Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/yKm5J4WpetP2v4znTSRbx0gzRz0.roa
File: yKm5J4WpetP2v4znTSRbx0gzRz0.roa (raw, json)
Hash identifier: tO4zXfQkO/DIxOkno8yUyQo+No6QuvaQHS9eMnnZXDM=
Subject key identifier: C8:A9:B9:27:85:A9:7A:D3:F6:BF:8C:E7:4D:24:5B:C7:48:33:47:3D
Certificate issuer: /CN=0aa4667fc501352fbed17e47168c4687d775623f
Certificate serial: 01866EDF1103BBB6F9F4B0806B1C1FAE879C
Authority key identifier: 0A:A4:66:7F:C5:01:35:2F:BE:D1:7E:47:16:8C:46:87:D7:75:62:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CqRmf8UBNS--0X5HFoxGh9d1Yj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/yKm5J4WpetP2v4znTSRbx0gzRz0.roa
Signing time: Mon 20 Feb 2023 12:49:18 +0000
ROA not before: Mon 20 Feb 2023 12:49:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 194.26.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:df:11:03:bb:b6:f9:f4:b0:80:6b:1c:1f:ae:87:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aa4667fc501352fbed17e47168c4687d775623f
Validity
Not Before: Feb 20 12:49:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8a9b92785a97ad3f6bf8ce74d245bc74833473d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5d:1a:ea:b9:b1:85:ca:5b:52:dd:94:8c:83:
59:58:b3:02:2e:24:57:5a:c9:d1:e4:1b:8a:02:a1:
64:1b:ec:7d:c7:a2:31:5e:3d:eb:73:d6:fc:fd:4a:
77:8c:d3:39:5d:fd:71:a9:31:d2:bd:be:66:c9:90:
c8:ff:1d:d4:4d:67:0a:55:1a:9c:f9:82:1b:94:88:
f7:24:dc:13:a0:48:c7:0f:98:03:98:31:cf:0f:66:
52:d7:e6:c8:0f:d8:49:22:12:ae:38:c1:4c:54:af:
3c:a9:d7:59:90:09:8f:01:ac:d4:2e:40:a4:43:3e:
36:85:81:bd:e6:49:58:3c:2f:3f:b6:ed:b5:5a:8b:
a6:b4:ad:2b:73:ae:29:e3:7a:7b:65:77:21:47:be:
ec:b6:fc:72:b4:d4:82:df:d6:8d:a7:d3:26:50:96:
2f:6a:09:58:cc:84:69:b0:ee:15:85:3e:c6:10:cc:
20:fa:89:26:e9:c4:bd:01:1a:c3:08:df:28:99:b4:
62:7e:78:1d:cd:f5:c6:1b:f9:4a:05:01:f1:d5:b7:
d4:e3:4a:69:c5:01:20:ea:58:0a:14:f0:90:d4:ea:
82:f4:7f:2f:52:13:9d:12:a4:59:77:c5:cc:f9:c9:
f9:a1:96:4d:63:77:c9:34:6f:93:5b:b2:ac:72:7b:
0d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A9:B9:27:85:A9:7A:D3:F6:BF:8C:E7:4D:24:5B:C7:48:33:47:3D
X509v3 Authority Key Identifier:
keyid:0A:A4:66:7F:C5:01:35:2F:BE:D1:7E:47:16:8C:46:87:D7:75:62:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqRmf8UBNS--0X5HFoxGh9d1Yj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/yKm5J4WpetP2v4znTSRbx0gzRz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b41f63-65b9-403b-a067-4020a48983b3/1/CqRmf8UBNS--0X5HFoxGh9d1Yj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.119.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ee:f8:11:70:7b:00:a0:70:41:11:81:52:2a:2d:ad:ad:ba:
9e:e4:e7:6d:7a:6e:20:71:f0:c0:15:c2:df:df:e3:92:81:03:
d2:24:48:fe:92:8b:8d:be:0c:fe:e2:95:15:fa:57:11:ec:de:
cd:ce:33:22:48:ed:92:88:fc:7a:28:1b:76:1d:27:98:d7:17:
80:e7:9f:ac:79:84:e9:bc:17:66:0b:8a:3a:bf:fd:09:89:3e:
81:06:91:d4:25:da:71:58:85:08:a8:03:23:4a:9c:40:75:99:
d9:ac:a6:3e:b1:89:eb:41:54:dc:a8:3f:6a:3c:7c:95:94:d1:
e8:f2:82:cb:39:a1:a1:f6:7b:09:59:72:a2:ac:b3:d2:55:05:
22:d4:c6:91:c7:fc:75:c9:fa:60:41:11:c4:c4:7c:dd:91:b5:
cf:dc:2b:fa:5e:46:94:8d:0b:e3:a4:c1:62:7d:47:49:9e:6e:
6d:c5:3f:6b:fd:7c:29:80:c4:14:51:33:1e:e9:87:cf:0b:a8:
55:91:94:82:6b:e7:a3:1b:1c:47:73:03:06:d6:49:4e:21:f6:
f7:9a:29:61:4b:89:10:2c:3f:79:06:91:39:a0:5f:2f:b2:09:
ea:50:f0:a3:eb:ea:8e:db:ef:d0:1c:85:f0:7d:67:63:e7:ab:
6f:b0:b8:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZu3xEDu7b59LCAaxwfroecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYTQ2NjdmYzUwMTM1MmZiZWQxN2U0NzE2OGM0Njg3ZDc3
NTYyM2YwHhcNMjMwMjIwMTI0OTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE5YjkyNzg1YTk3YWQzZjZiZjhjZTc0ZDI0NWJjNzQ4MzM0NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV0a6rmxhcpbUt2UjINZWLMCLiRX
WsnR5BuKAqFkG+x9x6IxXj3rc9b8/Up3jNM5Xf1xqTHSvb5myZDI/x3UTWcKVRqc
+YIblIj3JNwToEjHD5gDmDHPD2ZS1+bID9hJIhKuOMFMVK88qddZkAmPAazULkCk
Qz42hYG95klYPC8/tu21WoumtK0rc64p43p7ZXchR77stvxytNSC39aNp9MmUJYv
aglYzIRpsO4VhT7GEMwg+okm6cS9ARrDCN8ombRifngdzfXGG/lKBQHx1bfU40pp
xQEg6lgKFPCQ1OqC9H8vUhOdEqRZd8XM+cn5oZZNY3fJNG+TW7KscnsNDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMipuSeFqXrT9r+M500kW8dIM0c9MB8GA1UdIwQY
MBaAFAqkZn/FATUvvtF+RxaMRofXdWI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3FSbWY4VUJOUy0tMFg1SEZveEdoOWQxWWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iNDFmNjMtNjViOS00MDNiLWEwNjct
NDAyMGE0ODk4M2IzLzEveUttNUo0V3BldFAydjR6blRTUmJ4MGd6UnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iNDFmNjMtNjViOS00MDNiLWEwNjctNDAyMGE0ODk4M2Iz
LzEvQ3FSbWY4VUJOUy0tMFg1SEZveEdoOWQxWWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhp3MA0G
CSqGSIb3DQEBCwUAA4IBAQB67vgRcHsAoHBBEYFSKi2trbqe5Odtem4gcfDAFcLf
3+OSgQPSJEj+kouNvgz+4pUV+lcR7N7NzjMiSO2SiPx6KBt2HSeY1xeA55+seYTp
vBdmC4o6v/0JiT6BBpHUJdpxWIUIqAMjSpxAdZnZrKY+sYnrQVTcqD9qPHyVlNHo
8oLLOaGh9nsJWXKirLPSVQUi1MaRx/x1yfpgQRHExHzdkbXP3Cv6XkaUjQvjpMFi
fUdJnm5txT9r/XwpgMQUUTMe6YfPC6hVkZSCa+ejGxxHcwMG1klOIfb3milhS4kQ
LD95BpE5oF8vsgnqUPCj6+qO2+/QHIXwfWdj56tvsLjy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:01 2025 by rpki-client