Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/yuYeq9JTVDQNoBvV0c1A6Vb607M.roa
File: yuYeq9JTVDQNoBvV0c1A6Vb607M.roa (raw, json)
Hash identifier: SDTdx6+I5WWdC1FBTbzDu4LM8NgLg13fhQngvATZtpQ=
Subject key identifier: CA:E6:1E:AB:D2:53:54:34:0D:A0:1B:D5:D1:CD:40:E9:56:FA:D3:B3
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 0194B79905A6F62CEEAFF2B6412835A620FF
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/yuYeq9JTVDQNoBvV0c1A6Vb607M.roa
Signing time: Thu 30 Jan 2025 14:24:06 +0000
ROA not before: Thu 30 Jan 2025 14:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8410
IP address blocks: 194.0.120.0/22 maxlen: 22
194.55.161.0/24 maxlen: 24
194.55.163.0/24 maxlen: 24
194.55.168.0/24 maxlen: 24
194.55.171.0/24 maxlen: 24
195.140.180.0/22 maxlen: 22
212.15.32.0/21 maxlen: 21
212.15.40.0/24 maxlen: 24
212.15.41.0/24 maxlen: 24
212.15.42.0/24 maxlen: 24
212.15.43.0/24 maxlen: 24
212.15.44.0/24 maxlen: 24
212.15.45.0/24 maxlen: 24
212.15.46.0/24 maxlen: 24
212.15.47.0/24 maxlen: 24
212.15.48.0/24 maxlen: 24
212.15.52.0/24 maxlen: 24
212.15.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:99:05:a6:f6:2c:ee:af:f2:b6:41:28:35:a6:20:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Jan 30 14:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cae61eabd25354340da01bd5d1cd40e956fad3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:80:6c:0b:3e:42:39:a4:49:5c:25:3e:da:
6d:22:36:58:11:18:13:3d:c9:e2:e9:d4:2f:03:1c:
54:75:b9:e2:f3:c0:9b:8f:e4:0b:f9:c8:f8:ed:95:
01:5a:71:4a:9b:40:6f:77:81:68:56:ac:87:42:e3:
c5:ff:45:4c:f1:e2:71:29:0f:88:d8:fa:c3:d5:97:
d3:af:aa:ef:48:fb:07:95:13:29:91:d2:90:29:5a:
0e:35:e5:73:b6:3f:2f:da:5b:96:55:32:f3:4e:43:
bf:a3:8f:22:d4:40:a6:7a:64:e1:54:41:4d:e2:a7:
7d:a4:74:66:ca:6d:31:fe:2b:6e:d2:74:48:eb:e6:
d8:9c:71:6c:7e:d8:57:bb:a4:59:7d:d2:67:9e:aa:
43:f7:1c:61:c9:9e:55:bc:bd:4e:17:9b:a0:9f:a4:
bf:41:de:fc:60:43:9c:1a:fa:f4:01:d0:a8:9e:a9:
1e:22:b0:54:5d:4e:5c:a3:03:2b:df:6b:e7:7c:b0:
c5:09:5d:12:d9:11:ab:de:2f:15:4d:e3:9e:35:e3:
d8:e8:dc:c4:4b:63:cb:22:e5:4e:41:d5:4d:fd:62:
77:af:5d:b3:e4:cb:40:f6:c8:51:4c:a0:56:ab:1d:
05:fd:ef:45:a9:4f:6c:1b:a9:d1:07:34:c5:a9:8d:
7b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E6:1E:AB:D2:53:54:34:0D:A0:1B:D5:D1:CD:40:E9:56:FA:D3:B3
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/yuYeq9JTVDQNoBvV0c1A6Vb607M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.120.0/22
194.55.161.0/24
194.55.163.0/24
194.55.168.0/24
194.55.171.0/24
195.140.180.0/22
212.15.32.0-212.15.48.255
212.15.52.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:ed:22:8a:e7:f9:7f:0e:de:b2:a1:7d:ff:cf:1b:d3:f2:4a:
a4:ad:1f:d6:61:d7:49:c5:fd:5c:a8:86:3c:55:7d:7b:26:48:
66:dc:33:80:ad:c1:2c:1b:df:f5:4f:fc:aa:71:ee:d1:a5:08:
39:9d:5d:0f:b0:54:cd:30:b7:ea:25:f6:b5:01:7d:7c:f8:d2:
91:f4:e7:cd:94:49:3c:dc:12:66:40:a9:1b:65:c2:0f:8d:e7:
dc:d8:d0:eb:43:a7:80:1f:41:6d:3c:64:bc:06:fb:07:3f:b1:
d7:a0:01:41:07:94:7a:83:fb:0c:68:60:11:d2:a2:42:dd:b4:
1f:1e:95:3b:f5:62:40:6c:93:36:c1:51:6b:15:b2:7d:1f:bf:
fa:39:6b:54:e2:3a:98:f2:ff:cf:77:9a:16:54:54:cf:6d:e1:
e9:c5:4f:5d:1d:7e:82:67:b9:a2:89:ba:ad:32:c9:98:e9:14:
a0:a5:b7:12:de:70:48:39:41:d5:e0:5c:ba:1b:51:cc:70:bc:
38:99:21:3f:22:c0:61:cd:34:1a:ef:0c:5f:66:3b:96:79:0f:
ff:4c:85:b6:d7:d9:db:d1:5d:a6:a1:dd:c7:b6:02:d6:d4:bc:
31:b7:ab:1f:31:6c:dc:43:4e:04:ac:41:2c:08:f5:73:fe:6c:
34:10:09:81
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZS3mQWm9izur/K2QSg1piD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjUwMTMwMTQyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU2MWVhYmQyNTM1NDM0MGRhMDFiZDVkMWNkNDBlOTU2ZmFkM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsiAbAs+QjmkSVwlPtptIjZYERgT
Pcni6dQvAxxUdbni88Cbj+QL+cj47ZUBWnFKm0Bvd4FoVqyHQuPF/0VM8eJxKQ+I
2PrD1ZfTr6rvSPsHlRMpkdKQKVoONeVztj8v2luWVTLzTkO/o48i1ECmemThVEFN
4qd9pHRmym0x/itu0nRI6+bYnHFsfthXu6RZfdJnnqpD9xxhyZ5VvL1OF5ugn6S/
Qd78YEOcGvr0AdConqkeIrBUXU5cowMr32vnfLDFCV0S2RGr3i8VTeOeNePY6NzE
S2PLIuVOQdVN/WJ3r12z5MtA9shRTKBWqx0F/e9FqU9sG6nRBzTFqY17ewIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMrmHqvSU1Q0DaAb1dHNQOlW+tOzMB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEveXVZZXE5SlRWRFFOb0J2VjBjMUE2VmI2MDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCwgB4AwQA
wjehAwQAwjejAwQAwjeoAwQAwjerAwQCw4y0MAwDBAXUDyADBADUDzADBAHUDzQw
DQYJKoZIhvcNAQELBQADggEBAArtIorn+X8O3rKhff/PG9PySqStH9Zh10nF/Vyo
hjxVfXsmSGbcM4CtwSwb3/VP/Kpx7tGlCDmdXQ+wVM0wt+ol9rUBfXz40pH0582U
STzcEmZAqRtlwg+N59zY0OtDp4AfQW08ZLwG+wc/sdegAUEHlHqD+wxoYBHSokLd
tB8elTv1YkBskzbBUWsVsn0fv/o5a1TiOpjy/893mhZUVM9t4enFT10dfoJnuaKJ
uq0yyZjpFKCltxLecEg5QdXgXLobUcxwvDiZIT8iwGHNNBrvDF9mO5Z5D/9MhbbX
2dvRXaah3ce2AtbUvDG3qx8xbNxDTgSsQSwI9XP+bDQQCYE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:27:22 2025 by rpki-client