Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/YTPIeKA6vN8bBsCmmqzk6w3bpmU.roa
File: YTPIeKA6vN8bBsCmmqzk6w3bpmU.roa (raw, json)
Hash identifier: Mo6Tf23Yod2O05O4042OzPfIL4jXB8/HVLdp8MJUwtk=
Subject key identifier: 61:33:C8:78:A0:3A:BC:DF:1B:06:C0:A6:9A:AC:E4:EB:0D:DB:A6:65
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 019426D89FA07DF6D407729F9E028408B2C1
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/YTPIeKA6vN8bBsCmmqzk6w3bpmU.roa
Signing time: Thu 02 Jan 2025 11:48:38 +0000
ROA not before: Thu 02 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48518
IP address blocks: 2a04:9ac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:9f:a0:7d:f6:d4:07:72:9f:9e:02:84:08:b2:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6133c878a03abcdf1b06c0a69aace4eb0ddba665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3c:4a:f7:8c:2a:21:d3:15:57:df:d5:1b:db:
06:51:ac:3a:70:58:91:7a:47:4e:46:5e:00:3b:ab:
47:94:91:0f:f2:f9:51:bd:3d:38:2e:1e:8c:28:6a:
af:3c:a3:6f:14:bd:7f:48:27:ca:34:03:f3:c8:f1:
59:98:9c:32:43:21:79:44:7e:7d:61:08:b9:34:03:
24:40:85:4e:cf:38:40:da:26:b9:80:c2:95:b7:d7:
90:75:80:7e:9f:a2:a9:82:f5:07:b4:55:c6:59:9d:
45:bf:03:77:6b:7d:77:5b:d1:82:f4:12:85:f8:9b:
02:7c:a2:e5:cb:ab:e6:0c:a1:0f:ba:3b:a5:f8:39:
0e:d0:37:46:88:b4:0b:6f:11:33:9a:33:13:2b:71:
bc:fa:7f:33:37:9a:94:42:c4:ac:35:c2:02:92:cb:
62:8e:c1:70:83:c1:fb:cc:96:29:b3:55:81:d4:10:
20:42:7c:d4:cc:1f:e6:dd:e6:41:69:31:6d:a5:77:
a5:e1:20:34:e9:3f:d6:1d:7d:7f:55:73:e7:30:ef:
5c:88:af:07:78:4b:3f:c6:06:36:29:0f:6d:9f:13:
e9:7f:f0:1c:29:d8:7d:c2:17:7e:15:4d:a3:9f:0e:
fd:09:f0:95:a4:0c:41:08:4a:e0:19:1b:9b:4c:a5:
0d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:33:C8:78:A0:3A:BC:DF:1B:06:C0:A6:9A:AC:E4:EB:0D:DB:A6:65
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/YTPIeKA6vN8bBsCmmqzk6w3bpmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:32:5c:b7:cc:ec:1b:76:9e:68:d7:48:dd:17:10:c3:e4:1b:
75:94:9a:95:3d:7f:46:25:42:d4:a0:46:80:63:13:b8:3d:c9:
8b:a3:d5:41:86:96:10:5f:4e:d7:51:ff:5a:2d:2d:44:46:a8:
2e:8e:3e:22:6f:43:25:41:5c:69:bc:f0:b2:67:c7:2f:8d:f2:
4d:66:1b:67:85:9d:8b:c7:ac:0a:a3:d4:fb:ae:9d:b3:54:30:
b9:99:0b:0b:cd:96:8b:64:7c:a1:c4:f6:92:77:84:56:2e:09:
5a:d1:75:5f:98:81:86:d0:62:c5:f2:92:36:0d:2d:07:f3:ec:
67:ef:ab:01:2f:e5:14:9f:40:8f:46:b9:15:d7:74:c3:e2:ff:
9b:e7:8d:b7:1e:25:04:7b:a9:40:32:18:27:85:d4:90:f3:1c:
a4:bc:a4:4a:56:8b:77:45:8d:35:1f:03:fc:92:a3:48:e8:72:
24:92:ce:2f:4d:88:1c:ac:cc:6e:4e:c8:70:c1:e7:dc:17:fd:
23:c9:9e:3d:fb:c6:e4:ce:bd:21:3e:75:3e:25:17:ef:46:97:
cc:e5:4b:ab:2e:e4:63:30:f3:46:5b:50:0f:4d:e5:a0:bb:c1:
39:f5:2b:6d:1b:28:59:21:d0:3c:67:d3:e4:1f:87:88:40:0b:
4a:db:ea:e0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2J+gffbUB3KfngKECLLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjUwMTAyMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTMzYzg3OGEwM2FiY2RmMWIwNmMwYTY5YWFjZTRlYjBkZGJhNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTxK94wqIdMVV9/VG9sGUaw6cFiR
ekdORl4AO6tHlJEP8vlRvT04Lh6MKGqvPKNvFL1/SCfKNAPzyPFZmJwyQyF5RH59
YQi5NAMkQIVOzzhA2ia5gMKVt9eQdYB+n6KpgvUHtFXGWZ1FvwN3a313W9GC9BKF
+JsCfKLly6vmDKEPujul+DkO0DdGiLQLbxEzmjMTK3G8+n8zN5qUQsSsNcICksti
jsFwg8H7zJYps1WB1BAgQnzUzB/m3eZBaTFtpXel4SA06T/WHX1/VXPnMO9ciK8H
eEs/xgY2KQ9tnxPpf/AcKdh9whd+FU2jnw79CfCVpAxBCErgGRubTKUNwwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGEzyHigOrzfGwbAppqs5OsN26ZlMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvWVRQSWVLQTZ2TjhiQnNDbW1xems2dzNicG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgSawDAN
BgkqhkiG9w0BAQsFAAOCAQEAmjJct8zsG3aeaNdI3RcQw+QbdZSalT1/RiVC1KBG
gGMTuD3Ji6PVQYaWEF9O11H/Wi0tREaoLo4+Im9DJUFcabzwsmfHL43yTWYbZ4Wd
i8esCqPU+66ds1QwuZkLC82Wi2R8ocT2kneEVi4JWtF1X5iBhtBixfKSNg0tB/Ps
Z++rAS/lFJ9Aj0a5Fdd0w+L/m+eNtx4lBHupQDIYJ4XUkPMcpLykSlaLd0WNNR8D
/JKjSOhyJJLOL02IHKzMbk7IcMHn3Bf9I8mePfvG5M69IT51PiUX70aXzOVLqy7k
YzDzRltQD03loLvBOfUrbRsoWSHQPGfT5B+HiEALStvq4A==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:29 2025 by rpki-client