Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/YPXVOgtlv47MULpqvQ2eiJqw0s0.roa
File: YPXVOgtlv47MULpqvQ2eiJqw0s0.roa (raw, json)
Hash identifier: 1U3YQJEvDPze+SY3FCaghiXBlRWFSFhPdqgWDRzyuw0=
Subject key identifier: 60:F5:D5:3A:0B:65:BF:8E:CC:50:BA:6A:BD:0D:9E:88:9A:B0:D2:CD
Certificate issuer: /CN=400de28131c73b5f5320f51dae6c1bd47ab82f92
Certificate serial: 0194228DD96B277ED92D1D432979A5CB8992
Authority key identifier: 40:0D:E2:81:31:C7:3B:5F:53:20:F5:1D:AE:6C:1B:D4:7A:B8:2F:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/YPXVOgtlv47MULpqvQ2eiJqw0s0.roa
Signing time: Wed 01 Jan 2025 15:48:29 +0000
ROA not before: Wed 01 Jan 2025 15:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 91.197.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d9:6b:27:7e:d9:2d:1d:43:29:79:a5:cb:89:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400de28131c73b5f5320f51dae6c1bd47ab82f92
Validity
Not Before: Jan 1 15:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60f5d53a0b65bf8ecc50ba6abd0d9e889ab0d2cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:14:02:eb:f9:53:68:18:4d:5f:6b:91:a1:43:
fc:d0:65:fd:87:98:b9:ff:a2:b2:67:02:eb:0b:5e:
53:8f:53:cf:46:6e:01:9d:80:3f:01:d2:c0:8b:3e:
fd:0b:30:02:b2:52:d4:00:57:46:91:e1:9f:f0:8c:
a7:0a:88:b3:0b:a5:16:db:9f:76:b8:6e:0a:69:4a:
4f:3a:e1:42:58:df:00:1c:15:e4:10:6b:1b:8b:cc:
d1:d4:9a:5a:66:3e:3e:db:92:4b:aa:2f:85:b1:aa:
76:97:a7:e7:57:e5:29:54:f7:bb:90:fc:f5:86:58:
52:51:92:9a:a4:6b:61:3f:5f:6c:b9:1f:a8:57:90:
e3:bd:a3:a0:f4:54:94:97:aa:0f:65:a8:6f:e0:8d:
91:e9:84:b1:51:04:0a:2a:45:10:84:84:95:c2:24:
0b:5a:b9:88:f6:34:c5:b2:0d:0d:7d:f9:43:5c:1f:
d5:d6:13:59:25:f3:5f:08:92:04:8e:35:21:57:52:
51:44:d9:80:24:74:a5:e7:40:17:dc:07:89:bb:3d:
1b:2a:25:9a:42:fa:17:d1:82:b5:db:4d:21:b8:a1:
39:3c:f6:7f:f9:6f:4b:25:d8:35:7f:50:a6:d3:51:
1c:22:1a:19:10:45:25:c5:a1:e5:e8:83:06:e3:06:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F5:D5:3A:0B:65:BF:8E:CC:50:BA:6A:BD:0D:9E:88:9A:B0:D2:CD
X509v3 Authority Key Identifier:
keyid:40:0D:E2:81:31:C7:3B:5F:53:20:F5:1D:AE:6C:1B:D4:7A:B8:2F:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/YPXVOgtlv47MULpqvQ2eiJqw0s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.243.0/24
Signature Algorithm: sha256WithRSAEncryption
49:cc:eb:7f:74:de:e7:31:7a:8b:33:41:41:82:25:68:3c:0c:
b3:ae:d6:a2:19:5d:5e:d8:27:58:69:e6:0a:8a:28:2f:9a:3b:
83:94:53:96:88:2a:f2:c2:74:53:b6:71:28:fe:d4:b8:d9:96:
1f:43:0c:bd:cd:61:64:1c:08:00:9d:66:ad:22:50:39:48:32:
93:2a:d7:01:8c:f9:99:98:8c:f2:5a:85:34:8a:29:80:e6:44:
17:6b:52:c4:3c:8e:e4:03:4b:49:c0:c1:63:fa:fc:34:37:6a:
26:60:23:25:e1:3e:9a:4f:eb:9d:d8:40:00:35:8d:60:68:6e:
8f:62:bc:0a:ef:19:d2:41:f2:bf:88:44:2b:29:03:a6:67:71:
0d:7a:a3:06:99:16:b8:3a:b9:22:d1:22:72:8a:31:37:1f:50:
54:64:b2:ef:4a:a8:b7:80:e7:1a:32:81:6f:90:58:15:d5:55:
52:ab:8f:d3:e9:86:a6:fc:5d:d1:32:34:b6:b6:ea:d8:0b:2f:
a2:95:d3:cf:57:3c:9e:1c:59:30:00:59:99:f4:d8:d2:85:05:
96:a6:c5:f9:6a:ce:a9:6a:6f:38:72:b3:d4:7f:36:66:18:43:
24:a6:95:33:55:de:0e:ba:f5:da:7b:a7:75:01:54:7a:f4:43:
06:46:42:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdlrJ37ZLR1DKXmly4mSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGRlMjgxMzFjNzNiNWY1MzIwZjUxZGFlNmMxYmQ0N2Fi
ODJmOTIwHhcNMjUwMTAxMTU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY1ZDUzYTBiNjViZjhlY2M1MGJhNmFiZDBkOWU4ODlhYjBkMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshQC6/lTaBhNX2uRoUP80GX9h5i5
/6KyZwLrC15Tj1PPRm4BnYA/AdLAiz79CzACslLUAFdGkeGf8IynCoizC6UW2592
uG4KaUpPOuFCWN8AHBXkEGsbi8zR1JpaZj4+25JLqi+Fsap2l6fnV+UpVPe7kPz1
hlhSUZKapGthP19suR+oV5DjvaOg9FSUl6oPZahv4I2R6YSxUQQKKkUQhISVwiQL
WrmI9jTFsg0NfflDXB/V1hNZJfNfCJIEjjUhV1JRRNmAJHSl50AX3AeJuz0bKiWa
QvoX0YK1200huKE5PPZ/+W9LJdg1f1Cm01EcIhoZEEUlxaHl6IMG4wYExwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGD11ToLZb+OzFC6ar0NnoiasNLNMB8GA1UdIwQY
MBaAFEAN4oExxztfUyD1Ha5sG9R6uC+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzk3ZjItZjI3Mi00NjYzLWIxNDUt
YmM2YTFiMjFmZDVlLzEvWVBYVk9ndGx2NDdNVUxwcXZRMmVpSnF3MHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNzk3ZjItZjI3Mi00NjYzLWIxNDUtYmM2YTFiMjFmZDVl
LzEvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8XzMA0G
CSqGSIb3DQEBCwUAA4IBAQBJzOt/dN7nMXqLM0FBgiVoPAyzrtaiGV1e2CdYaeYK
iigvmjuDlFOWiCrywnRTtnEo/tS42ZYfQwy9zWFkHAgAnWatIlA5SDKTKtcBjPmZ
mIzyWoU0iimA5kQXa1LEPI7kA0tJwMFj+vw0N2omYCMl4T6aT+ud2EAANY1gaG6P
YrwK7xnSQfK/iEQrKQOmZ3ENeqMGmRa4Orki0SJyijE3H1BUZLLvSqi3gOcaMoFv
kFgV1VVSq4/T6Yam/F3RMjS2turYCy+ildPPVzyeHFkwAFmZ9NjShQWWpsX5as6p
am84crPUfzZmGEMkppUzVd4OuvXae6d1AVR69EMGRkJ9
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:42 2025 by rpki-client