Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/yOMpcNlNmXgMbH1yBHRnv8BKs1g.roa
File: yOMpcNlNmXgMbH1yBHRnv8BKs1g.roa (raw, json)
Hash identifier: YGY71MhvqfTDO/YCmQbbmO6fvRbKPzKRixKcU9VK10E=
Subject key identifier: C8:E3:29:70:D9:4D:99:78:0C:6C:7D:72:04:74:67:BF:C0:4A:B3:58
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 01856D9D1DE40897138AE78EC65151A4FC64
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/yOMpcNlNmXgMbH1yBHRnv8BKs1g.roa
Signing time: Sun 01 Jan 2023 13:54:51 +0000
ROA not before: Sun 01 Jan 2023 13:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 269788
IP address blocks: 82.118.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:1d:e4:08:97:13:8a:e7:8e:c6:51:51:a4:fc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Jan 1 13:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8e32970d94d99780c6c7d72047467bfc04ab358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:82:e4:dd:5c:bd:46:db:c8:68:9c:28:b0:
c3:13:1f:fa:8a:6f:d0:b7:3d:c1:e6:01:d5:14:48:
df:45:74:9c:65:c5:84:e3:2c:0a:6f:76:af:de:f9:
39:b5:ea:1b:9e:74:c3:8b:90:93:5a:ef:c5:20:b7:
fc:52:7f:d7:4c:d2:7e:14:7f:b9:08:29:c8:9d:0a:
9d:2a:f4:0f:71:29:b0:b8:2e:b1:49:ae:d6:9f:6d:
06:fe:30:66:50:60:6e:b9:ec:3c:04:13:8b:36:35:
03:d4:a6:b8:d2:43:34:18:cf:8b:c9:58:7d:91:f6:
f9:13:66:b4:30:99:0d:51:72:73:c2:b2:8c:60:05:
8d:72:c6:9e:c5:a3:34:03:2c:63:ee:35:5b:29:4a:
9b:44:02:7b:d4:cc:de:47:50:c2:38:2f:3a:51:dc:
0a:a7:9b:a8:95:31:64:57:3a:e2:b7:71:17:fa:b3:
f7:ec:69:1c:4f:4c:f0:82:eb:78:49:70:ba:14:fe:
3e:08:38:eb:d5:04:b0:07:6b:57:90:20:5e:c1:5d:
a6:98:9a:34:73:90:f1:fc:a2:87:fc:1b:f9:99:9c:
d5:c4:4a:81:3f:65:86:1d:b1:db:b1:d1:93:cf:ec:
20:d5:17:c7:6a:0a:34:38:59:58:f7:7d:0a:b6:1f:
3a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E3:29:70:D9:4D:99:78:0C:6C:7D:72:04:74:67:BF:C0:4A:B3:58
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/yOMpcNlNmXgMbH1yBHRnv8BKs1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.28.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:09:34:35:5a:95:47:40:07:1d:ed:6a:6c:b4:61:e0:a6:ef:
d3:40:21:fe:98:53:fd:5d:7b:2e:54:52:e8:6e:bd:1e:31:88:
35:7d:cc:ae:1c:5b:19:e7:fe:60:4a:94:7b:1c:a4:0e:c0:5c:
eb:64:6e:18:0b:a4:44:c4:fd:15:ab:44:14:92:a5:4a:2f:f0:
73:18:eb:5b:a8:ec:2b:c7:7a:4e:78:43:b6:77:cc:35:46:e7:
9f:67:ad:ab:3f:d8:75:00:d1:dd:94:5e:d2:21:17:3c:3e:35:
04:14:1d:0e:88:cd:b3:38:0a:46:d0:97:f0:22:a5:3e:5c:36:
1f:5e:25:84:6f:14:85:ad:93:eb:48:4e:5c:a7:3d:9a:e6:1a:
cb:bf:8f:fd:58:ee:8c:58:d2:89:55:03:80:a2:88:8f:02:3a:
53:78:12:a1:fa:26:7b:a7:c4:ea:87:54:9a:ce:99:a5:94:85:
0f:a6:14:11:c3:09:8e:ac:18:d2:de:1b:29:db:db:17:58:c4:
97:79:5d:4a:e2:b7:53:b5:c2:33:13:75:ac:96:3f:5f:73:72:
76:80:b5:8c:da:a3:18:0d:1e:d3:50:96:de:25:c4:c5:ef:fd:
87:e3:8f:64:d5:9a:ca:18:4f:8d:08:77:ca:b7:57:79:6a:7e:
b5:9d:3e:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnR3kCJcTiueOxlFRpPxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwMTAxMTM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUzMjk3MGQ5NGQ5OTc4MGM2YzdkNzIwNDc0NjdiZmMwNGFiMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrmC5N1cvUbbyGicKLDDEx/6im/Q
tz3B5gHVFEjfRXScZcWE4ywKb3av3vk5teobnnTDi5CTWu/FILf8Un/XTNJ+FH+5
CCnInQqdKvQPcSmwuC6xSa7Wn20G/jBmUGBuuew8BBOLNjUD1Ka40kM0GM+LyVh9
kfb5E2a0MJkNUXJzwrKMYAWNcsaexaM0Ayxj7jVbKUqbRAJ71MzeR1DCOC86UdwK
p5uolTFkVzrit3EX+rP37GkcT0zwgut4SXC6FP4+CDjr1QSwB2tXkCBewV2mmJo0
c5Dx/KKH/Bv5mZzVxEqBP2WGHbHbsdGTz+wg1RfHago0OFlY930Kth86WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjjKXDZTZl4DGx9cgR0Z7/ASrNYMB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEveU9NcGNObE5tWGdNYkgxeUJIUm52OEJLczFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnYcMA0G
CSqGSIb3DQEBCwUAA4IBAQCfCTQ1WpVHQAcd7WpstGHgpu/TQCH+mFP9XXsuVFLo
br0eMYg1fcyuHFsZ5/5gSpR7HKQOwFzrZG4YC6RExP0Vq0QUkqVKL/BzGOtbqOwr
x3pOeEO2d8w1RuefZ62rP9h1ANHdlF7SIRc8PjUEFB0OiM2zOApG0JfwIqU+XDYf
XiWEbxSFrZPrSE5cpz2a5hrLv4/9WO6MWNKJVQOAooiPAjpTeBKh+iZ7p8Tqh1Sa
zpmllIUPphQRwwmOrBjS3hsp29sXWMSXeV1K4rdTtcIzE3Wslj9fc3J2gLWM2qMY
DR7TUJbeJcTF7/2H449k1ZrKGE+NCHfKt1d5an61nT5G
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:54 2025 by rpki-client