Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YSzAKNcBom3N4bYW_hmn6fjZteQ.roa
File: YSzAKNcBom3N4bYW_hmn6fjZteQ.roa (raw, json)
Hash identifier: 7l/RRmbOcSDWGzerA/+rQJ7jN2P+IFVuJQUNX5RVzUw=
Subject key identifier: 61:2C:C0:28:D7:01:A2:6D:CD:E1:B6:16:FE:19:A7:E9:F8:D9:B5:E4
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018431A8172DBAEB0C7C9CAE5885B59FE015
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YSzAKNcBom3N4bYW_hmn6fjZteQ.roa
Signing time: Tue 01 Nov 2022 05:26:50 +0000
ROA not before: Tue 01 Nov 2022 05:26:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.164.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:31:a8:17:2d:ba:eb:0c:7c:9c:ae:58:85:b5:9f:e0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 1 05:26:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=612cc028d701a26dcde1b616fe19a7e9f8d9b5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:0b:74:17:09:87:e0:2c:3e:ad:f5:5b:3a:51:
62:30:8a:12:86:c1:1c:02:b5:23:df:03:d7:b4:25:
c6:47:3e:20:a0:d7:00:54:e2:3f:85:ff:d7:34:46:
09:35:9f:a8:85:9c:2e:78:ac:e6:4a:8f:f8:ac:df:
25:3e:04:7a:91:e1:6a:5c:b5:2a:d4:33:59:5b:db:
91:72:22:6e:43:0d:b6:59:79:35:33:5d:56:61:ba:
19:37:d5:85:bd:b2:cf:cb:d5:a1:c0:b3:3b:cb:d7:
d9:9e:7e:df:be:12:51:4b:b7:2c:9e:bb:9f:de:5e:
80:e6:1d:28:88:8d:fd:9a:40:59:33:f7:5f:f4:eb:
2a:af:6f:26:e2:0b:fc:09:9e:0e:d5:68:f5:ad:1b:
67:09:ac:af:39:f5:9e:f7:68:75:d7:5b:8c:e6:c6:
6a:36:8d:80:68:46:d6:9e:41:22:cc:a9:67:ab:e1:
f2:3c:31:f3:a2:f8:70:e4:96:66:5e:a7:8a:1a:76:
71:e4:db:66:2e:44:a2:80:75:6e:86:1d:1f:f9:2b:
82:ee:1f:cb:c0:81:6a:73:2a:38:8b:e3:c9:75:85:
1f:14:3f:69:d9:80:aa:50:9d:19:8a:29:13:7d:5b:
a7:59:0a:1e:bb:1b:13:cf:a7:fc:58:60:56:0e:5b:
12:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2C:C0:28:D7:01:A2:6D:CD:E1:B6:16:FE:19:A7:E9:F8:D9:B5:E4
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YSzAKNcBom3N4bYW_hmn6fjZteQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/22
109.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:64:d8:54:41:af:c7:fa:30:bf:51:00:28:84:d7:7e:eb:d4:
d7:c3:5b:0c:6d:ed:75:1f:58:06:e6:03:43:c7:e3:8e:b2:00:
83:ed:16:32:ea:1f:ed:ef:bd:d1:c5:d8:cc:87:a9:b5:dc:e7:
36:d8:4f:ab:42:92:84:b6:5e:48:df:ec:d5:8a:56:31:df:b5:
94:3e:e0:a7:24:a1:82:d6:56:b4:cb:a9:ab:be:e7:92:e6:9b:
60:eb:e7:38:fb:df:b8:30:11:c3:49:66:cd:b9:df:2e:8b:e7:
a8:ee:0a:0d:fd:9f:9a:80:7c:35:fc:60:bc:a1:1b:bd:5e:29:
2a:9c:5f:47:cd:64:86:0d:f1:fe:f2:a4:ff:ef:57:13:57:c1:
3e:10:26:f9:b2:34:5d:cb:65:eb:84:28:aa:84:52:71:1d:fd:
d9:ff:cb:43:0e:72:c6:e0:72:0d:b1:72:4d:68:b0:ba:b3:f0:
cb:bc:b3:76:83:30:7d:52:5f:26:f8:57:01:b5:9b:da:08:b0:
c0:9b:e4:8d:4a:02:00:f4:c0:05:a1:f9:2d:4c:0f:43:0b:08:
4d:57:40:d8:dd:3d:1f:6b:05:b8:d3:37:06:bc:5d:18:3e:64:
6f:25:3e:37:49:98:d4:e3:28:ed:10:1f:f4:a4:67:d6:e6:16:
0c:d2:95:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQxqBctuusMfJyuWIW1n+AVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTAxMDUyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTJjYzAyOGQ3MDFhMjZkY2RlMWI2MTZmZTE5YTdlOWY4ZDliNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Qt0FwmH4Cw+rfVbOlFiMIoShsEc
ArUj3wPXtCXGRz4goNcAVOI/hf/XNEYJNZ+ohZwueKzmSo/4rN8lPgR6keFqXLUq
1DNZW9uRciJuQw22WXk1M11WYboZN9WFvbLPy9WhwLM7y9fZnn7fvhJRS7csnruf
3l6A5h0oiI39mkBZM/df9Osqr28m4gv8CZ4O1Wj1rRtnCayvOfWe92h111uM5sZq
No2AaEbWnkEizKlnq+HyPDHzovhw5JZmXqeKGnZx5NtmLkSigHVuhh0f+SuC7h/L
wIFqcyo4i+PJdYUfFD9p2YCqUJ0ZiikTfVunWQoeuxsTz6f8WGBWDlsS8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEswCjXAaJtzeG2Fv4Zp+n42bXkMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWVN6QUtOY0JvbTNONGJZV19obW42ZmpadGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJTGUAwQC
bcukMA0GCSqGSIb3DQEBCwUAA4IBAQCOZNhUQa/H+jC/UQAohNd+69TXw1sMbe11
H1gG5gNDx+OOsgCD7RYy6h/t773RxdjMh6m13Oc22E+rQpKEtl5I3+zVilYx37WU
PuCnJKGC1la0y6mrvueS5ptg6+c4+9+4MBHDSWbNud8ui+eo7goN/Z+agHw1/GC8
oRu9XikqnF9HzWSGDfH+8qT/71cTV8E+ECb5sjRdy2XrhCiqhFJxHf3Z/8tDDnLG
4HINsXJNaLC6s/DLvLN2gzB9Ul8m+FcBtZvaCLDAm+SNSgIA9MAFofktTA9DCwhN
V0DY3T0fawW40zcGvF0YPmRvJT43SZjU4yjtEB/0pGfW5hYM0pV0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:40 2025 by rpki-client