Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/yD7vjjjKc3wchxhW8oJuk1zOY1U.roa
File: yD7vjjjKc3wchxhW8oJuk1zOY1U.roa (raw, json)
Hash identifier: EIY3R49n8JEEAUfstMgSZG00PNXKi0+oGlllytWSaAk=
Subject key identifier: C8:3E:EF:8E:38:CA:73:7C:1C:87:18:56:F2:82:6E:93:5C:CE:63:55
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018CA6CA33E4650AC09AC0D83F3315F2CAD7
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/yD7vjjjKc3wchxhW8oJuk1zOY1U.roa
Signing time: Tue 26 Dec 2023 15:41:58 +0000
ROA not before: Tue 26 Dec 2023 15:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.206.64.0/21 maxlen: 24
82.206.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:ca:33:e4:65:0a:c0:9a:c0:d8:3f:33:15:f2:ca:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Dec 26 15:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c83eef8e38ca737c1c871856f2826e935cce6355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:39:ee:65:5e:e3:2b:05:6e:06:dc:9a:0b:
bc:89:04:56:f4:e7:9b:86:d0:66:71:bf:3d:6d:78:
56:e6:42:ee:13:1d:0f:25:60:ec:0e:12:82:f0:a3:
17:65:24:9c:ee:2b:67:76:54:e4:3a:f2:7c:e5:33:
bd:29:b3:0b:23:a8:73:0b:4f:2a:22:cb:9a:83:aa:
c3:ee:26:e5:6f:94:fd:12:67:07:e1:8d:d2:71:be:
19:00:35:80:e4:65:fc:fd:5b:90:a7:6e:6a:16:26:
98:2f:dd:84:1d:96:ae:26:e0:20:1b:75:a5:0b:08:
4f:1d:a3:dd:be:2e:01:fd:0b:94:11:b6:d6:b8:b0:
9c:65:90:67:cc:28:54:39:da:43:11:e5:84:fa:90:
d6:55:5a:a4:9c:2c:60:a4:09:52:4f:39:d9:e4:e2:
1b:a8:99:55:f8:a6:84:1d:a1:81:47:12:5a:52:96:
1d:07:8d:f0:88:47:70:18:5e:e2:1a:d5:1c:c7:6e:
31:61:03:6d:e5:8d:7a:b2:ba:88:dc:9e:e2:73:20:
c5:24:ee:46:46:2e:a5:da:44:59:e9:01:d7:bf:99:
4a:d1:38:15:4b:f5:98:dd:8f:a2:e1:cf:8e:9b:97:
02:9d:53:09:89:73:85:d8:a2:c6:c6:39:a3:5e:eb:
0d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3E:EF:8E:38:CA:73:7C:1C:87:18:56:F2:82:6E:93:5C:CE:63:55
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/yD7vjjjKc3wchxhW8oJuk1zOY1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.64.0/20
Signature Algorithm: sha256WithRSAEncryption
26:67:dc:f0:eb:fa:9c:da:5f:37:30:d0:ae:18:e3:e9:d1:b3:
f5:da:fe:83:89:0a:cd:36:fa:85:37:63:2f:61:4b:c4:0b:7f:
f8:36:e7:e2:1b:92:33:6f:1d:2c:c4:29:e9:2e:26:9f:be:f9:
aa:59:65:4b:9a:0f:f6:56:66:bb:fb:f5:4c:a2:42:5e:5f:1d:
9a:24:1b:dc:0f:0c:0d:81:56:0e:2c:42:4f:77:fa:f6:59:1b:
1d:69:c8:0f:84:5e:11:ff:60:11:0e:d0:57:fc:d1:5c:96:1f:
00:4d:53:1c:9d:e2:8c:17:86:af:5d:87:fa:d2:22:76:36:04:
81:bd:8a:38:ff:c2:82:25:0a:1f:3f:59:e4:4d:e4:e1:6b:26:
7b:0a:db:c4:7e:4c:01:dd:b4:44:56:e6:44:02:b8:10:58:ff:
3c:82:69:c2:5e:d7:11:a5:ed:55:bc:34:45:0d:6c:15:bd:03:
d1:34:bf:7e:7b:d5:fd:9f:ae:8f:a3:5e:d4:b5:c2:7b:fb:d6:
cc:ac:51:ff:da:b3:7e:00:5a:51:89:83:37:54:0c:f4:36:95:
fe:bb:e2:33:3c:fa:b1:d2:9e:f0:0b:3c:d4:33:81:00:11:26:
df:af:6c:28:18:fe:9d:ea:f9:9e:da:ce:d8:c1:1e:36:c4:c5:
83:f5:36:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYymyjPkZQrAmsDYPzMV8srXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjMxMjI2MTU0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNlZWY4ZTM4Y2E3MzdjMWM4NzE4NTZmMjgyNmU5MzVjY2U2MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok057mVe4ysFbgbcmgu8iQRW9Oeb
htBmcb89bXhW5kLuEx0PJWDsDhKC8KMXZSSc7itndlTkOvJ85TO9KbMLI6hzC08q
Isuag6rD7iblb5T9EmcH4Y3Scb4ZADWA5GX8/VuQp25qFiaYL92EHZauJuAgG3Wl
CwhPHaPdvi4B/QuUEbbWuLCcZZBnzChUOdpDEeWE+pDWVVqknCxgpAlSTznZ5OIb
qJlV+KaEHaGBRxJaUpYdB43wiEdwGF7iGtUcx24xYQNt5Y16srqI3J7icyDFJO5G
Ri6l2kRZ6QHXv5lK0TgVS/WY3Y+i4c+Om5cCnVMJiXOF2KLGxjmjXusNpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMg+7444ynN8HIcYVvKCbpNczmNVMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEveUQ3dmpqaktjM3djaHhoVzhvSnVrMXpPWTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUs5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAmZ9zw6/qc2l83MNCuGOPp0bP12v6DiQrNNvqFN2Mv
YUvEC3/4NufiG5Izbx0sxCnpLiafvvmqWWVLmg/2Vma7+/VMokJeXx2aJBvcDwwN
gVYOLEJPd/r2WRsdacgPhF4R/2ARDtBX/NFclh8ATVMcneKMF4avXYf60iJ2NgSB
vYo4/8KCJQofP1nkTeThayZ7CtvEfkwB3bREVuZEArgQWP88gmnCXtcRpe1VvDRF
DWwVvQPRNL9+e9X9n66Po17UtcJ7+9bMrFH/2rN+AFpRiYM3VAz0NpX+u+IzPPqx
0p7wCzzUM4EAESbfr2woGP6d6vme2s7YwR42xMWD9TZl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:47 2025 by rpki-client