Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/YI4k3ENYRJqaDSUhSenx1oLWDr4.roa
File: YI4k3ENYRJqaDSUhSenx1oLWDr4.roa (raw, json)
Hash identifier: /gA7fz8Cy1YxK69gPpp37L8R7jjMwoMYWidH5G4YDU4=
Subject key identifier: 60:8E:24:DC:43:58:44:9A:9A:0D:25:21:49:E9:F1:D6:82:D6:0E:BE
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 019425FDC6181670DBBD7BCE9020EC89CC31
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/YI4k3ENYRJqaDSUhSenx1oLWDr4.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29137
IP address blocks: 195.234.248.0/23 maxlen: 23
195.234.250.0/23 maxlen: 23
213.180.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c6:18:16:70:db:bd:7b:ce:90:20:ec:89:cc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=608e24dc4358449a9a0d252149e9f1d682d60ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1f:37:32:7a:a5:0e:24:3d:6d:25:85:1b:f0:
05:ca:48:99:13:02:ca:c2:f9:20:9f:08:15:c0:34:
64:66:28:6b:95:a9:c6:6e:ed:6a:a2:f6:ef:36:34:
0d:e5:30:20:e4:3e:c7:75:37:85:ef:45:53:95:05:
77:4e:de:97:c1:f7:02:74:64:ac:3a:83:3f:d7:75:
26:83:24:59:d0:a6:9e:e3:aa:de:66:b7:bb:53:d4:
60:6a:95:03:56:b0:fb:c9:cb:59:98:2a:3f:07:fc:
6c:18:bf:e8:b3:c6:f3:29:a1:82:8f:55:ee:ed:62:
d7:e7:2f:99:63:9e:73:de:3c:b9:65:a2:59:aa:bc:
f1:2c:21:b6:ae:d8:09:27:fd:bc:2f:b7:87:e5:ec:
b7:f1:58:96:7d:21:04:8c:bc:a8:62:21:bf:c5:85:
6b:a6:c9:0d:8e:14:37:ed:63:0c:e8:1c:d3:b2:60:
af:e8:06:9a:12:b6:73:96:4a:d3:3c:27:10:6d:f0:
d9:b7:77:fc:63:e5:f4:1d:d1:e9:f7:2a:a4:f5:18:
01:66:99:81:7b:75:ba:de:c3:b0:a8:00:3d:9b:91:
13:79:d0:ff:b5:9e:9a:81:c5:0b:77:ad:6f:99:43:
7e:7e:0d:47:93:e7:6e:2f:fa:1d:6f:b0:0f:f3:d1:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8E:24:DC:43:58:44:9A:9A:0D:25:21:49:E9:F1:D6:82:D6:0E:BE
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/YI4k3ENYRJqaDSUhSenx1oLWDr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.248.0/22
213.180.230.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:28:b6:cf:d0:a7:d9:f9:88:00:3c:87:93:63:54:2e:69:78:
30:e6:de:e7:58:66:83:be:5e:f8:47:a5:f4:0c:a0:0c:b4:e3:
90:ab:b7:8b:06:4e:68:d2:37:d7:da:46:2a:bd:d7:8b:f5:11:
5a:46:48:2d:18:d0:52:32:58:28:a0:b6:0e:61:d5:de:86:72:
a1:a1:7a:dc:bb:e0:9e:b7:3e:8f:1a:de:08:c7:52:9c:0f:37:
ae:53:f7:22:23:42:e7:cc:28:4f:f3:d0:c0:0f:de:37:a5:f3:
de:2d:6e:7f:d6:b4:34:7f:9b:37:04:43:b5:3d:01:04:2e:83:
c5:2f:10:45:a2:cb:3b:bf:67:41:30:36:a0:63:7f:42:a5:25:
39:cb:32:d9:9d:0a:8c:a4:e6:76:87:c6:f4:07:0e:1b:76:9e:
17:30:4f:33:45:65:ef:fe:b3:bb:7e:b8:45:5f:99:62:71:d8:
00:c8:77:02:b1:53:ee:f0:16:e5:5c:48:a4:69:8c:48:85:13:
18:ed:9a:de:a7:73:95:f6:8e:78:56:39:89:38:48:2a:fc:53:
b6:63:2a:48:8a:8f:dd:49:9b:be:b4:42:42:4e:24:2a:3f:81:
9f:f1:ca:f8:51:da:cc:a1:c8:1d:8f:38:dd:37:6d:f8:1b:4c:
45:be:2e:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/cYYFnDbvXvOkCDsicwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhlMjRkYzQzNTg0NDlhOWEwZDI1MjE0OWU5ZjFkNjgyZDYwZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx83MnqlDiQ9bSWFG/AFykiZEwLK
wvkgnwgVwDRkZihrlanGbu1qovbvNjQN5TAg5D7HdTeF70VTlQV3Tt6XwfcCdGSs
OoM/13UmgyRZ0Kae46reZre7U9RgapUDVrD7yctZmCo/B/xsGL/os8bzKaGCj1Xu
7WLX5y+ZY55z3jy5ZaJZqrzxLCG2rtgJJ/28L7eH5ey38ViWfSEEjLyoYiG/xYVr
pskNjhQ37WMM6BzTsmCv6AaaErZzlkrTPCcQbfDZt3f8Y+X0HdHp9yqk9RgBZpmB
e3W63sOwqAA9m5ETedD/tZ6agcULd61vmUN+fg1Hk+duL/odb7AP89GEJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCOJNxDWESamg0lIUnp8daC1g6+MB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvWUk0azNFTllSSnFhRFNVaFNlbngxb0xXRHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw+r4AwQA
1bTmMA0GCSqGSIb3DQEBCwUAA4IBAQDAKLbP0KfZ+YgAPIeTY1QuaXgw5t7nWGaD
vl74R6X0DKAMtOOQq7eLBk5o0jfX2kYqvdeL9RFaRkgtGNBSMlgooLYOYdXehnKh
oXrcu+Cetz6PGt4Ix1KcDzeuU/ciI0LnzChP89DAD943pfPeLW5/1rQ0f5s3BEO1
PQEELoPFLxBFoss7v2dBMDagY39CpSU5yzLZnQqMpOZ2h8b0Bw4bdp4XME8zRWXv
/rO7frhFX5licdgAyHcCsVPu8BblXEikaYxIhRMY7Zrep3OV9o54VjmJOEgq/FO2
YypIio/dSZu+tEJCTiQqP4Gf8cr4UdrMocgdjzjdN234G0xFvi42
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:05:42 2025 by rpki-client