Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/ymgejZXQAFGY4W5XJssEnhi7B6U.roa
File: ymgejZXQAFGY4W5XJssEnhi7B6U.roa (raw, json)
Hash identifier: 6jBjJYjwNGCZyUd70W3B/Q80kGLCgiNFZzX5URwj3Fo=
Subject key identifier: CA:68:1E:8D:95:D0:00:51:98:E1:6E:57:26:CB:04:9E:18:BB:07:A5
Certificate issuer: /CN=07d3c0c115328c3d28c0f5721b00982b2cd4215e
Certificate serial: 0194228D21B5D2B93DF5D4366225D28AF3C7
Authority key identifier: 07:D3:C0:C1:15:32:8C:3D:28:C0:F5:72:1B:00:98:2B:2C:D4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/ymgejZXQAFGY4W5XJssEnhi7B6U.roa
Signing time: Wed 01 Jan 2025 15:47:41 +0000
ROA not before: Wed 01 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197763
IP address blocks: 195.22.120.0/24 maxlen: 24
2001:67c:2f00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:21:b5:d2:b9:3d:f5:d4:36:62:25:d2:8a:f3:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d3c0c115328c3d28c0f5721b00982b2cd4215e
Validity
Not Before: Jan 1 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca681e8d95d0005198e16e5726cb049e18bb07a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ab:2c:34:dd:25:ad:3f:ee:51:d2:b1:3a:2e:
c6:21:e4:6f:50:49:38:f0:65:2e:5b:58:5e:47:3f:
88:f5:6d:c5:7d:0f:3b:54:15:e9:8f:0c:01:e9:82:
b5:b2:10:0d:79:cf:56:aa:f4:91:66:09:8c:b3:69:
d0:bb:cf:00:87:29:c2:7d:9c:d5:66:77:12:cb:92:
0c:b9:65:7e:44:9a:74:39:a9:0a:5e:b2:ce:c7:46:
2d:67:81:c3:13:61:bc:bf:97:1c:d7:a2:08:f3:27:
c5:d5:6b:71:ed:c5:d1:66:d5:44:3c:df:59:b6:c5:
27:33:2c:55:0e:93:40:0f:53:54:03:ad:26:e0:98:
a3:60:67:ff:84:63:b3:37:af:37:ba:ec:4c:9e:e3:
7e:55:cc:65:39:8e:f5:86:60:24:1a:03:15:cf:db:
d5:82:b2:cb:e4:7e:32:6d:71:76:85:93:bf:f5:b6:
be:21:a9:9d:87:29:80:c4:fe:3e:5e:51:0d:6d:b3:
e8:d4:b9:7d:2d:15:2d:06:98:ff:02:13:fd:b4:f6:
11:87:e6:93:3f:83:b5:4e:17:8c:98:c4:ae:bd:24:
e3:7a:71:17:ea:77:a1:a1:eb:39:d4:1c:c6:fc:ed:
17:31:03:90:4b:62:f3:22:ce:25:e3:18:d4:b0:e8:
5e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:68:1E:8D:95:D0:00:51:98:E1:6E:57:26:CB:04:9E:18:BB:07:A5
X509v3 Authority Key Identifier:
keyid:07:D3:C0:C1:15:32:8C:3D:28:C0:F5:72:1B:00:98:2B:2C:D4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/ymgejZXQAFGY4W5XJssEnhi7B6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/B9PAwRUyjD0owPVyGwCYKyzUIV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.120.0/24
IPv6:
2001:67c:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
3f:fd:eb:73:fd:2f:0f:5b:6b:b1:32:8a:17:99:fa:e4:e6:0f:
a7:ad:2d:74:4e:86:72:2b:53:ff:90:b7:e5:22:3c:7a:72:65:
de:43:21:35:ac:ab:a3:ec:20:59:bb:ea:cb:54:00:c5:48:9c:
e2:b1:ac:01:ca:6b:a2:f8:4f:a8:be:54:b8:bf:a8:d7:16:7d:
2a:21:01:d0:ea:e4:3b:35:6c:3f:99:60:c2:ba:52:9c:cd:06:
a8:a5:9d:a3:ec:a9:44:d3:aa:10:f2:d5:dd:fd:a3:9c:d3:b4:
fe:8f:08:2c:50:04:cd:c3:f2:e1:61:3c:85:13:de:86:3d:b1:
6a:17:67:9c:c6:82:d3:3a:cb:bf:80:23:16:c5:5f:a2:20:be:
98:98:bc:95:1f:0b:4d:ea:c5:2b:43:48:82:c7:5e:b0:b7:be:
be:25:c9:87:f2:92:a0:2f:ff:e8:25:25:46:ba:55:1c:df:b1:
b1:f0:56:a9:80:b4:ef:9d:c1:e3:1f:01:71:f7:4f:8b:87:60:
03:a2:9f:4f:cf:78:66:4c:a5:ff:0b:56:a0:53:93:1c:90:a5:
fe:c5:ae:ff:1b:a5:3a:59:0c:f1:7e:9f:c0:b5:23:31:80:75:
93:ed:55:24:fa:b0:99:1e:41:7f:d3:35:a7:e9:63:86:35:d8:
91:00:ba:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijSG10rk99dQ2YiXSivPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDNjMGMxMTUzMjhjM2QyOGMwZjU3MjFiMDA5ODJiMmNk
NDIxNWUwHhcNMjUwMTAxMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY4MWU4ZDk1ZDAwMDUxOThlMTZlNTcyNmNiMDQ5ZTE4YmIwN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKssNN0lrT/uUdKxOi7GIeRvUEk4
8GUuW1heRz+I9W3FfQ87VBXpjwwB6YK1shANec9WqvSRZgmMs2nQu88AhynCfZzV
ZncSy5IMuWV+RJp0OakKXrLOx0YtZ4HDE2G8v5cc16II8yfF1Wtx7cXRZtVEPN9Z
tsUnMyxVDpNAD1NUA60m4JijYGf/hGOzN683uuxMnuN+VcxlOY71hmAkGgMVz9vV
grLL5H4ybXF2hZO/9ba+IamdhymAxP4+XlENbbPo1Ll9LRUtBpj/AhP9tPYRh+aT
P4O1TheMmMSuvSTjenEX6nehoes51BzG/O0XMQOQS2LzIs4l4xjUsOheiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMpoHo2V0ABRmOFuVybLBJ4YuwelMB8GA1UdIwQY
MBaAFAfTwMEVMow9KMD1chsAmCss1CFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlQQXdSVXlqRDBvd1BWeUd3Q1lLeXpVSVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zNzZmNWEtYzAyNi00YmFlLTg4NDct
MmIxZDQzOWIyMjI3LzEveW1nZWpaWFFBRkdZNFc1WEpzc0VuaGk3QjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zNzZmNWEtYzAyNi00YmFlLTg4NDctMmIxZDQzOWIyMjI3
LzEvQjlQQXdSVXlqRDBvd1BWeUd3Q1lLeXpVSVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwxZ4MA8E
AgACMAkDBwAgAQZ8LwAwDQYJKoZIhvcNAQELBQADggEBAD/963P9Lw9ba7EyiheZ
+uTmD6etLXROhnIrU/+Qt+UiPHpyZd5DITWsq6PsIFm76stUAMVInOKxrAHKa6L4
T6i+VLi/qNcWfSohAdDq5Ds1bD+ZYMK6UpzNBqilnaPsqUTTqhDy1d39o5zTtP6P
CCxQBM3D8uFhPIUT3oY9sWoXZ5zGgtM6y7+AIxbFX6IgvpiYvJUfC03qxStDSILH
XrC3vr4lyYfykqAv/+glJUa6VRzfsbHwVqmAtO+dweMfAXH3T4uHYAOin0/PeGZM
pf8LVqBTkxyQpf7Frv8bpTpZDPF+n8C1IzGAdZPtVST6sJkeQX/TNafpY4Y12JEA
usc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:15:53 2025 by rpki-client