Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a1fdc8-a8b4-4254-883b-7227295c69d6/1/YgnVPKgxC7E2mlQz7JDplvddNvA.roa
File: YgnVPKgxC7E2mlQz7JDplvddNvA.roa (raw, json)
Hash identifier: d8WrhEGgBG5/w3gpiQHXFl5hMBjWzLtK93vwb9zFLZ0=
Subject key identifier: 62:09:D5:3C:A8:31:0B:B1:36:9A:54:33:EC:90:E9:96:F7:5D:36:F0
Certificate issuer: /CN=1d8258e93b7e4a2a21821aa99fd9cff6f324b5fc
Certificate serial: 0185708CA521576B08A46D3EC1156C2466C6
Authority key identifier: 1D:82:58:E9:3B:7E:4A:2A:21:82:1A:A9:9F:D9:CF:F6:F3:24:B5:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYJY6Tt-Siohghqpn9nP9vMktfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a1fdc8-a8b4-4254-883b-7227295c69d6/1/YgnVPKgxC7E2mlQz7JDplvddNvA.roa
Signing time: Mon 02 Jan 2023 03:35:43 +0000
ROA not before: Mon 02 Jan 2023 03:35:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199136
IP address blocks: 78.31.161.0/24 maxlen: 24
78.31.160.0/23 maxlen: 23
78.31.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a5:21:57:6b:08:a4:6d:3e:c1:15:6c:24:66:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8258e93b7e4a2a21821aa99fd9cff6f324b5fc
Validity
Not Before: Jan 2 03:35:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6209d53ca8310bb1369a5433ec90e996f75d36f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b7:26:ad:2a:79:e7:48:6a:14:b9:7e:51:d7:
13:ab:1a:32:f3:54:a0:a0:bb:53:72:ef:81:05:1a:
0d:8e:65:5b:23:69:89:c4:a5:84:c0:e1:4c:61:bf:
d8:7e:d6:04:3a:89:2b:a5:1b:e8:d4:a8:a7:96:d4:
54:35:d4:3a:8a:df:be:6d:e3:fa:de:96:7c:75:f1:
84:bf:b2:cc:35:9e:5a:cc:42:aa:f6:57:24:a2:03:
cd:b1:80:37:bf:29:64:5c:8f:d4:7b:94:6d:ee:7b:
54:d1:55:40:6e:2d:52:2f:b3:b7:5c:70:78:5d:99:
26:b6:58:fd:38:d3:7c:fe:ee:ac:c3:9f:37:43:fd:
6b:8c:19:14:bb:4a:f7:8b:c5:76:81:b7:2e:03:91:
32:5e:78:c2:65:34:a3:24:ef:31:e2:0b:fa:40:dd:
4b:0d:af:63:1a:d0:7c:d7:4e:55:92:19:b9:e7:57:
47:91:a4:9d:a2:27:20:21:fb:3a:ed:5d:27:ad:83:
eb:a3:01:6b:f8:ce:7b:a2:cf:4b:8b:5d:5b:8d:44:
27:fd:7f:3c:71:85:c0:57:77:0d:a1:0a:85:76:34:
68:8b:25:a7:43:7a:7c:9c:2f:c3:8f:13:46:16:fc:
3a:af:b0:77:5a:b4:7a:ad:74:a7:c2:94:39:7d:1b:
21:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:09:D5:3C:A8:31:0B:B1:36:9A:54:33:EC:90:E9:96:F7:5D:36:F0
X509v3 Authority Key Identifier:
keyid:1D:82:58:E9:3B:7E:4A:2A:21:82:1A:A9:9F:D9:CF:F6:F3:24:B5:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYJY6Tt-Siohghqpn9nP9vMktfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a1fdc8-a8b4-4254-883b-7227295c69d6/1/YgnVPKgxC7E2mlQz7JDplvddNvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a1fdc8-a8b4-4254-883b-7227295c69d6/1/HYJY6Tt-Siohghqpn9nP9vMktfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.160.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:d8:7f:5a:05:10:05:e6:d4:55:da:0c:bc:bd:ee:5f:5d:f0:
3c:8b:3a:98:64:66:99:f7:2d:07:ff:c5:2c:f2:1c:18:a0:11:
b9:86:0a:1a:fe:69:b1:b6:55:11:f7:01:92:ed:61:8d:e6:33:
1f:6f:56:e8:5a:be:e2:3a:9f:00:93:37:24:45:e1:13:e6:11:
5d:7c:1d:92:1a:f4:06:d7:a8:af:fd:9c:bc:c6:6d:74:9a:11:
e6:30:50:81:01:c8:07:d7:0d:b9:be:86:54:41:da:13:e4:31:
75:44:a2:f8:bc:b1:e3:bb:fa:19:a9:3a:e0:b5:40:fd:58:dc:
2a:fd:c0:84:ea:ae:ab:d1:cf:e1:87:a1:a0:ae:dd:6a:b2:96:
09:a2:27:43:8a:55:93:91:ba:c2:0c:ec:99:5e:f8:6a:c1:13:
f0:67:42:6b:cc:9e:61:2b:dd:6f:b0:e9:01:54:79:a7:61:9a:
d3:a5:5a:e0:07:49:a1:30:31:1c:67:99:8b:f8:21:80:c2:ab:
84:05:d0:e9:a7:64:ac:3c:90:97:a1:78:86:61:4e:d7:d9:cb:
e3:9b:ac:11:67:07:ab:6f:87:cc:2a:d0:f2:d9:15:40:41:eb:
c9:50:ea:48:95:9e:b5:56:55:5f:c1:77:43:e8:5c:f9:da:6d:
aa:4f:6a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKUhV2sIpG0+wRVsJGbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODI1OGU5M2I3ZTRhMmEyMTgyMWFhOTlmZDljZmY2ZjMy
NGI1ZmMwHhcNMjMwMTAyMDMzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA5ZDUzY2E4MzEwYmIxMzY5YTU0MzNlYzkwZTk5NmY3NWQzNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbcmrSp550hqFLl+UdcTqxoy81Sg
oLtTcu+BBRoNjmVbI2mJxKWEwOFMYb/YftYEOokrpRvo1KinltRUNdQ6it++beP6
3pZ8dfGEv7LMNZ5azEKq9lckogPNsYA3vylkXI/Ue5Rt7ntU0VVAbi1SL7O3XHB4
XZkmtlj9ONN8/u6sw583Q/1rjBkUu0r3i8V2gbcuA5EyXnjCZTSjJO8x4gv6QN1L
Da9jGtB8105Vkhm551dHkaSdoicgIfs67V0nrYProwFr+M57os9Li11bjUQn/X88
cYXAV3cNoQqFdjRoiyWnQ3p8nC/DjxNGFvw6r7B3WrR6rXSnwpQ5fRshcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIJ1TyoMQuxNppUM+yQ6Zb3XTbwMB8GA1UdIwQY
MBaAFB2CWOk7fkoqIYIaqZ/Zz/bzJLX8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlKWTZUdC1TaW9oZ2hxcG45blA5dk1rdGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMWZkYzgtYThiNC00MjU0LTg4M2It
NzIyNzI5NWM2OWQ2LzEvWWduVlBLZ3hDN0UybWxRejdKRHBsdmRkTnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMWZkYzgtYThiNC00MjU0LTg4M2ItNzIyNzI5NWM2OWQ2
LzEvSFlKWTZUdC1TaW9oZ2hxcG45blA5dk1rdGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTh+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBO2H9aBRAF5tRV2gy8ve5fXfA8izqYZGaZ9y0H/8Us
8hwYoBG5hgoa/mmxtlUR9wGS7WGN5jMfb1boWr7iOp8AkzckReET5hFdfB2SGvQG
16iv/Zy8xm10mhHmMFCBAcgH1w25voZUQdoT5DF1RKL4vLHju/oZqTrgtUD9WNwq
/cCE6q6r0c/hh6Ggrt1qspYJoidDilWTkbrCDOyZXvhqwRPwZ0JrzJ5hK91vsOkB
VHmnYZrTpVrgB0mhMDEcZ5mL+CGAwquEBdDpp2SsPJCXoXiGYU7X2cvjm6wRZwer
b4fMKtDy2RVAQevJUOpIlZ61VlVfwXdD6Fz52m2qT2oE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:55 2025 by rpki-client