Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/yUpXahBXSvj0oXLX1YThiNKDuEU.roa
File: yUpXahBXSvj0oXLX1YThiNKDuEU.roa (raw, json)
Hash identifier: IiL6MGxhkPkNRuqQhVmWu1/nVmXZ76p88ylAIMM7+fc=
Subject key identifier: C9:4A:57:6A:10:57:4A:F8:F4:A1:72:D7:D5:84:E1:88:D2:83:B8:45
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018D3724C041D511F4024D84B6914DEB063E
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/yUpXahBXSvj0oXLX1YThiNKDuEU.roa
Signing time: Tue 23 Jan 2024 16:26:11 +0000
ROA not before: Tue 23 Jan 2024 16:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210281
IP address blocks: 217.196.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:24:c0:41:d5:11:f4:02:4d:84:b6:91:4d:eb:06:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 23 16:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c94a576a10574af8f4a172d7d584e188d283b845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5f:ef:c6:27:2d:95:c7:e6:03:28:9d:10:4f:
0f:5d:09:97:a9:20:38:40:69:d5:4d:ea:f3:38:cb:
14:8f:59:7a:06:2c:9a:57:44:4d:35:de:8d:58:fc:
1a:60:9f:33:04:76:00:2c:84:a3:ca:94:5b:eb:4d:
9d:d4:6f:d6:d3:ee:1b:e9:90:f7:da:24:3e:40:84:
7f:66:d0:fe:dd:5c:85:b2:e7:86:a8:7d:46:4c:12:
f3:95:69:aa:39:1a:d8:61:2c:aa:db:e2:be:ae:93:
6f:8b:58:44:99:86:ce:4a:7c:d0:b4:49:63:82:60:
b2:d8:43:33:5f:f6:ab:e1:84:83:01:a5:83:6c:a9:
06:7c:32:93:7e:97:2a:e4:9c:1d:a6:45:be:45:ec:
ca:00:53:bb:bb:63:10:ca:65:c9:1a:eb:14:ad:7f:
3a:0f:90:d4:fb:87:4b:e3:cc:e0:70:5d:50:db:e6:
5e:04:6c:f3:46:84:96:0d:fa:c1:43:55:c6:6d:4b:
b4:e0:80:89:d4:08:23:5c:b7:9b:71:a4:26:db:da:
a3:4b:a1:a6:3b:f1:a8:eb:34:c6:db:0f:01:d5:da:
af:fa:90:e1:7e:42:c3:f7:4f:5b:a8:77:3d:f3:e2:
a1:15:3e:55:89:7f:f2:71:6d:91:68:d5:2f:2e:4f:
9f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4A:57:6A:10:57:4A:F8:F4:A1:72:D7:D5:84:E1:88:D2:83:B8:45
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/yUpXahBXSvj0oXLX1YThiNKDuEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.96.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:86:fe:96:2b:99:45:de:9c:43:73:b9:b7:42:a1:21:85:04:
50:a8:65:78:be:c9:0c:e9:39:1d:cf:80:00:df:61:bd:d8:5c:
39:69:7c:72:39:57:d3:91:99:c0:6b:f9:b8:50:62:5a:7d:fd:
8e:3d:14:49:5c:d7:30:90:a5:86:19:96:63:b7:ff:cc:d2:7f:
1c:6b:63:83:9d:4f:5f:89:dc:3c:93:c1:95:30:09:ca:57:85:
01:4e:57:ee:b6:70:75:27:aa:36:6c:0c:87:22:1b:bb:73:17:
18:36:3b:2a:2d:a1:6d:59:52:83:c9:d3:6c:45:a9:f3:b9:eb:
d0:7a:fa:5f:cb:71:ce:bb:79:7f:92:a2:ae:ad:b6:57:0b:45:
34:a4:91:a6:d1:7b:66:79:40:81:31:b1:09:2a:ba:29:57:e3:
7a:89:a2:51:03:db:47:2e:75:1b:5b:11:77:b7:21:ed:6d:43:
71:94:ac:f1:57:3e:84:27:56:b0:d6:e8:2d:28:fe:6d:e3:30:
d9:83:79:3f:d8:0c:89:8e:44:c8:02:81:8d:07:53:ff:c5:13:
e7:2f:b5:1f:6c:ba:a6:2c:46:ca:1f:22:6a:4d:97:e3:87:16:
cb:ac:69:0c:e5:2d:e0:40:76:b1:ba:e2:03:63:2f:08:ce:d8:
ad:f0:45:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY03JMBB1RH0Ak2EtpFN6wY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwMTIzMTYyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRhNTc2YTEwNTc0YWY4ZjRhMTcyZDdkNTg0ZTE4OGQyODNiODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1/vxictlcfmAyidEE8PXQmXqSA4
QGnVTerzOMsUj1l6BiyaV0RNNd6NWPwaYJ8zBHYALISjypRb602d1G/W0+4b6ZD3
2iQ+QIR/ZtD+3VyFsueGqH1GTBLzlWmqORrYYSyq2+K+rpNvi1hEmYbOSnzQtElj
gmCy2EMzX/ar4YSDAaWDbKkGfDKTfpcq5JwdpkW+RezKAFO7u2MQymXJGusUrX86
D5DU+4dL48zgcF1Q2+ZeBGzzRoSWDfrBQ1XGbUu04ICJ1AgjXLebcaQm29qjS6Gm
O/Go6zTG2w8B1dqv+pDhfkLD909bqHc98+KhFT5ViX/ycW2RaNUvLk+fsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlKV2oQV0r49KFy19WE4YjSg7hFMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEveVVwWGFoQlhTdmowb1hMWDFZVGhpTktEdUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cRgMA0G
CSqGSIb3DQEBCwUAA4IBAQCchv6WK5lF3pxDc7m3QqEhhQRQqGV4vskM6Tkdz4AA
32G92Fw5aXxyOVfTkZnAa/m4UGJaff2OPRRJXNcwkKWGGZZjt//M0n8ca2ODnU9f
idw8k8GVMAnKV4UBTlfutnB1J6o2bAyHIhu7cxcYNjsqLaFtWVKDydNsRanzuevQ
evpfy3HOu3l/kqKurbZXC0U0pJGm0XtmeUCBMbEJKropV+N6iaJRA9tHLnUbWxF3
tyHtbUNxlKzxVz6EJ1aw1ugtKP5t4zDZg3k/2AyJjkTIAoGNB1P/xRPnL7UfbLqm
LEbKHyJqTZfjhxbLrGkM5S3gQHaxuuIDYy8Iztit8EWQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:23 2025 by rpki-client