Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YYUKAK2F8cmjIDogLRScyFjxA3s.roa
File: YYUKAK2F8cmjIDogLRScyFjxA3s.roa (raw, json)
Hash identifier: u5QuMtNIXq5Bh4ROu+k9IjhVvTjPtCkjIDCr4jQWPME=
Subject key identifier: 61:85:0A:00:AD:85:F1:C9:A3:20:3A:20:2D:14:9C:C8:58:F1:03:7B
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B6741B0CBADC8A9EACFC2B78D9332D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YYUKAK2F8cmjIDogLRScyFjxA3s.roa
Signing time: Thu 02 Jan 2025 15:50:56 +0000
ROA not before: Thu 02 Jan 2025 15:50:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3292
IP address blocks: 2.21.28.0/22 maxlen: 22
2a02:26f0:116::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:74:1b:0c:ba:dc:8a:9e:ac:fc:2b:78:d9:33:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:50:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61850a00ad85f1c9a3203a202d149cc858f1037b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:7c:8b:69:37:3e:e2:86:52:bf:cc:6e:80:
8c:9e:af:56:99:8a:ab:d8:f1:b0:6e:b4:41:db:ba:
c4:d1:7f:8a:87:45:f7:5f:55:aa:02:83:8b:aa:a4:
d8:9e:b8:3e:68:65:b8:8e:b5:e8:9f:ad:cb:e9:82:
52:c3:ce:b1:68:e8:4d:bf:3e:5c:06:28:47:a0:94:
4b:8d:7a:28:cd:df:cb:82:11:04:cb:ce:aa:a4:f0:
1b:76:f9:5b:3d:81:6d:cb:c7:23:7e:4b:68:43:72:
28:30:45:5a:68:4d:f8:fc:f1:2e:82:21:f4:30:09:
26:b2:3d:1a:e4:a8:c0:89:15:c6:75:29:20:bd:51:
62:bc:1f:77:11:77:c2:19:c4:ac:cc:80:51:63:8c:
1d:3d:29:c3:c8:b7:49:db:cf:89:1f:4b:80:0c:3d:
04:8b:c5:ca:45:84:4e:4b:7c:6c:25:62:de:33:04:
76:86:d8:bd:3f:b4:21:3d:70:53:a6:30:1d:ba:41:
87:8b:f3:3a:a5:82:fe:41:03:e4:27:ca:34:59:8a:
f8:fa:a3:40:2c:6a:45:04:bd:ad:5e:c4:75:73:0a:
30:be:da:c9:78:e0:2e:f1:19:30:96:2d:6c:1c:40:
1d:b1:2c:1d:96:3b:83:eb:a0:41:d6:e0:b3:65:bd:
10:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:85:0A:00:AD:85:F1:C9:A3:20:3A:20:2D:14:9C:C8:58:F1:03:7B
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YYUKAK2F8cmjIDogLRScyFjxA3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.21.28.0/22
IPv6:
2a02:26f0:116::/48
Signature Algorithm: sha256WithRSAEncryption
93:91:7b:71:c4:68:9b:f5:c2:3b:90:3c:48:82:33:9d:6c:1a:
86:c4:93:a2:fc:5b:7a:ae:f9:d0:ff:7b:c0:e8:c0:13:75:7e:
7b:90:d6:c8:cf:2f:ec:83:11:5b:ac:d7:77:c0:7a:d5:56:20:
df:12:2f:c3:9b:2b:c0:6c:8e:a4:e8:1e:46:1a:00:9b:82:e1:
44:de:58:8a:7c:9f:83:4f:79:f3:39:12:50:8b:ca:8d:a6:f4:
1c:d9:e0:05:ff:20:6b:a4:19:82:88:66:43:3f:75:61:06:1d:
b3:02:e7:ed:6e:e1:fc:be:ad:7a:6c:db:a9:cd:c6:14:c0:73:
26:74:f9:f7:0f:a8:52:92:8e:5f:b3:7a:08:f8:30:d3:fc:74:
4f:b8:7b:2e:e0:b9:79:54:af:f9:19:67:7d:37:63:39:93:f2:
e8:9b:f1:b5:ec:88:df:b3:46:50:3f:52:81:b5:8f:27:b1:cb:
8c:3e:72:63:9d:ef:dd:93:13:17:3d:38:33:27:b8:72:79:1f:
03:11:01:e8:ee:79:59:45:81:b8:3a:69:24:be:fc:61:3a:df:
da:bc:32:64:74:4b:69:c8:62:12:2e:68:cc:a6:33:22:97:4e:
31:21:19:b0:50:40:b2:18:be:e5:e9:e0:5a:68:a8:fe:90:d2:
a4:94:8a:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntnQbDLrcip6s/Ct42TMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTg1MGEwMGFkODVmMWM5YTMyMDNhMjAyZDE0OWNjODU4ZjEwMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNF8i2k3PuKGUr/MboCMnq9WmYqr
2PGwbrRB27rE0X+Kh0X3X1WqAoOLqqTYnrg+aGW4jrXon63L6YJSw86xaOhNvz5c
BihHoJRLjXoozd/LghEEy86qpPAbdvlbPYFty8cjfktoQ3IoMEVaaE34/PEugiH0
MAkmsj0a5KjAiRXGdSkgvVFivB93EXfCGcSszIBRY4wdPSnDyLdJ28+JH0uADD0E
i8XKRYROS3xsJWLeMwR2hti9P7QhPXBTpjAdukGHi/M6pYL+QQPkJ8o0WYr4+qNA
LGpFBL2tXsR1cwowvtrJeOAu8Rkwli1sHEAdsSwdljuD66BB1uCzZb0QGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGFCgCthfHJoyA6IC0UnMhY8QN7MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvWVlVS0FLMkY4Y21qSURvZ0xSU2N5Rmp4QTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCAhUcMA8E
AgACMAkDBwAqAibwARYwDQYJKoZIhvcNAQELBQADggEBAJORe3HEaJv1wjuQPEiC
M51sGobEk6L8W3qu+dD/e8DowBN1fnuQ1sjPL+yDEVus13fAetVWIN8SL8ObK8Bs
jqToHkYaAJuC4UTeWIp8n4NPefM5ElCLyo2m9BzZ4AX/IGukGYKIZkM/dWEGHbMC
5+1u4fy+rXps26nNxhTAcyZ0+fcPqFKSjl+zegj4MNP8dE+4ey7guXlUr/kZZ303
YzmT8uib8bXsiN+zRlA/UoG1jyexy4w+cmOd792TExc9ODMnuHJ5HwMRAejueVlF
gbg6aSS+/GE639q8MmR0S2nIYhIuaMymMyKXTjEhGbBQQLIYvuXp4FpoqP6Q0qSU
ii0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:46:38 2025 by rpki-client