Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/yypNrrBDSWcVYxpi9irdFvhO6C0.roa
File: yypNrrBDSWcVYxpi9irdFvhO6C0.roa (raw, json)
Hash identifier: 88G9doSYfnFT7IkBV/aQ7/DZMzkPwb9335Lhz/XDc5A=
Subject key identifier: CB:2A:4D:AE:B0:43:49:67:15:63:1A:62:F6:2A:DD:16:F8:4E:E8:2D
Certificate issuer: /CN=2b3840b5d3c3525981c8616166679de920e350f5
Certificate serial: 0E71C65C
Authority key identifier: 2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/yypNrrBDSWcVYxpi9irdFvhO6C0.roa
Signing time: Sat 01 Jan 2022 02:01:05 +0000
ROA not before: Sat 01 Jan 2022 02:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21277
IP address blocks: 185.14.251.0/24 maxlen: 24
31.25.142.0/23 maxlen: 23
185.184.197.0/24 maxlen: 24
159.255.165.0/24 maxlen: 24
159.255.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 242337372 (0xe71c65c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3840b5d3c3525981c8616166679de920e350f5
Validity
Not Before: Jan 1 02:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb2a4daeb043496715631a62f62add16f84ee82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:67:a4:2c:f2:68:80:fb:0e:f9:f3:7f:5d:a5:
67:8d:6f:45:eb:5e:60:8e:a4:49:9e:4d:c7:60:c3:
49:4e:c4:2a:7b:76:66:9e:11:4a:a0:7d:28:ce:03:
19:71:cf:15:11:b4:18:99:47:4b:90:ef:a5:98:1b:
f5:22:67:40:7a:d0:02:7a:a7:16:ef:fc:30:aa:3d:
23:51:63:69:79:16:4b:db:48:43:3c:e4:b0:c2:f0:
ba:53:7e:48:ed:d2:96:e2:04:d2:86:24:58:8c:7d:
32:d5:5e:38:09:94:e0:28:46:37:52:86:d9:05:a5:
87:7c:c4:93:a4:b5:d4:a3:12:c0:3b:1c:5d:bb:55:
19:31:4b:e0:13:14:cb:cc:b5:c3:64:82:fc:b0:06:
ab:e7:a8:2a:5f:bf:e9:65:ac:54:20:84:c1:17:4a:
2b:e8:d7:56:56:1b:90:5e:44:b1:f4:a1:75:ea:df:
c6:2c:d3:3a:fd:57:c4:a0:4c:4c:e6:07:7a:8e:4b:
05:87:1c:1a:8c:bf:9b:4b:54:3b:ef:96:cc:0b:cb:
db:2e:c0:34:0d:1c:d8:4f:d1:cc:bc:aa:67:06:30:
ba:8d:0e:38:8c:52:86:e1:18:b7:7d:5f:1b:15:2c:
42:71:e2:78:c7:a6:62:b6:6f:68:4f:d2:a4:1e:ac:
40:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2A:4D:AE:B0:43:49:67:15:63:1A:62:F6:2A:DD:16:F8:4E:E8:2D
X509v3 Authority Key Identifier:
keyid:2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/yypNrrBDSWcVYxpi9irdFvhO6C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/KzhAtdPDUlmByGFhZmed6SDjUPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.142.0/23
159.255.165.0-159.255.167.255
185.14.251.0/24
185.184.197.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ff:f6:5c:8e:d9:c2:15:8b:25:f0:9f:69:6e:88:1e:1f:87:
f3:27:b0:41:e9:d9:05:4c:70:57:72:2d:e4:25:94:b6:4e:34:
36:61:a1:35:eb:60:34:46:aa:4c:66:6d:ab:97:e7:3f:b7:fb:
0e:00:37:00:22:5e:cb:d9:a2:1a:ad:58:b8:82:94:ea:2e:d8:
f7:55:33:c9:b9:86:96:11:71:64:db:63:3e:a7:48:3f:d3:ee:
01:ba:6c:4b:80:3d:bb:e4:bb:3d:02:f0:4c:a5:11:d4:43:57:
8f:55:b4:9f:3a:1e:67:bb:4b:10:36:75:6c:5f:e9:b7:04:68:
30:e0:87:92:0f:a0:b0:3d:0a:1a:9f:d4:dd:bf:68:39:05:bd:
ba:b2:f3:36:f9:07:2e:be:ef:2c:71:1e:b6:4e:94:31:61:8e:
13:5b:c8:58:d9:39:5c:9a:6a:e3:28:09:78:e5:c9:2c:22:d2:
de:31:43:af:1c:c5:b9:9e:53:cc:5a:9a:b8:a6:95:ec:88:99:
5c:3f:67:34:87:69:f7:31:92:d5:3d:8b:79:84:3d:4a:8c:53:
01:c9:a9:b3:84:9b:cb:ca:cf:13:d7:ba:19:42:c4:90:e3:96:
82:8d:2c:7a:73:44:81:e8:8c:f9:51:ef:ba:ab:f6:f4:94:fa:
58:c6:94:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEDnHGXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjM4NDBiNWQzYzM1MjU5ODFjODYxNjE2NjY3OWRlOTIwZTM1MGY1MB4XDTIyMDEw
MTAyMDEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2IyYTRkYWViMDQz
NDk2NzE1NjMxYTYyZjYyYWRkMTZmODRlZTgyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNnpCzyaID7Dvnzf12lZ41vReteYI6kSZ5Nx2DDSU7EKnt2
Zp4RSqB9KM4DGXHPFRG0GJlHS5DvpZgb9SJnQHrQAnqnFu/8MKo9I1FjaXkWS9tI
QzzksMLwulN+SO3SluIE0oYkWIx9MtVeOAmU4ChGN1KG2QWlh3zEk6S11KMSwDsc
XbtVGTFL4BMUy8y1w2SC/LAGq+eoKl+/6WWsVCCEwRdKK+jXVlYbkF5EsfShderf
xizTOv1XxKBMTOYHeo5LBYccGoy/m0tUO++WzAvL2y7ANA0c2E/RzLyqZwYwuo0O
OIxShuEYt31fGxUsQnHieMemYrZvaE/SpB6sQE8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTLKk2usENJZxVjGmL2Kt0W+E7oLTAfBgNVHSMEGDAWgBQrOEC108NSWYHI
YWFmZ53pIONQ9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t6aEF0ZFBEVWxtQnlHRmhabWVkNlNEalVQVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvMmI5NWVkLTk4ODItNDJmYS1hOWY1LWFkODBlNzU2ZDI1Ni8x
L3l5cE5yckJEU1djVll4cGk5aXJkRnZoTzZDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
MmI5NWVkLTk4ODItNDJmYS1hOWY1LWFkODBlNzU2ZDI1Ni8xL0t6aEF0ZFBEVWxt
QnlHRmhabWVkNlNEalVQVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAR8ZjjAMAwQAn/+lAwQDn/+gAwQA
uQ77AwQAubjFMA0GCSqGSIb3DQEBCwUAA4IBAQAR//ZcjtnCFYsl8J9pbogeH4fz
J7BB6dkFTHBXci3kJZS2TjQ2YaE162A0RqpMZm2rl+c/t/sOADcAIl7L2aIarVi4
gpTqLtj3VTPJuYaWEXFk22M+p0g/0+4BumxLgD275Ls9AvBMpRHUQ1ePVbSfOh5n
u0sQNnVsX+m3BGgw4IeSD6CwPQoan9Tdv2g5Bb26svM2+Qcuvu8scR62TpQxYY4T
W8hY2TlcmmrjKAl45cksItLeMUOvHMW5nlPMWpq4ppXsiJlcP2c0h2n3MZLVPYt5
hD1KjFMByamzhJvLys8T17oZQsSQ45aCjSx6c0SB6Iz5Ue+6q/b0lPpYxpQq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org