Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/yyyMaIhQmgu1gx2JoLVq0QYpKZk.roa
File: yyyMaIhQmgu1gx2JoLVq0QYpKZk.roa (raw, json)
Hash identifier: 3TRWkcSo4rUM8iIpiXDTf20wFkoH3N6z0lds1Jm+K8M=
Subject key identifier: CB:2C:8C:68:88:50:9A:0B:B5:83:1D:89:A0:B5:6A:D1:06:29:29:99
Certificate issuer: /CN=beced78ac454f7c459bc13bdb4795a76703c8b98
Certificate serial: 01872D4E281C0BBFCF04C8B172BECAFC8FFD
Authority key identifier: BE:CE:D7:8A:C4:54:F7:C4:59:BC:13:BD:B4:79:5A:76:70:3C:8B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vs7XisRU98RZvBO9tHladnA8i5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/yyyMaIhQmgu1gx2JoLVq0QYpKZk.roa
Signing time: Wed 29 Mar 2023 12:18:29 +0000
ROA not before: Wed 29 Mar 2023 12:18:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206381
IP address blocks: 185.186.40.0/22 maxlen: 22
91.237.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:4e:28:1c:0b:bf:cf:04:c8:b1:72:be:ca:fc:8f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beced78ac454f7c459bc13bdb4795a76703c8b98
Validity
Not Before: Mar 29 12:18:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb2c8c6888509a0bb5831d89a0b56ad106292999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1c:35:dd:0c:02:d1:75:a7:6c:b4:3b:4f:f4:
b9:3b:82:f3:90:91:95:40:f8:f8:66:e4:e6:4f:c1:
6f:bf:0f:bb:34:d7:d7:ea:34:1c:2d:7b:a9:cd:9c:
a4:76:bc:66:8b:49:94:2f:08:a0:c1:aa:96:f5:6e:
1b:fa:a2:22:3a:5b:88:b0:bf:4b:9b:76:5a:92:54:
b6:f1:e9:23:9d:a9:85:ad:7b:f2:79:61:3f:20:c9:
70:6a:60:e8:96:2e:4a:81:25:8c:16:fc:b9:b8:37:
ad:e9:a6:aa:82:d0:e5:75:cd:f5:d2:e8:52:76:fc:
54:36:b5:89:28:4a:66:d1:9a:f0:a5:4d:9d:4d:7b:
a5:5f:1a:38:b3:e2:1d:ab:12:c3:49:19:48:2d:4d:
c3:42:c0:66:ae:57:03:12:94:ac:20:16:c1:6e:50:
f4:d4:a3:51:2e:61:8f:d9:bb:c3:02:fa:92:06:0e:
6a:b7:0b:a8:5c:d0:0b:3d:0f:ed:48:ee:d2:5c:7f:
b7:6b:67:92:5d:25:a2:15:55:2d:b1:ff:46:45:94:
2f:4e:1b:16:92:20:a2:68:3e:54:f7:14:5c:71:b7:
16:38:50:5f:b7:3c:09:b8:86:bc:45:3c:a2:87:5e:
8c:b3:1d:15:09:52:56:d4:be:f9:7f:36:fc:19:f3:
5b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2C:8C:68:88:50:9A:0B:B5:83:1D:89:A0:B5:6A:D1:06:29:29:99
X509v3 Authority Key Identifier:
keyid:BE:CE:D7:8A:C4:54:F7:C4:59:BC:13:BD:B4:79:5A:76:70:3C:8B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vs7XisRU98RZvBO9tHladnA8i5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/yyyMaIhQmgu1gx2JoLVq0QYpKZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/vs7XisRU98RZvBO9tHladnA8i5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.151.0/24
185.186.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:04:e8:2f:70:73:c5:f9:8a:7d:e6:ee:d1:56:50:88:73:8a:
83:e2:9f:ed:55:4c:1e:88:25:16:05:36:77:9c:bb:d0:88:fb:
76:d4:5e:dd:29:75:f9:cc:58:78:95:60:a4:29:0f:df:54:c1:
13:39:e1:6e:00:f8:2d:af:e9:53:db:a6:6f:3b:c5:ae:de:5f:
d0:ca:1e:bc:06:7b:27:f8:25:50:b2:1f:f8:e8:31:27:cd:5c:
f2:ed:b0:73:d5:e7:7e:af:33:e2:c1:dd:fe:69:26:e7:bf:e4:
fc:23:c7:a0:bf:61:db:ed:ab:e1:4c:fc:5a:7a:d1:ec:0c:55:
d9:c3:3e:72:99:dc:26:cc:77:27:fc:e2:f2:ff:3b:27:f7:27:
2c:24:36:ee:61:0b:c3:73:e0:31:8b:d4:2f:3e:13:73:46:34:
55:d5:d6:ac:b4:b8:4e:8b:37:2d:33:af:61:fb:b5:b1:de:cf:
64:2d:ea:c8:07:8c:c1:23:02:30:46:5b:5d:de:c1:96:5c:3c:
43:25:ce:7b:06:1c:42:f8:56:d4:9a:4e:93:3f:e8:b8:58:19:
57:1d:20:b8:fe:18:b6:cd:11:ef:80:24:ba:ec:96:64:cb:dd:
16:03:f9:8d:f9:03:cd:0e:ba:51:81:56:64:14:c9:60:f3:96:
c8:ec:d6:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYctTigcC7/PBMixcr7K/I/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlY2VkNzhhYzQ1NGY3YzQ1OWJjMTNiZGI0Nzk1YTc2NzAz
YzhiOTgwHhcNMjMwMzI5MTIxODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjJjOGM2ODg4NTA5YTBiYjU4MzFkODlhMGI1NmFkMTA2MjkyOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRw13QwC0XWnbLQ7T/S5O4LzkJGV
QPj4ZuTmT8Fvvw+7NNfX6jQcLXupzZykdrxmi0mULwigwaqW9W4b+qIiOluIsL9L
m3ZaklS28ekjnamFrXvyeWE/IMlwamDoli5KgSWMFvy5uDet6aaqgtDldc310uhS
dvxUNrWJKEpm0ZrwpU2dTXulXxo4s+IdqxLDSRlILU3DQsBmrlcDEpSsIBbBblD0
1KNRLmGP2bvDAvqSBg5qtwuoXNALPQ/tSO7SXH+3a2eSXSWiFVUtsf9GRZQvThsW
kiCiaD5U9xRccbcWOFBftzwJuIa8RTyih16Msx0VCVJW1L75fzb8GfNb2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMssjGiIUJoLtYMdiaC1atEGKSmZMB8GA1UdIwQY
MBaAFL7O14rEVPfEWbwTvbR5WnZwPIuYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnM3WGlzUlU5OFJadkJPOXRIbGFkbkE4aTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy81NjEzMWYtZmY5Yi00OWUxLWE3MmIt
MTZmYWE5MmNhNTNkLzEveXl5TWFJaFFtZ3UxZ3gySm9MVnEwUVlwS1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy81NjEzMWYtZmY5Yi00OWUxLWE3MmItMTZmYWE5MmNhNTNk
LzEvdnM3WGlzUlU5OFJadkJPOXRIbGFkbkE4aTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+2XAwQC
ubooMA0GCSqGSIb3DQEBCwUAA4IBAQAeBOgvcHPF+Yp95u7RVlCIc4qD4p/tVUwe
iCUWBTZ3nLvQiPt21F7dKXX5zFh4lWCkKQ/fVMETOeFuAPgtr+lT26ZvO8Wu3l/Q
yh68Bnsn+CVQsh/46DEnzVzy7bBz1ed+rzPiwd3+aSbnv+T8I8egv2Hb7avhTPxa
etHsDFXZwz5ymdwmzHcn/OLy/zsn9ycsJDbuYQvDc+Axi9QvPhNzRjRV1dastLhO
izctM69h+7Wx3s9kLerIB4zBIwIwRltd3sGWXDxDJc57BhxC+FbUmk6TP+i4WBlX
HSC4/hi2zRHvgCS67JZky90WA/mN+QPNDrpRgVZkFMlg85bI7NZR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:20 2025 by rpki-client