Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/yl__NBzNFzf8LQxqGcKqd7L0wC0.roa
File: yl__NBzNFzf8LQxqGcKqd7L0wC0.roa (raw, json)
Hash identifier: wr/lr3XcuixiFtDMsunwiW/2MjbHOe0pD3dJqnVJKPE=
Subject key identifier: CA:5F:FF:34:1C:CD:17:37:FC:2D:0C:6A:19:C2:AA:77:B2:F4:C0:2D
Certificate issuer: /CN=43e6eca34dc70c1f1bf1c4dd1b0a82093b354b72
Certificate serial: 01856D9D23FDC785EF5AF32CE8E72E893CC3
Authority key identifier: 43:E6:EC:A3:4D:C7:0C:1F:1B:F1:C4:DD:1B:0A:82:09:3B:35:4B:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-bso03HDB8b8cTdGwqCCTs1S3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/yl__NBzNFzf8LQxqGcKqd7L0wC0.roa
Signing time: Sun 01 Jan 2023 13:54:52 +0000
ROA not before: Sun 01 Jan 2023 13:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 45.132.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:23:fd:c7:85:ef:5a:f3:2c:e8:e7:2e:89:3c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e6eca34dc70c1f1bf1c4dd1b0a82093b354b72
Validity
Not Before: Jan 1 13:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca5fff341ccd1737fc2d0c6a19c2aa77b2f4c02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cd:e0:e7:d4:a2:01:c3:38:ad:98:85:c4:fc:
af:48:c6:a1:52:be:94:52:02:09:e4:2e:52:f9:a8:
aa:2c:a0:76:86:4d:b7:a3:0f:ce:ef:ca:e0:9c:09:
45:23:9c:4e:ad:29:20:fa:e6:d6:06:29:15:50:f4:
a3:05:d2:5f:39:0b:0b:44:db:49:c6:81:e8:61:1e:
fb:2c:49:47:db:88:cf:e4:92:15:61:21:cd:ab:3a:
7e:e3:cc:4c:8c:28:de:62:0d:08:36:22:db:89:14:
b0:1d:0f:9d:fe:73:93:b9:42:0f:3c:7d:8c:0e:4d:
85:3c:e2:de:b8:d2:71:e1:ed:7a:06:82:c9:bd:92:
4c:e2:ae:86:5c:a5:c9:e3:a5:04:20:8f:37:45:96:
fd:65:26:61:e5:f9:94:fc:83:da:01:2a:46:98:05:
03:fd:5f:7b:9b:f4:5f:3a:0f:cb:09:e0:5f:fc:89:
bf:2c:01:17:62:59:b8:20:d8:d3:8d:88:71:43:2e:
0d:d3:56:9f:37:00:c6:41:7f:0a:1a:11:de:e0:3e:
b2:5f:ec:1d:88:2c:03:e8:8c:87:8e:ee:95:7b:99:
ea:a5:ab:9d:d3:6c:c6:bc:05:97:71:a2:f3:b7:66:
4d:ca:af:e2:38:f1:c6:c5:dc:8d:4b:33:f8:1e:83:
11:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:5F:FF:34:1C:CD:17:37:FC:2D:0C:6A:19:C2:AA:77:B2:F4:C0:2D
X509v3 Authority Key Identifier:
keyid:43:E6:EC:A3:4D:C7:0C:1F:1B:F1:C4:DD:1B:0A:82:09:3B:35:4B:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-bso03HDB8b8cTdGwqCCTs1S3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/yl__NBzNFzf8LQxqGcKqd7L0wC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/Q-bso03HDB8b8cTdGwqCCTs1S3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.3.0/24
Signature Algorithm: sha256WithRSAEncryption
55:3a:99:d1:c1:8a:7e:a7:9a:7c:93:33:cb:89:ef:08:0c:8e:
1f:a1:ab:6b:22:39:ad:13:c7:73:b8:aa:e1:65:2b:75:8f:45:
66:1c:bd:05:24:95:cf:6d:ea:70:5a:d7:4d:29:0e:ce:4c:5b:
be:6d:94:49:6b:df:ea:84:ac:da:60:65:4c:f7:48:65:40:53:
20:98:77:4f:87:e0:27:61:08:89:4d:8a:ae:0e:35:63:d0:d7:
4e:39:36:db:e7:c4:23:1d:46:44:ca:17:e1:5a:b2:80:95:59:
37:88:d1:f6:db:db:3b:03:01:9a:4d:84:b3:3a:72:da:5d:67:
b1:e9:1d:b1:44:0e:81:97:cb:0f:bd:5b:ea:37:83:48:00:af:
ee:36:06:ba:14:3a:5b:fb:42:e8:08:bd:d0:44:32:c8:9b:2f:
36:a5:77:8c:ca:16:ef:f7:58:f0:d4:75:2f:c7:4b:00:55:dc:
ab:2d:20:c5:a5:6b:73:a5:12:7b:cd:26:01:82:c9:ac:ee:97:
65:2c:40:36:81:16:aa:32:12:c1:d0:73:6e:8b:ae:3e:c1:de:
7a:80:0f:87:7d:fc:62:0f:b2:87:ff:12:12:fa:88:06:3f:d1:
0d:4a:63:f2:08:b4:19:81:40:90:77:ad:5a:28:db:0f:ea:37:
46:8d:d6:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnSP9x4XvWvMs6OcuiTzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTZlY2EzNGRjNzBjMWYxYmYxYzRkZDFiMGE4MjA5M2Iz
NTRiNzIwHhcNMjMwMTAxMTM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTVmZmYzNDFjY2QxNzM3ZmMyZDBjNmExOWMyYWE3N2IyZjRjMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM3g59SiAcM4rZiFxPyvSMahUr6U
UgIJ5C5S+aiqLKB2hk23ow/O78rgnAlFI5xOrSkg+ubWBikVUPSjBdJfOQsLRNtJ
xoHoYR77LElH24jP5JIVYSHNqzp+48xMjCjeYg0INiLbiRSwHQ+d/nOTuUIPPH2M
Dk2FPOLeuNJx4e16BoLJvZJM4q6GXKXJ46UEII83RZb9ZSZh5fmU/IPaASpGmAUD
/V97m/RfOg/LCeBf/Im/LAEXYlm4INjTjYhxQy4N01afNwDGQX8KGhHe4D6yX+wd
iCwD6IyHju6Ve5nqpaud02zGvAWXcaLzt2ZNyq/iOPHGxdyNSzP4HoMRHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpf/zQczRc3/C0MahnCqney9MAtMB8GA1UdIwQY
MBaAFEPm7KNNxwwfG/HE3RsKggk7NUtyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1ic28wM0hEQjhiOGNUZEd3cUNDVHMxUzNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kYjAyZjQtMzkwOC00Njc0LWEwYzQt
MDM2NGNiZTliYWI4LzEveWxfX05Cek5GemY4TFF4cUdjS3FkN0wwd0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kYjAyZjQtMzkwOC00Njc0LWEwYzQtMDM2NGNiZTliYWI4
LzEvUS1ic28wM0hEQjhiOGNUZEd3cUNDVHMxUzNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYQDMA0G
CSqGSIb3DQEBCwUAA4IBAQBVOpnRwYp+p5p8kzPLie8IDI4foatrIjmtE8dzuKrh
ZSt1j0VmHL0FJJXPbepwWtdNKQ7OTFu+bZRJa9/qhKzaYGVM90hlQFMgmHdPh+An
YQiJTYquDjVj0NdOOTbb58QjHUZEyhfhWrKAlVk3iNH229s7AwGaTYSzOnLaXWex
6R2xRA6Bl8sPvVvqN4NIAK/uNga6FDpb+0LoCL3QRDLImy82pXeMyhbv91jw1HUv
x0sAVdyrLSDFpWtzpRJ7zSYBgsms7pdlLEA2gRaqMhLB0HNui64+wd56gA+Hffxi
D7KH/xIS+ogGP9ENSmPyCLQZgUCQd61aKNsP6jdGjdaq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:09 2025 by rpki-client