Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/YdsZbfjUf15sL_y0oy6NZJEJwe8.roa
File: YdsZbfjUf15sL_y0oy6NZJEJwe8.roa (raw, json)
Hash identifier: Ztg3Z3Ik8GbDQcMCXK1xkRN/8CkSfyxZ1syyQUmEGVY=
Subject key identifier: 61:DB:19:6D:F8:D4:7F:5E:6C:2F:FC:B4:A3:2E:8D:64:91:09:C1:EF
Certificate issuer: /CN=fdc568657e50e6f8e5c6bfefa89cef350d94f82e
Certificate serial: 0193776AD365D2A90500881C2276716FB4D2
Authority key identifier: FD:C5:68:65:7E:50:E6:F8:E5:C6:BF:EF:A8:9C:EF:35:0D:94:F8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cVoZX5Q5vjlxr_vqJzvNQ2U-C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/YdsZbfjUf15sL_y0oy6NZJEJwe8.roa
Signing time: Fri 29 Nov 2024 10:15:09 +0000
ROA not before: Fri 29 Nov 2024 10:15:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213842
IP address blocks: 193.101.12.0/24 maxlen: 24
2a01:e540::/40 maxlen: 40
2a01:e541::/36 maxlen: 36
2a01:e542::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:6a:d3:65:d2:a9:05:00:88:1c:22:76:71:6f:b4:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc568657e50e6f8e5c6bfefa89cef350d94f82e
Validity
Not Before: Nov 29 10:15:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61db196df8d47f5e6c2ffcb4a32e8d649109c1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2b:86:a4:b6:5d:9b:2a:80:18:f7:bb:66:76:
08:b0:51:de:bf:79:12:47:d1:13:26:2b:44:4f:d8:
80:16:3d:cc:ee:9a:06:ac:e3:93:8e:e3:f4:79:a5:
d6:85:8f:94:16:9e:db:e3:45:7f:4b:27:f6:48:80:
5a:08:06:f6:c6:b6:89:97:ae:27:84:48:50:93:cd:
e6:50:16:cf:1e:6e:07:b6:85:30:fa:c4:5b:76:b9:
13:48:55:11:b0:b6:f3:f8:9f:db:76:25:c3:7c:3b:
bd:ee:c3:54:42:0b:0b:fc:e8:71:e0:8c:07:7c:49:
ae:ff:3b:d2:c7:c2:f2:30:cf:a6:ea:95:fb:1b:c3:
4b:78:6a:7b:da:5d:5a:5d:27:f9:f6:81:64:d4:3e:
3e:7f:4a:2e:34:b2:da:43:ac:fd:62:db:c7:71:28:
cd:6e:b7:f0:61:ff:b9:a2:2a:c1:81:0e:83:49:c5:
60:a3:84:af:43:bd:f2:3e:01:34:a9:ba:cf:da:4f:
53:d7:c2:60:d8:9a:c7:9d:c5:9e:07:74:fc:3d:6f:
80:8f:b7:e8:60:00:86:e9:39:3b:47:0d:eb:3f:6b:
63:44:43:a6:02:24:73:08:10:45:9c:d9:46:84:80:
46:d6:fe:21:41:c7:11:51:07:13:44:78:67:1c:7f:
dc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DB:19:6D:F8:D4:7F:5E:6C:2F:FC:B4:A3:2E:8D:64:91:09:C1:EF
X509v3 Authority Key Identifier:
keyid:FD:C5:68:65:7E:50:E6:F8:E5:C6:BF:EF:A8:9C:EF:35:0D:94:F8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cVoZX5Q5vjlxr_vqJzvNQ2U-C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/YdsZbfjUf15sL_y0oy6NZJEJwe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/_cVoZX5Q5vjlxr_vqJzvNQ2U-C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.101.12.0/24
IPv6:
2a01:e540::/40
2a01:e541::/36
2a01:e542::/36
Signature Algorithm: sha256WithRSAEncryption
17:44:f5:78:a9:3f:d7:fc:9f:0d:1f:0f:52:2c:6e:4d:f8:6c:
c5:bb:b1:a3:68:06:c6:62:3c:c0:7a:2f:3f:58:58:ea:97:37:
9d:a1:96:19:4b:ba:3e:47:02:d8:4f:ea:a3:02:eb:b7:2f:61:
6c:36:fc:02:5f:f9:61:8e:34:cc:2b:76:b4:b9:70:8b:8b:4e:
4a:23:b6:1b:6f:76:43:0b:1c:57:c9:2f:64:42:64:03:f0:f2:
83:d5:a1:99:7a:72:7d:d2:71:06:01:fd:ba:0f:ec:18:54:51:
66:a0:95:7d:37:f5:02:0f:a6:4a:b7:bc:1c:0a:d7:7a:02:1e:
c8:50:e3:94:99:c6:0b:b5:d6:21:db:d4:16:c3:8d:d0:aa:cb:
10:64:b4:3f:b2:5b:e2:67:48:e7:28:36:af:14:c0:a1:6d:1e:
5c:96:8f:aa:11:fc:3e:2e:d0:24:32:6a:1d:09:1c:11:60:d6:
08:a3:7b:64:19:df:05:41:2f:87:ac:65:16:ad:76:86:42:6b:
e3:57:01:48:76:08:80:80:39:a3:60:ff:37:0e:8f:fa:61:92:
93:2c:f6:bb:94:18:8a:ff:9a:10:98:ed:1d:4a:ea:27:03:6a:
72:bd:f2:ed:5f:77:e2:3f:0d:ea:06:4a:a1:de:8b:a6:61:f2:
de:30:73:28
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZN3atNl0qkFAIgcInZxb7TSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYzU2ODY1N2U1MGU2ZjhlNWM2YmZlZmE4OWNlZjM1MGQ5
NGY4MmUwHhcNMjQxMTI5MTAxNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRiMTk2ZGY4ZDQ3ZjVlNmMyZmZjYjRhMzJlOGQ2NDkxMDljMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCuGpLZdmyqAGPe7ZnYIsFHev3kS
R9ETJitET9iAFj3M7poGrOOTjuP0eaXWhY+UFp7b40V/Syf2SIBaCAb2xraJl64n
hEhQk83mUBbPHm4HtoUw+sRbdrkTSFURsLbz+J/bdiXDfDu97sNUQgsL/Ohx4IwH
fEmu/zvSx8LyMM+m6pX7G8NLeGp72l1aXSf59oFk1D4+f0ouNLLaQ6z9YtvHcSjN
brfwYf+5oirBgQ6DScVgo4SvQ73yPgE0qbrP2k9T18Jg2JrHncWeB3T8PW+Aj7fo
YACG6Tk7Rw3rP2tjREOmAiRzCBBFnNlGhIBG1v4hQccRUQcTRHhnHH/ctQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGHbGW341H9ebC/8tKMujWSRCcHvMB8GA1UdIwQY
MBaAFP3FaGV+UOb45ca/76ic7zUNlPguMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2NWb1pYNVE1dmpseHJfdnFKenZOUTJVLUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84MzRhYTAtYThmNC00NTRjLWIzMTUt
NDM1YWYxNGFhMDdhLzEvWWRzWmJmalVmMTVzTF95MG95Nk5aSkVKd2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84MzRhYTAtYThmNC00NTRjLWIzMTUtNDM1YWYxNGFhMDdh
LzEvX2NWb1pYNVE1dmpseHJfdnFKenZOUTJVLUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQAwWUMMB4E
AgACMBgDBgAqAeVAAAMGBCoB5UEAAwYEKgHlQgAwDQYJKoZIhvcNAQELBQADggEB
ABdE9XipP9f8nw0fD1Isbk34bMW7saNoBsZiPMB6Lz9YWOqXN52hlhlLuj5HAthP
6qMC67cvYWw2/AJf+WGONMwrdrS5cIuLTkojthtvdkMLHFfJL2RCZAPw8oPVoZl6
cn3ScQYB/boP7BhUUWaglX039QIPpkq3vBwK13oCHshQ45SZxgu11iHb1BbDjdCq
yxBktD+yW+JnSOcoNq8UwKFtHlyWj6oR/D4u0CQyah0JHBFg1gije2QZ3wVBL4es
ZRatdoZCa+NXAUh2CICAOaNg/zcOj/phkpMs9ruUGIr/mhCY7R1K6icDanK98u1f
d+I/DeoGSqHei6Zh8t4wcyg=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:31 2024 by rpki-client on console.sobornost.net