Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/YHFPa4m9LoYQNM2l3WlbuD8BYSE.roa
File: YHFPa4m9LoYQNM2l3WlbuD8BYSE.roa (raw, json)
Hash identifier: 5XWwisKeDA6C6nc4lZ8NdYHFutqiAayALt9LORpK7T0=
Subject key identifier: 60:71:4F:6B:89:BD:2E:86:10:34:CD:A5:DD:69:5B:B8:3F:01:61:21
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0195CC6FBD57B05D19E67B164D51B8D15AFA
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/YHFPa4m9LoYQNM2l3WlbuD8BYSE.roa
Signing time: Tue 25 Mar 2025 08:33:49 +0000
ROA not before: Tue 25 Mar 2025 08:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199760
IP address blocks: 144.56.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:6f:bd:57:b0:5d:19:e6:7b:16:4d:51:b8:d1:5a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Mar 25 08:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60714f6b89bd2e861034cda5dd695bb83f016121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:d9:42:25:c6:b7:d1:74:12:15:49:cc:bf:
1d:ca:dd:12:86:43:50:f3:82:68:41:f9:8a:78:8f:
84:7b:30:35:43:4c:e3:3a:c2:9c:34:51:8e:30:a6:
e8:e8:2c:08:c2:ae:2a:8f:b6:4c:ac:50:27:dc:d2:
b4:6f:d5:52:d4:84:68:e1:40:8a:3d:3c:2c:c0:1e:
a6:24:e2:f8:bd:0c:66:b7:48:a4:7b:a0:57:87:7e:
82:f1:f6:1d:98:22:a9:87:81:c7:b0:f9:48:38:74:
00:7c:9c:6b:0c:f5:3d:23:4c:9d:e7:6d:72:4b:64:
66:3e:d1:58:2e:c6:0e:34:a4:87:e7:e3:70:82:8d:
fb:33:a7:21:b4:b0:1b:01:02:b8:44:57:a0:5e:88:
9a:29:18:ce:6b:3c:93:f2:bb:b8:37:85:a1:4c:9d:
f5:4b:fd:97:42:d2:de:eb:71:59:22:51:9c:e1:49:
6e:06:e1:90:94:fb:0d:6e:2a:4c:08:b9:9b:af:9a:
96:2f:e6:28:c5:a8:29:fe:b1:16:2f:e5:55:f7:6d:
9f:1c:e3:bf:e0:38:0b:53:bf:39:ad:13:d5:10:46:
02:a3:93:e9:1b:9f:08:b3:2f:b2:09:62:ec:b4:bf:
8c:2c:ef:de:71:55:7b:0d:67:e4:06:23:8e:90:2a:
6b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:71:4F:6B:89:BD:2E:86:10:34:CD:A5:DD:69:5B:B8:3F:01:61:21
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/YHFPa4m9LoYQNM2l3WlbuD8BYSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.29.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:fc:ba:84:c7:9e:e9:ab:86:a6:a3:b6:bf:17:76:1f:f5:04:
b3:41:ff:8c:7e:9a:85:11:50:58:79:59:70:e3:45:7c:42:9b:
6f:1a:20:a0:9d:81:5c:8f:ec:a0:92:8d:48:dd:9a:e3:59:25:
a6:91:4a:70:31:de:63:23:13:dc:b0:62:b7:fc:5f:40:34:48:
a1:c8:84:19:b7:1a:f3:d5:84:b0:12:45:23:8a:d5:d3:a2:79:
0d:a1:45:cd:2c:0e:7e:36:e7:81:6c:7c:d6:51:a9:47:3b:52:
f0:b3:eb:26:9c:98:21:2b:3d:8f:36:85:71:bf:02:6e:d0:bf:
d7:c6:18:41:39:d0:45:48:78:2f:30:16:3b:33:dd:d2:31:3a:
5e:2d:fd:39:35:f9:61:17:9f:69:86:fc:c7:e4:45:f5:77:6c:
d2:a4:d9:f6:88:c7:8e:88:95:73:3c:7e:42:7c:fc:57:e0:d9:
49:ff:79:b7:30:8b:c4:cc:e3:46:dc:5a:fc:f6:61:a9:5f:a5:
b2:e3:e1:c5:cd:d4:4e:74:eb:06:36:c4:3b:c4:54:de:3d:3a:
50:f0:0c:56:75:d7:e5:b2:bd:51:7b:c8:55:94:7d:4c:a3:36:
7c:81:6d:00:3f:38:d4:15:2c:7f:d7:26:7b:85:87:2b:3d:e9:
0a:d2:87:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXMb71XsF0Z5nsWTVG40Vr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMzI1MDgzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcxNGY2Yjg5YmQyZTg2MTAzNGNkYTVkZDY5NWJiODNmMDE2MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonzZQiXGt9F0EhVJzL8dyt0ShkNQ
84JoQfmKeI+EezA1Q0zjOsKcNFGOMKbo6CwIwq4qj7ZMrFAn3NK0b9VS1IRo4UCK
PTwswB6mJOL4vQxmt0ike6BXh36C8fYdmCKph4HHsPlIOHQAfJxrDPU9I0yd521y
S2RmPtFYLsYONKSH5+Nwgo37M6chtLAbAQK4RFegXoiaKRjOazyT8ru4N4WhTJ31
S/2XQtLe63FZIlGc4UluBuGQlPsNbipMCLmbr5qWL+Yoxagp/rEWL+VV922fHOO/
4DgLU785rRPVEEYCo5PpG58Isy+yCWLstL+MLO/ecVV7DWfkBiOOkCprKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBxT2uJvS6GEDTNpd1pW7g/AWEhMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvWUhGUGE0bTlMb1lRTk0ybDNXbGJ1RDhCWVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkDgdMA0G
CSqGSIb3DQEBCwUAA4IBAQBv/LqEx57pq4amo7a/F3Yf9QSzQf+MfpqFEVBYeVlw
40V8QptvGiCgnYFcj+ygko1I3ZrjWSWmkUpwMd5jIxPcsGK3/F9ANEihyIQZtxrz
1YSwEkUjitXTonkNoUXNLA5+NueBbHzWUalHO1Lws+smnJghKz2PNoVxvwJu0L/X
xhhBOdBFSHgvMBY7M93SMTpeLf05NflhF59phvzH5EX1d2zSpNn2iMeOiJVzPH5C
fPxX4NlJ/3m3MIvEzONG3Fr89mGpX6Wy4+HFzdROdOsGNsQ7xFTePTpQ8AxWddfl
sr1Re8hVlH1MozZ8gW0APzjUFSx/1yZ7hYcrPekK0ocX
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:45:13 2025 by rpki-client