Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YrcaUlVHW2fyltCzVxW5srb_t8s.roa
File: YrcaUlVHW2fyltCzVxW5srb_t8s.roa (raw, json)
Hash identifier: YyEdnBQrxhTsz3EF/MLdt6wJMANAV3iBNjSWCoo0bHQ=
Subject key identifier: 62:B7:1A:52:55:47:5B:67:F2:96:D0:B3:57:15:B9:B2:B6:FF:B7:CB
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B684F5010A0C9C71A9CC1F85796B47
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YrcaUlVHW2fyltCzVxW5srb_t8s.roa
Signing time: Thu 02 Jan 2025 15:51:00 +0000
ROA not before: Thu 02 Jan 2025 15:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55836
IP address blocks: 2.22.176.0/20 maxlen: 20
2.23.32.0/19 maxlen: 19
95.100.0.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:84:f5:01:0a:0c:9c:71:a9:cc:1f:85:79:6b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62b71a5255475b67f296d0b35715b9b2b6ffb7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:ee:f6:43:8e:04:80:39:11:35:2b:7e:70:
6d:dd:36:b9:34:e2:fd:f3:59:d8:3c:4c:66:7a:a6:
e4:07:5e:fd:81:32:97:3e:0b:fd:76:88:f0:ca:0d:
92:63:75:3f:7c:9e:19:64:73:92:0f:a0:32:ce:44:
55:9b:37:6f:aa:2b:02:4d:6e:b8:4f:ab:fe:64:26:
d1:c0:89:74:77:5a:57:17:9a:c2:06:e8:ea:16:fb:
1b:21:54:70:05:b7:01:52:de:3f:7d:33:4f:23:73:
e4:46:9f:40:e5:24:9d:80:29:ce:34:24:3a:a4:51:
e4:77:ee:9f:76:ce:a5:44:6a:28:0c:a6:83:73:77:
5e:7b:db:a9:63:ff:4d:a7:7d:e8:e6:c5:47:f4:2b:
79:02:9a:e3:a6:b3:08:ad:a0:2f:d4:13:73:73:c0:
ec:9b:7e:8a:49:58:de:5e:28:3f:ba:45:81:39:c8:
75:78:35:71:c6:9f:71:a5:31:a5:bc:f6:de:d5:01:
00:88:c9:cd:41:76:ba:e0:2e:29:64:8b:6c:8a:1d:
ff:2a:53:a9:e6:93:7b:df:ab:bf:75:b6:42:1f:ac:
17:2e:c9:fa:1a:8b:7b:d2:65:de:e5:62:34:6c:59:
60:2e:61:62:f5:31:55:d0:9c:1d:34:4c:1d:31:7c:
3a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B7:1A:52:55:47:5B:67:F2:96:D0:B3:57:15:B9:B2:B6:FF:B7:CB
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/YrcaUlVHW2fyltCzVxW5srb_t8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.22.176.0/20
2.23.32.0/19
95.100.0.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:73:28:1c:dc:c2:61:27:da:95:4f:0d:ce:53:4d:fd:b8:30:
a4:5c:aa:bc:18:0b:79:0c:83:30:0d:4e:3c:75:b9:3c:14:25:
5d:5d:3a:d8:79:16:82:bb:0c:6d:87:21:2c:03:30:b1:3e:7b:
9e:9a:cf:80:e5:a8:fa:85:55:85:1a:1f:69:db:d5:f0:74:a8:
60:50:9f:ab:8c:ce:96:d3:d1:b8:78:40:03:de:06:41:c4:1c:
b4:33:27:05:d1:af:ac:ca:66:1d:e8:51:c6:f7:70:0e:32:18:
3a:aa:9b:31:c2:eb:5a:9c:04:19:d6:4c:ae:90:79:17:a3:49:
3a:06:c5:f6:14:14:fd:05:4d:2f:97:4b:51:ef:0f:05:9c:6f:
10:40:28:5c:ce:51:ed:5b:c1:18:8b:c4:9b:de:7a:02:20:fc:
ce:3b:fe:9a:51:3a:f0:ab:4e:b3:5c:8f:e7:ec:fe:9b:8c:b8:
c0:c1:7a:c5:91:d1:01:85:14:b5:7a:3f:77:14:4e:5f:6e:47:
f0:a8:2d:2b:9c:4c:f1:c0:b8:b4:63:b1:17:44:7c:e7:a2:52:
6f:a9:b0:bb:bc:50:ca:0c:42:3b:d1:15:41:d9:c6:3c:18:7a:
6e:89:2e:67:7d:1b:21:5d:f7:a7:05:b9:96:07:69:c2:ab:e5:
dc:4c:b9:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntoT1AQoMnHGpzB+FeWtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmI3MWE1MjU1NDc1YjY3ZjI5NmQwYjM1NzE1YjliMmI2ZmZiN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwebu9kOOBIA5ETUrfnBt3Ta5NOL9
81nYPExmeqbkB179gTKXPgv9dojwyg2SY3U/fJ4ZZHOSD6AyzkRVmzdvqisCTW64
T6v+ZCbRwIl0d1pXF5rCBujqFvsbIVRwBbcBUt4/fTNPI3PkRp9A5SSdgCnONCQ6
pFHkd+6fds6lRGooDKaDc3dee9upY/9Np33o5sVH9Ct5AprjprMIraAv1BNzc8Ds
m36KSVjeXig/ukWBOch1eDVxxp9xpTGlvPbe1QEAiMnNQXa64C4pZItsih3/KlOp
5pN736u/dbZCH6wXLsn6Got70mXe5WI0bFlgLmFi9TFV0JwdNEwdMXw6MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGK3GlJVR1tn8pbQs1cVubK2/7fLMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvWXJjYVVsVkhXMmZ5bHRDelZ4VzVzcmJfdDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEAhawAwQF
AhcgAwQEX2QAMA0GCSqGSIb3DQEBCwUAA4IBAQBOcygc3MJhJ9qVTw3OU039uDCk
XKq8GAt5DIMwDU48dbk8FCVdXTrYeRaCuwxthyEsAzCxPnuems+A5aj6hVWFGh9p
29XwdKhgUJ+rjM6W09G4eEAD3gZBxBy0MycF0a+symYd6FHG93AOMhg6qpsxwuta
nAQZ1kyukHkXo0k6BsX2FBT9BU0vl0tR7w8FnG8QQChczlHtW8EYi8Sb3noCIPzO
O/6aUTrwq06zXI/n7P6bjLjAwXrFkdEBhRS1ej93FE5fbkfwqC0rnEzxwLi0Y7EX
RHznolJvqbC7vFDKDEI70RVB2cY8GHpuiS5nfRshXfenBbmWB2nCq+XcTLlF
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:04:22 2025 by rpki-client