Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/y-ak3HtLWJIlpqJxzE7TK1-R2fI.roa
File: y-ak3HtLWJIlpqJxzE7TK1-R2fI.roa (raw, json)
Hash identifier: K3vhLPeDnhFTGKpZM3nMzdLoNlryMoQ53zaYLI0vqP8=
Subject key identifier: CB:E6:A4:DC:7B:4B:58:92:25:A6:A2:71:CC:4E:D3:2B:5F:91:D9:F2
Certificate issuer: /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial: 018571B0DD877720217B6BFC58BF0FB94E17
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/y-ak3HtLWJIlpqJxzE7TK1-R2fI.roa
Signing time: Mon 02 Jan 2023 08:54:54 +0000
ROA not before: Mon 02 Jan 2023 08:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.26.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:dd:87:77:20:21:7b:6b:fc:58:bf:0f:b9:4e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Validity
Not Before: Jan 2 08:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbe6a4dc7b4b589225a6a271cc4ed32b5f91d9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:23:5f:8a:c9:39:cf:fc:82:f1:86:a7:15:13:
2d:b1:b5:aa:46:57:22:a6:bb:03:fb:96:63:32:b8:
40:63:0d:4b:72:4e:d7:14:9e:19:54:09:07:5a:9a:
37:79:bd:d7:6d:37:9e:54:dc:f7:35:60:02:24:4b:
e2:39:59:b8:3f:bb:26:cf:f1:08:81:b8:bb:25:53:
fb:1f:2a:84:2b:2b:2a:dc:93:a4:53:ba:bc:c4:fe:
04:ab:27:14:c2:4d:62:f2:b7:7c:61:0d:83:e0:cf:
ad:2e:f9:d0:77:bf:fe:26:18:63:fa:52:d1:7f:2e:
52:30:ab:ed:a6:ec:cf:0e:23:7f:04:20:89:be:ea:
c9:c3:6a:68:60:ff:33:07:d2:3e:84:6d:3d:16:e6:
30:ac:6e:7a:09:26:3b:2c:a2:ed:63:73:13:3e:c2:
a0:8c:b2:59:4a:b9:f5:42:3b:bf:2b:25:b1:ec:1f:
6a:95:0c:cd:bd:07:59:7c:de:0c:72:9f:cf:80:19:
c3:53:38:f8:29:6b:d9:a3:42:87:d5:fe:87:7a:b6:
6a:2f:0a:1c:39:59:df:f9:f3:04:af:08:30:e1:23:
5e:d3:4e:6c:35:a4:7e:70:2e:f1:12:c6:b5:66:57:
db:d3:4b:47:b8:9d:81:60:cd:5e:69:dd:12:13:73:
34:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E6:A4:DC:7B:4B:58:92:25:A6:A2:71:CC:4E:D3:2B:5F:91:D9:F2
X509v3 Authority Key Identifier:
keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/y-ak3HtLWJIlpqJxzE7TK1-R2fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
15:fe:20:d2:41:e7:13:35:e5:11:57:ab:76:be:d5:16:a1:23:
23:73:60:f7:14:b6:32:68:7a:b3:ab:5b:5f:4d:b5:38:ea:06:
50:14:fe:3a:4a:fe:6f:d9:a0:64:7d:dc:47:4b:c0:35:dc:d4:
02:ea:6c:ca:7c:5e:c6:1e:dd:4e:e0:a1:c1:0e:47:7b:1e:f2:
42:7e:55:31:65:1e:8b:f3:d9:6d:2f:2f:49:06:44:6b:0f:1f:
44:ca:d7:1d:70:35:e7:32:b7:4a:dd:bd:3f:23:b8:cd:64:df:
25:13:88:e6:37:22:73:fb:db:59:38:a2:93:df:96:4c:03:50:
da:73:18:f0:71:1e:2f:6e:b6:1f:d0:8f:e4:b3:1d:53:25:96:
6f:a4:8e:17:8e:94:c2:aa:ab:0b:6c:21:28:a1:8e:82:f3:e6:
92:29:28:c0:80:85:08:c8:7c:74:7b:f5:14:f1:0c:56:f5:a9:
c8:7c:ff:60:0f:02:83:af:55:e5:28:ef:f0:78:f4:c6:b8:69:
cd:8c:0b:be:86:e6:42:47:b1:98:b2:1f:a9:89:ba:ab:37:92:
83:f1:48:f0:94:80:7e:07:d7:f1:5c:ea:96:0b:49:74:21:7f:
7e:49:43:88:76:de:6c:ea:ec:4a:7b:84:00:b6:53:10:f5:8c:
34:9d:87:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsN2HdyAhe2v8WL8PuU4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWZlYTNhNzJmYWYwZGY0MzIyY2RhYWI5YTEzNmQ3OWRl
OGEzZWYwHhcNMjMwMTAyMDg1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmU2YTRkYzdiNGI1ODkyMjVhNmEyNzFjYzRlZDMyYjVmOTFkOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiNfisk5z/yC8YanFRMtsbWqRlci
prsD+5ZjMrhAYw1Lck7XFJ4ZVAkHWpo3eb3XbTeeVNz3NWACJEviOVm4P7smz/EI
gbi7JVP7HyqEKysq3JOkU7q8xP4EqycUwk1i8rd8YQ2D4M+tLvnQd7/+Jhhj+lLR
fy5SMKvtpuzPDiN/BCCJvurJw2poYP8zB9I+hG09FuYwrG56CSY7LKLtY3MTPsKg
jLJZSrn1Qju/KyWx7B9qlQzNvQdZfN4Mcp/PgBnDUzj4KWvZo0KH1f6HerZqLwoc
OVnf+fMErwgw4SNe005sNaR+cC7xEsa1Zlfb00tHuJ2BYM1ead0SE3M0LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvmpNx7S1iSJaaiccxO0ytfkdnyMB8GA1UdIwQY
MBaAFLPv6jpy+vDfQyLNqrmhNted6KPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWIt
YmZlMjIxNTUzZjA3LzEveS1hazNIdExXSklscHFKeHpFN1RLMS1SMmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWItYmZlMjIxNTUzZjA3
LzEvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrXMA0G
CSqGSIb3DQEBCwUAA4IBAQAV/iDSQecTNeURV6t2vtUWoSMjc2D3FLYyaHqzq1tf
TbU46gZQFP46Sv5v2aBkfdxHS8A13NQC6mzKfF7GHt1O4KHBDkd7HvJCflUxZR6L
89ltLy9JBkRrDx9EytcdcDXnMrdK3b0/I7jNZN8lE4jmNyJz+9tZOKKT35ZMA1Da
cxjwcR4vbrYf0I/ksx1TJZZvpI4XjpTCqqsLbCEooY6C8+aSKSjAgIUIyHx0e/UU
8QxW9anIfP9gDwKDr1XlKO/wePTGuGnNjAu+huZCR7GYsh+pibqrN5KD8UjwlIB+
B9fxXOqWC0l0IX9+SUOIdt5s6uxKe4QAtlMQ9Yw0nYcM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:53 2025 by rpki-client