Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ce66e5-6d57-48e4-bd11-47b968e693b2/1/YO-1SD2PapLl1oEb0z8_aI65Ibk.roa
File: YO-1SD2PapLl1oEb0z8_aI65Ibk.roa (raw, json)
Hash identifier: VG4euq06QYRYOcjESyq3GZsTxVu+RrdrWaw+9ZXXh3I=
Subject key identifier: 60:EF:B5:48:3D:8F:6A:92:E5:D6:81:1B:D3:3F:3F:68:8E:B9:21:B9
Certificate issuer: /CN=0794f033b23a29b0a4c833ef8e246daecdaa85c1
Certificate serial: 01856D5D0A432C34832B6DAF646AC2708102
Authority key identifier: 07:94:F0:33:B2:3A:29:B0:A4:C8:33:EF:8E:24:6D:AE:CD:AA:85:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B5TwM7I6KbCkyDPvjiRtrs2qhcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ce66e5-6d57-48e4-bd11-47b968e693b2/1/YO-1SD2PapLl1oEb0z8_aI65Ibk.roa
Signing time: Sun 01 Jan 2023 12:44:52 +0000
ROA not before: Sun 01 Jan 2023 12:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34702
IP address blocks: 91.208.113.0/24 maxlen: 24
91.208.128.0/24 maxlen: 24
91.208.137.0/24 maxlen: 24
91.208.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:0a:43:2c:34:83:2b:6d:af:64:6a:c2:70:81:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0794f033b23a29b0a4c833ef8e246daecdaa85c1
Validity
Not Before: Jan 1 12:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60efb5483d8f6a92e5d6811bd33f3f688eb921b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:72:fd:b4:3f:1e:e1:50:94:3c:d3:ef:b0:
79:03:68:0e:57:f4:69:9e:34:57:5d:3a:b2:09:97:
86:cd:5d:e3:ca:3b:3e:25:6d:6f:7f:26:29:c3:e8:
67:aa:6a:2b:1f:51:c0:d3:6d:6c:b8:53:c8:c7:da:
2f:d1:60:44:8f:7f:50:be:4e:e4:c0:0d:00:9a:0c:
09:fc:3d:84:e6:cb:93:9d:82:f3:65:18:dc:99:c0:
56:fa:50:fa:85:f4:5c:fd:e0:05:8b:b5:81:f8:4f:
1c:27:05:dc:6d:18:32:c3:31:60:95:ae:30:99:41:
23:22:c0:e0:e6:74:e5:dc:35:12:bd:e8:62:31:3c:
2a:b1:4c:ec:c6:95:6e:d3:ab:c1:c8:87:1c:20:de:
3d:43:47:d6:15:c2:04:c8:4d:a0:48:36:9e:e7:16:
fc:b3:62:1c:32:10:65:10:e7:a4:9a:8a:b4:12:cb:
3d:41:20:4f:88:d0:e1:16:89:86:b3:74:88:da:62:
16:90:4c:d5:52:1f:08:6f:3b:9f:84:ae:52:57:0b:
45:96:58:07:67:ac:c3:66:60:c2:ff:68:ad:74:eb:
fb:d8:ae:47:57:0d:57:d2:f8:c0:66:36:a0:21:da:
55:16:64:c8:c4:c6:c3:ec:f7:83:0e:5f:35:a2:b4:
24:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EF:B5:48:3D:8F:6A:92:E5:D6:81:1B:D3:3F:3F:68:8E:B9:21:B9
X509v3 Authority Key Identifier:
keyid:07:94:F0:33:B2:3A:29:B0:A4:C8:33:EF:8E:24:6D:AE:CD:AA:85:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B5TwM7I6KbCkyDPvjiRtrs2qhcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ce66e5-6d57-48e4-bd11-47b968e693b2/1/YO-1SD2PapLl1oEb0z8_aI65Ibk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ce66e5-6d57-48e4-bd11-47b968e693b2/1/B5TwM7I6KbCkyDPvjiRtrs2qhcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.113.0/24
91.208.128.0/24
91.208.137.0/24
91.208.151.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ca:3d:9a:4d:67:8a:18:8a:74:28:62:d2:40:e2:6c:48:c4:
66:5a:ca:9a:0b:52:85:9b:d3:55:8f:26:ab:3e:97:fb:61:47:
5d:64:a2:36:d4:37:17:f6:02:41:08:53:92:d1:81:61:b0:a3:
0e:3b:c5:16:37:cf:ce:59:c0:87:18:83:76:1e:8a:ab:61:7d:
49:5a:5f:88:04:4e:1c:69:5b:45:1f:c2:c8:5b:e5:27:ff:67:
7c:3c:b8:e2:d5:88:12:0b:8e:70:17:a8:d2:6d:62:3f:e0:33:
72:2c:35:f7:5b:be:79:18:7f:c8:c9:3d:e3:6c:08:f8:ae:7b:
48:54:c3:a0:28:18:f2:61:08:6b:9f:12:63:84:a7:c1:9a:fa:
93:b1:d3:63:8d:71:e4:7d:d4:8d:5e:13:99:95:88:78:29:89:
26:32:58:8b:01:0c:fc:bd:d1:47:34:4d:6d:cb:0b:2b:ab:23:
67:2b:70:56:d1:dc:15:d5:8b:07:a3:90:55:4e:f1:02:6c:cc:
aa:c5:20:bc:17:bb:de:a2:93:97:80:aa:4a:76:03:7f:38:44:
cc:83:d5:8a:20:7a:24:c3:7c:3b:82:b4:6e:8e:db:1f:de:f1:
81:9c:15:a5:35:5c:27:9c:79:63:ff:64:04:a7:72:4e:9a:f1:
67:d5:6d:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtXQpDLDSDK22vZGrCcIECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OTRmMDMzYjIzYTI5YjBhNGM4MzNlZjhlMjQ2ZGFlY2Rh
YTg1YzEwHhcNMjMwMTAxMTI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVmYjU0ODNkOGY2YTkyZTVkNjgxMWJkMzNmM2Y2ODhlYjkyMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+By/bQ/HuFQlDzT77B5A2gOV/Rp
njRXXTqyCZeGzV3jyjs+JW1vfyYpw+hnqmorH1HA021suFPIx9ov0WBEj39Qvk7k
wA0AmgwJ/D2E5suTnYLzZRjcmcBW+lD6hfRc/eAFi7WB+E8cJwXcbRgywzFgla4w
mUEjIsDg5nTl3DUSvehiMTwqsUzsxpVu06vByIccIN49Q0fWFcIEyE2gSDae5xb8
s2IcMhBlEOekmoq0Ess9QSBPiNDhFomGs3SI2mIWkEzVUh8IbzufhK5SVwtFllgH
Z6zDZmDC/2itdOv72K5HVw1X0vjAZjagIdpVFmTIxMbD7PeDDl81orQkiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGDvtUg9j2qS5daBG9M/P2iOuSG5MB8GA1UdIwQY
MBaAFAeU8DOyOimwpMgz744kba7NqoXBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjVUd003STZLYkNreURQdmppUnRyczJxaGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jZTY2ZTUtNmQ1Ny00OGU0LWJkMTEt
NDdiOTY4ZTY5M2IyLzEvWU8tMVNEMlBhcExsMW9FYjB6OF9hSTY1SWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jZTY2ZTUtNmQ1Ny00OGU0LWJkMTEtNDdiOTY4ZTY5M2Iy
LzEvQjVUd003STZLYkNreURQdmppUnRyczJxaGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9BxAwQA
W9CAAwQAW9CJAwQAW9CXMA0GCSqGSIb3DQEBCwUAA4IBAQAcyj2aTWeKGIp0KGLS
QOJsSMRmWsqaC1KFm9NVjyarPpf7YUddZKI21DcX9gJBCFOS0YFhsKMOO8UWN8/O
WcCHGIN2HoqrYX1JWl+IBE4caVtFH8LIW+Un/2d8PLji1YgSC45wF6jSbWI/4DNy
LDX3W755GH/IyT3jbAj4rntIVMOgKBjyYQhrnxJjhKfBmvqTsdNjjXHkfdSNXhOZ
lYh4KYkmMliLAQz8vdFHNE1tywsrqyNnK3BW0dwV1YsHo5BVTvECbMyqxSC8F7ve
opOXgKpKdgN/OETMg9WKIHokw3w7grRujtsf3vGBnBWlNVwnnHlj/2QEp3JOmvFn
1W2U
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:36 2025 by rpki-client