Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/yyfbJ1grn7X44SoHKSDDDnmrgfQ.roa
File: yyfbJ1grn7X44SoHKSDDDnmrgfQ.roa (raw, json)
Hash identifier: bbz5auSFcuP8oHMH057CjMQ3Lp+FFT/WtZ4nmpGiIwY=
Subject key identifier: CB:27:DB:27:58:2B:9F:B5:F8:E1:2A:07:29:20:C3:0E:79:AB:81:F4
Certificate issuer: /CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Certificate serial: 01943BD429BE7B73E89E0D44C086018F1347
Authority key identifier: DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/yyfbJ1grn7X44SoHKSDDDnmrgfQ.roa
Signing time: Mon 06 Jan 2025 13:35:47 +0000
ROA not before: Mon 06 Jan 2025 13:35:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 2.59.64.0/24 maxlen: 24
2a09:e940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:d4:29:be:7b:73:e8:9e:0d:44:c0:86:01:8f:13:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Validity
Not Before: Jan 6 13:35:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb27db27582b9fb5f8e12a072920c30e79ab81f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:76:40:08:bb:d2:70:d2:62:bd:2e:3b:a0:ac:
cd:ba:5f:4b:c1:18:f0:13:3a:b3:36:8c:21:77:f2:
63:ce:0f:e8:34:d6:1d:1a:18:ac:02:ae:50:40:f1:
dd:3c:e1:77:10:84:a7:4b:5c:1f:7c:ca:67:4c:be:
33:c7:db:3d:32:31:4b:d5:6a:9b:9b:45:e9:80:1a:
f5:f7:2d:02:ed:55:3a:c6:de:9b:36:6f:cc:3f:d3:
42:f2:1f:54:94:3f:db:10:6b:01:79:0d:7e:da:61:
46:2b:b4:53:db:1e:d8:b1:90:c4:4c:3a:64:41:e5:
db:9a:6e:52:9d:70:0d:39:4d:21:b0:dc:32:44:3a:
a0:bc:2b:4b:d2:ca:10:38:ef:14:b1:67:37:0d:e6:
5f:bc:10:ee:11:12:8c:94:1f:5e:fe:16:17:96:7d:
3d:e1:33:09:8b:66:bd:c1:10:ed:f5:b3:bc:3d:13:
0e:84:ac:a5:69:08:03:49:a8:a9:c2:7c:ba:7c:f5:
f7:39:92:08:59:74:9f:cd:e9:02:8b:6d:24:93:7e:
35:c6:e1:f6:ad:7e:41:8d:2f:9a:31:26:fb:66:e2:
cc:a7:43:84:dc:de:51:c8:db:2d:e1:2d:1e:8c:6c:
08:0f:4b:e6:59:7c:d8:b6:a0:db:18:f7:4c:d3:b0:
9e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:27:DB:27:58:2B:9F:B5:F8:E1:2A:07:29:20:C3:0E:79:AB:81:F4
X509v3 Authority Key Identifier:
keyid:DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/yyfbJ1grn7X44SoHKSDDDnmrgfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/2gttm-19ptQiB7kAZNPhPv0yVKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.64.0/24
IPv6:
2a09:e940::/32
Signature Algorithm: sha256WithRSAEncryption
51:13:41:d4:fb:ce:0a:12:65:fb:01:94:1a:b6:d5:e3:21:1a:
03:5c:75:a4:67:b0:89:72:8f:68:6f:87:07:fe:4f:64:5d:e1:
ba:23:a0:48:b3:bd:1e:d9:1e:55:02:61:7a:eb:04:a6:cf:4a:
5a:0e:5e:26:f1:6d:1a:7a:2d:48:85:77:a0:9e:eb:6b:33:09:
7a:04:8f:b6:33:8f:06:31:ce:de:3e:0e:be:fa:a6:c9:35:98:
8d:c8:22:0e:3c:a0:66:4a:df:10:9c:f6:18:0c:15:c5:01:b6:
f3:0e:1f:89:4d:67:9e:c4:03:ab:f3:71:5c:26:32:bf:a1:9c:
f0:22:27:74:7d:74:41:4b:79:64:2f:bc:ef:ac:ab:6f:44:8d:
06:b3:06:df:f0:25:84:a7:2b:db:14:c0:4d:76:cf:96:75:5e:
62:08:c6:59:ef:a2:41:5c:01:09:93:c9:71:49:0c:d0:a9:11:
8d:3a:d3:bb:d3:87:a0:58:7d:d2:99:ac:87:22:84:ef:ee:bf:
b8:5b:ef:70:08:81:5d:01:6d:11:62:a2:72:e1:a6:2f:61:dc:
e3:b8:e5:d9:23:44:3e:0b:28:95:50:0d:ee:2b:ef:62:dc:9f:
f4:4b:7e:cd:78:ee:50:d5:92:60:f6:c5:b7:32:da:de:f1:34:
d8:9a:6f:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQ71Cm+e3Pong1EwIYBjxNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGI2ZDliZWQ3ZGE2ZDQyMjA3YjkwMDY0ZDNlMTNlZmQz
MjU0YWMwHhcNMjUwMTA2MTMzNTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjI3ZGIyNzU4MmI5ZmI1ZjhlMTJhMDcyOTIwYzMwZTc5YWI4MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XZACLvScNJivS47oKzNul9LwRjw
EzqzNowhd/Jjzg/oNNYdGhisAq5QQPHdPOF3EISnS1wffMpnTL4zx9s9MjFL1Wqb
m0XpgBr19y0C7VU6xt6bNm/MP9NC8h9UlD/bEGsBeQ1+2mFGK7RT2x7YsZDETDpk
QeXbmm5SnXANOU0hsNwyRDqgvCtL0soQOO8UsWc3DeZfvBDuERKMlB9e/hYXln09
4TMJi2a9wRDt9bO8PRMOhKylaQgDSaipwny6fPX3OZIIWXSfzekCi20kk341xuH2
rX5BjS+aMSb7ZuLMp0OE3N5RyNst4S0ejGwID0vmWXzYtqDbGPdM07Ce4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMsn2ydYK5+1+OEqBykgww55q4H0MB8GA1UdIwQY
MBaAFNoLbZvtfabUIge5AGTT4T79MlSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEt
ZTE3MmQ2YTAxZTAzLzEveXlmYkoxZ3JuN1g0NFNvSEtTREREbm1yZ2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEtZTE3MmQ2YTAxZTAz
LzEvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAAjtAMA0E
AgACMAcDBQAqCelAMA0GCSqGSIb3DQEBCwUAA4IBAQBRE0HU+84KEmX7AZQattXj
IRoDXHWkZ7CJco9ob4cH/k9kXeG6I6BIs70e2R5VAmF66wSmz0paDl4m8W0aei1I
hXegnutrMwl6BI+2M48GMc7ePg6++qbJNZiNyCIOPKBmSt8QnPYYDBXFAbbzDh+J
TWeexAOr83FcJjK/oZzwIid0fXRBS3lkL7zvrKtvRI0Gswbf8CWEpyvbFMBNds+W
dV5iCMZZ76JBXAEJk8lxSQzQqRGNOtO704egWH3SmayHIoTv7r+4W+9wCIFdAW0R
YqJy4aYvYdzjuOXZI0Q+CyiVUA3uK+9i3J/0S37NeO5Q1ZJg9sW3Mtre8TTYmm8r
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:28 2025 by rpki-client