Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/YFZwU15AZ-x1k4HCRULTNXDCYwI.roa
File: YFZwU15AZ-x1k4HCRULTNXDCYwI.roa (raw, json)
Hash identifier: nbgYeUDY0wg0qfD4Aje99TItBLOcfzLY3h9MIPG9aHE=
Subject key identifier: 60:56:70:53:5E:40:67:EC:75:93:81:C2:45:42:D3:35:70:C2:63:02
Certificate issuer: /CN=9de68c02854f9dc6785912249522ab7509937e48
Certificate serial: 90BBF2
Authority key identifier: 9D:E6:8C:02:85:4F:9D:C6:78:59:12:24:95:22:AB:75:09:93:7E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neaMAoVPncZ4WRIklSKrdQmTfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/YFZwU15AZ-x1k4HCRULTNXDCYwI.roa
Signing time: Sat 01 Jan 2022 01:59:34 +0000
ROA not before: Sat 01 Jan 2022 01:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 212.23.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9485298 (0x90bbf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de68c02854f9dc6785912249522ab7509937e48
Validity
Not Before: Jan 1 01:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=605670535e4067ec759381c24542d33570c26302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ca:af:80:ce:be:4a:79:50:11:4c:cc:d9:1d:
6c:15:bc:e1:2f:f6:61:9d:53:a1:dd:12:ec:06:02:
85:a3:6f:5b:de:5f:39:ba:48:86:bc:31:69:fc:5b:
3e:b5:07:58:e6:72:41:16:1c:e3:a3:72:16:bc:7b:
02:3c:22:e1:a1:1f:49:68:f4:de:cb:29:d4:32:a1:
77:d6:77:8f:32:10:15:69:4a:23:35:ff:41:f7:bd:
42:89:11:0a:b0:26:e7:32:34:f8:1a:bc:ef:17:5f:
59:73:94:17:0a:05:8a:bf:c9:a1:db:70:39:eb:ed:
b0:2b:81:33:e1:70:dd:59:01:52:d8:ec:50:9a:ed:
28:6f:af:b5:07:ae:8b:d0:55:da:a4:4c:ae:9d:1c:
d1:d4:dc:d8:58:9b:12:58:71:42:f1:00:26:20:03:
e2:29:fd:60:8b:2c:11:28:01:4f:cf:e9:46:42:5d:
6f:6d:74:6f:03:32:27:89:92:49:e0:6c:67:3a:cf:
c7:f6:80:e4:93:51:c6:91:84:86:8a:ee:30:87:9f:
da:81:48:b1:e2:2c:a8:38:e7:79:4f:0f:aa:6c:ec:
ad:27:02:58:65:34:cc:44:46:0e:aa:72:89:d5:18:
0f:29:5c:58:a1:35:9c:10:d2:f6:08:82:9b:53:62:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:56:70:53:5E:40:67:EC:75:93:81:C2:45:42:D3:35:70:C2:63:02
X509v3 Authority Key Identifier:
keyid:9D:E6:8C:02:85:4F:9D:C6:78:59:12:24:95:22:AB:75:09:93:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neaMAoVPncZ4WRIklSKrdQmTfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/YFZwU15AZ-x1k4HCRULTNXDCYwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/neaMAoVPncZ4WRIklSKrdQmTfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.203.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:fa:23:86:7d:63:a9:3b:c1:02:6a:3c:23:12:0b:b7:22:bc:
bc:77:9f:25:8e:9c:be:b2:3e:b7:c0:a7:17:06:11:a7:b8:cf:
30:84:64:70:dd:9c:93:60:de:c8:3c:01:7c:30:8a:e9:f7:31:
dc:12:c9:d5:18:3c:30:d8:d0:63:00:ad:3b:1b:fb:d4:4b:e6:
8b:9e:ca:98:40:b5:7f:1c:89:c0:f6:7e:f8:95:1b:9f:48:17:
62:9b:74:e0:95:4e:9d:fd:11:8f:89:d0:78:4f:aa:03:e1:c3:
99:8d:e1:02:ce:11:17:01:51:24:98:26:46:58:35:92:31:12:
13:b4:2e:7e:66:e9:fb:94:e9:06:92:05:9d:a5:a8:d4:31:98:
f5:00:f3:62:75:b0:91:ac:30:7f:11:51:d8:07:fa:00:e2:0d:
31:09:da:c1:52:c5:1e:09:83:65:8f:7a:52:b3:2f:60:4b:c2:
f4:1d:e2:d9:66:97:85:29:5b:75:ac:d9:db:b5:4c:7d:3b:11:
2b:a6:e3:57:5a:80:75:08:9e:d3:5a:9d:67:cf:ce:8a:22:93:
66:25:10:e1:d7:77:1b:ae:ee:19:e6:1a:f0:d6:a6:7f:68:74:
5e:5c:12:d8:88:7e:86:a1:9e:4c:c5:fb:ea:96:36:e7:10:73:
56:6b:c6:2e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJC78jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZGU2OGMwMjg1NGY5ZGM2Nzg1OTEyMjQ5NTIyYWI3NTA5OTM3ZTQ4MB4XDTIyMDEw
MTAxNTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA1NjcwNTM1ZTQw
NjdlYzc1OTM4MWMyNDU0MmQzMzU3MGMyNjMwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnKr4DOvkp5UBFMzNkdbBW84S/2YZ1Tod0S7AYChaNvW95f
ObpIhrwxafxbPrUHWOZyQRYc46NyFrx7Ajwi4aEfSWj03ssp1DKhd9Z3jzIQFWlK
IzX/Qfe9QokRCrAm5zI0+Bq87xdfWXOUFwoFir/JodtwOevtsCuBM+Fw3VkBUtjs
UJrtKG+vtQeui9BV2qRMrp0c0dTc2FibElhxQvEAJiAD4in9YIssESgBT8/pRkJd
b210bwMyJ4mSSeBsZzrPx/aA5JNRxpGEhoruMIef2oFIseIsqDjneU8PqmzsrScC
WGU0zERGDqpyidUYDylcWKE1nBDS9giCm1Niw0ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgVnBTXkBn7HWTgcJFQtM1cMJjAjAfBgNVHSMEGDAWgBSd5owChU+dxnhZ
EiSVIqt1CZN+SDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25lYU1Bb1ZQbmNaNFdSSWtsU0tyZFFtVGZrZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNWJlMGJkLTY5NWItNDUzYy05YmY0LWE2ZWNiODk5MThiNC8x
L1lGWndVMTVBWi14MWs0SENSVUxUTlhEQ1l3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NWJlMGJkLTY5NWItNDUzYy05YmY0LWE2ZWNiODk5MThiNC8xL25lYU1Bb1ZQbmNa
NFdSSWtsU0tyZFFtVGZrZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQXyzANBgkqhkiG9w0BAQsFAAOC
AQEApvojhn1jqTvBAmo8IxILtyK8vHefJY6cvrI+t8CnFwYRp7jPMIRkcN2ck2De
yDwBfDCK6fcx3BLJ1Rg8MNjQYwCtOxv71Evmi57KmEC1fxyJwPZ++JUbn0gXYpt0
4JVOnf0Rj4nQeE+qA+HDmY3hAs4RFwFRJJgmRlg1kjESE7Qufmbp+5TpBpIFnaWo
1DGY9QDzYnWwkawwfxFR2Af6AOINMQnawVLFHgmDZY96UrMvYEvC9B3i2WaXhSlb
dazZ27VMfTsRK6bjV1qAdQie01qdZ8/OiiKTZiUQ4dd3G67uGeYa8Namf2h0XlwS
2Ih+hqGeTMX76pY25xBzVmvGLg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:16 2025 by rpki-client