Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/gy9B-YTVou1lA7o-iY7fVa3s69k.roa
File: gy9B-YTVou1lA7o-iY7fVa3s69k.roa (raw, json)
Hash identifier: dpyNEoOkVBt+26I1bEcjr/52W7c0cPIoh6B3guizo7M=
Subject key identifier: 83:2F:41:F9:84:D5:A2:ED:65:03:BA:3E:89:8E:DF:55:AD:EC:EB:D9
Certificate issuer: /CN=335525f5e51b622fdfee730cda8cda311b4400dd
Certificate serial: 018CC50040BFCD24A415A287A1D6EC616248
Authority key identifier: 33:55:25:F5:E5:1B:62:2F:DF:EE:73:0C:DA:8C:DA:31:1B:44:00:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/gy9B-YTVou1lA7o-iY7fVa3s69k.roa
Signing time: Mon 01 Jan 2024 12:29:37 +0000
ROA not before: Mon 01 Jan 2024 12:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211413
IP address blocks: 193.56.135.0/24 maxlen: 24
2a10:e8c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:40:bf:cd:24:a4:15:a2:87:a1:d6:ec:61:62:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335525f5e51b622fdfee730cda8cda311b4400dd
Validity
Not Before: Jan 1 12:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=832f41f984d5a2ed6503ba3e898edf55adecebd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c8:fa:17:1e:b3:55:f6:61:2b:26:c1:e7:3e:
3e:9b:8a:5b:41:35:ba:b0:a6:44:2e:68:97:91:91:
20:4d:ae:b5:4c:7c:92:b5:3c:7e:b4:69:31:a0:35:
6c:c1:91:53:76:c5:10:f3:a8:4f:63:83:d3:2c:74:
7a:42:c8:a5:7a:b5:92:ac:7f:71:d8:cf:21:5e:b3:
9e:85:c7:fd:75:01:f3:33:f0:47:f6:a8:4d:e0:cc:
24:03:41:cf:e4:30:e3:55:4a:6a:cc:01:9c:73:0d:
64:63:ce:e1:70:f9:ba:d6:46:ea:2d:c8:ab:34:08:
ac:2c:8a:7d:8c:43:57:7a:fd:e7:5f:86:b1:f6:81:
ca:bf:50:b8:b2:28:31:d4:cd:e4:96:e2:3b:6c:29:
f3:e2:bc:e1:26:89:12:ea:12:59:64:c6:87:a5:31:
f1:96:b9:ad:44:f6:49:6a:0d:ec:cd:92:15:0f:5d:
2a:c5:43:13:20:6f:bc:fa:aa:bb:2f:51:87:1a:80:
34:24:21:49:c6:a3:c8:9c:1f:0b:e9:4f:9d:5d:12:
d0:08:7d:c8:7e:4a:0f:14:ed:ed:ef:5b:7d:97:90:
50:6b:7a:64:e4:18:91:29:83:2d:bb:db:22:1e:6f:
44:70:d5:6f:29:ed:66:3e:d5:23:93:01:73:25:91:
98:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:2F:41:F9:84:D5:A2:ED:65:03:BA:3E:89:8E:DF:55:AD:EC:EB:D9
X509v3 Authority Key Identifier:
keyid:33:55:25:F5:E5:1B:62:2F:DF:EE:73:0C:DA:8C:DA:31:1B:44:00:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/gy9B-YTVou1lA7o-iY7fVa3s69k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.135.0/24
IPv6:
2a10:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:96:0e:af:c0:1b:81:7d:86:c9:a0:bf:b2:f1:19:e6:8a:53:
50:c8:00:aa:a6:bb:9d:d7:14:e4:3e:61:04:81:b8:24:45:b2:
d9:61:8e:b7:77:39:7b:4e:aa:f0:67:d7:eb:31:4a:a8:d2:cc:
48:2d:54:b3:2d:37:2f:d3:25:18:0a:fd:c8:71:7a:d8:6d:f8:
34:97:fe:9f:e1:d4:af:61:9a:8a:0e:c8:21:31:7b:82:da:0b:
27:61:2e:89:a0:3a:82:a1:bf:9e:11:05:71:0c:59:49:04:04:
76:94:59:7d:c5:42:a0:fe:7d:a1:0d:bc:0a:fe:84:62:32:f6:
2f:7c:cc:d9:3b:b4:10:c0:fe:4d:54:35:90:fd:71:bc:c1:37:
68:c3:5c:03:bf:04:b9:ac:e7:7b:c8:d8:94:0b:55:d0:4c:74:
7c:a8:c6:35:62:45:24:3c:a6:8b:04:1a:90:8e:93:c6:be:f3:
3e:16:ca:b1:48:f2:1a:c3:78:52:7e:55:a2:f7:d5:79:76:fd:
c6:95:b1:43:26:d5:e1:89:31:e8:2d:bb:12:7c:04:f2:83:03:
36:30:f8:d7:75:7a:67:09:1f:cc:74:72:f0:df:c7:61:bf:49:
c1:1c:79:d5:df:d6:25:d2:00:ad:77:49:79:fb:88:87:e6:1c:
e6:9c:c7:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAEC/zSSkFaKHodbsYWJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTUyNWY1ZTUxYjYyMmZkZmVlNzMwY2RhOGNkYTMxMWI0
NDAwZGQwHhcNMjQwMTAxMTIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzJmNDFmOTg0ZDVhMmVkNjUwM2JhM2U4OThlZGY1NWFkZWNlYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcj6Fx6zVfZhKybB5z4+m4pbQTW6
sKZELmiXkZEgTa61THyStTx+tGkxoDVswZFTdsUQ86hPY4PTLHR6QsilerWSrH9x
2M8hXrOehcf9dQHzM/BH9qhN4MwkA0HP5DDjVUpqzAGccw1kY87hcPm61kbqLcir
NAisLIp9jENXev3nX4ax9oHKv1C4sigx1M3kluI7bCnz4rzhJokS6hJZZMaHpTHx
lrmtRPZJag3szZIVD10qxUMTIG+8+qq7L1GHGoA0JCFJxqPInB8L6U+dXRLQCH3I
fkoPFO3t71t9l5BQa3pk5BiRKYMtu9siHm9EcNVvKe1mPtUjkwFzJZGY6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIMvQfmE1aLtZQO6PomO31Wt7OvZMB8GA1UdIwQY
MBaAFDNVJfXlG2Iv3+5zDNqM2jEbRADdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFVbDllVWJZaV9mN25NTTJvemFNUnRFQU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMDQwZGYtNzY4ZC00YzcwLTlhYTAt
MDExYmEwNzJmNDJjLzEvZ3k5Qi1ZVFZvdTFsQTdvLWlZN2ZWYTNzNjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMDQwZGYtNzY4ZC00YzcwLTlhYTAtMDExYmEwNzJmNDJj
LzEvTTFVbDllVWJZaV9mN25NTTJvemFNUnRFQU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTiHMA0E
AgACMAcDBQMqEOjAMA0GCSqGSIb3DQEBCwUAA4IBAQBElg6vwBuBfYbJoL+y8Rnm
ilNQyACqprud1xTkPmEEgbgkRbLZYY63dzl7TqrwZ9frMUqo0sxILVSzLTcv0yUY
Cv3IcXrYbfg0l/6f4dSvYZqKDsghMXuC2gsnYS6JoDqCob+eEQVxDFlJBAR2lFl9
xUKg/n2hDbwK/oRiMvYvfMzZO7QQwP5NVDWQ/XG8wTdow1wDvwS5rOd7yNiUC1XQ
THR8qMY1YkUkPKaLBBqQjpPGvvM+FsqxSPIaw3hSflWi99V5dv3GlbFDJtXhiTHo
LbsSfATygwM2MPjXdXpnCR/MdHLw38dhv0nBHHnV39Yl0gCtd0l5+4iH5hzmnMeE
-----END CERTIFICATE-----
Generated at Mon Sep 23 15:22:08 2024 by rpki-client on console-fra.rpki-client.org