Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/YF3st0iVxHXQN-seFvMQWSSinsY.roa
File: YF3st0iVxHXQN-seFvMQWSSinsY.roa (raw, json)
Hash identifier: +yQ5tzHMH2YDHsHHoZXVb0a4z+49ectNISXe8UfZv+M=
Subject key identifier: 60:5D:EC:B7:48:95:C4:75:D0:37:EB:1E:16:F3:10:59:24:A2:9E:C6
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBC9FC60F10A81684E276E2274E83B
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/YF3st0iVxHXQN-seFvMQWSSinsY.roa
Signing time: Wed 01 Jan 2025 17:48:34 +0000
ROA not before: Wed 01 Jan 2025 17:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197450
IP address blocks: 217.18.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c9:fc:60:f1:0a:81:68:4e:27:6e:22:74:e8:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=605decb74895c475d037eb1e16f3105924a29ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:7e:c2:d1:2f:d2:20:75:5e:97:84:6e:2e:
63:28:30:75:a5:5e:a9:8a:ac:cb:4a:c6:a3:22:b1:
f9:be:a9:bc:f8:8b:2c:b5:77:e6:3c:49:15:bb:2b:
bc:02:45:e4:18:49:2c:02:ab:39:21:62:48:b0:3f:
86:c3:81:04:33:97:f4:1e:22:9f:9c:d7:43:89:99:
be:46:3b:ad:5f:db:74:02:0f:4b:8d:68:74:e0:6e:
54:ef:4c:5e:22:39:27:db:9d:e7:c9:90:aa:8c:83:
2b:96:fe:77:4c:06:69:64:aa:ba:04:12:d9:50:f4:
4e:97:af:9a:fa:5f:b8:0f:2a:d5:28:9a:95:90:b0:
c2:48:33:29:6f:20:95:15:8d:ba:ee:f5:68:6c:a2:
d6:d8:9b:4e:e3:84:fa:ac:94:ec:bf:dc:b0:e2:13:
09:c8:68:77:f6:64:8a:77:ce:fa:ba:43:e6:24:36:
ca:19:85:d2:eb:3d:fa:d3:20:62:9f:fc:55:cd:e4:
bb:ec:b2:b3:66:df:ab:bf:62:34:8b:c0:44:d9:b2:
f3:68:e3:a7:28:3f:de:3c:08:2d:ac:8e:01:32:cc:
32:0e:23:11:4c:43:4d:d8:92:37:e0:67:ad:45:89:
ee:fe:80:e4:99:19:9e:f5:18:c9:12:fc:d7:ce:f2:
6b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5D:EC:B7:48:95:C4:75:D0:37:EB:1E:16:F3:10:59:24:A2:9E:C6
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/YF3st0iVxHXQN-seFvMQWSSinsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.210.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4e:46:a2:5b:d5:0a:74:76:2d:6d:30:b3:ae:df:89:e0:62:
90:2e:f6:08:10:87:c2:6e:79:08:a0:4a:90:55:a1:dc:7c:f2:
41:03:47:9c:7e:49:6b:cd:11:b8:ea:7a:d3:89:58:be:69:88:
28:b1:b5:fc:f8:52:15:21:f9:06:4a:a1:81:32:0b:30:77:f2:
14:6a:35:ab:fb:28:00:35:3a:47:d7:b0:18:2c:c9:d6:6c:ae:
9b:02:89:68:69:b0:99:3f:96:89:3e:ce:0c:59:1a:e2:45:a0:
73:b6:74:e7:ff:c1:2a:6e:78:89:6d:da:e1:ca:a9:43:8a:7d:
f1:cd:60:e7:c6:85:c8:bc:a8:bd:32:3b:f2:6d:23:90:8d:08:
1e:dc:65:90:1c:42:dd:0b:ad:85:65:20:e0:90:13:c2:04:37:
67:66:f8:d7:fa:1f:53:da:45:8a:42:33:60:1b:b4:fa:5a:67:
1e:28:e7:74:89:f6:34:73:a6:09:ed:cc:1b:18:9b:51:e6:2a:
fb:65:d8:ea:cc:68:3d:12:77:f9:54:c8:23:35:05:36:ed:c1:
96:64:88:a7:f6:01:8e:2b:96:83:79:14:1d:c6:64:db:58:c4:
54:a7:24:f9:6d:93:20:d4:3d:9f:42:fa:7d:a3:26:11:71:20:
11:9d:3a:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+8n8YPEKgWhOJ24idOg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDVkZWNiNzQ4OTVjNDc1ZDAzN2ViMWUxNmYzMTA1OTI0YTI5ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAZ+wtEv0iB1XpeEbi5jKDB1pV6p
iqzLSsajIrH5vqm8+IsstXfmPEkVuyu8AkXkGEksAqs5IWJIsD+Gw4EEM5f0HiKf
nNdDiZm+RjutX9t0Ag9LjWh04G5U70xeIjkn253nyZCqjIMrlv53TAZpZKq6BBLZ
UPROl6+a+l+4DyrVKJqVkLDCSDMpbyCVFY267vVobKLW2JtO44T6rJTsv9yw4hMJ
yGh39mSKd876ukPmJDbKGYXS6z360yBin/xVzeS77LKzZt+rv2I0i8BE2bLzaOOn
KD/ePAgtrI4BMswyDiMRTENN2JI34GetRYnu/oDkmRme9RjJEvzXzvJrZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBd7LdIlcR10DfrHhbzEFkkop7GMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvWUYzc3QwaVZ4SFhRTi1zZUZ2TVFXU1NpbnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RLSMA0G
CSqGSIb3DQEBCwUAA4IBAQA6TkaiW9UKdHYtbTCzrt+J4GKQLvYIEIfCbnkIoEqQ
VaHcfPJBA0ecfklrzRG46nrTiVi+aYgosbX8+FIVIfkGSqGBMgswd/IUajWr+ygA
NTpH17AYLMnWbK6bAoloabCZP5aJPs4MWRriRaBztnTn/8EqbniJbdrhyqlDin3x
zWDnxoXIvKi9MjvybSOQjQge3GWQHELdC62FZSDgkBPCBDdnZvjX+h9T2kWKQjNg
G7T6WmceKOd0ifY0c6YJ7cwbGJtR5ir7ZdjqzGg9Enf5VMgjNQU27cGWZIin9gGO
K5aDeRQdxmTbWMRUpyT5bZMg1D2fQvp9oyYRcSARnTr2
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:38:37 2025 by rpki-client