Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/yL72bokPSVTPzGvkrOtOH4aMHpU.roa
File: yL72bokPSVTPzGvkrOtOH4aMHpU.roa (raw, json)
Hash identifier: nD2KnZX8dFIaWE90LqoglyqwzmsDqlN8VAj0H7T0qVE=
Subject key identifier: C8:BE:F6:6E:89:0F:49:54:CF:CC:6B:E4:AC:EB:4E:1F:86:8C:1E:95
Certificate issuer: /CN=547841eeff20c78b33d411dae51a692adb892e31
Certificate serial: 018571FA14E97C7A1AFF76D566CF1908145C
Authority key identifier: 54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/yL72bokPSVTPzGvkrOtOH4aMHpU.roa
Signing time: Mon 02 Jan 2023 10:14:52 +0000
ROA not before: Mon 02 Jan 2023 10:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199292
IP address blocks: 212.225.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:14:e9:7c:7a:1a:ff:76:d5:66:cf:19:08:14:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547841eeff20c78b33d411dae51a692adb892e31
Validity
Not Before: Jan 2 10:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8bef66e890f4954cfcc6be4aceb4e1f868c1e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:09:d6:db:01:fb:4f:71:69:c9:35:e5:d0:
43:ff:6d:89:17:a5:7f:0a:ab:67:b2:69:37:64:93:
fa:7b:d8:e8:5b:a5:b8:71:3f:24:6b:cc:f6:87:4b:
da:0e:2e:e9:9d:1f:49:14:86:be:02:21:5e:33:27:
e1:27:67:8f:6f:35:30:8e:4a:ee:f3:d2:31:20:ff:
ae:d6:44:67:70:86:d2:10:83:bb:8a:1c:b7:42:02:
52:84:64:0d:fe:a1:df:9e:60:22:03:7c:e8:2f:68:
ab:e0:a4:ef:b6:60:04:56:33:33:6e:cf:1c:8f:3b:
cd:10:4c:20:07:59:48:62:71:16:6c:43:bd:04:09:
09:d3:f6:7c:7b:8c:45:90:d9:d1:2a:e2:50:3a:4f:
1b:ac:f5:fa:ac:20:47:ff:69:de:f8:d3:94:c9:30:
e8:b9:c7:ab:d4:cd:09:19:ed:29:3b:07:55:dd:84:
1a:8b:64:59:da:32:45:d7:a4:1b:9d:6d:b6:6a:8b:
2c:bd:97:58:a6:99:f4:a9:f3:09:8a:68:01:63:93:
ba:12:18:7c:63:bf:7a:41:22:a8:bb:4a:4f:3b:62:
37:56:b1:d1:b0:a5:c6:2a:00:ac:61:77:9d:57:2d:
ac:01:18:95:14:02:f8:a0:a7:ba:9e:4d:33:a4:78:
bb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BE:F6:6E:89:0F:49:54:CF:CC:6B:E4:AC:EB:4E:1F:86:8C:1E:95
X509v3 Authority Key Identifier:
keyid:54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/yL72bokPSVTPzGvkrOtOH4aMHpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.225.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:0a:53:6a:91:3a:5d:9a:df:7f:60:1e:8b:70:93:de:53:03:
a0:48:bc:99:41:c7:32:ab:b3:d9:f3:43:f9:b1:f2:31:ba:1a:
91:ef:46:a4:4b:51:01:05:7e:84:58:c4:35:7f:df:7a:70:85:
12:b2:67:7c:39:6f:8f:8d:a0:3c:21:b7:a2:f0:ee:f8:e5:b7:
b4:e3:cd:dc:2d:31:01:6d:66:e3:e2:b0:b4:ef:82:4e:c5:e8:
46:a1:51:c3:09:0b:71:ab:40:29:19:a6:0a:61:f7:7e:51:1c:
3f:6f:7b:33:1c:e9:3a:ea:1c:a1:d6:40:1b:53:91:ad:e5:7e:
c9:61:e8:22:5f:24:b4:11:06:10:e4:18:60:d6:b9:40:d7:c3:
ff:19:a0:e7:0c:ad:3d:dd:53:71:80:9f:a8:84:92:6b:ac:8a:
6e:81:01:7e:58:4e:b0:d2:99:af:d1:05:52:ff:d8:cc:62:aa:
68:3c:46:a9:37:4c:2f:1d:f7:a0:14:a7:e8:17:4f:51:3c:12:
7c:95:e1:84:3f:85:ab:a2:c8:6b:ac:46:b4:6e:0f:1a:1a:d2:
52:e0:54:47:c1:25:85:81:81:58:ba:39:97:88:74:9a:20:89:
12:6d:d5:b7:70:24:04:e0:66:89:4a:9d:fc:70:f0:59:c7:9a:
a3:b0:04:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+hTpfHoa/3bVZs8ZCBRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzg0MWVlZmYyMGM3OGIzM2Q0MTFkYWU1MWE2OTJhZGI4
OTJlMzEwHhcNMjMwMTAyMTAxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJlZjY2ZTg5MGY0OTU0Y2ZjYzZiZTRhY2ViNGUxZjg2OGMxZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEEJ1tsB+09xack15dBD/22JF6V/
Cqtnsmk3ZJP6e9joW6W4cT8ka8z2h0vaDi7pnR9JFIa+AiFeMyfhJ2ePbzUwjkru
89IxIP+u1kRncIbSEIO7ihy3QgJShGQN/qHfnmAiA3zoL2ir4KTvtmAEVjMzbs8c
jzvNEEwgB1lIYnEWbEO9BAkJ0/Z8e4xFkNnRKuJQOk8brPX6rCBH/2ne+NOUyTDo
ucer1M0JGe0pOwdV3YQai2RZ2jJF16QbnW22aossvZdYppn0qfMJimgBY5O6Ehh8
Y796QSKou0pPO2I3VrHRsKXGKgCsYXedVy2sARiVFAL4oKe6nk0zpHi7gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMi+9m6JD0lUz8xr5KzrTh+GjB6VMB8GA1UdIwQY
MBaAFFR4Qe7/IMeLM9QR2uUaaSrbiS4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmIt
MzY2YmExNzAwZmUwLzEveUw3MmJva1BTVlRQekd2a3JPdE9INGFNSHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmItMzY2YmExNzAwZmUw
LzEvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1OH9MA0G
CSqGSIb3DQEBCwUAA4IBAQBNClNqkTpdmt9/YB6LcJPeUwOgSLyZQccyq7PZ80P5
sfIxuhqR70akS1EBBX6EWMQ1f996cIUSsmd8OW+PjaA8Ibei8O745be0483cLTEB
bWbj4rC074JOxehGoVHDCQtxq0ApGaYKYfd+URw/b3szHOk66hyh1kAbU5Gt5X7J
YegiXyS0EQYQ5Bhg1rlA18P/GaDnDK093VNxgJ+ohJJrrIpugQF+WE6w0pmv0QVS
/9jMYqpoPEapN0wvHfegFKfoF09RPBJ8leGEP4WroshrrEa0bg8aGtJS4FRHwSWF
gYFYujmXiHSaIIkSbdW3cCQE4GaJSp38cPBZx5qjsARF
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:27:42 2025 by rpki-client