Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/f64637-c7df-4a7c-bd16-2d7b9e917e87/1/kyrUnRtb4pbI1qnbEtyj5MQZz0U.roa
File: kyrUnRtb4pbI1qnbEtyj5MQZz0U.roa (raw, json)
Hash identifier: 82IwnYaqhU2vbcyev4JduXbqkuZIIKl6YSXP8FHqyqU=
Subject key identifier: 93:2A:D4:9D:1B:5B:E2:96:C8:D6:A9:DB:12:DC:A3:E4:C4:19:CF:45
Certificate issuer: /CN=3441eb5d7addba0e5afbf82a8c7d301ae41b9185
Certificate serial: 018CC5000D7B3E1D0A99919665B646D4741E
Authority key identifier: 34:41:EB:5D:7A:DD:BA:0E:5A:FB:F8:2A:8C:7D:30:1A:E4:1B:91:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEHrXXrdug5a-_gqjH0wGuQbkYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/f64637-c7df-4a7c-bd16-2d7b9e917e87/1/kyrUnRtb4pbI1qnbEtyj5MQZz0U.roa
Signing time: Mon 01 Jan 2024 12:29:23 +0000
ROA not before: Mon 01 Jan 2024 12:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 185.212.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0d:7b:3e:1d:0a:99:91:96:65:b6:46:d4:74:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3441eb5d7addba0e5afbf82a8c7d301ae41b9185
Validity
Not Before: Jan 1 12:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=932ad49d1b5be296c8d6a9db12dca3e4c419cf45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2e:7a:9e:97:c7:ef:46:ba:e5:06:88:be:18:
3a:3b:09:6a:37:62:c8:bd:a4:c0:fc:5b:e6:14:ce:
35:31:83:c8:fe:0c:5e:c9:75:eb:c6:53:81:d5:fc:
34:7b:73:65:f1:60:9b:d7:06:64:5d:b8:1f:35:2e:
cb:bd:a4:81:98:2e:22:44:a3:ea:01:9c:49:bc:f4:
79:e9:32:b2:bd:76:0d:b1:90:be:3d:64:43:84:af:
a8:3b:c8:68:37:86:4d:b6:01:66:14:d4:62:cb:f2:
63:26:67:78:a6:e2:c1:06:37:b0:79:96:e4:95:36:
67:fc:4e:af:d2:02:98:05:b5:56:1e:78:89:d1:a7:
95:7f:d4:ce:08:32:90:5b:92:ae:4a:f7:81:5f:00:
a7:b7:4f:57:2e:d3:50:18:1d:09:6f:79:ce:fd:e5:
08:a4:fb:e7:c7:7a:4f:2b:2c:2b:be:5b:78:a5:00:
8a:c3:b7:b0:ca:90:da:09:ac:34:99:9d:89:bf:cb:
c3:06:9b:9c:4b:8c:08:a8:d7:bb:a3:8c:16:c0:76:
5f:d3:4c:51:cd:38:a4:1d:04:3d:fe:57:7a:90:6f:
f2:dd:97:87:e7:ff:18:33:cb:24:72:db:41:51:50:
e9:94:7c:22:03:04:fe:37:73:1d:a4:26:43:2d:b8:
e6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2A:D4:9D:1B:5B:E2:96:C8:D6:A9:DB:12:DC:A3:E4:C4:19:CF:45
X509v3 Authority Key Identifier:
keyid:34:41:EB:5D:7A:DD:BA:0E:5A:FB:F8:2A:8C:7D:30:1A:E4:1B:91:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEHrXXrdug5a-_gqjH0wGuQbkYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/f64637-c7df-4a7c-bd16-2d7b9e917e87/1/kyrUnRtb4pbI1qnbEtyj5MQZz0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/f64637-c7df-4a7c-bd16-2d7b9e917e87/1/NEHrXXrdug5a-_gqjH0wGuQbkYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.212.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:fa:5b:2a:aa:e2:df:31:09:d8:e5:f5:39:cd:a0:30:2a:a0:
c7:3a:92:5b:61:45:75:60:04:2e:e7:ac:77:bd:99:1d:54:39:
51:66:33:3e:26:af:63:cb:38:e0:79:c0:40:d7:59:de:47:c5:
b0:ce:46:c1:f9:6b:75:81:79:67:aa:db:36:f2:68:b7:1d:20:
fa:e3:b9:12:bd:af:4d:8a:f9:59:07:b2:b1:02:57:35:a5:ed:
2a:02:76:cc:a2:5f:05:31:37:43:a0:78:45:66:c8:46:30:9a:
e0:54:f3:64:d8:61:70:27:49:63:d2:4a:ad:92:44:0a:f1:62:
10:dd:86:33:14:ac:c9:58:0d:e3:f5:ac:1f:fb:20:a2:78:33:
ea:6f:fa:44:c1:fe:9c:43:72:65:dd:3d:6a:df:f0:46:1a:f2:
82:6b:05:2e:a4:49:8d:84:00:ec:89:a8:c9:85:fa:f4:03:39:
93:1e:1d:c7:ce:c2:dc:ca:4d:dc:4a:f9:e4:92:68:0a:53:2c:
58:7a:76:f3:34:b0:a4:27:a1:60:5b:85:22:15:2c:15:9e:bd:
2b:02:1e:7f:58:32:68:64:ab:1c:41:6f:e3:f3:63:4e:c6:3a:
19:a6:f1:bf:c9:d7:b4:8c:55:13:e7:2c:f2:76:f5:a2:eb:b9:
01:24:13:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAA17Ph0KmZGWZbZG1HQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NDFlYjVkN2FkZGJhMGU1YWZiZjgyYThjN2QzMDFhZTQx
YjkxODUwHhcNMjQwMTAxMTIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJhZDQ5ZDFiNWJlMjk2YzhkNmE5ZGIxMmRjYTNlNGM0MTljZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC56npfH70a65QaIvhg6OwlqN2LI
vaTA/FvmFM41MYPI/gxeyXXrxlOB1fw0e3Nl8WCb1wZkXbgfNS7LvaSBmC4iRKPq
AZxJvPR56TKyvXYNsZC+PWRDhK+oO8hoN4ZNtgFmFNRiy/JjJmd4puLBBjeweZbk
lTZn/E6v0gKYBbVWHniJ0aeVf9TOCDKQW5KuSveBXwCnt09XLtNQGB0Jb3nO/eUI
pPvnx3pPKywrvlt4pQCKw7ewypDaCaw0mZ2Jv8vDBpucS4wIqNe7o4wWwHZf00xR
zTikHQQ9/ld6kG/y3ZeH5/8YM8skcttBUVDplHwiAwT+N3MdpCZDLbjmYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMq1J0bW+KWyNap2xLco+TEGc9FMB8GA1UdIwQY
MBaAFDRB61163boOWvv4Kox9MBrkG5GFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVIclhYcmR1ZzVhLV9ncWpIMHdHdVFia1lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9mNjQ2MzctYzdkZi00YTdjLWJkMTYt
MmQ3YjllOTE3ZTg3LzEva3lyVW5SdGI0cGJJMXFuYkV0eWo1TVFaejBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9mNjQ2MzctYzdkZi00YTdjLWJkMTYtMmQ3YjllOTE3ZTg3
LzEvTkVIclhYcmR1ZzVhLV9ncWpIMHdHdVFia1lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudTUMA0G
CSqGSIb3DQEBCwUAA4IBAQCO+lsqquLfMQnY5fU5zaAwKqDHOpJbYUV1YAQu56x3
vZkdVDlRZjM+Jq9jyzjgecBA11neR8WwzkbB+Wt1gXlnqts28mi3HSD647kSva9N
ivlZB7KxAlc1pe0qAnbMol8FMTdDoHhFZshGMJrgVPNk2GFwJ0lj0kqtkkQK8WIQ
3YYzFKzJWA3j9awf+yCieDPqb/pEwf6cQ3Jl3T1q3/BGGvKCawUupEmNhADsiajJ
hfr0AzmTHh3HzsLcyk3cSvnkkmgKUyxYenbzNLCkJ6FgW4UiFSwVnr0rAh5/WDJo
ZKscQW/j82NOxjoZpvG/yde0jFUT5yzydvWi67kBJBNx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:39 2025 by rpki-client