Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/YVr0AF2c3KiDV-SjuPftS3CnSqY.roa
File: YVr0AF2c3KiDV-SjuPftS3CnSqY.roa (raw, json)
Hash identifier: ArqLxgm2U8vUhD9/kr3eJUcwEOkYGBgAWgDslpkJKrw=
Subject key identifier: 61:5A:F4:00:5D:9C:DC:A8:83:57:E4:A3:B8:F7:ED:4B:70:A7:4A:A6
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0194282393B948112AF96522E0CE207C3A58
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/YVr0AF2c3KiDV-SjuPftS3CnSqY.roa
Signing time: Thu 02 Jan 2025 17:50:07 +0000
ROA not before: Thu 02 Jan 2025 17:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62097
IP address blocks: 194.45.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:93:b9:48:11:2a:f9:65:22:e0:ce:20:7c:3a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 17:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=615af4005d9cdca88357e4a3b8f7ed4b70a74aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:02:17:8c:8e:e2:e5:e3:ad:3e:86:0e:70:14:
28:9a:c4:c8:e7:1e:da:df:1c:5a:46:d2:4a:96:bc:
a1:7f:28:40:0a:e6:29:0b:36:fc:11:34:77:35:0c:
c4:af:c3:ac:c9:55:b2:fd:f9:e2:ba:90:02:33:04:
4a:50:4d:44:8c:be:66:2d:20:ce:e9:17:57:1e:90:
43:dc:97:b2:33:0a:99:08:fa:2c:7c:ef:4c:73:6e:
b2:23:c8:33:fc:0a:57:ab:11:05:9c:32:38:8c:52:
1d:37:53:ef:56:6c:7b:d2:93:71:f5:eb:1d:d9:2b:
ae:53:bb:2d:68:1b:30:0e:7f:59:f2:d7:91:73:f3:
c6:b3:31:52:23:76:1a:bd:b8:6f:4c:5d:e6:58:86:
1a:72:37:ae:0b:43:ae:60:dc:f8:51:a6:ec:64:13:
76:90:cb:a4:b2:4d:b5:fa:56:09:ef:ec:3d:fb:f8:
36:de:02:12:15:81:2f:8d:3d:8f:7f:f1:ec:fb:74:
09:f3:bd:ff:2b:65:37:e7:7d:b5:f3:03:36:2f:19:
ad:74:d1:bb:4f:53:5d:5e:b2:9f:f6:d1:dd:8a:d8:
60:04:47:e9:6b:d5:77:4e:68:d5:21:16:df:ac:93:
2c:47:6a:eb:d8:17:b6:2f:31:6a:18:7c:43:31:ac:
aa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5A:F4:00:5D:9C:DC:A8:83:57:E4:A3:B8:F7:ED:4B:70:A7:4A:A6
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/YVr0AF2c3KiDV-SjuPftS3CnSqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.166.0/24
Signature Algorithm: sha256WithRSAEncryption
71:65:a8:c4:a6:f5:84:64:2d:8b:a0:c6:3a:1d:f4:39:02:a4:
8b:5a:6a:68:b8:cf:59:ae:2b:fd:1d:01:82:e3:46:cd:9c:14:
d1:92:50:d2:85:6d:af:25:85:33:e0:0c:9d:d7:04:dc:2b:f2:
69:d1:0e:e3:bc:a6:fb:56:bf:20:f9:18:74:07:cd:2b:07:b0:
b2:a9:32:8c:24:0c:a8:28:3d:9a:89:7b:31:91:d0:b8:04:52:
d3:73:18:1d:28:1e:72:f4:a0:eb:7d:05:ea:ae:66:d7:2e:d6:
54:51:d2:05:4b:d1:40:54:1b:b4:6a:fa:5a:60:49:20:d3:89:
6a:ec:57:3c:9a:3e:c4:c7:c2:55:da:b4:a9:19:e2:28:78:54:
89:19:9d:f4:7b:0d:48:35:fe:18:38:e7:84:e7:49:58:8e:b2:
a2:03:27:d7:d2:47:d6:a3:92:7e:ba:4f:fb:7e:cd:21:e8:0b:
de:aa:00:15:29:30:ba:eb:37:37:62:af:49:ad:05:d4:a1:86:
39:38:bf:20:1b:ac:b3:27:73:da:61:c2:91:8e:08:66:ab:02:
8a:6d:d6:16:17:a2:71:f1:3a:5f:f6:dc:cb:67:f4:3b:fc:b7:
02:1c:ed:21:89:a3:59:8e:56:b6:96:11:d2:31:07:c8:a0:02:
3f:17:aa:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI5O5SBEq+WUi4M4gfDpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwMTAyMTc1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVhZjQwMDVkOWNkY2E4ODM1N2U0YTNiOGY3ZWQ0YjcwYTc0YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIXjI7i5eOtPoYOcBQomsTI5x7a
3xxaRtJKlryhfyhACuYpCzb8ETR3NQzEr8OsyVWy/fniupACMwRKUE1EjL5mLSDO
6RdXHpBD3JeyMwqZCPosfO9Mc26yI8gz/ApXqxEFnDI4jFIdN1PvVmx70pNx9esd
2SuuU7staBswDn9Z8teRc/PGszFSI3YavbhvTF3mWIYacjeuC0OuYNz4UabsZBN2
kMuksk21+lYJ7+w9+/g23gISFYEvjT2Pf/Hs+3QJ873/K2U353218wM2LxmtdNG7
T1NdXrKf9tHdithgBEfpa9V3TmjVIRbfrJMsR2rr2Be2LzFqGHxDMayqPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGFa9ABdnNyog1fko7j37Utwp0qmMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvWVZyMEFGMmMzS2lEVi1TanVQZnRTM0NuU3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwi2mMA0G
CSqGSIb3DQEBCwUAA4IBAQBxZajEpvWEZC2LoMY6HfQ5AqSLWmpouM9Zriv9HQGC
40bNnBTRklDShW2vJYUz4Ayd1wTcK/Jp0Q7jvKb7Vr8g+Rh0B80rB7CyqTKMJAyo
KD2aiXsxkdC4BFLTcxgdKB5y9KDrfQXqrmbXLtZUUdIFS9FAVBu0avpaYEkg04lq
7Fc8mj7Ex8JV2rSpGeIoeFSJGZ30ew1INf4YOOeE50lYjrKiAyfX0kfWo5J+uk/7
fs0h6AveqgAVKTC66zc3Yq9JrQXUoYY5OL8gG6yzJ3PaYcKRjghmqwKKbdYWF6Jx
8Tpf9tzLZ/Q7/LcCHO0hiaNZjla2lhHSMQfIoAI/F6rs
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:14:53 2025 by rpki-client