Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/YL2mjFkL3ptl5VIC6FUskxqO4nY.roa
File: YL2mjFkL3ptl5VIC6FUskxqO4nY.roa (raw, json)
Hash identifier: jZ9khSDfHMU1HP/GDGXtwMlzTdVqjL0AwmhZP5bokp4=
Subject key identifier: 60:BD:A6:8C:59:0B:DE:9B:65:E5:52:02:E8:55:2C:93:1A:8E:E2:76
Certificate issuer: /CN=a0639adf1e0b84b9ff64e4f8ebe638ebbf5d27b9
Certificate serial: 019421B1A511D82F9C401078758456E43435
Authority key identifier: A0:63:9A:DF:1E:0B:84:B9:FF:64:E4:F8:EB:E6:38:EB:BF:5D:27:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGOa3x4LhLn_ZOT46-Y4679dJ7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/YL2mjFkL3ptl5VIC6FUskxqO4nY.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21263
IP address blocks: 45.155.112.0/22 maxlen: 24
77.81.52.0/22 maxlen: 24
81.27.112.0/20 maxlen: 24
146.255.112.0/22 maxlen: 24
161.51.240.0/21 maxlen: 24
185.16.72.0/22 maxlen: 24
185.124.224.0/22 maxlen: 24
185.162.220.0/22 maxlen: 24
185.198.140.0/22 maxlen: 24
185.231.72.0/22 maxlen: 24
212.62.192.0/19 maxlen: 24
217.11.144.0/20 maxlen: 24
217.24.192.0/20 maxlen: 24
217.31.208.0/20 maxlen: 24
2a02:590::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a5:11:d8:2f:9c:40:10:78:75:84:56:e4:34:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0639adf1e0b84b9ff64e4f8ebe638ebbf5d27b9
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60bda68c590bde9b65e55202e8552c931a8ee276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f8:9f:73:51:19:33:7a:92:1e:d0:1d:17:80:
ab:11:76:01:71:8d:a8:29:22:36:cf:da:89:36:59:
8e:75:1c:0b:59:cd:64:bf:d1:14:b5:9b:b5:89:ca:
cd:2d:29:d1:87:b5:a4:57:df:b1:e6:3f:88:7d:61:
e5:fa:4d:b9:01:73:61:12:cc:2d:39:8d:cd:53:24:
0f:5b:72:81:ea:1b:9c:67:76:93:1a:5b:3f:9a:92:
9a:1e:0f:30:82:78:8d:89:66:d3:df:ef:84:f9:7a:
63:07:76:73:0a:b5:b1:08:62:fc:fa:92:5e:82:c2:
6a:01:2d:35:8a:18:be:2b:30:cc:a7:21:97:dc:b3:
0e:46:b6:7a:d5:f7:56:30:26:df:4d:b4:fb:80:c7:
b7:a1:c2:ec:1b:86:5f:50:85:3d:e4:6e:d2:4a:2c:
64:fa:21:7e:08:a9:3b:3d:12:a5:79:38:fb:7f:45:
75:92:6a:b4:61:e7:fd:76:99:ef:6d:50:6f:36:7f:
23:18:6f:68:09:e4:07:f5:90:5a:12:75:c2:7e:a9:
8f:e5:31:08:5b:f2:38:ae:b2:a1:b9:52:f2:09:20:
7b:62:0b:2e:76:af:a2:79:2f:31:49:d6:95:a1:c0:
89:c7:2e:8c:ed:c8:36:e4:dc:8a:a9:72:b1:e8:ed:
3c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BD:A6:8C:59:0B:DE:9B:65:E5:52:02:E8:55:2C:93:1A:8E:E2:76
X509v3 Authority Key Identifier:
keyid:A0:63:9A:DF:1E:0B:84:B9:FF:64:E4:F8:EB:E6:38:EB:BF:5D:27:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGOa3x4LhLn_ZOT46-Y4679dJ7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/YL2mjFkL3ptl5VIC6FUskxqO4nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/oGOa3x4LhLn_ZOT46-Y4679dJ7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.112.0/22
77.81.52.0/22
81.27.112.0/20
146.255.112.0/22
161.51.240.0/21
185.16.72.0/22
185.124.224.0/22
185.162.220.0/22
185.198.140.0/22
185.231.72.0/22
212.62.192.0/19
217.11.144.0/20
217.24.192.0/20
217.31.208.0/20
IPv6:
2a02:590::/29
Signature Algorithm: sha256WithRSAEncryption
2e:02:04:02:bc:40:d3:ef:96:b0:68:16:e0:11:2e:a6:0a:b8:
54:df:4a:bb:88:a8:40:b9:8c:0b:64:e1:ee:b8:e2:94:b1:fb:
e2:b0:a2:78:cd:42:78:8f:68:72:f5:34:ff:dc:5a:8a:97:29:
32:57:74:6f:8f:fb:2c:44:2f:01:b8:41:d8:e2:db:6e:f2:37:
0f:1e:08:4c:23:62:6d:ac:8e:68:a8:bb:56:18:de:c8:0e:1f:
9f:28:9c:cf:cc:02:15:04:6b:d7:71:d5:3b:7c:1d:51:4f:e7:
9e:25:b8:ba:76:1e:6b:de:27:8b:dd:dc:28:cf:ea:cf:3f:0c:
0c:c4:31:b5:a8:a1:4d:35:45:af:75:73:be:fc:70:d3:8f:d8:
ca:49:f3:68:cd:1d:ae:96:68:f9:89:fb:64:9c:5b:ae:1e:a9:
84:8a:f7:29:05:db:ec:4a:23:81:86:bb:56:18:c8:07:cd:76:
68:1b:6d:3d:f2:ce:d0:3d:a1:16:bb:53:fa:05:f0:0a:88:f0:
79:83:42:10:22:4a:78:f6:d5:bb:34:8e:53:c5:4a:3f:fc:ef:
50:9b:7f:35:91:d9:46:9d:b7:5d:6f:7f:e4:8d:a2:52:1d:0b:
8b:5e:a9:2a:01:c0:7a:24:41:36:34:f7:7a:8c:c5:46:2c:f7:
4b:6a:56:38
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQhsaUR2C+cQBB4dYRW5DQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNjM5YWRmMWUwYjg0YjlmZjY0ZTRmOGViZTYzOGViYmY1
ZDI3YjkwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGJkYTY4YzU5MGJkZTliNjVlNTUyMDJlODU1MmM5MzFhOGVlMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vifc1EZM3qSHtAdF4CrEXYBcY2o
KSI2z9qJNlmOdRwLWc1kv9EUtZu1icrNLSnRh7WkV9+x5j+IfWHl+k25AXNhEswt
OY3NUyQPW3KB6hucZ3aTGls/mpKaHg8wgniNiWbT3++E+XpjB3ZzCrWxCGL8+pJe
gsJqAS01ihi+KzDMpyGX3LMORrZ61fdWMCbfTbT7gMe3ocLsG4ZfUIU95G7SSixk
+iF+CKk7PRKleTj7f0V1kmq0Yef9dpnvbVBvNn8jGG9oCeQH9ZBaEnXCfqmP5TEI
W/I4rrKhuVLyCSB7Ygsudq+ieS8xSdaVocCJxy6M7cg25NyKqXKx6O08DwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFGC9poxZC96bZeVSAuhVLJMajuJ2MB8GA1UdIwQY
MBaAFKBjmt8eC4S5/2Tk+OvmOOu/XSe5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dPYTN4NExoTG5fWk9UNDYtWTQ2NzlkSjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYzM2M2MtMmQwZS00YmNhLWE5ZjIt
ODEzYzVhYWI3ODNlLzEvWUwybWpGa0wzcHRsNVZJQzZGVXNreHFPNG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYzM2M2MtMmQwZS00YmNhLWE5ZjItODEzYzVhYWI3ODNl
LzEvb0dPYTN4NExoTG5fWk9UNDYtWTQ2NzlkSjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCLZtwAwQC
TVE0AwQEURtwAwQCkv9wAwQDoTPwAwQCuRBIAwQCuXzgAwQCuaLcAwQCucaMAwQC
uedIAwQF1D7AAwQE2QuQAwQE2RjAAwQE2R/QMA0EAgACMAcDBQMqAgWQMA0GCSqG
SIb3DQEBCwUAA4IBAQAuAgQCvEDT75awaBbgES6mCrhU30q7iKhAuYwLZOHuuOKU
sfvisKJ4zUJ4j2hy9TT/3FqKlykyV3Rvj/ssRC8BuEHY4ttu8jcPHghMI2JtrI5o
qLtWGN7IDh+fKJzPzAIVBGvXcdU7fB1RT+eeJbi6dh5r3ieL3dwoz+rPPwwMxDG1
qKFNNUWvdXO+/HDTj9jKSfNozR2ulmj5iftknFuuHqmEivcpBdvsSiOBhrtWGMgH
zXZoG2098s7QPaEWu1P6BfAKiPB5g0IQIkp49tW7NI5TxUo//O9Qm381kdlGnbdd
b3/kjaJSHQuLXqkqAcB6JEE2NPd6jMVGLPdLalY4
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:20 2025 by rpki-client