Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/332548-99a1-4fba-b249-28d5d00dc0cb/1/yV_W37EDjuNYzUr9RekT40DEvG4.roa
File: yV_W37EDjuNYzUr9RekT40DEvG4.roa (raw, json)
Hash identifier: i5TfzONJpN8hUb1I0UuCT4mEjZhlCoIJ0hMdFNhR6OA=
Subject key identifier: C9:5F:D6:DF:B1:03:8E:E3:58:CD:4A:FD:45:E9:13:E3:40:C4:BC:6E
Certificate issuer: /CN=abdc639a367adaf9b3382d09bda05ee545433159
Certificate serial: 018CC86F5D4DC630589F28336BBFAB4B58CB
Authority key identifier: AB:DC:63:9A:36:7A:DA:F9:B3:38:2D:09:BD:A0:5E:E5:45:43:31:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9xjmjZ62vmzOC0JvaBe5UVDMVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/332548-99a1-4fba-b249-28d5d00dc0cb/1/yV_W37EDjuNYzUr9RekT40DEvG4.roa
Signing time: Tue 02 Jan 2024 04:29:50 +0000
ROA not before: Tue 02 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 5.42.203.0/24 maxlen: 24
194.5.86.0/24 maxlen: 24
2a12:1840::/39 maxlen: 39
2a12:1840:200::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5d:4d:c6:30:58:9f:28:33:6b:bf:ab:4b:58:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abdc639a367adaf9b3382d09bda05ee545433159
Validity
Not Before: Jan 2 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c95fd6dfb1038ee358cd4afd45e913e340c4bc6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e3:6c:9e:96:32:66:ff:f5:88:3c:d4:c6:1a:
a8:99:f6:2c:a4:6c:fa:aa:72:75:ff:f6:ce:44:32:
dd:09:e9:7a:9a:f7:21:98:22:15:e2:b1:7f:52:8c:
95:62:12:e9:f0:d0:46:a9:54:64:26:24:20:29:df:
44:d8:32:9f:6e:0f:5f:66:90:c8:e9:54:7e:16:d6:
99:1a:a8:9d:f6:29:34:e1:c7:73:79:0b:34:71:fe:
a5:19:e5:24:1b:17:73:01:3d:80:38:5c:bc:fd:10:
e0:ef:5c:e4:65:90:c2:be:ac:c3:03:be:d0:83:55:
d0:0f:12:e4:6f:0a:d6:b4:f9:e7:f4:ae:55:ab:5f:
06:3c:68:3c:86:fb:0e:d9:de:50:73:8a:87:1f:7f:
09:ad:c6:69:dc:e3:e7:34:5a:5e:c7:d0:57:ee:7f:
d1:c2:f7:bf:5e:37:bb:94:29:bf:50:e8:74:c7:38:
3d:9a:50:98:32:65:4f:e8:b0:7e:b6:36:e1:53:97:
6b:6a:3a:51:8b:a2:4b:ba:62:d3:c8:6b:25:55:2f:
9f:e2:4e:b9:e9:fa:ec:ec:bd:4c:2c:0a:22:8f:60:
f9:3c:d3:0a:88:a1:f9:6d:14:ab:58:05:00:1c:7a:
3f:e4:af:fe:d7:bc:9d:9b:49:05:8f:26:e5:bc:a3:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5F:D6:DF:B1:03:8E:E3:58:CD:4A:FD:45:E9:13:E3:40:C4:BC:6E
X509v3 Authority Key Identifier:
keyid:AB:DC:63:9A:36:7A:DA:F9:B3:38:2D:09:BD:A0:5E:E5:45:43:31:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9xjmjZ62vmzOC0JvaBe5UVDMVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/332548-99a1-4fba-b249-28d5d00dc0cb/1/yV_W37EDjuNYzUr9RekT40DEvG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/332548-99a1-4fba-b249-28d5d00dc0cb/1/q9xjmjZ62vmzOC0JvaBe5UVDMVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.203.0/24
194.5.86.0/24
IPv6:
2a12:1840::/38
Signature Algorithm: sha256WithRSAEncryption
62:d5:ad:82:44:ce:38:76:8d:e3:cf:d8:5e:90:01:06:00:f3:
08:a1:53:6c:c0:bb:1a:2c:a5:f6:15:52:22:7b:bc:cf:41:16:
3f:cb:e0:2c:07:e0:b3:31:5f:22:3e:14:68:4a:eb:eb:ec:09:
ab:1b:89:c2:81:47:d7:97:db:ca:6b:c4:22:fe:56:31:b4:3a:
c7:d6:dc:0b:f7:82:36:12:a7:3b:34:f8:de:2a:99:73:cf:b6:
6b:c9:72:83:40:1e:e9:17:1e:8e:e0:27:80:b0:c4:38:3d:c0:
7c:53:ff:97:be:be:cb:f0:19:d0:20:4f:89:7a:c4:81:28:98:
cd:8d:46:cc:34:3d:59:26:22:dc:f8:dc:d1:6b:82:25:3c:fe:
84:f0:b4:71:4a:db:77:aa:e6:11:3d:1c:64:b2:2d:88:01:59:
a8:d7:b7:aa:85:d2:32:e7:d8:01:3f:f0:06:56:c3:30:10:83:
91:eb:87:12:bc:7c:4f:88:7d:ed:90:92:bb:3a:88:53:db:db:
4a:0f:cb:d1:5e:3d:22:7c:39:66:2f:7e:4c:da:94:50:78:20:
61:74:af:47:db:2c:9f:9e:e5:11:9e:58:ed:26:d2:82:d8:40:
7b:75:01:ca:02:a2:01:24:f7:d3:99:ce:81:5c:d1:ce:ac:8b:
52:ca:5a:c1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzIb11NxjBYnygza7+rS1jLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZGM2MzlhMzY3YWRhZjliMzM4MmQwOWJkYTA1ZWU1NDU0
MzMxNTkwHhcNMjQwMTAyMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVmZDZkZmIxMDM4ZWUzNThjZDRhZmQ0NWU5MTNlMzQwYzRiYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+NsnpYyZv/1iDzUxhqomfYspGz6
qnJ1//bORDLdCel6mvchmCIV4rF/UoyVYhLp8NBGqVRkJiQgKd9E2DKfbg9fZpDI
6VR+FtaZGqid9ik04cdzeQs0cf6lGeUkGxdzAT2AOFy8/RDg71zkZZDCvqzDA77Q
g1XQDxLkbwrWtPnn9K5Vq18GPGg8hvsO2d5Qc4qHH38JrcZp3OPnNFpex9BX7n/R
wve/Xje7lCm/UOh0xzg9mlCYMmVP6LB+tjbhU5drajpRi6JLumLTyGslVS+f4k65
6frs7L1MLAoij2D5PNMKiKH5bRSrWAUAHHo/5K/+17ydm0kFjyblvKPLlQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMlf1t+xA47jWM1K/UXpE+NAxLxuMB8GA1UdIwQY
MBaAFKvcY5o2etr5szgtCb2gXuVFQzFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTl4am1qWjYydm16T0MwSnZhQmU1VVZETVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zMzI1NDgtOTlhMS00ZmJhLWIyNDkt
MjhkNWQwMGRjMGNiLzEveVZfVzM3RURqdU5ZelVyOVJla1Q0MERFdkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8zMzI1NDgtOTlhMS00ZmJhLWIyNDktMjhkNWQwMGRjMGNi
LzEvcTl4am1qWjYydm16T0MwSnZhQmU1VVZETVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQABSrLAwQA
wgVWMA4EAgACMAgDBgIqEhhAADANBgkqhkiG9w0BAQsFAAOCAQEAYtWtgkTOOHaN
48/YXpABBgDzCKFTbMC7Giyl9hVSInu8z0EWP8vgLAfgszFfIj4UaErr6+wJqxuJ
woFH15fbymvEIv5WMbQ6x9bcC/eCNhKnOzT43iqZc8+2a8lyg0Ae6RcejuAngLDE
OD3AfFP/l76+y/AZ0CBPiXrEgSiYzY1GzDQ9WSYi3Pjc0WuCJTz+hPC0cUrbd6rm
ET0cZLItiAFZqNe3qoXSMufYAT/wBlbDMBCDkeuHErx8T4h97ZCSuzqIU9vbSg/L
0V49Inw5Zi9+TNqUUHggYXSvR9ssn57lEZ5Y7SbSgthAe3UBygKiAST305nOgVzR
zqyLUspawQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:31 2025 by rpki-client