Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e3aa51-6129-493d-91d2-51751b29f8b4/1/GCMcnL5tYZenbrOkerOlk_ScpX0.roa
File: GCMcnL5tYZenbrOkerOlk_ScpX0.roa (raw, json)
Hash identifier: ETY/1CEA6v0WWRGe3DPt0lwo/9l1WB8aT5Ob35rCEsE=
Subject key identifier: 18:23:1C:9C:BE:6D:61:97:A7:6E:B3:A4:7A:B3:A5:93:F4:9C:A5:7D
Certificate issuer: /CN=29878a2888c9ac3123c795ff9681f1957ca0f964
Certificate serial: 01856E1448CBC4064CDCF5FAF4F5AFD503E6
Authority key identifier: 29:87:8A:28:88:C9:AC:31:23:C7:95:FF:96:81:F1:95:7C:A0:F9:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYeKKIjJrDEjx5X_loHxlXyg-WQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e3aa51-6129-493d-91d2-51751b29f8b4/1/GCMcnL5tYZenbrOkerOlk_ScpX0.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.97.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:48:cb:c4:06:4c:dc:f5:fa:f4:f5:af:d5:03:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29878a2888c9ac3123c795ff9681f1957ca0f964
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18231c9cbe6d6197a76eb3a47ab3a593f49ca57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9d:46:09:c2:d5:5f:ad:41:c5:28:de:fc:a9:
b2:48:ec:a4:2b:72:11:e0:31:c2:ad:38:e8:4a:2d:
6b:d4:da:7e:48:ca:84:6f:84:ab:6a:7d:be:6e:6a:
3e:18:3f:01:bc:24:1a:92:d5:a6:80:79:6d:f1:49:
76:50:93:73:d6:c0:c0:5d:f4:de:50:4c:04:26:05:
a5:dc:55:63:62:fe:76:0d:56:ca:46:6c:d1:44:16:
a1:5a:1d:1b:3f:f3:12:80:a4:2c:79:66:56:53:b9:
b4:b2:2d:65:bd:a3:2b:9c:40:9d:4f:58:5a:8d:23:
14:10:ca:9d:34:1d:c8:3b:ab:27:03:6f:fc:50:1a:
42:ed:2b:bd:57:4b:ef:0a:8b:ce:cb:d4:71:06:27:
6b:9e:22:dd:9b:8d:54:d4:71:ee:1e:00:80:ed:49:
d9:0c:be:02:9e:76:f3:89:e9:cb:1e:9f:54:c0:bb:
47:c8:be:1a:29:62:3b:89:8a:bc:34:24:24:3e:40:
2f:29:2a:1f:22:96:d1:9a:c7:e3:b1:cd:b9:19:cb:
e4:66:dc:e1:69:1c:ff:2c:7d:0e:e4:f9:e0:11:4c:
c5:87:7b:78:c6:1b:97:c0:5f:6a:25:e4:d1:68:55:
3d:87:f5:93:1a:00:0e:99:23:e3:9a:ab:76:18:a7:
e6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:23:1C:9C:BE:6D:61:97:A7:6E:B3:A4:7A:B3:A5:93:F4:9C:A5:7D
X509v3 Authority Key Identifier:
keyid:29:87:8A:28:88:C9:AC:31:23:C7:95:FF:96:81:F1:95:7C:A0:F9:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYeKKIjJrDEjx5X_loHxlXyg-WQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e3aa51-6129-493d-91d2-51751b29f8b4/1/GCMcnL5tYZenbrOkerOlk_ScpX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e3aa51-6129-493d-91d2-51751b29f8b4/1/KYeKKIjJrDEjx5X_loHxlXyg-WQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.212.0/24
Signature Algorithm: sha256WithRSAEncryption
21:b8:06:8a:02:ff:db:18:44:75:bd:54:9d:ca:68:c5:ee:15:
1b:b2:a0:dd:e2:e4:7b:da:4e:a9:ac:2c:41:e5:83:cf:b1:1e:
58:b8:75:38:28:85:22:5a:da:26:3b:86:11:04:50:cf:36:6c:
f3:8c:34:c4:54:29:bf:eb:35:5f:2b:e0:93:1a:e6:03:24:c9:
31:f3:84:9c:ab:84:74:58:e2:1e:62:ac:97:47:0b:62:85:f8:
74:3e:13:08:c4:7b:5b:ba:58:7a:c4:b1:85:23:20:b2:ef:a2:
ca:3e:75:75:f5:5f:7c:ad:f2:1d:f8:a0:63:75:aa:ae:37:c7:
e3:7f:4b:e0:40:9b:1a:2d:05:ed:d0:67:2b:82:35:fd:f2:c6:
fd:cc:02:09:d6:0c:e2:ba:1f:3b:d1:d8:4e:fb:71:37:3d:20:
f3:51:d4:73:81:4a:0e:b6:35:41:1b:e4:b9:5d:01:5a:fc:2e:
be:e9:39:ad:81:4d:2f:c8:a8:84:c8:0a:fa:fd:93:45:16:64:
f0:16:e6:9e:dc:ed:d3:01:d8:e2:a8:c0:dc:c9:8b:a4:32:2c:
5c:f2:86:7a:fa:ec:9a:aa:4d:da:7a:d1:99:a8:46:78:bb:43:
a8:84:7c:c3:1c:c6:38:93:c8:ab:54:49:45:57:1e:b6:39:be:
01:73:ff:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFEjLxAZM3PX69PWv1QPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODc4YTI4ODhjOWFjMzEyM2M3OTVmZjk2ODFmMTk1N2Nh
MGY5NjQwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODIzMWM5Y2JlNmQ2MTk3YTc2ZWIzYTQ3YWIzYTU5M2Y0OWNhNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ1GCcLVX61BxSje/KmySOykK3IR
4DHCrTjoSi1r1Np+SMqEb4Sran2+bmo+GD8BvCQaktWmgHlt8Ul2UJNz1sDAXfTe
UEwEJgWl3FVjYv52DVbKRmzRRBahWh0bP/MSgKQseWZWU7m0si1lvaMrnECdT1ha
jSMUEMqdNB3IO6snA2/8UBpC7Su9V0vvCovOy9RxBidrniLdm41U1HHuHgCA7UnZ
DL4CnnbzienLHp9UwLtHyL4aKWI7iYq8NCQkPkAvKSofIpbRmsfjsc25GcvkZtzh
aRz/LH0O5PngEUzFh3t4xhuXwF9qJeTRaFU9h/WTGgAOmSPjmqt2GKfmgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgjHJy+bWGXp26zpHqzpZP0nKV9MB8GA1UdIwQY
MBaAFCmHiiiIyawxI8eV/5aB8ZV8oPlkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1llS0tJakpyREVqeDVYX2xvSHhsWHlnLVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lM2FhNTEtNjEyOS00OTNkLTkxZDIt
NTE3NTFiMjlmOGI0LzEvR0NNY25MNXRZWmVuYnJPa2VyT2xrX1NjcFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lM2FhNTEtNjEyOS00OTNkLTkxZDItNTE3NTFiMjlmOGI0
LzEvS1llS0tJakpyREVqeDVYX2xvSHhsWHlnLVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWHUMA0G
CSqGSIb3DQEBCwUAA4IBAQAhuAaKAv/bGER1vVSdymjF7hUbsqDd4uR72k6prCxB
5YPPsR5YuHU4KIUiWtomO4YRBFDPNmzzjDTEVCm/6zVfK+CTGuYDJMkx84Scq4R0
WOIeYqyXRwtihfh0PhMIxHtbulh6xLGFIyCy76LKPnV19V98rfId+KBjdaquN8fj
f0vgQJsaLQXt0GcrgjX98sb9zAIJ1gziuh870dhO+3E3PSDzUdRzgUoOtjVBG+S5
XQFa/C6+6TmtgU0vyKiEyAr6/ZNFFmTwFuae3O3TAdjiqMDcyYukMixc8oZ6+uya
qk3aetGZqEZ4u0OohHzDHMY4k8irVElFVx62Ob4Bc/80
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:15 2025 by rpki-client