Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1fa27e-aaf0-4be2-a522-a80c94761d23/1/jyRFM9_T_syhJNdrBbZtEXQjBxY.roa
File: jyRFM9_T_syhJNdrBbZtEXQjBxY.roa (raw, json)
Hash identifier: 3sN/6EgdGuf6mYlFqORSiJaf85S1hh85EE3f4pncjgo=
Subject key identifier: 8F:24:45:33:DF:D3:FE:CC:A1:24:D7:6B:05:B6:6D:11:74:23:07:16
Certificate issuer: /CN=dd8aaba0f46baa144fdb0938e91c14f94c61650c
Certificate serial: 019424B3C485528EA51EB1099E102CC37B1C
Authority key identifier: DD:8A:AB:A0:F4:6B:AA:14:4F:DB:09:38:E9:1C:14:F9:4C:61:65:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YqroPRrqhRP2wk46RwU-UxhZQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1fa27e-aaf0-4be2-a522-a80c94761d23/1/jyRFM9_T_syhJNdrBbZtEXQjBxY.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39645
IP address blocks: 195.246.252.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c4:85:52:8e:a5:1e:b1:09:9e:10:2c:c3:7b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd8aaba0f46baa144fdb0938e91c14f94c61650c
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f244533dfd3fecca124d76b05b66d1174230716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f5:5b:99:26:a1:ae:f2:c2:92:f4:6e:7f:55:
5b:f2:50:c6:bc:27:cb:a1:9d:86:39:9f:4b:06:15:
70:c0:7e:70:45:3b:20:53:ce:90:01:38:b5:4b:76:
64:12:f3:76:63:7f:6c:e2:94:f5:91:c4:31:0d:56:
7e:7e:a7:3f:a4:4b:68:3d:c4:5e:ac:d8:63:49:ee:
b5:49:13:96:0a:1a:83:bf:10:e2:e4:52:c9:a3:b0:
93:51:69:3e:26:41:bb:14:e9:7e:c7:33:2c:e0:4a:
42:89:db:28:28:93:49:20:56:76:84:20:6a:7b:cc:
5c:05:b6:9f:61:3f:92:c2:5a:9e:7c:cc:f9:0d:ce:
ae:03:14:84:37:5b:d5:47:60:f2:8c:b2:3b:ca:b6:
e3:72:a8:bf:7c:c9:42:53:2e:e4:a6:3b:be:87:48:
f1:21:72:51:8f:9b:01:85:28:05:5b:d0:a4:b6:43:
a0:e2:c5:bd:c4:84:91:95:ff:16:84:64:09:4d:e6:
22:97:44:08:1a:f7:f5:f2:2c:07:3e:93:23:99:16:
0b:6c:d3:7d:96:3a:a6:2c:6e:64:6f:29:55:4b:a4:
38:75:c8:d9:12:0d:59:7c:9d:76:ba:00:17:b8:0c:
21:86:e9:1f:5d:73:b7:c4:e5:cd:58:53:cb:25:8a:
13:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:24:45:33:DF:D3:FE:CC:A1:24:D7:6B:05:B6:6D:11:74:23:07:16
X509v3 Authority Key Identifier:
keyid:DD:8A:AB:A0:F4:6B:AA:14:4F:DB:09:38:E9:1C:14:F9:4C:61:65:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YqroPRrqhRP2wk46RwU-UxhZQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1fa27e-aaf0-4be2-a522-a80c94761d23/1/jyRFM9_T_syhJNdrBbZtEXQjBxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1fa27e-aaf0-4be2-a522-a80c94761d23/1/3YqroPRrqhRP2wk46RwU-UxhZQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.252.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:08:4f:f8:40:8e:93:a5:4c:71:8e:e7:1b:3c:1d:3b:94:8c:
72:75:95:2b:8a:fa:e1:de:6e:73:ea:dc:67:67:2f:62:3b:b1:
c6:3a:ae:c6:ee:84:2e:57:12:d3:b6:35:f1:1d:38:36:c6:ba:
5c:02:9c:2d:e5:96:69:dd:b7:ad:6e:d5:99:2a:77:e9:8b:cd:
8f:f8:34:8f:b0:57:ee:b0:6f:bb:04:d6:8a:1c:fe:de:ad:cd:
0c:54:c6:9a:2c:12:c0:72:79:64:e5:f9:8e:b5:8a:1d:f8:58:
88:4b:06:3f:b5:a3:34:33:f6:fa:08:8a:ff:36:2c:b0:34:55:
61:93:ee:c1:47:43:1c:87:48:4c:7b:a7:1a:27:20:33:68:20:
0e:93:a0:a7:5a:e3:ff:f3:c2:ee:03:d8:17:2e:32:e5:39:7b:
82:d3:bc:f6:c4:e6:f3:c3:d1:ce:ef:ee:31:ba:e7:13:b8:75:
43:64:4a:d9:b9:30:30:6e:7e:9b:03:26:8b:db:81:ac:0d:eb:
b7:e4:f0:b8:99:6d:1f:13:e7:2f:31:68:9f:ab:0b:5a:e8:03:
3b:9f:3e:9b:2b:32:fd:8b:f8:7d:14:1b:b5:35:70:a1:75:03:
3a:3e:07:b8:49:75:3d:e8:6e:0a:1a:42:8b:be:e4:15:a5:e5:
d9:41:a8:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks8SFUo6lHrEJnhAsw3scMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOGFhYmEwZjQ2YmFhMTQ0ZmRiMDkzOGU5MWMxNGY5NGM2
MTY1MGMwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI0NDUzM2RmZDNmZWNjYTEyNGQ3NmIwNWI2NmQxMTc0MjMwNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/VbmSahrvLCkvRuf1Vb8lDGvCfL
oZ2GOZ9LBhVwwH5wRTsgU86QATi1S3ZkEvN2Y39s4pT1kcQxDVZ+fqc/pEtoPcRe
rNhjSe61SROWChqDvxDi5FLJo7CTUWk+JkG7FOl+xzMs4EpCidsoKJNJIFZ2hCBq
e8xcBbafYT+SwlqefMz5Dc6uAxSEN1vVR2DyjLI7yrbjcqi/fMlCUy7kpju+h0jx
IXJRj5sBhSgFW9CktkOg4sW9xISRlf8WhGQJTeYil0QIGvf18iwHPpMjmRYLbNN9
ljqmLG5kbylVS6Q4dcjZEg1ZfJ12ugAXuAwhhukfXXO3xOXNWFPLJYoTwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8kRTPf0/7MoSTXawW2bRF0IwcWMB8GA1UdIwQY
MBaAFN2Kq6D0a6oUT9sJOOkcFPlMYWUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lxcm9QUnJxaFJQMndrNDZSd1UtVXhoWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xZmEyN2UtYWFmMC00YmUyLWE1MjIt
YTgwYzk0NzYxZDIzLzEvanlSRk05X1Rfc3loSk5kckJiWnRFWFFqQnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xZmEyN2UtYWFmMC00YmUyLWE1MjItYTgwYzk0NzYxZDIz
LzEvM1lxcm9QUnJxaFJQMndrNDZSd1UtVXhoWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/b8MA0G
CSqGSIb3DQEBCwUAA4IBAQC3CE/4QI6TpUxxjucbPB07lIxydZUrivrh3m5z6txn
Zy9iO7HGOq7G7oQuVxLTtjXxHTg2xrpcApwt5ZZp3betbtWZKnfpi82P+DSPsFfu
sG+7BNaKHP7erc0MVMaaLBLAcnlk5fmOtYod+FiISwY/taM0M/b6CIr/NiywNFVh
k+7BR0Mch0hMe6caJyAzaCAOk6CnWuP/88LuA9gXLjLlOXuC07z2xObzw9HO7+4x
uucTuHVDZErZuTAwbn6bAyaL24GsDeu35PC4mW0fE+cvMWifqwta6AM7nz6bKzL9
i/h9FBu1NXChdQM6Pge4SXU96G4KGkKLvuQVpeXZQahQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:37 2025 by rpki-client