Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/ylHfNJxivzSDEST10fWDem7vKnQ.roa
File: ylHfNJxivzSDEST10fWDem7vKnQ.roa (raw, json)
Hash identifier: A5nWEbRO5hkEAdJU6Q2r7yPo+a47nvfcEeJhbXc7xME=
Subject key identifier: CA:51:DF:34:9C:62:BF:34:83:11:24:F5:D1:F5:83:7A:6E:EF:2A:74
Certificate issuer: /CN=0a5ec6e0660db6f625b978be0d5ee71c2dcd465a
Certificate serial: 019422FBC1305AD8AA6E91C770836C6F6E0E
Authority key identifier: 0A:5E:C6:E0:66:0D:B6:F6:25:B9:78:BE:0D:5E:E7:1C:2D:CD:46:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cl7G4GYNtvYluXi-DV7nHC3NRlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/ylHfNJxivzSDEST10fWDem7vKnQ.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210101
IP address blocks: 85.117.224.0/22 maxlen: 22
2a0d:b4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c1:30:5a:d8:aa:6e:91:c7:70:83:6c:6f:6e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a5ec6e0660db6f625b978be0d5ee71c2dcd465a
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca51df349c62bf34831124f5d1f5837a6eef2a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:a6:22:e0:9e:39:8c:43:79:1e:78:e4:2d:
9a:0e:2f:a7:36:92:51:3b:b9:9d:c6:dc:17:0c:e9:
c1:4e:be:e3:6b:40:34:7e:d9:dc:ff:12:f5:c2:b3:
30:fc:2f:73:6a:02:6f:7a:31:79:8b:dd:f5:5d:c5:
82:10:2f:7c:de:50:1a:f3:0e:a7:d3:c2:79:aa:a9:
3d:a5:51:c2:7c:41:34:46:62:cb:75:04:7c:fc:af:
94:28:55:03:f4:3e:47:bb:a3:82:c9:80:0e:ec:4a:
da:6d:e1:79:f1:c0:98:8c:6f:bf:62:4c:b9:c5:e6:
6a:0a:40:af:ad:0e:b7:8d:97:00:3e:c5:ea:f7:3a:
a5:27:1f:6c:12:3a:51:2d:85:b7:d6:c8:5d:c6:ac:
b3:25:d0:35:7b:9e:26:0a:dd:1d:de:5c:5c:95:24:
d4:84:98:ed:f5:f2:d1:06:29:40:04:b1:bc:a5:ae:
e7:31:48:3c:65:19:62:f1:e9:c0:9c:ac:44:28:63:
09:2f:8c:33:6f:fe:df:ec:77:26:d4:c4:99:da:a0:
8e:e1:95:14:48:71:8e:90:ca:00:66:fc:8f:09:6b:
17:16:a2:1b:30:11:b3:1e:87:f0:86:e1:18:5f:94:
e7:95:32:c0:eb:09:56:3d:ad:95:c0:e3:8b:4a:c6:
41:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:51:DF:34:9C:62:BF:34:83:11:24:F5:D1:F5:83:7A:6E:EF:2A:74
X509v3 Authority Key Identifier:
keyid:0A:5E:C6:E0:66:0D:B6:F6:25:B9:78:BE:0D:5E:E7:1C:2D:CD:46:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cl7G4GYNtvYluXi-DV7nHC3NRlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/ylHfNJxivzSDEST10fWDem7vKnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/Cl7G4GYNtvYluXi-DV7nHC3NRlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.224.0/22
IPv6:
2a0d:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:f1:1b:72:7b:c4:3e:33:f6:76:de:37:ca:93:fc:dc:d2:87:
c6:a0:61:3e:fa:d1:af:dd:02:84:89:27:c8:a3:f4:67:c8:1e:
0f:e4:12:b1:c0:07:7b:66:71:59:f7:f3:86:b8:e0:e7:f1:cd:
27:6f:3a:45:f6:fc:80:17:4d:d2:bb:f4:c1:38:d2:6b:e3:38:
f4:4f:d6:ab:0a:a3:86:c4:aa:ee:85:1f:32:3d:20:a8:81:60:
0b:42:e9:2e:f6:8e:af:71:8c:03:17:d7:88:70:82:2a:77:bb:
f9:28:c4:70:f4:4b:c7:de:f5:ca:1b:e7:18:ae:bb:79:94:59:
08:f9:6a:87:d3:4a:6d:eb:3e:6b:d6:e5:15:2c:7e:5a:04:e6:
7c:8e:82:2a:b8:ae:89:fa:1b:c7:7e:53:96:e5:77:98:e5:10:
7f:2b:82:b5:0c:4d:58:7b:6d:ba:34:ac:14:60:26:61:81:0e:
d0:ee:d9:7d:48:c6:d1:4f:03:c8:b7:67:be:c6:35:38:e1:9d:
99:6f:31:b5:34:50:87:f8:d0:69:41:c2:14:8b:2e:9b:53:90:
f3:13:b0:cc:4c:f9:13:f6:6f:90:cc:3b:d5:a4:e6:33:03:44:
39:a2:f9:47:eb:70:07:48:25:1f:89:48:d2:0a:ca:6b:ce:a5:
e2:28:ef:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+8EwWtiqbpHHcINsb24OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNWVjNmUwNjYwZGI2ZjYyNWI5NzhiZTBkNWVlNzFjMmRj
ZDQ2NWEwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTUxZGYzNDljNjJiZjM0ODMxMTI0ZjVkMWY1ODM3YTZlZWYyYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA152mIuCeOYxDeR545C2aDi+nNpJR
O7mdxtwXDOnBTr7ja0A0ftnc/xL1wrMw/C9zagJvejF5i931XcWCEC983lAa8w6n
08J5qqk9pVHCfEE0RmLLdQR8/K+UKFUD9D5Hu6OCyYAO7ErabeF58cCYjG+/Yky5
xeZqCkCvrQ63jZcAPsXq9zqlJx9sEjpRLYW31shdxqyzJdA1e54mCt0d3lxclSTU
hJjt9fLRBilABLG8pa7nMUg8ZRli8enAnKxEKGMJL4wzb/7f7Hcm1MSZ2qCO4ZUU
SHGOkMoAZvyPCWsXFqIbMBGzHofwhuEYX5TnlTLA6wlWPa2VwOOLSsZBVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMpR3zScYr80gxEk9dH1g3pu7yp0MB8GA1UdIwQY
MBaAFApexuBmDbb2Jbl4vg1e5xwtzUZaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2w3RzRHWU50dllsdVhpLURWN25IQzNOUmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy81Nzc2YTMtMDZkZC00OTgwLThmNmYt
ZDNlM2M3OGU3YzQ0LzEveWxIZk5KeGl2elNERVNUMTBmV0RlbTd2S25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy81Nzc2YTMtMDZkZC00OTgwLThmNmYtZDNlM2M3OGU3YzQ0
LzEvQ2w3RzRHWU50dllsdVhpLURWN25IQzNOUmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVXXgMA0E
AgACMAcDBQMqDbTAMA0GCSqGSIb3DQEBCwUAA4IBAQBv8Rtye8Q+M/Z23jfKk/zc
0ofGoGE++tGv3QKEiSfIo/RnyB4P5BKxwAd7ZnFZ9/OGuODn8c0nbzpF9vyAF03S
u/TBONJr4zj0T9arCqOGxKruhR8yPSCogWALQuku9o6vcYwDF9eIcIIqd7v5KMRw
9EvH3vXKG+cYrrt5lFkI+WqH00pt6z5r1uUVLH5aBOZ8joIquK6J+hvHflOW5XeY
5RB/K4K1DE1Ye226NKwUYCZhgQ7Q7tl9SMbRTwPIt2e+xjU44Z2ZbzG1NFCH+NBp
QcIUiy6bU5DzE7DMTPkT9m+QzDvVpOYzA0Q5ovlH63AHSCUfiUjSCsprzqXiKO8G
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net