstBXsivBq3BggacM6O8QVFYRqV3MtSiSXvF6DAdDdO1i5bklH4ouRKe
G8PCZDCevrS9u4Q5MT8UL4xCjQG1UDByWLqC0L35eobxetVP5sNlIN27GQ/w0wzF
v6K/1tcpIHi+oPMblrd3/yVrijcHg6/rnCUYiVonNNFGxUXHIcSRBk8pTabbZH0H
x3SNtPkLvSBWRJKEGGO901WPZ4kYrqloWKWRF2ug0bhv7WCPe2IxOYCPOqW4ENh0
g8ETZ9EyiI8jUmW6sgkMOakmNUyOHQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:40 2025 by rpki-client