Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/lyRiID6blcYjTxuro8RbRo8yBq8.roa
File: lyRiID6blcYjTxuro8RbRo8yBq8.roa (raw, json)
Hash identifier: URzaCIkjGunchT54U9dPfC35zUMjoPWxJXeabV1SOog=
Subject key identifier: 97:24:62:20:3E:9B:95:C6:23:4F:1B:AB:A3:C4:5B:46:8F:32:06:AF
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 019427B5DB1D66D9B90F47399E6619D3D0C7
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/lyRiID6blcYjTxuro8RbRo8yBq8.roa
Signing time: Thu 02 Jan 2025 15:50:17 +0000
ROA not before: Thu 02 Jan 2025 15:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52042
IP address blocks: 2a09:be41::/32 maxlen: 48
2a09:be42::/31 maxlen: 48
2a09:be44::/30 maxlen: 48
2a0e:ec00::/30 maxlen: 48
2a0e:ec04::/31 maxlen: 48
2a0e:ec05::/32 maxlen: 48
2a12:49c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:db:1d:66:d9:b9:0f:47:39:9e:66:19:d3:d0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 2 15:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=972462203e9b95c6234f1baba3c45b468f3206af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:86:0c:02:d5:11:bb:71:39:60:88:dd:1a:58:
18:96:de:32:45:be:f9:44:58:a3:ff:45:8e:6f:10:
f8:bb:f9:ba:3a:64:30:9a:20:66:9e:96:a6:e4:ba:
8e:92:c3:b8:e0:07:7e:58:ff:61:f4:34:10:13:a9:
1c:72:e9:51:c4:73:43:9f:4f:e4:9e:86:46:8b:9f:
8d:e3:82:f2:e0:56:52:ec:eb:61:71:ab:2a:88:d3:
bc:73:26:e0:d5:66:10:30:1f:b8:73:b7:7f:76:f7:
bb:d2:f6:64:6d:f1:df:07:89:19:f9:c0:93:68:a1:
f9:57:ea:d4:0c:76:6b:b7:31:5b:8b:c6:94:81:be:
66:dd:3e:c2:dc:2b:42:8d:9f:d4:4e:48:23:7d:1e:
14:79:c5:3a:90:60:c2:31:60:56:1a:aa:ad:f9:bd:
4c:7a:87:7c:60:1a:1e:c2:37:ec:db:18:a4:3a:1c:
5d:09:87:88:57:b8:e7:50:ca:f1:32:82:8d:90:b7:
f0:e3:cc:d7:64:8f:79:9d:b8:d0:cd:46:d9:a7:0f:
e7:02:a4:ac:8b:2b:1d:f0:5a:7a:07:00:64:71:bd:
b5:99:b0:3d:3c:4d:7e:12:20:bf:13:50:88:81:0e:
c8:0e:17:54:48:45:95:55:a0:11:87:e5:69:ec:ac:
f9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:24:62:20:3E:9B:95:C6:23:4F:1B:AB:A3:C4:5B:46:8F:32:06:AF
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/lyRiID6blcYjTxuro8RbRo8yBq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:7c:62:21:ce:46:2c:d7:9c:bc:e0:2f:69:43:9b:20:f9:bd:
51:06:a7:4b:d8:25:f1:30:a9:df:e4:05:a3:30:bf:4c:fe:73:
40:8c:d3:b8:2e:e6:fa:6c:36:a1:8b:a0:fb:c1:d1:a0:f4:41:
41:ab:df:85:dc:8b:a8:71:11:78:b0:5f:1a:37:f5:60:9d:9c:
51:37:34:f5:ac:e2:97:03:ff:97:4c:de:94:63:bf:b1:c0:42:
11:11:34:cd:ff:bd:97:d7:1c:8b:c6:f3:de:aa:e9:6f:30:4a:
75:8e:e6:ec:97:c5:67:55:d3:b6:90:7b:36:24:5a:04:c5:de:
76:17:61:0e:1b:e1:3b:70:8b:e7:9e:3a:3a:f1:64:35:9a:f5:
7c:aa:f2:53:fa:f3:73:9d:80:f0:08:35:b6:c3:ef:13:e9:98:
5f:80:bc:a2:89:42:30:f2:e3:a0:05:50:7c:58:be:df:fd:4d:
19:d3:fa:40:fb:b1:e1:f8:d0:06:bc:f5:c5:a2:ba:10:e5:1c:
1b:f5:50:5c:b0:42:f6:ea:fa:33:c8:a6:de:d5:c9:8f:1b:18:
5a:5c:61:47:67:5a:8c:33:71:07:00:2c:72:e3:3a:8f:79:bf:
85:bb:a5:15:e4:24:09:bb:47:1b:10:d4:d4:c5:ca:6e:48:89:
d8:0c:3f:02
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQntdsdZtm5D0c5nmYZ09DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjUwMTAyMTU1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI0NjIyMDNlOWI5NWM2MjM0ZjFiYWJhM2M0NWI0NjhmMzIwNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoYMAtURu3E5YIjdGlgYlt4yRb75
RFij/0WObxD4u/m6OmQwmiBmnpam5LqOksO44Ad+WP9h9DQQE6kcculRxHNDn0/k
noZGi5+N44Ly4FZS7OthcasqiNO8cybg1WYQMB+4c7d/dve70vZkbfHfB4kZ+cCT
aKH5V+rUDHZrtzFbi8aUgb5m3T7C3CtCjZ/UTkgjfR4UecU6kGDCMWBWGqqt+b1M
eod8YBoewjfs2xikOhxdCYeIV7jnUMrxMoKNkLfw48zXZI95nbjQzUbZpw/nAqSs
iysd8Fp6BwBkcb21mbA9PE1+EiC/E1CIgQ7IDhdUSEWVVaARh+Vp7Kz5+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJckYiA+m5XGI08bq6PEW0aPMgavMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvbHlSaUlENmJsY1lqVHh1cm84UmJSbzh5QnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMA4DBQAqCb5B
AwUDKgm+QDANAwQCKg7sAwUBKg7sBAMFAyoSScAwDQYJKoZIhvcNAQELBQADggEB
ALd8YiHORizXnLzgL2lDmyD5vVEGp0vYJfEwqd/kBaMwv0z+c0CM07gu5vpsNqGL
oPvB0aD0QUGr34Xci6hxEXiwXxo39WCdnFE3NPWs4pcD/5dM3pRjv7HAQhERNM3/
vZfXHIvG896q6W8wSnWO5uyXxWdV07aQezYkWgTF3nYXYQ4b4Ttwi+eeOjrxZDWa
9Xyq8lP683OdgPAINbbD7xPpmF+AvKKJQjDy46AFUHxYvt/9TRnT+kD7seH40Aa8
9cWiuhDlHBv1UFywQvbq+jPIpt7VyY8bGFpcYUdnWowzcQcALHLjOo95v4W7pRXk
JAm7RxsQ1NTFym5IidgMPwI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:03:14 2025 by rpki-client