Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/yZRNpOzYacl5ldnOKdfPWxiNYOg.roa
File: yZRNpOzYacl5ldnOKdfPWxiNYOg.roa (raw, json)
Hash identifier: 5xomA6sgVyMayvh+ZLYlezVOWunWzoUnO1Jb0BtgoXs=
Subject key identifier: C9:94:4D:A4:EC:D8:69:C9:79:95:D9:CE:29:D7:CF:5B:18:8D:60:E8
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 01856BAEAB14983600CDDC99C87D7A2A0685
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/yZRNpOzYacl5ldnOKdfPWxiNYOg.roa
Signing time: Sun 01 Jan 2023 04:54:47 +0000
ROA not before: Sun 01 Jan 2023 04:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 185.29.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:ab:14:98:36:00:cd:dc:99:c8:7d:7a:2a:06:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Jan 1 04:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9944da4ecd869c97995d9ce29d7cf5b188d60e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:41:ab:46:02:ed:1b:dc:c2:2a:cd:d8:db:
88:28:1c:6f:db:1e:f6:f6:49:36:b7:a9:9d:33:c5:
bc:f3:85:27:df:94:d3:dc:16:0d:a1:89:a4:7a:54:
80:44:8d:2a:49:81:ba:f5:72:f2:d6:0d:73:1e:3e:
68:63:36:42:d1:4d:6c:dd:e0:d5:b2:9e:21:00:be:
f4:a0:fb:b4:ea:e6:ff:7f:eb:f3:0c:fb:71:03:7e:
3f:42:2a:69:27:52:61:7c:73:b7:a4:8a:3b:d9:74:
e3:11:0c:3d:f4:c9:c6:e2:27:37:24:17:ec:26:04:
da:6f:4c:80:f9:7c:cb:28:8f:e4:77:82:dd:f1:5d:
1e:9c:76:d0:19:03:f9:df:4b:21:b1:3c:76:51:d8:
96:be:8e:ba:f6:23:22:92:b1:5e:c6:dd:19:20:3c:
3c:6e:20:79:e7:c1:b4:c5:e7:40:87:2c:41:23:de:
78:24:7b:d3:a6:4a:cf:5e:90:65:cd:dc:fd:a5:35:
03:5d:0d:93:f2:cb:ca:7e:9d:41:02:84:72:f0:64:
78:b7:fe:d9:43:f9:36:46:fd:76:a9:f8:1a:3d:e1:
29:a3:3d:23:15:10:f6:c2:aa:c4:b4:f8:ce:67:26:
4c:da:d1:b3:61:47:69:91:85:3e:9d:56:d8:17:d5:
4c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:94:4D:A4:EC:D8:69:C9:79:95:D9:CE:29:D7:CF:5B:18:8D:60:E8
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/yZRNpOzYacl5ldnOKdfPWxiNYOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.166.0/24
Signature Algorithm: sha256WithRSAEncryption
11:7a:a1:65:f8:ec:7d:a6:64:aa:e1:12:a3:59:97:64:f5:2d:
c0:c6:da:92:19:f8:6a:64:b3:d6:7c:09:d8:c4:e7:d9:94:db:
c3:7e:c6:47:80:a0:ca:90:ca:37:86:81:c3:4e:eb:25:10:b1:
1b:cb:28:d6:cf:fe:35:6c:2e:55:3b:c2:e0:72:99:83:61:94:
19:f5:63:2f:78:71:bc:0f:ae:a4:1a:be:03:b8:46:d4:5c:1c:
45:8e:4b:b3:43:7d:51:9e:bd:d6:b0:1e:d9:bb:44:6b:30:ac:
ae:5a:91:34:c7:e9:ee:c5:f3:0c:72:33:58:f6:04:9e:f5:5e:
c1:88:11:d8:10:5a:44:a4:9e:37:28:26:d4:5e:de:b0:51:ce:
57:29:f9:13:08:ee:e6:de:90:b9:e9:d8:b9:4d:06:8a:63:03:
bd:08:6a:2e:7a:72:b8:51:a4:ff:39:68:ab:f6:92:7e:07:a8:
01:cd:1d:63:a2:2c:14:46:55:2a:13:27:e6:9d:40:9c:a8:80:
8a:64:a8:02:dc:91:57:39:1f:1e:30:be:ef:a8:a6:b7:f2:97:
89:d3:d5:52:6e:e5:e0:72:74:2e:dd:11:f6:f6:4a:25:cb:f2:
e9:e2:b6:72:83:30:da:c5:a1:07:99:08:cd:bb:4e:28:e8:21:
78:dd:81:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrrqsUmDYAzdyZyH16KgaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2VjZTcxZWY2ZWJmNTViYjdiODdlNTA2NjViYTExZmRj
NzdmMDgwHhcNMjMwMTAxMDQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk0NGRhNGVjZDg2OWM5Nzk5NWQ5Y2UyOWQ3Y2Y1YjE4OGQ2MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/JBq0YC7RvcwirN2NuIKBxv2x72
9kk2t6mdM8W884Un35TT3BYNoYmkelSARI0qSYG69XLy1g1zHj5oYzZC0U1s3eDV
sp4hAL70oPu06ub/f+vzDPtxA34/QippJ1JhfHO3pIo72XTjEQw99MnG4ic3JBfs
JgTab0yA+XzLKI/kd4Ld8V0enHbQGQP530shsTx2UdiWvo669iMikrFext0ZIDw8
biB558G0xedAhyxBI954JHvTpkrPXpBlzdz9pTUDXQ2T8svKfp1BAoRy8GR4t/7Z
Q/k2Rv12qfgaPeEpoz0jFRD2wqrEtPjOZyZM2tGzYUdpkYU+nVbYF9VMHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmUTaTs2GnJeZXZzinXz1sYjWDoMB8GA1UdIwQY
MBaAFNU+znHvbr9Vu3uH5QZluhH9x38IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQt
MWMyNjI2NTkwZDI4LzEveVpSTnBPellhY2w1bGRuT0tkZlBXeGlOWU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQtMWMyNjI2NTkwZDI4
LzEvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuR2mMA0G
CSqGSIb3DQEBCwUAA4IBAQAReqFl+Ox9pmSq4RKjWZdk9S3AxtqSGfhqZLPWfAnY
xOfZlNvDfsZHgKDKkMo3hoHDTuslELEbyyjWz/41bC5VO8LgcpmDYZQZ9WMveHG8
D66kGr4DuEbUXBxFjkuzQ31Rnr3WsB7Zu0RrMKyuWpE0x+nuxfMMcjNY9gSe9V7B
iBHYEFpEpJ43KCbUXt6wUc5XKfkTCO7m3pC56di5TQaKYwO9CGouenK4UaT/OWir
9pJ+B6gBzR1joiwURlUqEyfmnUCcqICKZKgC3JFXOR8eML7vqKa38peJ09VSbuXg
cnQu3RH29koly/Lp4rZygzDaxaEHmQjNu04o6CF43YFE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:21 2023 by rpki-client on console-ams.rpki-client.org