Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/YHJMwPpMbGI_zFjgbXnZP4EWLRA.roa
File: YHJMwPpMbGI_zFjgbXnZP4EWLRA.roa (raw, json)
Hash identifier: PbBfFMHu68bzOncJDtOs1K4e5CV47wx0OGKsJihA0w8=
Subject key identifier: 60:72:4C:C0:FA:4C:6C:62:3F:CC:58:E0:6D:79:D9:3F:81:16:2D:10
Certificate issuer: /CN=553f4bc416639a7e1b6c4f0199e02e3160a1e642
Certificate serial: 019423D6B058FBC873BFF209C7BD265F6D7C
Authority key identifier: 55:3F:4B:C4:16:63:9A:7E:1B:6C:4F:01:99:E0:2E:31:60:A1:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VT9LxBZjmn4bbE8BmeAuMWCh5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/YHJMwPpMbGI_zFjgbXnZP4EWLRA.roa
Signing time: Wed 01 Jan 2025 21:47:39 +0000
ROA not before: Wed 01 Jan 2025 21:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60320
IP address blocks: 185.242.184.0/24 maxlen: 24
2a13:6000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b0:58:fb:c8:73:bf:f2:09:c7:bd:26:5f:6d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=553f4bc416639a7e1b6c4f0199e02e3160a1e642
Validity
Not Before: Jan 1 21:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60724cc0fa4c6c623fcc58e06d79d93f81162d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:84:a6:25:b1:93:8a:16:d8:2d:50:a5:30:f6:
a7:1a:89:07:ae:31:6a:f4:c2:aa:0a:ff:a2:dc:4e:
01:89:f0:db:a9:1f:f3:d5:f0:be:26:6c:fe:5f:0a:
d4:ba:b9:b7:91:46:37:51:53:ac:63:c4:16:73:07:
7b:e7:1b:73:b9:c2:61:09:cc:b9:c2:0f:93:4a:50:
6f:94:a0:94:55:88:3c:68:c4:9e:f6:96:2f:52:df:
0d:a7:48:37:14:80:c3:75:fa:12:ee:58:d9:57:45:
41:b0:9e:44:10:89:ea:d5:f2:58:c4:38:ad:03:26:
4f:3e:f4:85:60:d5:d2:e2:87:84:82:5b:ed:db:09:
bd:c4:1d:e4:33:d7:ab:ce:17:33:74:fe:e4:eb:56:
18:31:a6:92:6c:55:6f:9a:b5:50:6c:8a:fd:68:48:
f7:fe:b5:fc:90:3f:3a:ae:46:3b:87:bd:58:46:4b:
06:d3:2f:38:16:21:33:10:d1:3c:b5:c1:2c:99:bd:
8a:dc:02:6f:fb:9d:af:e6:ca:59:55:e4:43:50:3f:
66:f5:03:43:5c:f2:2d:7f:1d:08:c8:17:39:9a:ae:
22:5b:06:1f:ea:76:12:29:c3:bb:d1:4e:3e:a0:d4:
c7:ae:80:aa:1b:0b:9e:57:eb:d4:98:3c:f5:0d:40:
8b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:72:4C:C0:FA:4C:6C:62:3F:CC:58:E0:6D:79:D9:3F:81:16:2D:10
X509v3 Authority Key Identifier:
keyid:55:3F:4B:C4:16:63:9A:7E:1B:6C:4F:01:99:E0:2E:31:60:A1:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VT9LxBZjmn4bbE8BmeAuMWCh5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/YHJMwPpMbGI_zFjgbXnZP4EWLRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/VT9LxBZjmn4bbE8BmeAuMWCh5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.184.0/24
IPv6:
2a13:6000::/29
Signature Algorithm: sha256WithRSAEncryption
0c:c0:d5:07:5f:fe:8f:27:93:1a:59:40:e5:ea:9d:9c:25:1d:
01:4c:51:3e:74:3a:c5:3b:44:1a:6b:53:f3:7c:fc:33:20:5b:
77:2b:6d:37:3f:d0:12:d5:f1:1e:e3:fb:64:68:d1:74:41:23:
55:9b:19:77:1f:f5:22:14:05:aa:0d:78:56:cb:e5:98:47:5e:
af:c3:96:30:16:27:be:c9:2a:7b:81:3a:e0:a3:2e:08:fb:f3:
69:29:ab:81:85:a4:55:8f:cf:58:b6:6d:51:67:df:05:c4:53:
8d:74:2a:4a:c8:bc:13:4c:d3:7e:6c:ee:a6:93:41:82:52:d0:
2a:27:80:32:14:c3:5b:11:d1:20:df:2a:8d:7d:98:10:bb:fb:
75:0d:39:fc:52:d2:a8:32:21:f0:26:8d:1d:a3:be:7c:b2:68:
5b:bf:cd:ac:00:32:25:a8:8d:0a:c4:23:c7:63:9a:63:0e:6d:
e9:f4:87:33:68:41:8e:9a:5a:1d:bd:83:fb:ca:af:19:56:ad:
b6:90:14:6f:44:8c:cf:5f:0d:87:9e:fc:ea:be:90:5f:2a:47:
d9:03:4e:cf:a1:ee:9f:55:0b:82:cd:6d:11:91:05:fd:31:34:
3f:e9:58:75:93:bd:c8:83:6f:55:9a:fb:29:49:c0:ea:6b:9d:
06:08:05:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1rBY+8hzv/IJx70mX218MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1M2Y0YmM0MTY2MzlhN2UxYjZjNGYwMTk5ZTAyZTMxNjBh
MWU2NDIwHhcNMjUwMTAxMjE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcyNGNjMGZhNGM2YzYyM2ZjYzU4ZTA2ZDc5ZDkzZjgxMTYyZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYSmJbGTihbYLVClMPanGokHrjFq
9MKqCv+i3E4BifDbqR/z1fC+Jmz+XwrUurm3kUY3UVOsY8QWcwd75xtzucJhCcy5
wg+TSlBvlKCUVYg8aMSe9pYvUt8Np0g3FIDDdfoS7ljZV0VBsJ5EEInq1fJYxDit
AyZPPvSFYNXS4oeEglvt2wm9xB3kM9erzhczdP7k61YYMaaSbFVvmrVQbIr9aEj3
/rX8kD86rkY7h71YRksG0y84FiEzENE8tcEsmb2K3AJv+52v5spZVeRDUD9m9QND
XPItfx0IyBc5mq4iWwYf6nYSKcO70U4+oNTHroCqGwueV+vUmDz1DUCLjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGByTMD6TGxiP8xY4G152T+BFi0QMB8GA1UdIwQY
MBaAFFU/S8QWY5p+G2xPAZngLjFgoeZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlQ5THhCWmptbjRiYkU4Qm1lQXVNV0NoNWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kMTE5ZjYtODgwZC00ZjViLWIwNzkt
NWRkYWZiNTk1NGJhLzEvWUhKTXdQcE1iR0lfekZqZ2JYblpQNEVXTFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kMTE5ZjYtODgwZC00ZjViLWIwNzktNWRkYWZiNTk1NGJh
LzEvVlQ5THhCWmptbjRiYkU4Qm1lQXVNV0NoNWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufK4MA0E
AgACMAcDBQMqE2AAMA0GCSqGSIb3DQEBCwUAA4IBAQAMwNUHX/6PJ5MaWUDl6p2c
JR0BTFE+dDrFO0Qaa1PzfPwzIFt3K203P9AS1fEe4/tkaNF0QSNVmxl3H/UiFAWq
DXhWy+WYR16vw5YwFie+ySp7gTrgoy4I+/NpKauBhaRVj89Ytm1RZ98FxFONdCpK
yLwTTNN+bO6mk0GCUtAqJ4AyFMNbEdEg3yqNfZgQu/t1DTn8UtKoMiHwJo0do758
smhbv82sADIlqI0KxCPHY5pjDm3p9IczaEGOmlodvYP7yq8ZVq22kBRvRIzPXw2H
nvzqvpBfKkfZA07Poe6fVQuCzW0RkQX9MTQ/6Vh1k73Ig29VmvspScDqa50GCAXZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:19:11 2025 by rpki-client