Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YM7m6k4wxn62jAGlhB_BiR4TaiU.roa
File: YM7m6k4wxn62jAGlhB_BiR4TaiU.roa (raw, json)
Hash identifier: tAYub6KOaFtpsgwKgYXk3OgBxKnM66nQMyi0KSyU0OY=
Subject key identifier: 60:CE:E6:EA:4E:30:C6:7E:B6:8C:01:A5:84:1F:C1:89:1E:13:6A:25
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5E164CC592374BCCAC10B42F9AAA3
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YM7m6k4wxn62jAGlhB_BiR4TaiU.roa
Signing time: Wed 01 Jan 2025 07:47:55 +0000
ROA not before: Wed 01 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395092
IP address blocks: 45.140.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e1:64:cc:59:23:74:bc:ca:c1:0b:42:f9:aa:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60cee6ea4e30c67eb68c01a5841fc1891e136a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:68:1d:b1:a4:f8:36:c7:c7:03:86:d9:ca:29:
76:0f:93:69:c5:fc:97:c3:04:a1:1e:ea:7f:d4:22:
cb:49:8a:77:7f:14:67:c4:18:ad:df:f9:74:d5:f5:
9a:e1:dd:84:a3:9e:39:6e:54:11:49:e7:7b:88:b8:
c8:bf:5d:f3:ae:6a:aa:0a:ba:59:5a:2b:5d:dc:da:
f7:52:16:2e:52:ce:3c:b0:11:27:c4:af:0e:ba:48:
01:45:a2:aa:12:d2:97:c9:5a:99:74:13:97:40:3a:
c3:86:30:f4:2c:21:22:0e:5e:05:4f:d7:ef:03:41:
c4:b1:b0:c3:8d:3b:be:fd:d2:ed:1f:ff:a5:1a:41:
ba:e7:9c:06:64:45:6d:f3:fb:6c:da:ed:b8:bf:29:
83:72:da:fc:1d:a3:d9:ba:f1:78:ec:5d:a2:ed:65:
77:5a:c1:88:a4:99:a9:25:29:8e:f1:54:06:b2:b6:
b6:7e:bc:c9:fc:f1:f0:0c:d9:76:82:69:4c:51:fc:
ad:38:73:c5:d9:2a:e1:38:81:97:f4:c4:e5:ff:88:
49:a6:49:6a:91:0a:5a:d2:c3:2b:9f:5b:eb:57:b3:
e6:e5:52:83:db:f5:a7:3a:19:53:75:fe:cc:89:79:
0e:9d:c0:71:b1:cd:de:d1:f5:80:a2:35:4d:f5:cc:
e1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CE:E6:EA:4E:30:C6:7E:B6:8C:01:A5:84:1F:C1:89:1E:13:6A:25
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YM7m6k4wxn62jAGlhB_BiR4TaiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.174.0/24
Signature Algorithm: sha256WithRSAEncryption
75:54:4d:0d:3f:32:08:72:d8:9c:63:51:4a:71:aa:68:7d:ad:
cb:c7:fc:52:e2:3e:29:4c:8b:d9:51:c3:7f:16:9c:ba:5e:2c:
1f:cb:db:37:d5:83:62:1c:31:71:9d:6a:5d:c4:bb:38:04:87:
01:ad:6d:38:62:fa:f7:f8:75:8d:71:69:2b:78:d0:83:7c:c2:
d7:72:a4:8f:47:47:a9:95:91:93:69:bf:d2:51:7d:ad:60:1b:
3a:90:a9:db:33:71:98:94:d6:03:8e:f6:34:97:07:88:f2:19:
6c:a8:e6:55:9a:be:5d:82:5d:33:7c:37:9e:61:e0:cc:05:bc:
48:45:dc:ba:3c:ea:23:f4:a6:a7:df:6b:58:d5:13:cd:68:36:
27:31:8b:39:34:d7:65:d1:0a:a2:f0:72:99:13:28:2c:ca:37:
38:81:6e:a9:e4:de:64:46:f6:a1:66:5b:29:35:f8:ee:98:7e:
1d:5a:e6:c0:2d:ea:5d:25:80:0c:db:42:d7:c4:16:d2:0a:fa:
02:c6:92:d2:bd:04:98:ea:cf:07:2d:56:3d:60:ad:cc:59:f4:
fb:38:a1:13:96:25:fd:f1:7d:6a:bc:7b:c1:8b:3d:c5:25:c3:
aa:45:2e:fe:fe:f6:dc:a3:fd:c9:cf:19:6a:5f:b2:80:6a:8d:
5d:a7:34:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1eFkzFkjdLzKwQtC+aqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNlZTZlYTRlMzBjNjdlYjY4YzAxYTU4NDFmYzE4OTFlMTM2YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmgdsaT4NsfHA4bZyil2D5NpxfyX
wwShHup/1CLLSYp3fxRnxBit3/l01fWa4d2Eo545blQRSed7iLjIv13zrmqqCrpZ
Witd3Nr3UhYuUs48sBEnxK8OukgBRaKqEtKXyVqZdBOXQDrDhjD0LCEiDl4FT9fv
A0HEsbDDjTu+/dLtH/+lGkG655wGZEVt8/ts2u24vymDctr8HaPZuvF47F2i7WV3
WsGIpJmpJSmO8VQGsra2frzJ/PHwDNl2gmlMUfytOHPF2SrhOIGX9MTl/4hJpklq
kQpa0sMrn1vrV7Pm5VKD2/WnOhlTdf7MiXkOncBxsc3e0fWAojVN9czhMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDO5upOMMZ+towBpYQfwYkeE2olMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWU03bTZrNHd4bjYyakFHbGhCX0JpUjRUYWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYyuMA0G
CSqGSIb3DQEBCwUAA4IBAQB1VE0NPzIIcticY1FKcapofa3Lx/xS4j4pTIvZUcN/
Fpy6Xiwfy9s31YNiHDFxnWpdxLs4BIcBrW04Yvr3+HWNcWkreNCDfMLXcqSPR0ep
lZGTab/SUX2tYBs6kKnbM3GYlNYDjvY0lweI8hlsqOZVmr5dgl0zfDeeYeDMBbxI
Rdy6POoj9Kan32tY1RPNaDYnMYs5NNdl0Qqi8HKZEygsyjc4gW6p5N5kRvahZlsp
NfjumH4dWubALepdJYAM20LXxBbSCvoCxpLSvQSY6s8HLVY9YK3MWfT7OKETliX9
8X1qvHvBiz3FJcOqRS7+/vbco/3JzxlqX7KAao1dpzQP
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:17:10 2025 by rpki-client