Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ygTzfoTZ03OtYefPyQRpZjx0JAY.roa
File: ygTzfoTZ03OtYefPyQRpZjx0JAY.roa (raw, json)
Hash identifier: IexQBN1NC2L6wlngE7C+vPs4noAm7/dQEZ2FKPDq/js=
Subject key identifier: CA:04:F3:7E:84:D9:D3:73:AD:61:E7:CF:C9:04:69:66:3C:74:24:06
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018CC6B792765DC1C36FD5D39066A5ED3C67
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ygTzfoTZ03OtYefPyQRpZjx0JAY.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 86.104.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:92:76:5d:c1:c3:6f:d5:d3:90:66:a5:ed:3c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca04f37e84d9d373ad61e7cfc90469663c742406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:12:e4:26:49:e8:f9:05:8d:dd:52:37:e9:f6:
bf:da:f8:35:1a:9b:aa:5c:ca:43:c7:c7:90:e6:d1:
e8:31:54:60:d2:18:0a:89:3c:55:13:03:4d:26:05:
3d:77:51:64:f9:eb:e5:c7:11:ad:d7:30:64:65:d0:
b8:4d:50:de:7a:44:01:68:bb:4c:11:ed:a1:1c:bb:
9e:36:bb:d2:6d:0a:85:2b:7b:e8:06:9c:82:ed:e6:
5f:9b:38:c4:ae:89:c0:a6:e3:c8:40:45:2b:14:a6:
2d:01:bf:b3:97:b0:88:29:3c:79:6e:77:16:f4:0e:
b4:9f:ef:48:3e:ca:0f:10:6b:70:45:00:35:f2:98:
8b:f2:d4:cb:86:13:cf:d8:b8:bd:72:c7:66:06:38:
d6:93:18:11:22:e5:b4:c8:0b:2e:22:07:db:45:9d:
7a:98:4a:1f:87:3d:0d:6a:7a:9b:de:7c:cc:0c:a7:
78:4b:b4:20:1f:c4:ab:79:76:6a:07:ce:b2:37:22:
6b:ad:c8:56:29:df:31:f0:b5:40:4f:ab:8a:31:e8:
9f:15:d4:74:84:dd:aa:d0:2d:5b:27:c7:af:c6:bc:
22:4f:f2:79:d9:9b:e4:5a:1a:20:04:6a:65:7d:d3:
99:b4:9d:ab:4a:e9:0e:07:f1:51:b7:29:2d:60:8e:
cd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:04:F3:7E:84:D9:D3:73:AD:61:E7:CF:C9:04:69:66:3C:74:24:06
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ygTzfoTZ03OtYefPyQRpZjx0JAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.8.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:9f:34:d6:52:67:18:50:4b:4a:2a:87:dc:e8:b7:5f:48:7c:
67:d7:bc:e4:52:36:aa:f2:69:4d:61:98:dd:2f:b0:31:81:74:
51:d8:68:11:41:df:49:1d:f1:5c:0c:51:e9:e6:39:1c:bf:8e:
f5:54:5f:8b:54:f7:74:6a:a9:04:ee:97:77:82:e3:32:84:42:
4a:87:d6:f8:80:31:b4:37:36:35:5a:eb:64:27:d9:53:8b:aa:
02:f5:34:84:91:ec:eb:7d:dc:a6:eb:58:38:72:a0:a7:ed:97:
19:21:22:f5:b8:24:6b:18:c0:97:75:3d:94:3f:01:4a:b9:93:
56:91:a0:e0:3d:e3:95:9f:61:6f:a9:00:98:93:86:03:0b:ac:
0c:04:46:6a:bb:ee:36:4d:a3:3e:5b:f2:f1:b1:e2:5a:51:72:
3b:e6:1d:58:8d:fb:6e:2e:61:75:b5:2f:2a:2e:87:00:34:d8:
fc:fb:b0:86:22:98:2f:11:8f:83:60:df:9b:3a:ae:a0:dd:4e:
e6:75:d1:de:fc:43:f8:ba:3b:95:5d:8b:b8:40:b2:32:e1:8b:
2d:fb:a1:2d:f3:4b:7c:c7:b5:29:99:30:60:69:35:02:b6:91:
a0:ad:a3:d2:d2:84:b0:e9:69:1e:5b:d0:66:a3:d6:4a:e6:cf:
9b:18:e3:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5J2XcHDb9XTkGal7TxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTA0ZjM3ZTg0ZDlkMzczYWQ2MWU3Y2ZjOTA0Njk2NjNjNzQyNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxLkJkno+QWN3VI36fa/2vg1Gpuq
XMpDx8eQ5tHoMVRg0hgKiTxVEwNNJgU9d1Fk+evlxxGt1zBkZdC4TVDeekQBaLtM
Ee2hHLueNrvSbQqFK3voBpyC7eZfmzjEronApuPIQEUrFKYtAb+zl7CIKTx5bncW
9A60n+9IPsoPEGtwRQA18piL8tTLhhPP2Li9csdmBjjWkxgRIuW0yAsuIgfbRZ16
mEofhz0Nanqb3nzMDKd4S7QgH8SreXZqB86yNyJrrchWKd8x8LVAT6uKMeifFdR0
hN2q0C1bJ8evxrwiT/J52ZvkWhogBGplfdOZtJ2rSukOB/FRtyktYI7NIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoE836E2dNzrWHnz8kEaWY8dCQGMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEveWdUemZvVFowM090WWVmUHlRUnBaangwSkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmgIMA0G
CSqGSIb3DQEBCwUAA4IBAQC/nzTWUmcYUEtKKofc6LdfSHxn17zkUjaq8mlNYZjd
L7AxgXRR2GgRQd9JHfFcDFHp5jkcv471VF+LVPd0aqkE7pd3guMyhEJKh9b4gDG0
NzY1WutkJ9lTi6oC9TSEkezrfdym61g4cqCn7ZcZISL1uCRrGMCXdT2UPwFKuZNW
kaDgPeOVn2FvqQCYk4YDC6wMBEZqu+42TaM+W/LxseJaUXI75h1YjftuLmF1tS8q
LocANNj8+7CGIpgvEY+DYN+bOq6g3U7mddHe/EP4ujuVXYu4QLIy4Yst+6Et80t8
x7UpmTBgaTUCtpGgraPS0oSw6WkeW9Bmo9ZK5s+bGOO/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:41 2025 by rpki-client