Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/yVsWY3O7D58C9SK3FA8BxNa7An4.roa
File: yVsWY3O7D58C9SK3FA8BxNa7An4.roa (raw, json)
Hash identifier: 4wpEOWmjwmwPtUc1Zl3U/hvAdk9oO9wX03xaJydyANQ=
Subject key identifier: C9:5B:16:63:73:BB:0F:9F:02:F5:22:B7:14:0F:01:C4:D6:BB:02:7E
Certificate issuer: /CN=334b09743ed2afd6afb47c58360ee3112a95cd34
Certificate serial: 018ED334A6DCD943261E8882E978DD73C9A1
Authority key identifier: 33:4B:09:74:3E:D2:AF:D6:AF:B4:7C:58:36:0E:E3:11:2A:95:CD:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/yVsWY3O7D58C9SK3FA8BxNa7An4.roa
Signing time: Fri 12 Apr 2024 16:47:06 +0000
ROA not before: Fri 12 Apr 2024 16:47:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205053
IP address blocks: 185.226.64.0/24 maxlen: 24
185.226.65.0/24 maxlen: 24
185.226.66.0/24 maxlen: 24
185.226.67.0/24 maxlen: 24
213.134.5.0/24 maxlen: 24
2a0c:5e00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:34:a6:dc:d9:43:26:1e:88:82:e9:78:dd:73:c9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=334b09743ed2afd6afb47c58360ee3112a95cd34
Validity
Not Before: Apr 12 16:47:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c95b166373bb0f9f02f522b7140f01c4d6bb027e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d7:85:8b:51:64:fc:dd:f3:ca:71:05:b9:c9:
0a:61:79:a7:f6:bc:d8:a9:7a:ec:c8:6b:25:92:ca:
72:7b:86:d0:ff:c0:75:71:66:9a:34:10:70:8c:22:
fa:a7:a1:74:c9:de:fb:4a:ae:c3:45:6d:5d:ba:87:
7d:4b:c2:7f:8c:c0:ef:a4:17:ba:88:11:cf:f3:25:
ea:3e:aa:2b:9e:69:2d:2d:1d:57:a7:ee:99:88:62:
c5:d7:50:31:2c:8d:cb:f4:63:08:74:b6:17:b4:ec:
9c:fa:cc:2b:7b:a4:0e:1e:df:f6:eb:fb:a2:d7:f5:
fa:e0:c3:a2:0a:a1:af:31:e6:ae:e5:a5:35:e9:fe:
3c:a6:f0:e0:d6:a7:1f:24:88:cd:56:7a:6e:8b:dd:
da:97:7c:ea:5c:56:b6:d5:ba:28:d0:d7:08:38:f9:
83:78:c3:d8:23:f5:6d:7e:7a:14:2b:ed:fb:a5:49:
ac:14:bc:f6:e1:af:83:19:1c:c9:38:60:5b:d7:ac:
c8:9e:27:13:f1:aa:37:29:a8:95:97:f8:a4:97:a0:
73:65:bd:02:f8:61:67:19:c6:ff:d7:0a:fb:6b:28:
20:51:23:0c:a6:73:fb:3f:91:49:42:ad:9f:61:98:
f3:9e:56:a8:55:bf:2c:8d:ea:d0:da:2a:b8:71:10:
ad:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5B:16:63:73:BB:0F:9F:02:F5:22:B7:14:0F:01:C4:D6:BB:02:7E
X509v3 Authority Key Identifier:
keyid:33:4B:09:74:3E:D2:AF:D6:AF:B4:7C:58:36:0E:E3:11:2A:95:CD:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/yVsWY3O7D58C9SK3FA8BxNa7An4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.64.0/22
213.134.5.0/24
IPv6:
2a0c:5e00::/48
Signature Algorithm: sha256WithRSAEncryption
a0:42:28:e6:d0:b4:49:20:c9:b3:cf:c4:6b:9b:82:c5:41:39:
3f:ac:14:a4:b0:a7:47:14:2e:d0:c4:78:81:2f:71:b2:5c:7e:
2c:31:48:1f:92:74:a6:7d:3a:e0:3e:77:dd:40:4f:d1:ab:72:
b5:de:42:c5:05:91:9b:e8:d9:ba:33:0f:7f:da:3f:86:37:16:
a9:29:4d:26:5f:7a:6b:89:f1:ec:01:13:ed:47:1a:4b:2c:ec:
ee:99:d8:81:a0:b1:63:d0:bc:c9:59:44:32:87:83:2f:da:88:
3a:d4:ad:2f:02:ab:6a:60:d0:90:52:e6:08:b5:b6:7d:38:9d:
43:04:73:11:56:c0:bb:09:de:bc:0a:f8:7f:78:3d:54:29:02:
c5:36:d4:06:71:25:c9:06:86:e0:59:36:82:e9:73:76:3f:40:
74:7e:43:9e:e8:eb:90:b2:2c:f8:0f:2b:bd:21:fe:6d:80:ea:
bd:8b:28:7e:51:0a:75:55:fa:4b:12:8d:96:df:45:a0:b9:3d:
c5:15:ff:39:1d:86:f0:9c:0a:f9:61:3d:b9:00:22:f1:59:f7:
18:64:35:1f:50:bf:ab:cc:87:e7:8c:63:b9:37:1a:75:05:04:
10:1d:82:24:13:b2:35:eb:01:94:8d:31:d9:90:09:b8:07:d0:
ca:8d:9f:d6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY7TNKbc2UMmHoiC6Xjdc8mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNGIwOTc0M2VkMmFmZDZhZmI0N2M1ODM2MGVlMzExMmE5
NWNkMzQwHhcNMjQwNDEyMTY0NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTViMTY2MzczYmIwZjlmMDJmNTIyYjcxNDBmMDFjNGQ2YmIwMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9eFi1Fk/N3zynEFuckKYXmn9rzY
qXrsyGslkspye4bQ/8B1cWaaNBBwjCL6p6F0yd77Sq7DRW1duod9S8J/jMDvpBe6
iBHP8yXqPqornmktLR1Xp+6ZiGLF11AxLI3L9GMIdLYXtOyc+swre6QOHt/26/ui
1/X64MOiCqGvMeau5aU16f48pvDg1qcfJIjNVnpui93al3zqXFa21boo0NcIOPmD
eMPYI/VtfnoUK+37pUmsFLz24a+DGRzJOGBb16zInicT8ao3KaiVl/ikl6BzZb0C
+GFnGcb/1wr7ayggUSMMpnP7P5FJQq2fYZjznlaoVb8sjerQ2iq4cRCtUQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMlbFmNzuw+fAvUitxQPAcTWuwJ+MB8GA1UdIwQY
MBaAFDNLCXQ+0q/Wr7R8WDYO4xEqlc00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTBzSmREN1NyOWF2dEh4WU5nN2pFU3FWelRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jZDQxMGYtOWRlNC00ZDgyLTgwOTEt
NTllNzkyZmUxNGNjLzEveVZzV1kzTzdENThDOVNLM0ZBOEJ4TmE3QW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jZDQxMGYtOWRlNC00ZDgyLTgwOTEtNTllNzkyZmUxNGNj
LzEvTTBzSmREN1NyOWF2dEh4WU5nN2pFU3FWelRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCueJAAwQA
1YYFMA8EAgACMAkDBwAqDF4AAAAwDQYJKoZIhvcNAQELBQADggEBAKBCKObQtEkg
ybPPxGubgsVBOT+sFKSwp0cULtDEeIEvcbJcfiwxSB+SdKZ9OuA+d91AT9GrcrXe
QsUFkZvo2bozD3/aP4Y3FqkpTSZfemuJ8ewBE+1HGkss7O6Z2IGgsWPQvMlZRDKH
gy/aiDrUrS8Cq2pg0JBS5gi1tn04nUMEcxFWwLsJ3rwK+H94PVQpAsU21AZxJckG
huBZNoLpc3Y/QHR+Q57o65CyLPgPK70h/m2A6r2LKH5RCnVV+ksSjZbfRaC5PcUV
/zkdhvCcCvlhPbkAIvFZ9xhkNR9Qv6vMh+eMY7k3GnUFBBAdgiQTsjXrAZSNMdmQ
CbgH0MqNn9Y=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:53 2025 by rpki-client