Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/YUnFkerPf_tC9lIXfmeJMH6YBzU.roa
File: YUnFkerPf_tC9lIXfmeJMH6YBzU.roa (raw, json)
Hash identifier: /JxLnX44gj+6WYgNCgzFGwP4v1yZUybgTY/uSoStij0=
Subject key identifier: 61:49:C5:91:EA:CF:7F:FB:42:F6:52:17:7E:67:89:30:7E:98:07:35
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 01942143B5FBDF403E6F8C8D2BAD12C7175A
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/YUnFkerPf_tC9lIXfmeJMH6YBzU.roa
Signing time: Wed 01 Jan 2025 09:47:53 +0000
ROA not before: Wed 01 Jan 2025 09:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203329
IP address blocks: 2a00:b404:e000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b5:fb:df:40:3e:6f:8c:8d:2b:ad:12:c7:17:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 1 09:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6149c591eacf7ffb42f652177e6789307e980735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:15:b1:0a:7f:fc:16:fb:18:68:87:4b:58:
19:6f:93:9e:e4:08:37:f7:be:0e:c6:c2:cc:95:40:
19:4e:11:9b:d1:8c:6c:3a:31:49:86:b9:cc:5e:2f:
7d:30:05:48:93:7e:d1:69:73:01:ff:1c:74:f3:dc:
ae:07:e1:4b:ee:25:e5:6a:d6:78:a0:5d:e7:1c:2b:
bd:dc:8d:88:50:19:de:6f:ff:e2:80:02:e0:b0:3d:
5a:b1:7c:3c:81:28:0e:60:cd:ca:11:c5:26:ef:16:
0d:8b:18:d7:af:6c:8c:c4:22:aa:c2:93:53:d7:17:
f4:9e:e2:91:b3:5f:b3:46:2b:9b:89:44:59:d5:7c:
84:a9:c1:da:ed:71:80:cd:c2:58:f0:95:80:7a:d6:
f7:c0:38:8f:42:72:3c:2c:ac:92:fd:88:70:a8:3e:
ae:f7:ae:c5:7b:e3:04:1c:ae:2a:a0:c6:af:39:41:
eb:98:26:2f:7e:93:09:10:c5:04:4f:90:40:29:53:
0a:75:e2:3b:5c:43:92:88:c2:ff:2f:82:51:b7:ef:
fb:07:af:bb:07:34:53:5e:f1:69:55:0a:04:60:a8:
ef:eb:d4:90:ac:6b:63:ea:62:e4:38:e1:e2:0b:6d:
60:f3:27:29:31:99:79:cf:eb:58:d6:74:3d:db:04:
97:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:49:C5:91:EA:CF:7F:FB:42:F6:52:17:7E:67:89:30:7E:98:07:35
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/YUnFkerPf_tC9lIXfmeJMH6YBzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b404:e000::/36
Signature Algorithm: sha256WithRSAEncryption
86:94:c1:3a:94:4b:d7:f3:dc:be:f1:9f:66:f8:34:2e:a6:01:
9f:a3:55:cc:10:95:ae:fa:aa:88:1d:c2:d6:39:1d:ea:b1:6a:
ce:65:26:8d:c0:e3:8e:49:6b:22:55:9b:bf:bc:8a:b6:78:9d:
f8:2f:ae:f0:5f:e3:c1:0b:1e:2a:2e:b5:f2:32:0e:93:53:04:
7b:96:d9:02:38:64:95:03:51:49:ef:3b:52:bc:5b:e0:15:4d:
89:46:b8:6f:0a:1f:ee:94:08:05:71:4b:22:32:0f:1b:98:cd:
1c:17:8d:33:88:85:b9:7d:c5:7f:73:c4:58:f1:cc:17:08:fb:
48:d5:92:59:6e:d7:7d:b3:ed:a1:d2:68:21:04:dd:b9:ff:07:
38:68:51:7b:0a:52:2f:e9:99:3a:34:e6:ef:ca:07:8f:99:a0:
1d:94:01:bb:91:e7:7b:e0:16:eb:0e:ba:b4:3e:50:51:ce:17:
b6:18:4d:d4:d3:9f:2a:2c:8e:51:7c:20:a3:de:88:57:67:86:
f9:b4:a2:12:d5:8d:53:3e:29:5d:e6:74:57:4f:47:4f:2d:31:
29:6b:61:14:a1:7e:0e:32:76:a3:ec:a9:d8:4f:22:2b:30:18:
51:53:c1:ce:41:fc:d7:45:e5:c6:9d:72:1f:72:0f:1c:5a:9c:
c1:2b:3d:73
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhQ7X730A+b4yNK60SxxdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjUwMTAxMDk0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTQ5YzU5MWVhY2Y3ZmZiNDJmNjUyMTc3ZTY3ODkzMDdlOTgwNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDoVsQp//Bb7GGiHS1gZb5Oe5Ag3
974OxsLMlUAZThGb0YxsOjFJhrnMXi99MAVIk37RaXMB/xx089yuB+FL7iXlatZ4
oF3nHCu93I2IUBneb//igALgsD1asXw8gSgOYM3KEcUm7xYNixjXr2yMxCKqwpNT
1xf0nuKRs1+zRiubiURZ1XyEqcHa7XGAzcJY8JWAetb3wDiPQnI8LKyS/YhwqD6u
967Fe+MEHK4qoMavOUHrmCYvfpMJEMUET5BAKVMKdeI7XEOSiML/L4JRt+/7B6+7
BzRTXvFpVQoEYKjv69SQrGtj6mLkOOHiC21g8ycpMZl5z+tY1nQ92wSXLwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGFJxZHqz3/7QvZSF35niTB+mAc1MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvWVVuRmtlclBmX3RDOWxJWGZtZUpNSDZZQnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgC0BOAw
DQYJKoZIhvcNAQELBQADggEBAIaUwTqUS9fz3L7xn2b4NC6mAZ+jVcwQla76qogd
wtY5Heqxas5lJo3A445JayJVm7+8irZ4nfgvrvBf48ELHioutfIyDpNTBHuW2QI4
ZJUDUUnvO1K8W+AVTYlGuG8KH+6UCAVxSyIyDxuYzRwXjTOIhbl9xX9zxFjxzBcI
+0jVkllu132z7aHSaCEE3bn/BzhoUXsKUi/pmTo05u/KB4+ZoB2UAbuR53vgFusO
urQ+UFHOF7YYTdTTnyosjlF8IKPeiFdnhvm0ohLVjVM+KV3mdFdPR08tMSlrYRSh
fg4ydqPsqdhPIiswGFFTwc5B/NdF5cadch9yDxxanMErPXM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:18 2025 by rpki-client