Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YP-SJPq99UMKKR1x9xjomP2OOhY.roa
File: YP-SJPq99UMKKR1x9xjomP2OOhY.roa (raw, json)
Hash identifier: jNFTJtaOn9m7dTs83IrATTY5LzYgMkV/06g/l7lmKwE=
Subject key identifier: 60:FF:92:24:FA:BD:F5:43:0A:29:1D:71:F7:18:E8:98:FD:8E:3A:16
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067C22B9C2616DC3620D024742A583B
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YP-SJPq99UMKKR1x9xjomP2OOhY.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 138.188.174.0/23 maxlen: 24
193.247.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c2:2b:9c:26:16:dc:36:20:d0:24:74:2a:58:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60ff9224fabdf5430a291d71f718e898fd8e3a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f4:da:bb:19:43:24:ce:4b:a9:f4:00:2d:e4:
30:39:c1:e7:3f:41:57:85:dc:fe:5a:76:1c:dc:e1:
68:cb:ba:18:ae:5e:ff:98:3a:a4:06:28:bc:7b:e8:
f8:86:d2:0e:df:ee:bb:b7:e8:66:1b:ad:07:78:fe:
e0:c8:d2:49:86:89:de:9e:e5:2e:48:ca:fd:98:cb:
22:61:3f:28:48:9a:95:0f:8b:17:7f:4d:43:64:c0:
3c:75:48:15:95:63:1b:38:d5:85:55:b0:0f:62:84:
91:06:28:14:4d:3b:de:2c:7a:03:2a:ca:35:bc:f5:
8d:83:e3:21:10:09:9a:d4:1a:bb:df:59:2e:c1:87:
77:6d:b9:6c:c2:b0:2a:00:75:3a:64:7d:98:d8:fe:
30:9d:84:ff:49:68:81:45:f6:58:1a:4c:35:bb:ef:
29:d0:2e:21:b8:87:74:b2:47:89:4a:67:a2:36:99:
f5:0d:c7:64:88:bd:30:d8:77:6f:6c:18:0c:fb:68:
fb:9e:41:ad:22:99:3c:3d:17:1b:53:78:37:27:27:
eb:24:a3:22:f3:d4:0e:ce:9b:38:ac:2c:6b:72:83:
16:41:e8:92:57:28:9e:ec:e6:7e:ab:20:e1:92:49:
c2:46:f5:41:72:6a:7b:96:77:2e:39:d4:a8:2e:0a:
01:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FF:92:24:FA:BD:F5:43:0A:29:1D:71:F7:18:E8:98:FD:8E:3A:16
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/YP-SJPq99UMKKR1x9xjomP2OOhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.188.174.0/23
193.247.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:81:a5:46:a0:c4:79:9b:b7:9c:f2:b7:d5:c3:42:38:06:45:
b1:11:ae:bc:0e:5e:08:eb:d9:83:e7:e8:be:0f:09:20:72:df:
98:f6:02:9e:3d:76:99:6e:d6:6a:04:c1:cb:f8:5e:cc:b7:d4:
31:f7:7b:98:dc:88:c5:96:7f:e8:c3:56:b2:d9:cc:0f:30:13:
e4:3c:bd:b5:50:a4:6a:54:94:6e:c6:94:6c:e8:e9:38:e5:5b:
e6:c6:d3:5f:30:f6:c2:d5:8d:fe:62:70:98:4f:a4:9d:d9:e5:
54:ac:4c:52:ce:06:ff:4c:22:d4:c4:d6:4c:94:02:dd:c5:8b:
4c:17:f8:b4:f5:c1:09:99:4c:94:d1:9a:15:5e:0f:49:69:00:
95:c7:50:53:f9:e4:ae:2b:12:fc:6a:3c:5a:11:d8:0e:a6:90:
19:7a:91:e8:c7:af:8c:5a:91:dd:cf:1d:7a:a2:d9:d8:b7:51:
28:05:ec:ba:a9:0f:ed:48:4d:92:95:f7:0a:40:b7:37:e4:b9:
58:af:c7:86:a8:3c:dd:ea:95:03:03:4b:d6:d1:6d:fc:3c:9a:
b6:8a:75:08:f9:50:27:19:24:6b:d7:37:ad:9a:37:69:3b:8e:
93:46:66:97:56:90:89:fd:19:ab:83:46:40:3c:7a:3e:e6:0b:
1d:26:a9:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ8IrnCYW3DYg0CR0Klg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZmOTIyNGZhYmRmNTQzMGEyOTFkNzFmNzE4ZTg5OGZkOGUzYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPTauxlDJM5LqfQALeQwOcHnP0FX
hdz+WnYc3OFoy7oYrl7/mDqkBii8e+j4htIO3+67t+hmG60HeP7gyNJJhonenuUu
SMr9mMsiYT8oSJqVD4sXf01DZMA8dUgVlWMbONWFVbAPYoSRBigUTTveLHoDKso1
vPWNg+MhEAma1Bq731kuwYd3bblswrAqAHU6ZH2Y2P4wnYT/SWiBRfZYGkw1u+8p
0C4huId0skeJSmeiNpn1DcdkiL0w2HdvbBgM+2j7nkGtIpk8PRcbU3g3JyfrJKMi
89QOzps4rCxrcoMWQeiSVyie7OZ+qyDhkknCRvVBcmp7lncuOdSoLgoBiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGD/kiT6vfVDCikdcfcY6Jj9jjoWMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvWVAtU0pQcTk5VU1LS1IxeDl4am9tUDJPT2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBiryuAwQA
wff2MA0GCSqGSIb3DQEBCwUAA4IBAQCOgaVGoMR5m7ec8rfVw0I4BkWxEa68Dl4I
69mD5+i+Dwkgct+Y9gKePXaZbtZqBMHL+F7Mt9Qx93uY3IjFln/ow1ay2cwPMBPk
PL21UKRqVJRuxpRs6Ok45VvmxtNfMPbC1Y3+YnCYT6Sd2eVUrExSzgb/TCLUxNZM
lALdxYtMF/i09cEJmUyU0ZoVXg9JaQCVx1BT+eSuKxL8ajxaEdgOppAZepHox6+M
WpHdzx16otnYt1EoBey6qQ/tSE2SlfcKQLc35LlYr8eGqDzd6pUDA0vW0W38PJq2
inUI+VAnGSRr1zetmjdpO46TRmaXVpCJ/Rmrg0ZAPHo+5gsdJqlP
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:38 2025 by rpki-client