Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/yHOr0kbK-kciLd2v_SvPEQOXipY.roa
File: yHOr0kbK-kciLd2v_SvPEQOXipY.roa (raw, json)
Hash identifier: 9PDq+85X0R2TjWeSO3guyte7sjhcRW9n9jzCFyyIWqU=
Subject key identifier: C8:73:AB:D2:46:CA:FA:47:22:2D:DD:AF:FD:2B:CF:11:03:97:8A:96
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802FE1B7D27CFDC74D415337882CCA3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/yHOr0kbK-kciLd2v_SvPEQOXipY.roa
Signing time: Tue 02 Jan 2024 02:31:28 +0000
ROA not before: Tue 02 Jan 2024 02:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200559
IP address blocks: 192.71.41.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fe:1b:7d:27:cf:dc:74:d4:15:33:78:82:cc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c873abd246cafa47222dddaffd2bcf1103978a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d0:f8:f6:6a:2d:35:41:cb:2c:4f:be:4f:c1:
3c:6f:35:a8:d4:47:0a:98:66:44:1e:56:14:fc:83:
d2:12:29:be:90:3c:17:e7:2b:99:0c:5d:46:6c:80:
2e:0e:1c:c0:44:93:7d:9c:6e:b8:9b:c1:2d:6e:f9:
2b:ab:4e:f4:82:d8:f6:5c:ac:bf:77:67:80:71:f7:
d4:d6:da:65:10:1b:3e:25:bf:72:ea:8b:35:d4:4b:
5b:7f:06:56:ce:35:6e:38:9e:14:6c:31:64:31:55:
ac:5b:84:9f:dd:28:11:21:47:ff:6c:bf:d8:38:e1:
52:cc:39:96:e5:fe:c1:9b:fe:99:9d:17:df:e7:a4:
43:c7:08:31:77:0e:57:69:0d:a0:7c:fa:42:c2:9b:
d2:ee:fc:3f:c0:ff:fd:d8:d8:29:1e:d7:d0:a6:35:
b6:1c:8f:8b:15:8c:06:65:49:01:f3:90:47:02:e4:
8e:21:a8:2f:30:2b:1d:a6:d8:1e:dc:3d:80:65:74:
dd:e5:6b:75:e3:3f:22:ff:1f:11:aa:4f:f1:dd:6d:
f3:05:3e:b4:84:c7:f7:fd:60:24:d7:fd:9e:b7:ce:
63:c2:5a:57:ab:e3:2c:bb:10:36:b6:f6:48:7b:5d:
5a:a3:8a:3d:53:06:2e:61:a1:da:2f:54:5a:b7:38:
60:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:73:AB:D2:46:CA:FA:47:22:2D:DD:AF:FD:2B:CF:11:03:97:8A:96
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/yHOr0kbK-kciLd2v_SvPEQOXipY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.40.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:4a:5b:7b:8a:91:ad:24:2b:73:79:0e:55:8a:e7:40:4c:f1:
10:88:15:9b:50:ca:e0:3e:a1:38:58:4e:c4:81:2a:58:b7:ff:
c2:7e:21:4c:f7:a4:52:0f:6d:4d:b5:81:4f:23:45:d0:27:06:
44:95:ac:b4:f1:7e:01:0e:9c:27:ba:03:5c:ad:47:72:d0:8f:
11:2f:03:03:23:82:d5:d8:9e:a2:93:51:fa:a9:92:0a:b3:93:
51:e3:88:32:fc:7c:c4:09:b5:1f:4f:df:1a:09:ee:13:8c:ba:
ae:da:9d:71:dc:13:6d:7b:da:0d:47:6a:84:86:43:a0:35:9f:
37:78:e7:c7:5d:ca:91:b3:2a:a0:91:a3:df:25:99:7f:eb:74:
05:63:07:47:26:ee:d3:f4:d9:aa:99:39:0a:25:ee:cd:78:e4:
31:55:f3:46:00:4e:6d:ac:32:2b:c2:28:b2:b9:ff:8e:c9:4a:
1e:29:79:81:44:51:cf:b4:50:7a:f6:c4:45:10:16:02:b9:0e:
a7:86:a8:ea:99:f5:25:74:51:bb:e5:13:75:28:62:5a:cf:57:
5c:de:44:1a:ad:28:97:95:08:1b:cd:5a:89:e5:c8:84:fe:6a:
77:85:ae:dc:20:d5:2b:7c:1d:89:82:f5:39:b6:f5:bb:e9:e0:
ac:8f:f0:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAv4bfSfP3HTUFTN4gsyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODczYWJkMjQ2Y2FmYTQ3MjIyZGRkYWZmZDJiY2YxMTAzOTc4YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltD49motNUHLLE++T8E8bzWo1EcK
mGZEHlYU/IPSEim+kDwX5yuZDF1GbIAuDhzARJN9nG64m8Etbvkrq070gtj2XKy/
d2eAcffU1tplEBs+Jb9y6os11EtbfwZWzjVuOJ4UbDFkMVWsW4Sf3SgRIUf/bL/Y
OOFSzDmW5f7Bm/6ZnRff56RDxwgxdw5XaQ2gfPpCwpvS7vw/wP/92NgpHtfQpjW2
HI+LFYwGZUkB85BHAuSOIagvMCsdptge3D2AZXTd5Wt14z8i/x8Rqk/x3W3zBT60
hMf3/WAk1/2et85jwlpXq+MsuxA2tvZIe11ao4o9UwYuYaHaL1RatzhgbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhzq9JGyvpHIi3dr/0rzxEDl4qWMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEveUhPcjBrYksta2NpTGQydl9TdlBFUU9YaXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwEcoMA0G
CSqGSIb3DQEBCwUAA4IBAQBbSlt7ipGtJCtzeQ5ViudATPEQiBWbUMrgPqE4WE7E
gSpYt//CfiFM96RSD21NtYFPI0XQJwZElay08X4BDpwnugNcrUdy0I8RLwMDI4LV
2J6ik1H6qZIKs5NR44gy/HzECbUfT98aCe4TjLqu2p1x3BNte9oNR2qEhkOgNZ83
eOfHXcqRsyqgkaPfJZl/63QFYwdHJu7T9NmqmTkKJe7NeOQxVfNGAE5trDIrwiiy
uf+OyUoeKXmBRFHPtFB69sRFEBYCuQ6nhqjqmfUldFG75RN1KGJaz1dc3kQarSiX
lQgbzVqJ5ciE/mp3ha7cINUrfB2JgvU5tvW76eCsj/CE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:32 2025 by rpki-client