Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YbrzM5MTIQE2s6h9zwnv71mX8jg.roa
File: YbrzM5MTIQE2s6h9zwnv71mX8jg.roa (raw, json)
Hash identifier: 52Av+YAhoc60rxeyAdvryPflN+1WkSzzHWv5YZuUaWk=
Subject key identifier: 61:BA:F3:33:93:13:21:01:36:B3:A8:7D:CF:09:EF:EF:59:97:F2:38
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747DE12F1E0045C4440DFB40D3647B4
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YbrzM5MTIQE2s6h9zwnv71mX8jg.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 212.5.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:de:12:f1:e0:04:5c:44:40:df:b4:0d:36:47:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61baf3339313210136b3a87dcf09efef5997f238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:d8:e0:84:4f:2c:56:68:92:18:5d:05:3e:
f2:a8:dc:f9:37:ba:a4:5d:1e:ed:61:39:4f:6c:4b:
44:5c:3a:d9:af:b5:64:76:87:e0:c4:f5:04:94:7c:
b8:12:90:7b:42:14:9a:9c:bf:a1:72:26:d0:d1:4c:
11:12:05:51:c9:81:2c:63:0f:57:93:a3:8c:59:97:
1c:26:06:33:d7:7d:78:c2:2a:30:77:38:4f:26:7d:
b1:25:8e:c5:85:59:d9:77:26:01:00:f6:36:05:f7:
92:22:14:57:30:7f:0f:b2:7c:9d:7e:1c:68:79:de:
a5:0a:8e:d9:fb:3f:92:69:1b:fd:90:a8:fe:aa:d2:
34:72:1e:31:31:08:55:4b:6f:90:7a:71:06:c9:2b:
f4:22:4e:14:82:83:b2:66:61:b8:05:c3:75:07:a4:
6e:cc:9e:c3:fa:52:5b:8f:9f:ea:56:d6:d2:89:24:
65:6b:85:a8:64:cb:68:01:53:61:e1:09:01:f6:b1:
2d:5c:9c:18:ed:c8:e1:d1:28:34:0d:8a:ee:f5:9b:
cf:e0:2b:97:cc:e4:16:f0:c1:56:1a:f6:88:f4:59:
2d:4c:88:83:49:b1:e4:2f:1b:99:18:3f:2f:8d:0a:
d5:f8:1d:c3:4c:11:7c:15:6d:65:6a:29:17:6a:78:
51:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BA:F3:33:93:13:21:01:36:B3:A8:7D:CF:09:EF:EF:59:97:F2:38
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YbrzM5MTIQE2s6h9zwnv71mX8jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.5.156.0/24
Signature Algorithm: sha256WithRSAEncryption
84:92:65:a3:98:ee:f9:ed:23:8c:77:d5:83:20:3e:58:9f:8c:
de:e3:21:ac:92:19:d5:52:5f:53:c2:57:fc:60:c6:21:9a:43:
13:15:00:6b:b9:8c:b3:07:de:be:1b:1e:3a:58:7c:0f:18:f7:
c8:19:d6:14:87:19:60:e3:1d:62:fd:1f:f9:c3:b3:cc:aa:6a:
92:8a:5c:ff:c3:64:2e:ef:37:b6:cd:23:90:c8:5c:4a:3d:a0:
0e:c8:94:f9:ca:68:26:f6:21:04:5c:f5:1e:c6:7f:79:e2:a5:
2f:50:36:9a:78:61:2e:9f:40:cb:d2:6d:ab:98:00:c1:68:d1:
45:77:54:30:97:c8:dd:21:51:9b:53:9b:94:39:e0:2b:d3:7c:
b5:85:dd:12:38:09:da:be:0e:df:4a:ca:cf:3d:8d:69:f8:5f:
bb:d0:89:c0:a5:19:a7:60:29:ff:35:af:3e:82:75:41:35:09:
df:a0:c6:4b:72:63:49:73:3d:a6:cb:18:64:6e:0e:78:04:52:
d5:c8:0d:8e:e5:f4:48:89:de:93:4c:5d:88:fa:3f:90:96:d1:
9a:d3:c3:6f:94:b5:c4:49:06:2d:ac:ae:04:0b:c0:1a:78:04:
6c:c9:ba:8a:e7:fb:49:8d:91:f8:12:6f:3f:01:55:8c:41:18:
6e:d4:74:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR94S8eAEXERA37QNNke0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJhZjMzMzkzMTMyMTAxMzZiM2E4N2RjZjA5ZWZlZjU5OTdmMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT/Y4IRPLFZokhhdBT7yqNz5N7qk
XR7tYTlPbEtEXDrZr7VkdofgxPUElHy4EpB7QhSanL+hcibQ0UwREgVRyYEsYw9X
k6OMWZccJgYz1314wiowdzhPJn2xJY7FhVnZdyYBAPY2BfeSIhRXMH8Psnydfhxo
ed6lCo7Z+z+SaRv9kKj+qtI0ch4xMQhVS2+QenEGySv0Ik4UgoOyZmG4BcN1B6Ru
zJ7D+lJbj5/qVtbSiSRla4WoZMtoAVNh4QkB9rEtXJwY7cjh0Sg0DYru9ZvP4CuX
zOQW8MFWGvaI9FktTIiDSbHkLxuZGD8vjQrV+B3DTBF8FW1laikXanhR2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGG68zOTEyEBNrOofc8J7+9Zl/I4MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvWWJyek01TVRJUUUyczZoOXp3bnY3MW1YOGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AWcMA0G
CSqGSIb3DQEBCwUAA4IBAQCEkmWjmO757SOMd9WDID5Yn4ze4yGskhnVUl9Twlf8
YMYhmkMTFQBruYyzB96+Gx46WHwPGPfIGdYUhxlg4x1i/R/5w7PMqmqSilz/w2Qu
7ze2zSOQyFxKPaAOyJT5ymgm9iEEXPUexn954qUvUDaaeGEun0DL0m2rmADBaNFF
d1Qwl8jdIVGbU5uUOeAr03y1hd0SOAnavg7fSsrPPY1p+F+70InApRmnYCn/Na8+
gnVBNQnfoMZLcmNJcz2myxhkbg54BFLVyA2O5fRIid6TTF2I+j+QltGa08NvlLXE
SQYtrK4EC8AaeARsybqK5/tJjZH4Em8/AVWMQRhu1HR6
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:29:51 2025 by rpki-client