Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ya12EPtNrcF0udvEcU2cfD6dvXE.roa
File: ya12EPtNrcF0udvEcU2cfD6dvXE.roa (raw, json)
Hash identifier: JqrMXae8q96ruf/DmoCDw76yVSkMluiHBgpoAg21vqs=
Subject key identifier: C9:AD:76:10:FB:4D:AD:C1:74:B9:DB:C4:71:4D:9C:7C:3E:9D:BD:71
Certificate issuer: /CN=af2b68f0c83add9a3a3b86ab24fb910a960262c6
Certificate serial: 0194274802E339FF9EB66D90D2656191F24B
Authority key identifier: AF:2B:68:F0:C8:3A:DD:9A:3A:3B:86:AB:24:FB:91:0A:96:02:62:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ya12EPtNrcF0udvEcU2cfD6dvXE.roa
Signing time: Thu 02 Jan 2025 13:50:18 +0000
ROA not before: Thu 02 Jan 2025 13:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14297
IP address blocks: 185.147.172.0/23 maxlen: 23
185.147.174.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:02:e3:39:ff:9e:b6:6d:90:d2:65:61:91:f2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b68f0c83add9a3a3b86ab24fb910a960262c6
Validity
Not Before: Jan 2 13:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9ad7610fb4dadc174b9dbc4714d9c7c3e9dbd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:de:4d:5e:0c:dc:2d:ce:56:1b:c9:3a:3d:5a:
c1:d5:2c:c0:b0:64:ab:45:1a:2b:d4:ed:bb:5b:0c:
8d:fe:fa:41:4e:50:da:ff:de:11:34:c3:77:c7:17:
76:b7:1f:bc:10:c9:bc:e4:a6:a5:15:2e:1b:55:a7:
15:d4:ea:ec:f7:6d:43:66:c5:2a:2a:70:1c:24:99:
88:e7:dc:9e:bd:df:49:c3:c9:99:87:86:ea:65:46:
99:5f:20:57:95:57:f3:4e:52:e3:ac:d9:e6:24:8b:
51:ea:82:99:85:fe:1b:84:0d:fc:84:5b:47:98:22:
b2:3a:5b:fb:1d:49:11:e8:b6:ad:8d:e5:57:c3:f8:
a4:1c:88:3a:ce:e2:45:83:55:dc:8a:45:58:f1:2a:
28:e3:61:20:74:76:80:49:b1:47:1d:bb:b1:44:00:
9c:c1:fc:a4:e6:02:04:dd:e7:c1:81:5d:ea:83:35:
78:ce:c7:f6:46:3f:f6:1e:58:62:cf:69:d9:2e:e6:
d1:9c:3f:7c:2b:ee:f4:1e:69:22:9b:14:8c:b4:5a:
a1:99:19:fb:ef:f5:fd:4a:0d:0e:68:08:ec:ce:bc:
d6:39:88:4c:02:a9:9a:96:10:c5:4f:d9:ed:cc:0e:
b7:62:f9:10:c3:ba:e0:95:87:17:94:ec:13:fe:9f:
89:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AD:76:10:FB:4D:AD:C1:74:B9:DB:C4:71:4D:9C:7C:3E:9D:BD:71
X509v3 Authority Key Identifier:
keyid:AF:2B:68:F0:C8:3A:DD:9A:3A:3B:86:AB:24:FB:91:0A:96:02:62:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ya12EPtNrcF0udvEcU2cfD6dvXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:84:45:f3:b5:9f:d5:82:aa:34:3f:4a:48:7b:e2:a3:f2:16:
28:13:9d:c9:37:a9:c6:99:0d:97:c2:25:ad:d7:23:b1:01:f5:
c6:a5:00:0e:a1:1a:bc:9a:78:7e:f5:ba:b1:5f:b2:43:81:f9:
c3:86:1c:68:8b:8d:be:54:6b:d1:20:88:34:1d:9f:48:1c:68:
fc:78:97:0a:ab:10:a0:2e:ff:2b:53:d8:16:9b:2a:41:33:14:
56:81:fb:ef:40:60:a2:90:3b:20:fa:40:0d:55:fe:23:d5:2a:
3c:0e:8c:ed:b2:8f:e8:62:40:fd:cc:27:f9:cc:ca:fb:68:5b:
b1:69:99:71:81:c7:2c:79:f7:7e:fb:7b:4a:28:90:81:ef:99:
98:ad:8f:60:f6:30:4e:5b:71:48:e5:a5:12:0a:73:e3:df:35:
32:9d:c7:41:21:2e:9c:83:96:4b:be:52:89:1d:ef:ae:e0:14:
cd:b5:de:38:6b:4c:e4:96:b2:32:26:35:65:80:90:bd:61:fd:
79:f7:83:86:93:dc:74:a2:f8:92:6e:40:30:42:4a:91:23:84:
78:fc:83:5a:36:20:b4:48:57:99:a6:14:21:77:61:92:23:f8:
f0:be:00:40:8f:8b:5f:fe:f3:9f:ae:d8:fa:1d:a7:f3:07:ea:
98:79:56:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSALjOf+etm2Q0mVhkfJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmI2OGYwYzgzYWRkOWEzYTNiODZhYjI0ZmI5MTBhOTYw
MjYyYzYwHhcNMjUwMTAyMTM1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFkNzYxMGZiNGRhZGMxNzRiOWRiYzQ3MTRkOWM3YzNlOWRiZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t5NXgzcLc5WG8k6PVrB1SzAsGSr
RRor1O27WwyN/vpBTlDa/94RNMN3xxd2tx+8EMm85KalFS4bVacV1Ors921DZsUq
KnAcJJmI59yevd9Jw8mZh4bqZUaZXyBXlVfzTlLjrNnmJItR6oKZhf4bhA38hFtH
mCKyOlv7HUkR6LatjeVXw/ikHIg6zuJFg1XcikVY8Soo42EgdHaASbFHHbuxRACc
wfyk5gIE3efBgV3qgzV4zsf2Rj/2Hlhiz2nZLubRnD98K+70HmkimxSMtFqhmRn7
7/X9Sg0OaAjszrzWOYhMAqmalhDFT9ntzA63YvkQw7rglYcXlOwT/p+JSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmtdhD7Ta3BdLnbxHFNnHw+nb1xMB8GA1UdIwQY
MBaAFK8raPDIOt2aOjuGqyT7kQqWAmLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83OTNlMDAtMGM1My00OWM0LWE1MWIt
ZWRhMzE2YTJhZmI4LzEveWExMkVQdE5yY0YwdWR2RWNVMmNmRDZkdlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83OTNlMDAtMGM1My00OWM0LWE1MWItZWRhMzE2YTJhZmI4
LzEvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZOsMA0G
CSqGSIb3DQEBCwUAA4IBAQB9hEXztZ/Vgqo0P0pIe+Kj8hYoE53JN6nGmQ2XwiWt
1yOxAfXGpQAOoRq8mnh+9bqxX7JDgfnDhhxoi42+VGvRIIg0HZ9IHGj8eJcKqxCg
Lv8rU9gWmypBMxRWgfvvQGCikDsg+kANVf4j1So8Doztso/oYkD9zCf5zMr7aFux
aZlxgccsefd++3tKKJCB75mYrY9g9jBOW3FI5aUSCnPj3zUyncdBIS6cg5ZLvlKJ
He+u4BTNtd44a0zklrIyJjVlgJC9Yf1594OGk9x0oviSbkAwQkqRI4R4/INaNiC0
SFeZphQhd2GSI/jwvgBAj4tf/vOfrtj6HafzB+qYeVbu
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:01:46 2025 by rpki-client