Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3567b2-c430-41fe-a2ca-163dbd377e4f/1/ymXMeN8SfzNxVdlurymLspzqyBM.roa
File: ymXMeN8SfzNxVdlurymLspzqyBM.roa (raw, json)
Hash identifier: VUr3765noKohKfU75hEpZWPWARqrYb7VK1CfCu1X7gs=
Subject key identifier: CA:65:CC:78:DF:12:7F:33:71:55:D9:6E:AF:29:8B:B2:9C:EA:C8:13
Certificate issuer: /CN=ec5ac135c2e679626a07248960314454c2c933c6
Certificate serial: 01856B8A1053BC97CA9FBBB74056C9BE92A0
Authority key identifier: EC:5A:C1:35:C2:E6:79:62:6A:07:24:89:60:31:44:54:C2:C9:33:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FrBNcLmeWJqBySJYDFEVMLJM8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3567b2-c430-41fe-a2ca-163dbd377e4f/1/ymXMeN8SfzNxVdlurymLspzqyBM.roa
Signing time: Sun 01 Jan 2023 04:14:48 +0000
ROA not before: Sun 01 Jan 2023 04:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35735
IP address blocks: 91.208.110.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:10:53:bc:97:ca:9f:bb:b7:40:56:c9:be:92:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec5ac135c2e679626a07248960314454c2c933c6
Validity
Not Before: Jan 1 04:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca65cc78df127f337155d96eaf298bb29ceac813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:86:1f:24:7d:cf:52:20:27:39:4e:05:62:
96:80:68:76:89:58:f0:04:1e:34:d1:b1:26:46:bd:
fb:44:88:35:55:5a:49:36:c5:8c:1f:d9:a1:92:47:
69:8e:ff:a3:69:f1:3d:fe:4f:64:1f:87:ee:40:5a:
13:0f:04:b0:93:89:3a:42:14:1d:76:c2:bc:22:3b:
18:60:0f:06:13:a2:e6:cb:7b:8e:4b:44:28:3c:16:
dc:c2:82:b9:d6:fc:c0:04:31:2a:f0:24:95:67:5c:
a0:05:2b:4c:b9:80:d9:f7:fa:f9:b5:e2:f7:8f:b7:
62:8b:63:d7:56:46:c2:43:95:e5:8b:63:b8:1b:ff:
85:c9:08:9d:4f:11:7a:5b:fb:49:00:77:86:93:5a:
db:b9:43:12:3a:9e:e5:11:8d:65:e9:71:ae:49:b8:
3c:cb:9c:1f:c5:34:c2:b9:0c:94:16:72:af:e2:2b:
44:ce:80:1b:dd:5c:cd:6f:e1:5f:07:87:6a:64:f5:
91:81:15:e2:41:f9:e9:3c:d1:73:14:4a:18:33:52:
26:95:ec:7c:56:a0:cc:86:72:4e:b8:a7:cd:d7:c6:
f8:db:78:4d:c6:85:ad:a9:00:bd:49:06:c8:db:27:
b0:49:54:1a:8a:5c:60:01:e7:39:a2:29:02:b4:c2:
12:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:65:CC:78:DF:12:7F:33:71:55:D9:6E:AF:29:8B:B2:9C:EA:C8:13
X509v3 Authority Key Identifier:
keyid:EC:5A:C1:35:C2:E6:79:62:6A:07:24:89:60:31:44:54:C2:C9:33:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FrBNcLmeWJqBySJYDFEVMLJM8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3567b2-c430-41fe-a2ca-163dbd377e4f/1/ymXMeN8SfzNxVdlurymLspzqyBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3567b2-c430-41fe-a2ca-163dbd377e4f/1/7FrBNcLmeWJqBySJYDFEVMLJM8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.110.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:1d:19:c1:d5:20:1c:d8:39:81:af:53:80:3e:3e:99:e2:b4:
44:54:45:30:1a:ae:ff:5a:56:92:8d:18:b1:f7:3d:64:60:46:
30:90:ec:d4:2c:82:a6:4c:37:95:1c:d2:75:eb:27:31:4f:e1:
7c:e5:ee:23:3c:c2:8f:a1:1f:4c:eb:77:01:44:b8:da:1c:cd:
69:84:88:d0:c3:83:3d:f9:61:8f:ac:c1:5d:31:e3:d6:05:b5:
97:98:84:5e:91:33:80:19:73:3a:50:14:c5:cb:57:da:88:6b:
2f:b0:55:42:23:de:a9:8e:c3:2e:b3:b5:98:21:4a:d2:84:e1:
f6:23:a2:45:66:58:74:ae:0a:af:1e:80:65:6e:21:eb:3b:45:
7b:33:dd:02:9e:23:aa:56:92:6b:38:4a:ba:f7:6d:db:2e:c3:
3c:fb:49:83:54:4e:8a:5f:55:b0:3f:ff:b3:62:04:0c:c1:4f:
1c:63:b1:20:e3:fd:8d:82:0b:1a:38:74:22:a1:c5:c0:dd:30:
b3:63:af:f9:2d:06:79:9b:c6:6d:8b:7f:58:9c:7a:fe:90:fc:
5e:2a:68:cc:17:25:58:43:cf:30:71:b8:62:37:a0:ff:73:0c:
66:cd:d2:81:cf:7d:7e:46:b1:75:66:ef:43:31:39:79:20:36:
d8:32:92:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrihBTvJfKn7u3QFbJvpKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWFjMTM1YzJlNjc5NjI2YTA3MjQ4OTYwMzE0NDU0YzJj
OTMzYzYwHhcNMjMwMTAxMDQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY1Y2M3OGRmMTI3ZjMzNzE1NWQ5NmVhZjI5OGJiMjljZWFjODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwyGHyR9z1IgJzlOBWKWgGh2iVjw
BB400bEmRr37RIg1VVpJNsWMH9mhkkdpjv+jafE9/k9kH4fuQFoTDwSwk4k6QhQd
dsK8IjsYYA8GE6Lmy3uOS0QoPBbcwoK51vzABDEq8CSVZ1ygBStMuYDZ9/r5teL3
j7dii2PXVkbCQ5Xli2O4G/+FyQidTxF6W/tJAHeGk1rbuUMSOp7lEY1l6XGuSbg8
y5wfxTTCuQyUFnKv4itEzoAb3VzNb+FfB4dqZPWRgRXiQfnpPNFzFEoYM1Imlex8
VqDMhnJOuKfN18b423hNxoWtqQC9SQbI2yewSVQailxgAec5oikCtMISowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMplzHjfEn8zcVXZbq8pi7Kc6sgTMB8GA1UdIwQY
MBaAFOxawTXC5nliagckiWAxRFTCyTPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZyQk5jTG1lV0pxQnlTSllERkVWTUxKTThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zNTY3YjItYzQzMC00MWZlLWEyY2Et
MTYzZGJkMzc3ZTRmLzEveW1YTWVOOFNmek54VmRsdXJ5bUxzcHpxeUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zNTY3YjItYzQzMC00MWZlLWEyY2EtMTYzZGJkMzc3ZTRm
LzEvN0ZyQk5jTG1lV0pxQnlTSllERkVWTUxKTThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BuMA0G
CSqGSIb3DQEBCwUAA4IBAQBtHRnB1SAc2DmBr1OAPj6Z4rREVEUwGq7/WlaSjRix
9z1kYEYwkOzULIKmTDeVHNJ16ycxT+F85e4jPMKPoR9M63cBRLjaHM1phIjQw4M9
+WGPrMFdMePWBbWXmIRekTOAGXM6UBTFy1faiGsvsFVCI96pjsMus7WYIUrShOH2
I6JFZlh0rgqvHoBlbiHrO0V7M90CniOqVpJrOEq6923bLsM8+0mDVE6KX1WwP/+z
YgQMwU8cY7Eg4/2NggsaOHQiocXA3TCzY6/5LQZ5m8Zti39YnHr+kPxeKmjMFyVY
Q88wcbhiN6D/cwxmzdKBz31+RrF1Zu9DMTl5IDbYMpIi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:45 2025 by rpki-client