Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/yDomHUFVSb_vaV7A7wWb5nAhjlc.roa
File: yDomHUFVSb_vaV7A7wWb5nAhjlc.roa (raw, json)
Hash identifier: yYYELV3m9YlCfoig7ujzEpQib6RUtY2OkBAFEppcwPU=
Subject key identifier: C8:3A:26:1D:41:55:49:BF:EF:69:5E:C0:EF:05:9B:E6:70:21:8E:57
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 0194266C370A7998B5726ABF82B886B10A3C
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/yDomHUFVSb_vaV7A7wWb5nAhjlc.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60404
IP address blocks: 2a0b:b600:1000::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:37:0a:79:98:b5:72:6a:bf:82:b8:86:b1:0a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c83a261d415549bfef695ec0ef059be670218e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:80:5f:62:38:0f:f1:5e:b8:6a:80:b2:5d:
5c:38:a5:dd:bf:5a:ab:3f:bb:88:40:66:6b:0b:9c:
02:97:d5:bb:b6:05:21:73:c8:56:8d:7c:2d:25:03:
73:b6:d7:75:7a:b2:27:80:f2:d6:cd:14:1f:5b:aa:
22:ba:c6:66:4d:3c:a6:b7:01:6f:d3:26:f5:40:e3:
3f:61:82:09:2b:05:9f:ac:4a:da:04:3a:9f:5a:21:
12:33:08:db:ea:62:39:01:19:af:e0:f9:f5:c4:9f:
aa:e2:84:7d:22:b3:4f:2c:02:1b:68:03:cc:0a:d4:
71:c2:0f:41:ba:a6:b5:ff:c3:09:02:94:1e:10:9b:
e7:a0:79:fd:09:33:87:d5:df:7f:74:d9:9b:be:e5:
c5:30:78:09:25:ff:d7:a0:a9:01:cb:ab:70:11:b6:
0c:15:6c:82:2f:10:78:ce:c5:78:2c:7b:38:1b:b0:
ef:0d:c6:7b:aa:79:f8:7a:cc:cf:74:e5:be:66:70:
ba:6f:d7:e8:2a:21:6d:3a:2f:da:c5:8b:82:fa:b0:
76:40:66:25:44:0a:bf:fc:aa:6c:4c:b5:84:03:6c:
d9:9d:27:5a:26:c3:df:2d:fb:28:0e:4f:ac:3e:43:
f6:21:f0:e7:62:29:a7:60:ad:e6:8e:9c:0f:ea:2e:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3A:26:1D:41:55:49:BF:EF:69:5E:C0:EF:05:9B:E6:70:21:8E:57
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/yDomHUFVSb_vaV7A7wWb5nAhjlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b600:1000::/38
Signature Algorithm: sha256WithRSAEncryption
0f:de:63:60:10:88:64:c6:81:58:2e:76:38:38:86:ab:a3:d9:
df:4f:2a:00:1e:07:2e:5a:e8:32:77:be:8d:24:b5:6d:24:79:
8a:91:2d:a1:1e:71:4f:5b:ca:02:2f:be:01:3d:bb:2a:c4:e8:
f0:5a:b7:c1:e2:15:02:23:68:13:16:68:02:a8:ba:63:75:77:
67:d3:cc:cd:f6:75:b6:cf:0c:55:af:eb:07:bc:58:5d:51:f4:
6a:ca:04:18:1a:b6:da:83:76:dc:44:5e:ad:03:1c:99:d0:02:
0c:e5:ab:55:8c:cd:4d:33:ee:f3:e9:aa:ad:b0:82:b6:05:09:
03:dc:36:c7:b2:48:26:ed:5a:23:4b:09:c7:9a:2e:94:f2:df:
55:60:63:b5:6a:83:e2:09:b9:49:68:d5:be:d7:b1:ce:5e:b2:
56:7e:82:28:53:bb:18:ec:16:c7:62:05:23:a2:b4:f1:f5:9f:
05:d7:f0:37:3a:65:aa:37:ef:db:10:71:ed:18:99:5e:5d:62:
40:98:fa:7e:06:ea:d3:9d:e1:96:d4:7d:11:14:d1:a6:86:a8:
97:e0:fb:da:b2:0d:38:ab:0e:0d:62:0c:0a:8b:e9:3d:c4:f5:
c5:ab:9b:d8:98:0a:b4:dd:67:7d:81:64:d1:9d:3d:ef:3e:71:
50:92:5d:8f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQmbDcKeZi1cmq/griGsQo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNhMjYxZDQxNTU0OWJmZWY2OTVlYzBlZjA1OWJlNjcwMjE4ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+AX2I4D/FeuGqAsl1cOKXdv1qr
P7uIQGZrC5wCl9W7tgUhc8hWjXwtJQNzttd1erIngPLWzRQfW6oiusZmTTymtwFv
0yb1QOM/YYIJKwWfrEraBDqfWiESMwjb6mI5ARmv4Pn1xJ+q4oR9IrNPLAIbaAPM
CtRxwg9Buqa1/8MJApQeEJvnoHn9CTOH1d9/dNmbvuXFMHgJJf/XoKkBy6twEbYM
FWyCLxB4zsV4LHs4G7DvDcZ7qnn4eszPdOW+ZnC6b9foKiFtOi/axYuC+rB2QGYl
RAq//KpsTLWEA2zZnSdaJsPfLfsoDk+sPkP2IfDnYimnYK3mjpwP6i4eLQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMg6Jh1BVUm/72lewO8Fm+ZwIY5XMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEveURvbUhVRlZTYl92YVY3QTd3V2I1bkFoamxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgu2ABAw
DQYJKoZIhvcNAQELBQADggEBAA/eY2AQiGTGgVgudjg4hquj2d9PKgAeBy5a6DJ3
vo0ktW0keYqRLaEecU9bygIvvgE9uyrE6PBat8HiFQIjaBMWaAKoumN1d2fTzM32
dbbPDFWv6we8WF1R9GrKBBgattqDdtxEXq0DHJnQAgzlq1WMzU0z7vPpqq2wgrYF
CQPcNseySCbtWiNLCceaLpTy31VgY7Vqg+IJuUlo1b7Xsc5eslZ+gihTuxjsFsdi
BSOitPH1nwXX8Dc6Zao379sQce0YmV5dYkCY+n4G6tOd4ZbUfREU0aaGqJfg+9qy
DTirDg1iDAqL6T3E9cWrm9iYCrTdZ32BZNGdPe8+cVCSXY8=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:42:55 2025 by rpki-client