Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/yq8cq8cg5lbaUk0nuBJn6hRcb70.roa
File: yq8cq8cg5lbaUk0nuBJn6hRcb70.roa (raw, json)
Hash identifier: MODsnmDZxXHFneEjWRzoHg6rNccd83YrX3f40+bKKyo=
Subject key identifier: CA:AF:1C:AB:C7:20:E6:56:DA:52:4D:27:B8:12:67:EA:14:5C:6F:BD
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 01842F189736212E62D2782B97CAEBFA8D1E
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/yq8cq8cg5lbaUk0nuBJn6hRcb70.roa
Signing time: Mon 31 Oct 2022 17:30:51 +0000
ROA not before: Mon 31 Oct 2022 17:30:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204508
IP address blocks: 2a06:a005:d29::/48 maxlen: 48
2a06:a005:5f2::/48 maxlen: 48
2a06:a005:f50::/44 maxlen: 48
2a06:a005:1930::/44 maxlen: 48
2a06:a005:5fa::/47 maxlen: 48
2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:18:97:36:21:2e:62:d2:78:2b:97:ca:eb:fa:8d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Oct 31 17:30:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=caaf1cabc720e656da524d27b81267ea145c6fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a3:61:8f:a7:74:9d:1b:c1:9e:91:24:26:4f:
92:6c:12:de:85:f6:77:aa:a1:3c:8d:3c:23:c6:6f:
d5:23:2a:6e:4f:b3:46:61:bd:d3:1b:8b:6b:86:6e:
c2:4f:92:41:91:ec:ec:3d:7d:f4:f5:02:14:03:9d:
4b:25:30:31:fa:27:62:3e:8d:21:a7:4c:a7:72:aa:
19:a2:37:50:01:6a:b1:88:61:81:56:a9:ed:f5:1d:
77:24:b0:e8:19:9f:0a:48:7a:49:6e:ed:e9:d2:d4:
24:a8:96:71:36:68:53:87:70:da:a2:5b:f8:db:7e:
f1:0a:40:2b:ca:e2:4c:95:bc:67:20:85:2e:aa:3c:
68:a9:6e:40:c0:66:0b:c0:71:ef:d0:b5:16:d9:39:
a2:90:e6:ad:af:a8:f8:15:88:ee:6c:8e:a5:39:52:
38:7a:0b:59:d4:58:09:8a:96:80:c1:4c:a9:01:30:
50:2a:13:76:bb:bd:69:90:02:32:68:45:5d:49:67:
c3:de:a9:ac:0a:59:92:ff:dd:7b:47:7a:c8:36:83:
e7:98:ed:25:fa:5e:c3:42:dc:1f:49:82:24:59:64:
64:22:12:4b:a4:24:d8:82:0e:81:c6:c0:a0:e5:c1:
ef:20:4a:c6:8d:03:c0:50:66:74:fe:fb:c5:0f:d9:
0a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AF:1C:AB:C7:20:E6:56:DA:52:4D:27:B8:12:67:EA:14:5C:6F:BD
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/yq8cq8cg5lbaUk0nuBJn6hRcb70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5f2::/48
2a06:a005:5fa::/47
2a06:a005:d29::/48
2a06:a005:f50::/44
2a06:a005:1930::/44
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
56:9e:d1:0f:87:41:5d:c2:85:5e:02:0f:d9:3e:61:2e:b8:7a:
9e:e6:cc:52:be:bb:0e:a0:78:4f:59:ac:20:5d:37:7a:a1:ed:
55:be:73:7a:a0:ff:9e:78:91:b4:f0:eb:a4:fe:3f:e4:0b:a0:
8a:70:3c:2b:9a:8b:14:2f:e6:26:cc:4e:67:46:32:c9:45:25:
8e:04:46:b2:8f:4a:ba:ae:6c:63:11:e0:e1:87:97:6e:c8:14:
aa:3c:fb:1e:53:d0:71:43:fb:f8:da:60:51:40:93:d1:8b:a8:
30:32:fc:3f:46:8d:f4:11:c8:8f:c6:db:2b:80:8c:e5:c7:b6:
a5:86:8f:04:ee:cb:30:2a:f3:24:33:b7:22:0e:d5:a5:70:76:
80:7f:ad:6b:b8:ac:04:d1:2b:4f:93:d1:10:28:1f:26:37:a5:
79:5d:91:4b:68:95:32:85:20:5d:2c:ee:14:0c:b5:e9:cd:44:
0a:f7:5f:26:89:f6:6a:fb:f7:d6:a0:92:d1:0c:be:d7:4a:1d:
91:33:a3:ba:89:bb:68:dc:23:9e:96:61:aa:ce:aa:ce:23:2b:
4c:0f:d1:7f:53:bb:ef:c6:c6:55:ea:17:bc:4f:0e:90:e7:7b:
98:05:53:4e:8f:ee:8e:32:de:da:6c:3b:47:e7:8a:f6:5b:9d:
dd:c1:6b:47
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQvGJc2IS5i0ngrl8rr+o0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIxMDMxMTczMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFmMWNhYmM3MjBlNjU2ZGE1MjRkMjdiODEyNjdlYTE0NWM2ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqNhj6d0nRvBnpEkJk+SbBLehfZ3
qqE8jTwjxm/VIypuT7NGYb3TG4trhm7CT5JBkezsPX309QIUA51LJTAx+idiPo0h
p0yncqoZojdQAWqxiGGBVqnt9R13JLDoGZ8KSHpJbu3p0tQkqJZxNmhTh3Daolv4
237xCkAryuJMlbxnIIUuqjxoqW5AwGYLwHHv0LUW2TmikOatr6j4FYjubI6lOVI4
egtZ1FgJipaAwUypATBQKhN2u71pkAIyaEVdSWfD3qmsClmS/917R3rINoPnmO0l
+l7DQtwfSYIkWWRkIhJLpCTYgg6BxsCg5cHvIErGjQPAUGZ0/vvFD9kKyQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMqvHKvHIOZW2lJNJ7gSZ+oUXG+9MB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEveXE4Y3E4Y2c1bGJhVWswbnVCSm42aFJjYjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgagBQXy
AwcBKgagBQX6AwcAKgagBQ0pAwcEKgagBQ9QAwcEKgagBRkwAwcAKgdUwrALMA0G
CSqGSIb3DQEBCwUAA4IBAQBWntEPh0FdwoVeAg/ZPmEuuHqe5sxSvrsOoHhPWawg
XTd6oe1VvnN6oP+eeJG08Ouk/j/kC6CKcDwrmosUL+YmzE5nRjLJRSWOBEayj0q6
rmxjEeDhh5duyBSqPPseU9BxQ/v42mBRQJPRi6gwMvw/Ro30EciPxtsrgIzlx7al
ho8E7sswKvMkM7ciDtWlcHaAf61ruKwE0StPk9EQKB8mN6V5XZFLaJUyhSBdLO4U
DLXpzUQK918mifZq+/fWoJLRDL7XSh2RM6O6ibto3COelmGqzqrOIytMD9F/U7vv
xsZV6he8Tw6Q53uYBVNOj+6OMt7abDtH54r2W53dwWtH
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:11:19 2025 by rpki-client