Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/_yOjyskNFPwxhPnOVJdMHQDB2SA.roa
File: _yOjyskNFPwxhPnOVJdMHQDB2SA.roa (raw, json)
Hash identifier: J5V/K3xm2pFchTLDHMAVy7GMc8SAeTV+GgmSWVoTw6w=
Subject key identifier: FF:23:A3:CA:C9:0D:14:FC:31:84:F9:CE:54:97:4C:1D:00:C1:D9:20
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 018A1D8C7A806F59EC506AF13DC0F1A1DA06
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/_yOjyskNFPwxhPnOVJdMHQDB2SA.roa
Signing time: Tue 22 Aug 2023 14:01:00 +0000
ROA not before: Tue 22 Aug 2023 14:01:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:8c:7a:80:6f:59:ec:50:6a:f1:3d:c0:f1:a1:da:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Aug 22 14:01:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff23a3cac90d14fc3184f9ce54974c1d00c1d920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c3:37:15:6c:97:1a:50:e4:3f:3f:b3:be:d1:
e1:16:cb:c1:1a:e6:1d:91:31:9c:a0:bf:29:58:a1:
eb:61:50:08:b7:ae:01:db:34:d1:14:51:ca:a8:06:
f4:30:da:14:4c:45:4a:a9:0f:56:76:96:6f:65:8d:
3f:6b:fb:1f:c3:49:fe:70:98:cb:c0:3a:8b:cc:fa:
ce:f3:07:65:0d:89:7b:2f:5f:e9:60:32:77:3c:fd:
68:9e:2b:43:bd:08:4b:2d:9f:00:b1:72:6b:1d:97:
3e:1b:3b:bb:a6:db:12:c5:cc:09:7e:a3:ce:39:69:
5c:5a:0c:9f:cd:4a:86:c6:bf:aa:96:a9:3b:79:35:
05:3b:e0:6e:74:ab:84:66:2b:c4:4a:1e:49:30:af:
eb:b2:9d:11:46:c9:2c:15:89:c9:12:94:65:bc:18:
25:7e:af:27:a4:78:c0:7d:0f:18:91:7a:58:13:62:
ec:85:88:9c:a6:80:e2:ca:86:e0:3d:3e:37:7e:ad:
fd:45:48:d5:c1:4a:d7:6d:96:ff:80:89:f0:d0:14:
e2:09:ca:f7:a9:a2:fe:34:ac:b5:07:06:e7:88:56:
2f:2d:77:38:07:1a:99:7b:27:e8:56:9b:df:60:50:
63:47:f9:b1:86:de:f6:44:9e:f2:8d:6a:35:61:e1:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:23:A3:CA:C9:0D:14:FC:31:84:F9:CE:54:97:4C:1D:00:C1:D9:20
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/_yOjyskNFPwxhPnOVJdMHQDB2SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
Signature Algorithm: sha256WithRSAEncryption
74:db:d9:b3:0f:84:dd:a5:6b:a1:52:79:e8:af:0f:a1:6a:c5:
0e:5d:53:bf:f8:e7:41:70:7d:16:50:52:ae:15:fb:09:c3:db:
47:8e:1b:a5:44:6b:33:02:34:8b:fd:33:9f:eb:52:9f:b2:ef:
bc:9f:a8:f6:5d:d8:b7:59:41:63:65:37:5f:31:df:a0:e3:f7:
9d:f4:b7:c4:c0:49:63:19:14:c7:9e:9e:b0:7c:68:2c:69:20:
b3:89:27:79:79:af:0d:93:03:0b:d9:90:8e:1d:67:7a:3b:80:
b3:cd:66:c1:cb:fb:b9:e5:34:07:e5:68:93:d5:bd:a9:a4:9c:
4d:3c:bb:05:4f:35:e5:cf:31:a3:0f:e2:68:bf:45:fc:6e:d3:
23:12:96:46:7c:87:51:87:75:25:ce:54:82:a0:cb:5c:ec:f2:
70:f6:f5:9c:ea:72:c9:3c:f1:70:5d:3b:6a:c2:da:0a:36:2f:
16:7e:74:aa:7c:d9:57:fc:b9:a8:4b:f5:a1:99:0f:49:17:31:
43:cf:db:06:3a:be:0e:3f:81:66:d0:4b:ba:9c:72:e5:a9:39:
77:bf:08:f2:31:d8:da:d5:8c:22:bc:c1:b4:46:c8:65:81:8c:
83:52:99:79:ec:85:fa:09:b7:0b:7f:69:38:cf:02:fc:fa:1a:
42:98:f7:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYodjHqAb1nsUGrxPcDxodoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjMwODIyMTQwMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjIzYTNjYWM5MGQxNGZjMzE4NGY5Y2U1NDk3NGMxZDAwYzFkOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8M3FWyXGlDkPz+zvtHhFsvBGuYd
kTGcoL8pWKHrYVAIt64B2zTRFFHKqAb0MNoUTEVKqQ9WdpZvZY0/a/sfw0n+cJjL
wDqLzPrO8wdlDYl7L1/pYDJ3PP1onitDvQhLLZ8AsXJrHZc+Gzu7ptsSxcwJfqPO
OWlcWgyfzUqGxr+qlqk7eTUFO+BudKuEZivESh5JMK/rsp0RRsksFYnJEpRlvBgl
fq8npHjAfQ8YkXpYE2LshYicpoDiyobgPT43fq39RUjVwUrXbZb/gInw0BTiCcr3
qaL+NKy1BwbniFYvLXc4BxqZeyfoVpvfYFBjR/mxht72RJ7yjWo1YeHihQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8jo8rJDRT8MYT5zlSXTB0AwdkgMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvX3lPanlza05GUHd4aFBuT1ZKZE1IUURCMlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuV3kAwQC
wRPgMA0GCSqGSIb3DQEBCwUAA4IBAQB029mzD4TdpWuhUnnorw+hasUOXVO/+OdB
cH0WUFKuFfsJw9tHjhulRGszAjSL/TOf61Kfsu+8n6j2Xdi3WUFjZTdfMd+g4/ed
9LfEwEljGRTHnp6wfGgsaSCziSd5ea8NkwML2ZCOHWd6O4CzzWbBy/u55TQH5WiT
1b2ppJxNPLsFTzXlzzGjD+Jov0X8btMjEpZGfIdRh3UlzlSCoMtc7PJw9vWc6nLJ
PPFwXTtqwtoKNi8WfnSqfNlX/LmoS/WhmQ9JFzFDz9sGOr4OP4Fm0Eu6nHLlqTl3
vwjyMdja1YwivMG0RshlgYyDUpl57IX6CbcLf2k4zwL8+hpCmPdd
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:36 2025 by rpki-client