Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/4a342a-0caa-44a7-854a-84f55a5beb37/1/YZ9uwJ5hIKW_6yPhpV2nWCVfLd8.roa
File: YZ9uwJ5hIKW_6yPhpV2nWCVfLd8.roa (raw, json)
Hash identifier: qaVLW1qcXbqtRaF6r0ivcDo6R3RTEZ7OSzRRNRUGYFQ=
Subject key identifier: 61:9F:6E:C0:9E:61:20:A5:BF:EB:23:E1:A5:5D:A7:58:25:5F:2D:DF
Certificate issuer: /CN=cadc8f3edfbf6b9d4d8f51452fd1d37cfbf854f3
Certificate serial: 01856F02490B041A82A765382CEB8644BD01
Authority key identifier: CA:DC:8F:3E:DF:BF:6B:9D:4D:8F:51:45:2F:D1:D3:7C:FB:F8:54:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ytyPPt-_a51Nj1FFL9HTfPv4VPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/4a342a-0caa-44a7-854a-84f55a5beb37/1/YZ9uwJ5hIKW_6yPhpV2nWCVfLd8.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 176.56.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:49:0b:04:1a:82:a7:65:38:2c:eb:86:44:bd:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cadc8f3edfbf6b9d4d8f51452fd1d37cfbf854f3
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619f6ec09e6120a5bfeb23e1a55da758255f2ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:58:f1:63:e5:55:53:ab:bb:46:91:fd:f1:
9f:8b:45:b7:e0:d6:31:23:83:c3:75:a3:8c:3b:9b:
bf:3e:5d:9f:23:bc:d9:ea:4d:39:0a:15:21:2d:b1:
dd:56:ad:88:ce:a7:e2:2a:25:63:c3:7c:03:83:77:
28:96:77:ac:a7:b2:b9:6b:ec:4f:93:9a:f2:76:76:
ed:b6:54:8c:77:0a:8f:28:43:17:cc:45:9c:d9:28:
97:bf:76:a9:b7:11:9c:d7:fe:a8:84:6b:8a:b7:b9:
46:d4:3f:da:ce:10:8c:c7:87:06:90:0a:aa:68:d8:
19:e7:d0:44:f1:c6:0e:b3:87:d6:07:bf:b6:8a:77:
3e:6e:e3:f9:0f:84:d1:55:0f:c7:42:e3:79:02:3f:
f3:cf:ad:ef:34:a9:e6:63:da:4c:e8:de:01:19:d7:
52:5a:d0:65:e0:70:60:05:61:1a:a0:53:99:f0:bb:
92:7f:27:11:a7:e6:52:73:9d:ff:1a:b1:bc:09:e0:
55:df:4c:51:91:13:e7:c1:02:21:7c:f9:be:f2:0c:
eb:98:bc:04:a2:80:5a:f5:60:c3:21:89:82:06:5b:
43:73:c3:94:af:73:f7:80:b6:bf:e4:f0:56:0a:13:
1b:89:23:46:b7:a5:9b:83:48:24:d4:70:6c:da:b6:
b1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9F:6E:C0:9E:61:20:A5:BF:EB:23:E1:A5:5D:A7:58:25:5F:2D:DF
X509v3 Authority Key Identifier:
keyid:CA:DC:8F:3E:DF:BF:6B:9D:4D:8F:51:45:2F:D1:D3:7C:FB:F8:54:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ytyPPt-_a51Nj1FFL9HTfPv4VPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/4a342a-0caa-44a7-854a-84f55a5beb37/1/YZ9uwJ5hIKW_6yPhpV2nWCVfLd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/4a342a-0caa-44a7-854a-84f55a5beb37/1/ytyPPt-_a51Nj1FFL9HTfPv4VPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.34.0/24
Signature Algorithm: sha256WithRSAEncryption
69:2c:0c:2b:aa:ed:a0:80:ae:03:db:27:98:02:3d:ee:4e:88:
8e:a5:5a:2f:93:1a:43:57:f2:72:d4:68:27:9c:e2:d3:0b:ca:
e4:0d:d7:ab:78:40:fe:b9:80:fc:11:e3:0c:6b:f9:e6:b6:e0:
57:90:06:6d:e2:4b:70:4d:00:b3:04:42:66:fb:7d:72:82:13:
78:ec:e2:60:0d:a1:ef:63:ff:2d:6c:6d:7a:4e:ff:92:1b:b7:
94:12:68:86:42:3a:c7:e0:3d:84:bc:3a:74:39:86:d0:92:3b:
d9:12:cf:47:d6:eb:84:e0:fa:a0:d0:d9:fb:48:27:51:f2:fa:
27:7f:cf:de:31:bc:22:e1:ec:b4:3a:59:d9:92:95:e8:38:69:
14:02:0b:40:4b:de:38:9d:f2:d6:b3:01:1b:dc:33:1f:a8:e6:
9b:eb:f2:f3:bf:c4:8c:75:b0:68:87:a2:a1:94:79:31:f6:48:
39:46:1f:66:9f:c2:62:3d:82:da:51:36:cb:d7:76:a2:7c:07:
61:fc:42:13:9a:d5:b2:4f:b2:e5:88:a4:d9:05:da:e7:77:ed:
af:78:a0:d5:40:b2:49:89:7b:98:3c:5d:d4:dc:84:47:eb:03:
fa:03:72:1f:4b:f6:da:3c:19:2f:cb:d5:3f:a1:8e:de:8f:85:
0d:0e:6d:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkkLBBqCp2U4LOuGRL0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZGM4ZjNlZGZiZjZiOWQ0ZDhmNTE0NTJmZDFkMzdjZmJm
ODU0ZjMwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlmNmVjMDllNjEyMGE1YmZlYjIzZTFhNTVkYTc1ODI1NWYyZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZFY8WPlVVOru0aR/fGfi0W34NYx
I4PDdaOMO5u/Pl2fI7zZ6k05ChUhLbHdVq2IzqfiKiVjw3wDg3colnesp7K5a+xP
k5rydnbttlSMdwqPKEMXzEWc2SiXv3aptxGc1/6ohGuKt7lG1D/azhCMx4cGkAqq
aNgZ59BE8cYOs4fWB7+2inc+buP5D4TRVQ/HQuN5Aj/zz63vNKnmY9pM6N4BGddS
WtBl4HBgBWEaoFOZ8LuSfycRp+ZSc53/GrG8CeBV30xRkRPnwQIhfPm+8gzrmLwE
ooBa9WDDIYmCBltDc8OUr3P3gLa/5PBWChMbiSNGt6Wbg0gk1HBs2rax2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGfbsCeYSClv+sj4aVdp1glXy3fMB8GA1UdIwQY
MBaAFMrcjz7fv2udTY9RRS/R03z7+FTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXR5UFB0LV9hNTFOajFGRkw5SFRmUHY0VlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80YTM0MmEtMGNhYS00NGE3LTg1NGEt
ODRmNTVhNWJlYjM3LzEvWVo5dXdKNWhJS1dfNnlQaHBWMm5XQ1ZmTGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80YTM0MmEtMGNhYS00NGE3LTg1NGEtODRmNTVhNWJlYjM3
LzEveXR5UFB0LV9hNTFOajFGRkw5SFRmUHY0VlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDgiMA0G
CSqGSIb3DQEBCwUAA4IBAQBpLAwrqu2ggK4D2yeYAj3uToiOpVovkxpDV/Jy1Ggn
nOLTC8rkDdereED+uYD8EeMMa/nmtuBXkAZt4ktwTQCzBEJm+31yghN47OJgDaHv
Y/8tbG16Tv+SG7eUEmiGQjrH4D2EvDp0OYbQkjvZEs9H1uuE4Pqg0Nn7SCdR8von
f8/eMbwi4ey0OlnZkpXoOGkUAgtAS944nfLWswEb3DMfqOab6/Lzv8SMdbBoh6Kh
lHkx9kg5Rh9mn8JiPYLaUTbL13aifAdh/EITmtWyT7LliKTZBdrnd+2veKDVQLJJ
iXuYPF3U3IRH6wP6A3IfS/baPBkvy9U/oY7ej4UNDm3U
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:43 2025 by rpki-client