Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/873136-09d6-42aa-b41c-4ec1036861e5/1/YNr3mjiZWPzcR-CzBEB0HeWQrPw.roa
File: YNr3mjiZWPzcR-CzBEB0HeWQrPw.roa (raw, json)
Hash identifier: rQzhq+2YXGRaB+k2ptUVnVBUXOK5IcOq7nmNaqCZBzg=
Subject key identifier: 60:DA:F7:9A:38:99:58:FC:DC:47:E0:B3:04:40:74:1D:E5:90:AC:FC
Certificate issuer: /CN=a230b6ac20967aa7c078f0a4bb7266980522f1c9
Certificate serial: 01856F5DED70BC199784EB3E92C520A19434
Authority key identifier: A2:30:B6:AC:20:96:7A:A7:C0:78:F0:A4:BB:72:66:98:05:22:F1:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojC2rCCWeqfAePCku3JmmAUi8ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/873136-09d6-42aa-b41c-4ec1036861e5/1/YNr3mjiZWPzcR-CzBEB0HeWQrPw.roa
Signing time: Sun 01 Jan 2023 22:05:04 +0000
ROA not before: Sun 01 Jan 2023 22:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28886
IP address blocks: 217.28.51.0/24 maxlen: 24
217.28.48.0/20 maxlen: 20
217.28.48.0/21 maxlen: 21
217.28.58.0/24 maxlen: 24
217.28.56.0/23 maxlen: 23
217.28.60.0/22 maxlen: 22
185.13.152.0/22 maxlen: 22
2a02:2880::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:ed:70:bc:19:97:84:eb:3e:92:c5:20:a1:94:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a230b6ac20967aa7c078f0a4bb7266980522f1c9
Validity
Not Before: Jan 1 22:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60daf79a389958fcdc47e0b30440741de590acfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:08:e7:1d:f6:a4:0e:6d:87:f8:69:12:c9:5d:
ba:8d:d1:c2:e2:4f:7e:64:42:e1:10:07:57:60:1e:
90:bf:9c:0d:7c:f8:66:0d:fb:1e:85:7e:01:8d:6d:
d8:a9:43:08:34:98:33:30:a0:fb:51:d2:3a:ae:62:
60:26:06:c4:97:09:db:e3:c1:77:7a:46:f2:ea:61:
7e:1d:f0:46:31:ef:1a:c5:7e:5c:3d:33:ac:cf:9d:
6e:42:a6:08:f5:de:46:a1:f5:4f:0c:36:55:62:be:
84:1e:e5:f1:1b:11:bf:f5:f6:b7:7a:dd:a4:9c:27:
9f:2f:b0:8c:8b:93:35:3b:45:a3:4f:1b:76:72:c7:
06:a6:2d:54:3b:53:80:49:e5:85:ff:ab:7d:fc:16:
27:28:59:c2:57:8d:5c:42:5c:79:87:24:16:ee:8c:
dd:6d:25:5c:e3:eb:d0:bf:cf:0a:ae:3a:b2:22:2f:
6b:e8:53:9f:ec:c0:3f:6b:17:8d:ce:83:20:4d:cc:
7f:92:1f:6c:f5:d0:38:28:71:01:a9:02:14:b6:8c:
c7:35:7b:23:fe:2a:36:a3:1f:e2:84:18:2d:09:72:
e3:07:0c:c1:e2:88:d6:46:81:74:46:1f:ec:cc:4a:
ab:ee:c0:f6:c7:f4:5b:83:a9:ce:96:54:4a:9d:27:
32:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DA:F7:9A:38:99:58:FC:DC:47:E0:B3:04:40:74:1D:E5:90:AC:FC
X509v3 Authority Key Identifier:
keyid:A2:30:B6:AC:20:96:7A:A7:C0:78:F0:A4:BB:72:66:98:05:22:F1:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojC2rCCWeqfAePCku3JmmAUi8ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/873136-09d6-42aa-b41c-4ec1036861e5/1/YNr3mjiZWPzcR-CzBEB0HeWQrPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/873136-09d6-42aa-b41c-4ec1036861e5/1/ojC2rCCWeqfAePCku3JmmAUi8ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.152.0/22
217.28.48.0/20
IPv6:
2a02:2880::/32
Signature Algorithm: sha256WithRSAEncryption
73:f3:fc:8f:96:f1:7a:9c:7c:70:a5:93:74:67:bb:1f:59:39:
f4:8a:88:29:83:1f:23:a3:b9:be:19:75:57:d4:cd:85:c8:47:
e1:54:1b:45:5f:25:dc:59:f4:ce:eb:71:74:97:54:74:1b:58:
9e:4d:73:3f:8b:60:59:47:f0:44:26:bf:18:1d:8e:76:a7:3f:
d7:0d:72:5f:e2:97:60:b2:ae:f9:d5:f3:7b:16:8d:43:63:f2:
1a:90:be:45:10:bb:d2:39:d2:0c:6a:08:b7:5d:f4:c0:6d:b6:
a8:43:6a:55:6a:bd:e1:e1:91:37:34:75:df:91:8c:99:d4:f2:
e5:9f:3a:d0:f9:a6:67:ff:a3:35:33:85:10:20:00:e0:a8:3a:
85:4d:17:32:ef:00:64:30:37:06:12:4d:35:14:7b:75:9f:da:
b1:03:aa:19:9e:2d:e7:8f:dd:95:54:bd:66:8a:28:bb:ad:0d:
bf:01:1d:e7:46:73:1f:c8:e1:96:8a:59:b8:00:20:43:3f:52:
4e:e3:ff:5f:fc:32:c8:ba:e2:b2:d1:e3:c5:a4:68:8f:37:19:
a6:47:5a:ef:7c:92:c2:8b:59:69:be:56:6b:95:ff:1e:e9:52:
63:eb:cb:4a:6b:2f:d6:1a:fd:19:65:32:44:3e:d7:fd:ec:8f:
16:f7:aa:52
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvXe1wvBmXhOs+ksUgoZQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzBiNmFjMjA5NjdhYTdjMDc4ZjBhNGJiNzI2Njk4MDUy
MmYxYzkwHhcNMjMwMTAxMjIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRhZjc5YTM4OTk1OGZjZGM0N2UwYjMwNDQwNzQxZGU1OTBhY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgjnHfakDm2H+GkSyV26jdHC4k9+
ZELhEAdXYB6Qv5wNfPhmDfsehX4BjW3YqUMINJgzMKD7UdI6rmJgJgbElwnb48F3
ekby6mF+HfBGMe8axX5cPTOsz51uQqYI9d5GofVPDDZVYr6EHuXxGxG/9fa3et2k
nCefL7CMi5M1O0WjTxt2cscGpi1UO1OASeWF/6t9/BYnKFnCV41cQlx5hyQW7ozd
bSVc4+vQv88KrjqyIi9r6FOf7MA/axeNzoMgTcx/kh9s9dA4KHEBqQIUtozHNXsj
/io2ox/ihBgtCXLjBwzB4ojWRoF0Rh/szEqr7sD2x/Rbg6nOllRKnScywwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGDa95o4mVj83EfgswRAdB3lkKz8MB8GA1UdIwQY
MBaAFKIwtqwglnqnwHjwpLtyZpgFIvHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pDMnJDQ1dlcWZBZVBDa3UzSm1tQVVpOGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NzMxMzYtMDlkNi00MmFhLWI0MWMt
NGVjMTAzNjg2MWU1LzEvWU5yM21qaVpXUHpjUi1DekJFQjBIZVdRclB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NzMxMzYtMDlkNi00MmFhLWI0MWMtNGVjMTAzNjg2MWU1
LzEvb2pDMnJDQ1dlcWZBZVBDa3UzSm1tQVVpOGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQ2YAwQE
2RwwMA0EAgACMAcDBQAqAiiAMA0GCSqGSIb3DQEBCwUAA4IBAQBz8/yPlvF6nHxw
pZN0Z7sfWTn0iogpgx8jo7m+GXVX1M2FyEfhVBtFXyXcWfTO63F0l1R0G1ieTXM/
i2BZR/BEJr8YHY52pz/XDXJf4pdgsq751fN7Fo1DY/IakL5FELvSOdIMagi3XfTA
bbaoQ2pVar3h4ZE3NHXfkYyZ1PLlnzrQ+aZn/6M1M4UQIADgqDqFTRcy7wBkMDcG
Ek01FHt1n9qxA6oZni3nj92VVL1miii7rQ2/AR3nRnMfyOGWilm4ACBDP1JO4/9f
/DLIuuKy0ePFpGiPNxmmR1rvfJLCi1lpvlZrlf8e6VJj68tKay/WGv0ZZTJEPtf9
7I8W96pS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:09 2024 by rpki-client on console-ams.rpki-client.org