Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/yYnh0oj8K2dQK2z9LDZZ65DQYSs.roa
File: yYnh0oj8K2dQK2z9LDZZ65DQYSs.roa (raw, json)
Hash identifier: 3QTD+1CKKlfqfljPMdL2fAmfzGSrBj/hSNwxcC4oGqc=
Subject key identifier: C9:89:E1:D2:88:FC:2B:67:50:2B:6C:FD:2C:36:59:EB:90:D0:61:2B
Certificate issuer: /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Certificate serial: 01941FFA916B8439AAB0AE32833F3D878DA2
Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/yYnh0oj8K2dQK2z9LDZZ65DQYSs.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29695
IP address blocks: 37.97.0.0/18 maxlen: 18
45.13.240.0/22 maxlen: 22
188.228.0.0/17 maxlen: 17
2a00:fd00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:91:6b:84:39:aa:b0:ae:32:83:3f:3d:87:8d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c989e1d288fc2b67502b6cfd2c3659eb90d0612b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e9:84:21:89:b6:7e:8b:2b:51:0a:17:28:ee:
a0:cb:54:e1:66:1b:5d:0c:5d:39:8d:26:4c:5f:ef:
eb:7b:6f:79:27:2b:94:bf:0a:1f:56:2f:82:f7:51:
b7:42:4a:94:dc:0c:09:a1:ab:5e:36:7f:63:6d:48:
c0:da:dc:26:d9:c8:49:bb:0f:74:78:30:c0:a4:5d:
ab:54:da:68:40:cb:6d:12:a5:0b:90:37:a7:95:da:
77:33:c5:b3:4d:fb:2a:76:18:f6:48:dd:e4:78:7a:
fb:2e:86:9d:a2:4f:eb:9e:4c:30:95:5d:9d:f7:10:
6a:43:46:79:89:1b:3c:a7:1b:4f:35:8d:e0:a8:6e:
86:e3:a3:b4:76:d1:fc:6a:ed:4e:43:23:6f:09:05:
e3:6b:f8:01:09:00:b7:32:46:cb:c3:b5:8d:12:f5:
01:1d:47:93:a5:53:49:d3:62:ca:2e:a9:e0:0a:67:
61:28:ea:ae:44:9e:fa:f2:be:a8:70:56:44:5e:94:
5b:04:6f:9f:b7:93:33:61:cb:e0:60:dd:5c:c6:4a:
ef:44:6c:b6:54:cd:de:c1:f3:e9:da:b7:f2:95:7b:
60:5f:d0:3c:0e:50:fc:d1:92:8d:dd:fc:89:81:40:
06:7d:c5:f7:19:1a:d7:20:11:25:10:32:27:29:ce:
b3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:89:E1:D2:88:FC:2B:67:50:2B:6C:FD:2C:36:59:EB:90:D0:61:2B
X509v3 Authority Key Identifier:
keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/yYnh0oj8K2dQK2z9LDZZ65DQYSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.0.0/18
45.13.240.0/22
188.228.0.0/17
IPv6:
2a00:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
78:1f:cf:17:a2:7c:cd:16:db:a0:f2:36:ce:1a:6b:28:68:23:
84:65:d6:de:1f:5a:c4:63:72:3d:d5:c7:3a:d3:86:ae:06:5a:
77:29:5c:b1:69:91:f9:b5:61:5f:3a:4f:b7:b8:fc:4c:37:3a:
68:b6:33:39:a4:d0:1d:ca:f6:49:12:9d:d1:34:cd:39:8a:70:
d7:c5:dc:e9:d2:89:20:0a:0b:8b:54:c0:89:24:97:dc:f1:91:
60:71:3f:86:9e:b9:47:fb:4c:22:5c:03:b1:f9:cf:7c:9f:66:
fa:28:41:b5:e5:ce:c1:37:4c:48:e4:30:69:5f:21:0a:d9:61:
b2:cd:ae:40:82:65:ec:10:4e:f9:38:08:fd:16:ae:f8:cb:22:
c4:71:69:52:d8:6a:af:58:94:ed:cf:23:7b:77:f6:31:79:f6:
dd:42:89:ed:76:8a:56:67:b9:d9:a3:07:73:b4:51:ae:d9:c3:
ed:85:9f:d3:ff:88:65:ee:1c:cd:5b:6c:86:98:4a:91:50:04:
f1:1b:be:c2:9e:74:17:f3:b7:ff:54:56:92:e8:6f:20:c2:71:
c7:db:c3:71:eb:0f:98:20:9d:8d:b7:3e:99:f8:6c:d8:c4:20:
5d:d0:e9:07:35:68:50:74:4e:cd:e7:85:d8:45:08:69:9e:fc:
f6:91:72:61
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQf+pFrhDmqsK4ygz89h42iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTI5YjA0NjBjZjllZTA1MDBlZTg4MGEyY2ZhMWE1MjRl
NGRmMDAwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTg5ZTFkMjg4ZmMyYjY3NTAyYjZjZmQyYzM2NTllYjkwZDA2MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyumEIYm2fosrUQoXKO6gy1ThZhtd
DF05jSZMX+/re295JyuUvwofVi+C91G3QkqU3AwJoateNn9jbUjA2twm2chJuw90
eDDApF2rVNpoQMttEqULkDenldp3M8WzTfsqdhj2SN3keHr7Loadok/rnkwwlV2d
9xBqQ0Z5iRs8pxtPNY3gqG6G46O0dtH8au1OQyNvCQXja/gBCQC3MkbLw7WNEvUB
HUeTpVNJ02LKLqngCmdhKOquRJ768r6ocFZEXpRbBG+ft5MzYcvgYN1cxkrvRGy2
VM3ewfPp2rfylXtgX9A8DlD80ZKN3fyJgUAGfcX3GRrXIBElEDInKc6zgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMmJ4dKI/CtnUCts/Sw2WeuQ0GErMB8GA1UdIwQY
MBaAFF0SmwRgz57gUA7ogKLPoaUk5N8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEt
YTg3N2RkNTFiYzQ5LzEveVluaDBvajhLMmRRSzJ6OUxEWlo2NURRWVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEtYTg3N2RkNTFiYzQ5
LzEvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGJWEAAwQC
LQ3wAwQHvOQAMA0EAgACMAcDBQAqAP0AMA0GCSqGSIb3DQEBCwUAA4IBAQB4H88X
onzNFtug8jbOGmsoaCOEZdbeH1rEY3I91cc604auBlp3KVyxaZH5tWFfOk+3uPxM
NzpotjM5pNAdyvZJEp3RNM05inDXxdzp0okgCguLVMCJJJfc8ZFgcT+GnrlH+0wi
XAOx+c98n2b6KEG15c7BN0xI5DBpXyEK2WGyza5AgmXsEE75OAj9Fq74yyLEcWlS
2GqvWJTtzyN7d/YxefbdQontdopWZ7nZowdztFGu2cPthZ/T/4hl7hzNW2yGmEqR
UATxG77CnnQX87f/VFaS6G8gwnHH28Nx6w+YIJ2Ntz6Z+GzYxCBd0OkHNWhQdE7N
54XYRQhpnvz2kXJh
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:19:47 2025 by rpki-client