Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/YykQRdDUOczXz2P_NBEuCUjO4zY.roa
File: YykQRdDUOczXz2P_NBEuCUjO4zY.roa (raw, json)
Hash identifier: Go/jkNSlJxiMwRRDRmRmxiawr43/vAIVKv/jb9fBc2E=
Subject key identifier: 63:29:10:45:D0:D4:39:CC:D7:CF:63:FF:34:11:2E:09:48:CE:E3:36
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369B795D9632C040E22DEA8C34ACD00
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/YykQRdDUOczXz2P_NBEuCUjO4zY.roa
Signing time: Wed 01 Jan 2025 19:48:38 +0000
ROA not before: Wed 01 Jan 2025 19:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62448
IP address blocks: 188.212.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b7:95:d9:63:2c:04:0e:22:de:a8:c3:4a:cd:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63291045d0d439ccd7cf63ff34112e0948cee336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:80:94:46:c2:fe:54:00:17:66:48:33:1e:fa:
a3:42:66:18:79:77:d4:12:f7:bb:12:b7:f5:2c:fe:
e9:ed:89:a6:34:88:b2:19:87:5d:05:2c:f2:28:92:
2f:25:39:9e:d3:bf:8a:cb:2c:37:f8:69:d9:d7:c9:
18:46:ec:07:26:1b:db:02:2c:51:84:2f:20:71:f2:
27:a5:fc:0b:0a:5c:a5:d5:5c:56:db:40:b7:3a:2b:
61:f1:83:ed:f2:ea:d2:b2:c3:8d:ae:61:3d:b9:62:
12:dc:66:7c:28:dd:9f:23:41:60:4d:6f:de:0a:da:
9d:ac:92:52:86:7e:60:8a:fe:42:9e:c7:13:a7:d9:
11:bc:56:ed:ea:27:3e:b4:6a:21:79:ba:7e:b9:64:
58:99:6e:01:94:7d:16:13:c6:3e:85:cd:ba:1b:a5:
b2:f4:d6:34:c7:86:4f:da:23:7b:64:fe:50:32:f6:
a0:81:10:94:5c:35:f6:98:51:cc:4b:ea:b8:6f:75:
ba:e4:74:d9:fd:bd:03:d9:0f:22:0a:23:90:4a:a4:
0e:b0:59:9c:2b:bd:46:43:6e:3a:a0:62:79:6c:7b:
e8:fe:50:d5:11:96:ca:9f:bf:52:da:6d:d8:6a:22:
1f:a1:a7:51:93:0e:92:4f:d7:0f:a2:e3:2f:4b:f3:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:29:10:45:D0:D4:39:CC:D7:CF:63:FF:34:11:2E:09:48:CE:E3:36
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/YykQRdDUOczXz2P_NBEuCUjO4zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.131.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:2b:4b:47:a7:43:16:80:e5:b4:81:25:c1:9d:a5:83:9f:5a:
1a:97:b3:10:6e:fe:ad:ea:9c:f4:a3:5e:a7:f9:14:5b:fe:53:
ef:99:df:d3:b8:98:8c:67:11:92:4e:c9:8e:b5:99:12:ef:e8:
68:bb:f3:6d:dc:18:8d:55:bf:6a:65:39:b4:fa:58:f4:34:4d:
3e:a8:16:56:fa:be:70:cb:ce:79:13:a2:ef:40:89:ce:3a:02:
a1:84:6d:18:7e:54:b4:2e:64:ca:1f:75:4b:12:9b:45:45:79:
5d:70:13:a0:d6:8c:0c:71:ea:5b:01:3c:d9:91:70:66:4c:05:
df:3b:79:c1:43:06:4f:df:fe:45:61:db:90:85:f3:cf:a7:8d:
20:a0:94:ee:1d:55:8f:07:a6:d3:59:86:69:55:e7:91:89:a2:
2e:19:92:11:40:42:de:d5:1b:74:f5:c4:15:b0:03:33:41:22:
1b:df:39:5d:08:37:ab:da:51:8e:08:1a:a3:a9:59:3f:1d:18:
96:27:9d:4b:33:95:e3:f2:7a:e2:79:65:d2:64:68:b2:44:a1:
16:c5:f9:ae:59:71:69:e9:a7:49:73:43:c4:ba:74:51:a0:44:
0c:06:22:54:06:fb:ed:e0:11:14:42:37:be:69:b0:3f:9a:57:
2f:0c:86:e2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjabeV2WMsBA4i3qjDSs0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI5MTA0NWQwZDQzOWNjZDdjZjYzZmYzNDExMmUwOTQ4Y2VlMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ICURsL+VAAXZkgzHvqjQmYYeXfU
Eve7Erf1LP7p7YmmNIiyGYddBSzyKJIvJTme07+Kyyw3+GnZ18kYRuwHJhvbAixR
hC8gcfInpfwLClyl1VxW20C3Oith8YPt8urSssONrmE9uWIS3GZ8KN2fI0FgTW/e
CtqdrJJShn5giv5CnscTp9kRvFbt6ic+tGohebp+uWRYmW4BlH0WE8Y+hc26G6Wy
9NY0x4ZP2iN7ZP5QMvaggRCUXDX2mFHMS+q4b3W65HTZ/b0D2Q8iCiOQSqQOsFmc
K71GQ246oGJ5bHvo/lDVEZbKn79S2m3YaiIfoadRkw6ST9cPouMvS/O17wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGMpEEXQ1DnM189j/zQRLglIzuM2MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1l5a1FSZERVT2N6WHoyUF9OQkV1Q1VqTzR6WS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC81IMw
DQYJKoZIhvcNAQELBQADggEBAGorS0enQxaA5bSBJcGdpYOfWhqXsxBu/q3qnPSj
Xqf5FFv+U++Z39O4mIxnEZJOyY61mRLv6Gi7823cGI1Vv2plObT6WPQ0TT6oFlb6
vnDLznkTou9Aic46AqGEbRh+VLQuZMofdUsSm0VFeV1wE6DWjAxx6lsBPNmRcGZM
Bd87ecFDBk/f/kVh25CF88+njSCglO4dVY8HptNZhmlV55GJoi4ZkhFAQt7VG3T1
xBWwAzNBIhvfOV0IN6vaUY4IGqOpWT8dGJYnnUszlePyeuJ5ZdJkaLJEoRbF+a5Z
cWnpp0lzQ8S6dFGgRAwGIlQG++3gERRCN75psD+aVy8MhuI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:32 2025 by rpki-client