Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/d8e5aa-b119-459e-93f6-a146d6047337/1/yxRSGJfki1mfuRlitSEOgfKdMqI.roa
File: yxRSGJfki1mfuRlitSEOgfKdMqI.roa (raw, json)
Hash identifier: T4WCtISFCRzOuyE0OUo1rNu8VMdZMXWp/avFZYHhGtc=
Subject key identifier: CB:14:52:18:97:E4:8B:59:9F:B9:19:62:B5:21:0E:81:F2:9D:32:A2
Certificate issuer: /CN=fdbc9e910316be2f0433aa95392cd6739dc26b86
Certificate serial: 019425FC55ED8F6A9AB8B9BF0DC03F7A074D
Authority key identifier: FD:BC:9E:91:03:16:BE:2F:04:33:AA:95:39:2C:D6:73:9D:C2:6B:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_byekQMWvi8EM6qVOSzWc53Ca4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/d8e5aa-b119-459e-93f6-a146d6047337/1/yxRSGJfki1mfuRlitSEOgfKdMqI.roa
Signing time: Thu 02 Jan 2025 07:48:01 +0000
ROA not before: Thu 02 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.212.124.0/22 maxlen: 22
185.212.124.0/23 maxlen: 23
185.212.126.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:55:ed:8f:6a:9a:b8:b9:bf:0d:c0:3f:7a:07:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdbc9e910316be2f0433aa95392cd6739dc26b86
Validity
Not Before: Jan 2 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb14521897e48b599fb91962b5210e81f29d32a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4e:ad:01:03:e0:99:39:94:5a:ea:87:e5:a1:
3c:0a:f8:ae:49:10:00:8a:73:d6:8f:06:84:91:3d:
4f:19:66:88:a5:cd:ee:17:19:f1:70:4a:d8:89:20:
0a:23:41:4a:5b:c8:d4:61:23:be:67:e9:11:9e:39:
ff:a3:27:79:cd:ce:86:fa:8a:c8:61:b7:a4:cf:fc:
7c:9f:34:b0:33:dd:ec:b3:70:e9:c4:9f:4e:af:e9:
d4:a2:a3:c2:20:4b:c3:56:c4:70:12:d3:e0:57:49:
85:56:1c:e3:df:bc:02:9f:4a:bc:e8:a7:95:e0:e2:
d5:cf:a1:87:4a:09:98:9e:90:91:9a:c6:77:e9:f5:
96:1b:fd:4b:0b:49:c1:78:01:42:e8:c8:ad:b5:2e:
2a:9a:2e:6e:f1:8a:98:72:01:1c:f4:ce:55:5a:a5:
70:5d:aa:a0:9b:a6:c0:7a:bb:23:ee:b0:bf:d6:68:
0f:de:31:63:ca:40:99:89:1f:bd:97:1f:b4:b2:60:
05:f6:79:88:81:e9:b4:fc:06:29:9e:d0:35:89:cd:
89:7c:a5:83:fc:6a:b5:39:c4:4e:e1:1b:fb:6e:f7:
00:72:dc:29:6f:f6:d9:53:ea:78:1e:58:60:1f:23:
63:52:bc:dc:b0:fb:8a:86:91:30:c8:53:e0:f2:3f:
63:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:14:52:18:97:E4:8B:59:9F:B9:19:62:B5:21:0E:81:F2:9D:32:A2
X509v3 Authority Key Identifier:
keyid:FD:BC:9E:91:03:16:BE:2F:04:33:AA:95:39:2C:D6:73:9D:C2:6B:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_byekQMWvi8EM6qVOSzWc53Ca4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d8e5aa-b119-459e-93f6-a146d6047337/1/yxRSGJfki1mfuRlitSEOgfKdMqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d8e5aa-b119-459e-93f6-a146d6047337/1/_byekQMWvi8EM6qVOSzWc53Ca4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.124.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:b8:22:76:9d:96:f0:03:ef:97:68:79:28:80:93:66:16:24:
28:35:2a:c8:32:23:ee:b0:64:c2:e2:a9:03:cc:2a:d0:3b:eb:
67:85:8d:b9:5a:39:4f:19:29:bc:0a:3e:36:a0:47:e6:85:b6:
21:b4:d1:ff:0c:72:97:a4:14:09:ad:9a:94:9b:c2:73:91:96:
49:64:7b:c3:81:0a:e8:e5:69:b0:30:66:f5:3b:48:7b:3c:53:
57:11:ec:9a:95:38:2d:b6:55:8f:cd:eb:7e:16:fc:5b:74:db:
38:98:a9:38:8b:f7:98:85:9b:49:45:13:a4:bd:e4:cf:67:2c:
cb:1c:c2:2d:a9:03:81:c4:b0:a8:ac:7e:e8:14:07:c9:e8:3b:
c0:92:f3:ad:a5:cb:bb:5e:f1:f5:d2:38:81:a3:c2:40:c7:05:
ac:ff:c3:41:4f:e6:34:e8:c1:2e:26:2d:1b:cf:87:91:4a:e6:
2d:53:c0:ce:d2:21:f7:3d:ca:af:53:55:7a:bf:60:2b:44:2e:
95:7f:a8:6e:49:ec:52:f7:be:73:f5:db:51:d8:20:d3:5a:96:
e0:05:11:d4:d6:a2:0f:56:ab:61:47:45:e5:a0:ca:3b:28:09:
b8:b7:ba:2f:fa:0a:1a:68:62:47:0f:b3:31:c2:73:d4:35:2e:
3c:13:ba:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/FXtj2qauLm/DcA/egdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYmM5ZTkxMDMxNmJlMmYwNDMzYWE5NTM5MmNkNjczOWRj
MjZiODYwHhcNMjUwMTAyMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE0NTIxODk3ZTQ4YjU5OWZiOTE5NjJiNTIxMGU4MWYyOWQzMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE6tAQPgmTmUWuqH5aE8CviuSRAA
inPWjwaEkT1PGWaIpc3uFxnxcErYiSAKI0FKW8jUYSO+Z+kRnjn/oyd5zc6G+orI
Ybekz/x8nzSwM93ss3DpxJ9Or+nUoqPCIEvDVsRwEtPgV0mFVhzj37wCn0q86KeV
4OLVz6GHSgmYnpCRmsZ36fWWG/1LC0nBeAFC6MittS4qmi5u8YqYcgEc9M5VWqVw
Xaqgm6bAersj7rC/1mgP3jFjykCZiR+9lx+0smAF9nmIgem0/AYpntA1ic2JfKWD
/Gq1OcRO4Rv7bvcActwpb/bZU+p4HlhgHyNjUrzcsPuKhpEwyFPg8j9jUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsUUhiX5ItZn7kZYrUhDoHynTKiMB8GA1UdIwQY
MBaAFP28npEDFr4vBDOqlTks1nOdwmuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2J5ZWtRTVd2aThFTTZxVk9TeldjNTNDYTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9kOGU1YWEtYjExOS00NTllLTkzZjYt
YTE0NmQ2MDQ3MzM3LzEveXhSU0dKZmtpMW1mdVJsaXRTRU9nZktkTXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9kOGU1YWEtYjExOS00NTllLTkzZjYtYTE0NmQ2MDQ3MzM3
LzEvX2J5ZWtRTVd2aThFTTZxVk9TeldjNTNDYTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudR8MA0G
CSqGSIb3DQEBCwUAA4IBAQCMuCJ2nZbwA++XaHkogJNmFiQoNSrIMiPusGTC4qkD
zCrQO+tnhY25WjlPGSm8Cj42oEfmhbYhtNH/DHKXpBQJrZqUm8JzkZZJZHvDgQro
5WmwMGb1O0h7PFNXEeyalTgttlWPzet+FvxbdNs4mKk4i/eYhZtJRROkveTPZyzL
HMItqQOBxLCorH7oFAfJ6DvAkvOtpcu7XvH10jiBo8JAxwWs/8NBT+Y06MEuJi0b
z4eRSuYtU8DO0iH3PcqvU1V6v2ArRC6Vf6huSexS975z9dtR2CDTWpbgBRHU1qIP
VqthR0XloMo7KAm4t7ov+goaaGJHD7MxwnPUNS48E7pu
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:04:56 2025 by rpki-client