Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/yQH6QPVvz1dc6OWqxLEnZJyNXgw.roa
File: yQH6QPVvz1dc6OWqxLEnZJyNXgw.roa (raw, json)
Hash identifier: QPaTS5vb+5S3wrqo9w5VU1CnMNKtwez7mjejplsY5Vo=
Subject key identifier: C9:01:FA:40:F5:6F:CF:57:5C:E8:E5:AA:C4:B1:27:64:9C:8D:5E:0C
Certificate issuer: /CN=992be8d0a80d0665d8c6af41834665c88d6dfe76
Certificate serial: 018CC94E293CF2310E0CAAD1D405133B3322
Authority key identifier: 99:2B:E8:D0:A8:0D:06:65:D8:C6:AF:41:83:46:65:C8:8D:6D:FE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSvo0KgNBmXYxq9Bg0ZlyI1t_nY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/yQH6QPVvz1dc6OWqxLEnZJyNXgw.roa
Signing time: Tue 02 Jan 2024 08:33:11 +0000
ROA not before: Tue 02 Jan 2024 08:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212599
IP address blocks: 185.134.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:29:3c:f2:31:0e:0c:aa:d1:d4:05:13:3b:33:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992be8d0a80d0665d8c6af41834665c88d6dfe76
Validity
Not Before: Jan 2 08:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c901fa40f56fcf575ce8e5aac4b127649c8d5e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:38:de:e5:e8:5f:b2:fb:b1:61:f0:f6:ce:2f:
c5:3e:b5:1b:aa:3d:c7:9a:51:3b:c5:f3:6a:fd:3d:
75:98:68:23:58:05:ae:df:77:5e:96:3e:c7:a9:dc:
0c:a5:38:c5:90:3d:16:57:f5:29:0b:3d:c5:32:42:
35:e4:0c:2d:ca:9f:4b:67:7a:75:b8:a9:6c:a6:0f:
10:99:07:3e:b3:83:f7:e1:3c:83:6b:df:72:ab:8f:
93:37:91:cc:cf:b8:07:68:a1:22:18:51:03:3e:e9:
09:13:6c:39:7c:86:46:5e:71:bb:76:7f:4d:9d:7d:
a2:00:4a:73:2c:50:b6:1f:e7:82:aa:7f:e2:03:ad:
43:11:a5:4c:d1:8d:72:73:f3:2a:63:85:2b:8c:75:
66:09:af:b5:05:64:d5:9b:95:2d:2d:bc:68:06:88:
91:3b:9a:a0:c1:ac:48:73:7c:d1:a3:ab:a1:fd:b5:
6d:f9:59:ef:7e:f7:44:ca:c8:57:64:b8:31:69:7d:
a3:ce:4e:b1:80:b3:1f:36:77:a3:3a:9f:5a:0b:2f:
29:63:dd:28:b4:10:7a:03:eb:2d:9a:6c:2c:f4:4e:
06:a2:0f:30:0e:0b:20:dc:4a:2f:58:bd:3e:96:ba:
ed:1a:56:74:6a:61:be:44:a5:af:98:33:2a:0f:70:
88:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:01:FA:40:F5:6F:CF:57:5C:E8:E5:AA:C4:B1:27:64:9C:8D:5E:0C
X509v3 Authority Key Identifier:
keyid:99:2B:E8:D0:A8:0D:06:65:D8:C6:AF:41:83:46:65:C8:8D:6D:FE:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSvo0KgNBmXYxq9Bg0ZlyI1t_nY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/yQH6QPVvz1dc6OWqxLEnZJyNXgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/mSvo0KgNBmXYxq9Bg0ZlyI1t_nY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.175.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:cd:8c:34:bf:1c:5f:9d:a2:97:11:a0:29:74:ee:e6:ec:51:
cf:10:42:68:3c:5c:46:c6:b4:92:05:34:ba:4b:13:a9:50:93:
7a:6e:ec:72:b9:c3:e4:75:2c:b8:77:2c:cc:bc:fd:ef:3b:2b:
8c:c4:a5:6c:12:2d:ef:53:bc:b1:90:e5:89:b4:a1:05:90:1b:
23:c6:ee:6e:64:b2:c6:86:e7:c0:86:2a:8a:33:b6:85:fd:59:
49:a9:be:a7:75:86:73:77:6b:b6:af:20:0a:ee:23:9d:c4:92:
1c:51:b1:c7:69:0b:91:08:fc:ea:1d:55:95:e8:cf:36:fa:4f:
01:bc:2f:41:b3:9d:f8:db:b0:8c:a8:30:90:5f:35:6d:ca:2b:
d7:a7:23:a3:f0:a4:0c:ed:23:7b:d1:c6:77:c2:eb:46:71:3c:
0c:bb:8d:d8:7b:07:49:56:01:98:cf:0d:c1:8a:48:1f:ee:cd:
33:92:73:c5:a4:25:fc:4b:8a:df:de:3a:dd:8c:a7:de:51:eb:
cf:15:bf:91:42:ab:6b:91:0a:3d:e0:0d:cf:b3:71:15:1a:67:
c2:b6:d0:75:01:85:fd:5a:73:2e:85:af:fe:44:94:d5:5e:97:
5c:a2:8d:80:a3:e0:8e:56:64:58:7d:62:db:54:50:9e:80:e3:
43:c6:9a:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTik88jEODKrR1AUTOzMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmJlOGQwYTgwZDA2NjVkOGM2YWY0MTgzNDY2NWM4OGQ2
ZGZlNzYwHhcNMjQwMTAyMDgzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTAxZmE0MGY1NmZjZjU3NWNlOGU1YWFjNGIxMjc2NDljOGQ1ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTje5ehfsvuxYfD2zi/FPrUbqj3H
mlE7xfNq/T11mGgjWAWu33delj7HqdwMpTjFkD0WV/UpCz3FMkI15Awtyp9LZ3p1
uKlspg8QmQc+s4P34TyDa99yq4+TN5HMz7gHaKEiGFEDPukJE2w5fIZGXnG7dn9N
nX2iAEpzLFC2H+eCqn/iA61DEaVM0Y1yc/MqY4UrjHVmCa+1BWTVm5UtLbxoBoiR
O5qgwaxIc3zRo6uh/bVt+VnvfvdEyshXZLgxaX2jzk6xgLMfNnejOp9aCy8pY90o
tBB6A+stmmws9E4Gog8wDgsg3EovWL0+lrrtGlZ0amG+RKWvmDMqD3CIJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkB+kD1b89XXOjlqsSxJ2ScjV4MMB8GA1UdIwQY
MBaAFJkr6NCoDQZl2MavQYNGZciNbf52MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN2bzBLZ05CbVhZeHE5QmcwWmx5STF0X25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zNDk1YjQtN2I2MC00YTgzLThjNjgt
OTNjNDQ0NjY4MDM0LzEveVFINlFQVnZ6MWRjNk9XcXhMRW5aSnlOWGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zNDk1YjQtN2I2MC00YTgzLThjNjgtOTNjNDQ0NjY4MDM0
LzEvbVN2bzBLZ05CbVhZeHE5QmcwWmx5STF0X25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYavMA0G
CSqGSIb3DQEBCwUAA4IBAQCfzYw0vxxfnaKXEaApdO7m7FHPEEJoPFxGxrSSBTS6
SxOpUJN6buxyucPkdSy4dyzMvP3vOyuMxKVsEi3vU7yxkOWJtKEFkBsjxu5uZLLG
hufAhiqKM7aF/VlJqb6ndYZzd2u2ryAK7iOdxJIcUbHHaQuRCPzqHVWV6M82+k8B
vC9Bs53427CMqDCQXzVtyivXpyOj8KQM7SN70cZ3wutGcTwMu43YewdJVgGYzw3B
ikgf7s0zknPFpCX8S4rf3jrdjKfeUevPFb+RQqtrkQo94A3Ps3EVGmfCttB1AYX9
WnMuha/+RJTVXpdcoo2Ao+COVmRYfWLbVFCegONDxpqg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:27 2025 by rpki-client