Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/Y5evNC6nSTbaw2HNqlP-IIa_w8w.roa
File: Y5evNC6nSTbaw2HNqlP-IIa_w8w.roa (raw, json)
Hash identifier: bcLU6wxFqb3pGDabhdJfOsSNGRX1c39YDi9EFe9onLk=
Subject key identifier: 63:97:AF:34:2E:A7:49:36:DA:C3:61:CD:AA:53:FE:20:86:BF:C3:CC
Certificate issuer: /CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Certificate serial: 019421B1E7CB6F77025633524EC4F229DB07
Authority key identifier: 42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/Y5evNC6nSTbaw2HNqlP-IIa_w8w.roa
Signing time: Wed 01 Jan 2025 11:48:14 +0000
ROA not before: Wed 01 Jan 2025 11:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 193.8.58.0/23 maxlen: 23
193.8.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e7:cb:6f:77:02:56:33:52:4e:c4:f2:29:db:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Validity
Not Before: Jan 1 11:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6397af342ea74936dac361cdaa53fe2086bfc3cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b4:6b:a0:57:19:09:e4:9c:06:10:43:aa:6f:
4c:41:3e:a7:23:77:d7:39:0f:6f:9e:f3:24:d5:64:
b0:f0:6c:f4:b0:92:29:7d:01:8e:13:90:c4:69:fe:
63:42:12:70:05:f2:d9:f9:d6:e3:e0:b5:a1:6e:93:
04:d4:61:e9:87:3d:c0:85:1a:36:06:3e:be:ba:7b:
29:7c:03:35:18:71:7d:0d:bb:4a:79:da:df:95:a8:
1c:2a:1a:13:4a:f9:c9:ee:29:55:26:8b:25:cf:65:
1a:94:01:e0:ad:7a:a2:02:be:1f:38:7b:69:9d:57:
2b:50:ad:1a:bc:1e:18:57:e2:30:ed:df:e6:06:fe:
61:53:01:b5:41:6e:47:1a:5b:f3:e2:cb:d9:3e:9f:
71:1c:9e:bf:b8:5c:b1:16:f2:4a:09:f5:21:29:74:
18:bf:d2:00:0c:1c:d0:78:8e:10:87:f4:4f:2e:1f:
60:78:25:20:67:a8:6d:e2:22:75:ac:5a:26:ea:51:
04:7e:38:4c:36:df:25:43:15:9c:11:e3:03:c2:40:
00:32:74:da:f7:d1:58:38:c8:3e:ce:56:67:7f:f0:
1c:ec:7b:bf:70:fe:70:2b:95:a2:7b:8f:2a:f0:35:
4a:92:80:56:50:da:d7:04:1a:cd:a1:35:24:e1:ba:
73:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:97:AF:34:2E:A7:49:36:DA:C3:61:CD:AA:53:FE:20:86:BF:C3:CC
X509v3 Authority Key Identifier:
keyid:42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/Y5evNC6nSTbaw2HNqlP-IIa_w8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.58.0-193.8.60.255
Signature Algorithm: sha256WithRSAEncryption
7d:9f:5a:9e:1b:24:b8:c1:79:57:fb:42:94:e4:1d:bb:ad:c8:
c5:58:94:ab:f4:69:a8:bc:5b:4b:bd:54:f9:7c:e3:35:6a:22:
a9:44:a2:b9:c5:0d:06:09:67:7c:63:50:44:c9:ae:bd:4c:ea:
e5:3b:5f:3a:c8:34:3a:08:54:f9:bb:74:49:7f:70:b7:a3:6f:
8d:5d:03:be:34:ce:b0:c1:0d:7e:e0:f5:15:bb:a7:c0:f2:63:
73:6c:b7:50:06:92:29:ad:1a:23:9f:1d:a5:20:5d:f4:83:d7:
24:6d:83:97:9e:7c:52:d3:80:e3:96:af:69:d4:3d:e0:16:73:
26:14:e8:a6:83:23:64:74:26:09:6e:61:e4:54:4e:e2:9d:d9:
40:e1:b3:58:af:1c:75:83:d2:cd:cf:d3:f1:37:a1:e1:ad:b3:
b6:c7:5a:00:ed:79:e8:39:e4:5e:4c:ad:ab:c2:ac:63:90:af:
2a:21:29:8f:6a:4f:27:a0:04:82:6d:29:ec:35:e8:68:44:cc:
48:d0:0a:f1:ec:32:b1:ea:94:aa:1b:57:4d:a1:63:d6:b6:96:
9e:77:fc:74:19:a7:9f:48:69:f2:5b:0b:27:ac:27:e9:b6:fd:
e6:ee:08:98:15:07:6d:86:fa:72:96:76:b3:56:ac:c9:96:4c:
ba:4c:89:79
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhsefLb3cCVjNSTsTyKdsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjY3ZjVhNmNmNDliYzQzZjIzMDRkZTAwZjc3MDVlYzVi
NzlmY2EwHhcNMjUwMTAxMTE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzk3YWYzNDJlYTc0OTM2ZGFjMzYxY2RhYTUzZmUyMDg2YmZjM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7RroFcZCeScBhBDqm9MQT6nI3fX
OQ9vnvMk1WSw8Gz0sJIpfQGOE5DEaf5jQhJwBfLZ+dbj4LWhbpME1GHphz3AhRo2
Bj6+unspfAM1GHF9DbtKedrflagcKhoTSvnJ7ilVJoslz2UalAHgrXqiAr4fOHtp
nVcrUK0avB4YV+Iw7d/mBv5hUwG1QW5HGlvz4svZPp9xHJ6/uFyxFvJKCfUhKXQY
v9IADBzQeI4Qh/RPLh9geCUgZ6ht4iJ1rFom6lEEfjhMNt8lQxWcEeMDwkAAMnTa
99FYOMg+zlZnf/Ac7Hu/cP5wK5Wie48q8DVKkoBWUNrXBBrNoTUk4bpz0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGOXrzQup0k22sNhzapT/iCGv8PMMB8GA1UdIwQY
MBaAFEImf1ps9JvEPyME3gD3cF7Ft5/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYt
YjIyNjk1YzcwM2E5LzEvWTVldk5DNm5TVGJhdzJITnFsUC1JSWFfdzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYtYjIyNjk1YzcwM2E5
LzEvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBCDoD
BADBCDwwDQYJKoZIhvcNAQELBQADggEBAH2fWp4bJLjBeVf7QpTkHbutyMVYlKv0
aai8W0u9VPl84zVqIqlEornFDQYJZ3xjUETJrr1M6uU7XzrINDoIVPm7dEl/cLej
b41dA740zrDBDX7g9RW7p8DyY3Nst1AGkimtGiOfHaUgXfSD1yRtg5eefFLTgOOW
r2nUPeAWcyYU6KaDI2R0JgluYeRUTuKd2UDhs1ivHHWD0s3P0/E3oeGts7bHWgDt
eeg55F5MravCrGOQryohKY9qTyegBIJtKew16GhEzEjQCvHsMrHqlKobV02hY9a2
lp53/HQZp59IafJbCyesJ+m2/ebuCJgVB22G+nKWdrNWrMmWTLpMiXk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:29:34 2025 by rpki-client