Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ya21S1G_bjuvTRVKB2urYTOGMy8.roa
File: ya21S1G_bjuvTRVKB2urYTOGMy8.roa (raw, json)
Hash identifier: RUNhwlKcQj6FLizyFtlYOBDETX6NHvE59F3kiwygPiw=
Subject key identifier: C9:AD:B5:4B:51:BF:6E:3B:AF:4D:15:4A:07:6B:AB:61:33:86:33:2F
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220512FE4E447F2B6AE8409C3B77BEA
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ya21S1G_bjuvTRVKB2urYTOGMy8.roa
Signing time: Wed 01 Jan 2025 13:48:50 +0000
ROA not before: Wed 01 Jan 2025 13:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215006
IP address blocks: 2a0e:8f02:f06c::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:51:2f:e4:e4:47:f2:b6:ae:84:09:c3:b7:7b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9adb54b51bf6e3baf4d154a076bab613386332f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:d6:5c:99:02:8c:c4:08:92:92:c7:e3:b2:
67:8e:b8:59:cd:f5:1e:5a:d0:f5:cd:34:1d:92:77:
15:e6:43:5f:ec:bf:81:6f:bb:77:21:b6:12:cb:f3:
30:6f:57:50:cf:a8:fe:37:12:a0:3b:ef:5e:87:6b:
bf:8d:76:d7:f9:1b:77:be:b4:a0:8b:de:94:eb:ee:
0f:ae:e8:42:a2:98:7e:6a:15:4e:b0:2f:32:f8:fb:
90:5b:25:1c:38:b0:c2:b2:5e:54:48:ee:41:84:21:
4a:fe:8d:50:f9:07:dc:36:62:12:f1:58:21:74:81:
60:44:ce:30:04:b7:6e:d2:ae:13:48:1d:6b:11:13:
65:59:89:b2:70:29:3c:37:28:67:bd:c3:0b:fd:fc:
2f:4b:7d:29:d6:1a:78:c4:e9:c1:96:19:cf:dc:e9:
f6:fc:df:da:9c:c0:cc:63:80:47:66:d0:4b:8c:61:
68:69:d6:d5:ca:3e:5f:71:70:b6:10:f8:e2:19:1b:
0e:15:8d:6a:84:b8:91:a9:32:2b:a5:05:d0:bb:3c:
7f:49:dd:40:8f:49:ac:03:5e:4c:2b:fa:f2:28:7c:
0a:d9:0c:80:d0:4f:b3:d1:11:0c:a0:c4:13:f7:3d:
36:2e:87:59:b4:29:90:12:2a:f6:85:1e:59:49:9d:
75:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AD:B5:4B:51:BF:6E:3B:AF:4D:15:4A:07:6B:AB:61:33:86:33:2F
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ya21S1G_bjuvTRVKB2urYTOGMy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f06c::/48
Signature Algorithm: sha256WithRSAEncryption
9c:76:e2:e6:48:60:37:05:94:eb:15:7a:3e:6d:cd:27:05:82:
af:a7:ff:17:6f:75:f2:41:af:9a:ba:1f:37:89:31:45:b7:64:
be:8d:d5:c9:f4:54:c0:16:ff:7e:87:47:93:7a:49:71:05:27:
34:2c:77:bb:47:8d:05:c8:26:32:c7:ed:b4:6d:90:31:43:0a:
5b:8c:17:b1:1e:f1:c4:f6:c5:82:6f:a3:19:4e:0e:81:e5:01:
c2:98:75:43:ef:f8:f0:47:e1:40:00:e2:fa:81:fb:e9:cc:75:
29:51:53:5d:06:00:b6:f2:bf:11:a8:3e:f3:fc:b8:39:2d:02:
2e:d2:4c:8f:7c:aa:e6:4b:4c:1d:3f:4c:07:fd:51:f8:d6:ca:
d5:2d:fa:31:c9:6f:b2:9f:cd:62:d1:57:46:d4:46:20:dd:f1:
1e:7e:37:f2:61:1f:3f:bf:5e:b7:31:2f:05:84:65:de:d6:b4:
3e:01:0f:38:f3:80:bc:fc:59:1a:80:87:71:6a:05:13:8f:a6:
f7:e4:e8:5a:38:67:cb:18:69:dd:ba:65:09:23:ea:2c:fb:e7:
65:22:c1:70:93:cf:0d:7c:ec:d5:a4:c8:af:d5:60:5f:64:62:
35:28:02:b3:8b:9c:d2:1b:f6:a4:d2:29:87:a0:c5:ee:f0:c2:
09:45:d7:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIFEv5ORH8rauhAnDt3vqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFkYjU0YjUxYmY2ZTNiYWY0ZDE1NGEwNzZiYWI2MTMzODYzMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE/WXJkCjMQIkpLH47JnjrhZzfUe
WtD1zTQdkncV5kNf7L+Bb7t3IbYSy/Mwb1dQz6j+NxKgO+9eh2u/jXbX+Rt3vrSg
i96U6+4PruhCoph+ahVOsC8y+PuQWyUcOLDCsl5USO5BhCFK/o1Q+QfcNmIS8Vgh
dIFgRM4wBLdu0q4TSB1rERNlWYmycCk8NyhnvcML/fwvS30p1hp4xOnBlhnP3On2
/N/anMDMY4BHZtBLjGFoadbVyj5fcXC2EPjiGRsOFY1qhLiRqTIrpQXQuzx/Sd1A
j0msA15MK/ryKHwK2QyA0E+z0REMoMQT9z02LodZtCmQEir2hR5ZSZ11YwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMmttUtRv247r00VSgdrq2EzhjMvMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEveWEyMVMxR19ianV2VFJWS0IydXJZVE9HTXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBs
MA0GCSqGSIb3DQEBCwUAA4IBAQCcduLmSGA3BZTrFXo+bc0nBYKvp/8Xb3XyQa+a
uh83iTFFt2S+jdXJ9FTAFv9+h0eTeklxBSc0LHe7R40FyCYyx+20bZAxQwpbjBex
HvHE9sWCb6MZTg6B5QHCmHVD7/jwR+FAAOL6gfvpzHUpUVNdBgC28r8RqD7z/Lg5
LQIu0kyPfKrmS0wdP0wH/VH41srVLfoxyW+yn81i0VdG1EYg3fEefjfyYR8/v163
MS8FhGXe1rQ+AQ8484C8/FkagIdxagUTj6b35OhaOGfLGGndumUJI+os++dlIsFw
k88NfOzVpMiv1WBfZGI1KAKzi5zSG/ak0imHoMXu8MIJRdc3
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:35 2025 by rpki-client