Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/6fa53f-6cd0-4d96-b1d6-9f3e550486a3/1/yglST2PmnH3-TyDrxoeMFR6JvyM.roa
File: yglST2PmnH3-TyDrxoeMFR6JvyM.roa (raw, json)
Hash identifier: sVRZLJMqsOBuGA+YNUUjT7VMIvuDlZvFLgvr3bF0P7g=
Subject key identifier: CA:09:52:4F:63:E6:9C:7D:FE:4F:20:EB:C6:87:8C:15:1E:89:BF:23
Certificate issuer: /CN=5160a68d52a38108270add46493b731dd298bd80
Certificate serial: 01856D13A6D15ACEBAD6452CA15DCFB25FB6
Authority key identifier: 51:60:A6:8D:52:A3:81:08:27:0A:DD:46:49:3B:73:1D:D2:98:BD:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UWCmjVKjgQgnCt1GSTtzHdKYvYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/6fa53f-6cd0-4d96-b1d6-9f3e550486a3/1/yglST2PmnH3-TyDrxoeMFR6JvyM.roa
Signing time: Sun 01 Jan 2023 11:24:42 +0000
ROA not before: Sun 01 Jan 2023 11:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50796
IP address blocks: 37.32.56.0/21 maxlen: 24
185.3.196.0/22 maxlen: 24
178.22.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:a6:d1:5a:ce:ba:d6:45:2c:a1:5d:cf:b2:5f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5160a68d52a38108270add46493b731dd298bd80
Validity
Not Before: Jan 1 11:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca09524f63e69c7dfe4f20ebc6878c151e89bf23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a9:e8:df:80:7a:35:be:cb:aa:07:3b:10:2f:
5e:07:2f:a7:cc:ef:56:c8:8e:65:3a:5d:c6:a7:21:
f5:9b:69:78:34:4b:e7:d9:56:f7:17:97:6c:13:7b:
c8:92:1b:ba:46:50:ba:e2:1d:5c:c7:79:43:d4:9f:
0a:20:89:87:e5:45:42:86:d1:9e:3c:7f:69:df:69:
1d:25:e2:c6:a8:c1:47:5c:30:ef:e0:8a:d0:a2:cf:
fc:7b:18:9d:bc:2a:42:22:c6:ec:8f:fa:7b:f8:05:
fe:c7:8c:0b:fa:cd:14:7f:5e:47:38:a5:3e:6b:4c:
18:99:e3:4c:30:57:d3:31:55:49:7c:87:84:3f:3b:
2c:26:e6:bd:56:ca:b6:c4:84:17:8d:af:93:d8:f0:
e7:7e:63:75:f4:95:5e:5a:40:a1:d7:5e:29:f7:ce:
6f:20:df:2f:92:d5:db:9b:de:b8:5e:eb:c3:15:b6:
2d:58:9a:81:97:b2:c6:c2:9d:c5:1e:a1:cf:ee:e5:
3e:83:cd:da:ac:b8:b5:9e:5c:ea:90:29:6b:e6:3a:
09:1e:b0:4b:1b:74:f6:77:7b:09:27:e9:9f:65:88:
39:47:a1:69:cd:fc:39:e5:f0:3b:fd:4e:5c:9e:46:
8b:1f:f3:89:af:58:2a:3b:2e:54:13:9e:3f:8e:f6:
79:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:09:52:4F:63:E6:9C:7D:FE:4F:20:EB:C6:87:8C:15:1E:89:BF:23
X509v3 Authority Key Identifier:
keyid:51:60:A6:8D:52:A3:81:08:27:0A:DD:46:49:3B:73:1D:D2:98:BD:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWCmjVKjgQgnCt1GSTtzHdKYvYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6fa53f-6cd0-4d96-b1d6-9f3e550486a3/1/yglST2PmnH3-TyDrxoeMFR6JvyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6fa53f-6cd0-4d96-b1d6-9f3e550486a3/1/UWCmjVKjgQgnCt1GSTtzHdKYvYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.56.0/21
178.22.0.0/21
185.3.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:12:5a:5e:10:e4:48:55:7a:81:15:54:bb:9e:e7:9b:82:9b:
13:a9:23:26:7b:36:7d:26:66:3f:8b:c9:15:f0:d6:07:3b:1f:
61:a4:e7:f0:44:7d:61:e8:bb:37:8a:14:78:26:6c:a9:fa:3a:
c8:95:bb:e3:01:79:4a:ce:a1:9f:46:0a:ec:24:e2:60:1b:22:
95:07:8c:01:7c:5b:ee:5d:52:f5:c4:f5:1f:a4:7c:3b:70:6a:
a7:d6:3e:04:47:fe:e1:fd:17:04:e5:9e:4d:84:bc:3a:2a:55:
c3:81:b9:4b:31:9a:04:73:03:2c:3b:e3:ac:e9:89:6c:f1:7d:
8e:f3:5c:5c:4e:ac:6e:df:1c:aa:63:9b:c8:c0:99:2b:04:ec:
5a:a6:3e:fe:6d:f4:fa:d8:b0:6d:95:ee:de:9d:9d:1c:fc:54:
07:fc:a2:dc:94:0a:6e:45:9b:da:c4:26:44:43:ab:07:8d:c9:
45:51:a5:bd:95:45:28:98:4d:e1:18:29:db:83:64:67:96:39:
68:73:a0:ea:65:8b:9b:91:7a:47:e8:f6:6b:1a:a1:e0:97:ec:
74:e1:0e:54:6a:27:83:54:ea:73:1e:ef:45:60:35:57:c3:c6:
05:37:07:98:2f:0a:30:cf:ae:26:c7:80:1d:a5:0f:f3:d4:2b:
2e:b7:3c:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtE6bRWs661kUsoV3Psl+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNjBhNjhkNTJhMzgxMDgyNzBhZGQ0NjQ5M2I3MzFkZDI5
OGJkODAwHhcNMjMwMTAxMTEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTA5NTI0ZjYzZTY5YzdkZmU0ZjIwZWJjNjg3OGMxNTFlODliZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoano34B6Nb7Lqgc7EC9eBy+nzO9W
yI5lOl3GpyH1m2l4NEvn2Vb3F5dsE3vIkhu6RlC64h1cx3lD1J8KIImH5UVChtGe
PH9p32kdJeLGqMFHXDDv4IrQos/8exidvCpCIsbsj/p7+AX+x4wL+s0Uf15HOKU+
a0wYmeNMMFfTMVVJfIeEPzssJua9Vsq2xIQXja+T2PDnfmN19JVeWkCh114p985v
IN8vktXbm964XuvDFbYtWJqBl7LGwp3FHqHP7uU+g83arLi1nlzqkClr5joJHrBL
G3T2d3sJJ+mfZYg5R6Fpzfw55fA7/U5cnkaLH/OJr1gqOy5UE54/jvZ5LQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMoJUk9j5px9/k8g68aHjBUeib8jMB8GA1UdIwQY
MBaAFFFgpo1So4EIJwrdRkk7cx3SmL2AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVdDbWpWS2pnUWduQ3QxR1NUdHpIZEtZdllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82ZmE1M2YtNmNkMC00ZDk2LWIxZDYt
OWYzZTU1MDQ4NmEzLzEveWdsU1QyUG1uSDMtVHlEcnhvZU1GUjZKdnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82ZmE1M2YtNmNkMC00ZDk2LWIxZDYtOWYzZTU1MDQ4NmEz
LzEvVVdDbWpWS2pnUWduQ3QxR1NUdHpIZEtZdllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJSA4AwQD
shYAAwQCuQPEMA0GCSqGSIb3DQEBCwUAA4IBAQCbElpeEORIVXqBFVS7nuebgpsT
qSMmezZ9JmY/i8kV8NYHOx9hpOfwRH1h6Ls3ihR4Jmyp+jrIlbvjAXlKzqGfRgrs
JOJgGyKVB4wBfFvuXVL1xPUfpHw7cGqn1j4ER/7h/RcE5Z5NhLw6KlXDgblLMZoE
cwMsO+Os6Yls8X2O81xcTqxu3xyqY5vIwJkrBOxapj7+bfT62LBtle7enZ0c/FQH
/KLclApuRZvaxCZEQ6sHjclFUaW9lUUomE3hGCnbg2Rnljloc6DqZYubkXpH6PZr
GqHgl+x04Q5UaieDVOpzHu9FYDVXw8YFNweYLwowz64mx4AdpQ/z1CsutzyY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:31 2024 by rpki-client on console-ams.rpki-client.org